Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/AD-andXzbsJQ6-EJVFm7YfqJqyA.roa
File: AD-andXzbsJQ6-EJVFm7YfqJqyA.roa (raw, json)
Hash identifier: EQKBZSFz17cerT07f9V2gKbXedpsxOfFN/33BYuE0nE=
Subject key identifier: 00:3F:9A:9D:D5:F3:6E:C2:50:EB:E1:09:54:59:BB:61:FA:89:AB:20
Certificate issuer: /CN=4a7e8c622c87532f8c449f347433dae52b7738f0
Certificate serial: 01963D5A3D33A5257933A1D2559B9A0EC531
Authority key identifier: 4A:7E:8C:62:2C:87:53:2F:8C:44:9F:34:74:33:DA:E5:2B:77:38:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn6MYiyHUy-MRJ80dDPa5St3OPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/AD-andXzbsJQ6-EJVFm7YfqJqyA.roa
Signing time: Wed 16 Apr 2025 06:47:26 +0000
ROA not before: Wed 16 Apr 2025 06:47:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50477
IP address blocks: 5.149.200.0/22 maxlen: 22
5.149.204.0/22 maxlen: 22
5.149.204.0/24 maxlen: 24
5.149.205.0/24 maxlen: 24
5.149.206.0/24 maxlen: 24
46.19.112.0/23 maxlen: 23
46.19.114.0/24 maxlen: 24
46.19.115.0/24 maxlen: 24
46.19.116.0/22 maxlen: 22
109.236.208.0/23 maxlen: 23
109.236.210.0/24 maxlen: 24
109.236.211.0/24 maxlen: 24
109.236.212.0/22 maxlen: 22
109.236.216.0/21 maxlen: 21
134.19.144.0/21 maxlen: 21
134.19.152.0/24 maxlen: 24
134.19.153.0/24 maxlen: 24
134.19.154.0/23 maxlen: 23
134.19.154.0/24 maxlen: 24
134.19.156.0/22 maxlen: 22
2a04:6000::/29 maxlen: 29
2a04:6006::/32 maxlen: 32
2a04:6007::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/Sn6MYiyHUy-MRJ80dDPa5St3OPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/Sn6MYiyHUy-MRJ80dDPa5St3OPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sn6MYiyHUy-MRJ80dDPa5St3OPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:5a:3d:33:a5:25:79:33:a1:d2:55:9b:9a:0e:c5:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7e8c622c87532f8c449f347433dae52b7738f0
Validity
Not Before: Apr 16 06:47:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=003f9a9dd5f36ec250ebe1095459bb61fa89ab20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:1a:45:46:94:60:39:fe:6f:0c:d9:3f:c5:
bd:d3:5f:a3:73:32:3e:c9:8b:ae:e8:8c:5b:31:51:
a0:33:a2:7b:7a:f6:b5:79:37:40:0e:33:6d:24:fe:
a4:fc:6d:4d:36:db:ec:17:d6:67:d2:45:ba:ff:d0:
48:a9:82:bb:5d:21:93:1a:a3:e1:2d:7a:ec:56:99:
56:22:12:4d:89:82:f0:7d:8c:42:ac:46:4b:5f:04:
36:34:3b:aa:10:d8:64:f8:87:ab:d5:ff:d2:ce:60:
ca:ba:f1:f2:91:99:05:1f:68:69:c1:52:3b:79:be:
5f:a6:0f:1f:32:30:55:6a:de:70:ac:7f:8d:41:5b:
ee:b1:22:c2:56:54:89:a6:f4:11:f2:31:69:db:68:
f9:4d:cc:8d:ef:5d:69:db:e0:a0:69:dc:1e:27:ea:
48:1e:f4:91:3d:da:13:a4:76:90:7c:63:a3:ba:1d:
65:8e:1a:00:55:9f:e4:39:4c:b0:de:c6:21:2e:be:
9c:47:68:6d:cd:e3:a3:2e:19:a2:b7:8d:6b:08:de:
41:1a:33:2d:6c:78:72:88:1a:ef:10:65:ef:bd:be:
59:61:fc:c6:7b:96:88:00:ea:ac:73:12:dd:12:0a:
31:4b:dc:cc:fb:d1:80:dd:37:e2:a3:05:44:3a:14:
44:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3F:9A:9D:D5:F3:6E:C2:50:EB:E1:09:54:59:BB:61:FA:89:AB:20
X509v3 Authority Key Identifier:
keyid:4A:7E:8C:62:2C:87:53:2F:8C:44:9F:34:74:33:DA:E5:2B:77:38:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn6MYiyHUy-MRJ80dDPa5St3OPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/AD-andXzbsJQ6-EJVFm7YfqJqyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/747836-7822-4ed7-8291-dac25b266d8e/1/Sn6MYiyHUy-MRJ80dDPa5St3OPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.200.0/21
46.19.112.0/21
109.236.208.0/20
134.19.144.0/20
IPv6:
2a04:6000::/29
Signature Algorithm: sha256WithRSAEncryption
1e:85:46:43:b2:09:e4:7f:99:14:b2:6e:86:d9:a6:15:b5:6f:
dc:c0:c9:7f:02:15:37:11:09:dd:4d:ab:ee:83:5d:11:06:32:
08:69:c0:70:9a:f5:93:fb:62:f1:9a:c1:ba:3d:90:f8:bf:d8:
75:88:5c:d3:0c:d3:e1:ab:b1:65:2c:ed:73:ac:41:b4:26:54:
d2:7d:7c:aa:aa:30:57:9c:ed:ac:28:18:c4:53:07:3c:e6:4e:
8b:7c:30:2e:da:b3:67:11:0a:f3:53:76:06:29:7c:eb:05:f4:
a6:86:c3:50:f6:c1:d3:bc:ff:88:63:71:de:73:6f:96:fa:6f:
e1:00:88:02:39:9f:5f:0d:30:f4:76:d8:3a:5b:6e:73:db:e5:
b0:fc:58:ec:95:88:2b:a2:3d:ca:0e:8d:89:d7:17:b4:71:06:
b7:89:78:c1:4e:f4:69:42:e3:12:e2:76:33:16:1d:f5:0e:95:
b6:69:bc:df:26:19:6a:a7:a1:6c:4e:f8:56:bd:d3:07:3f:b4:
ab:12:f5:02:b7:f4:30:d2:f4:8f:5c:dc:67:00:47:53:4d:73:
1c:aa:ee:7f:8a:7b:66:07:74:fc:3d:d8:c2:e6:7b:70:21:56:
f6:4a:6b:36:17:6a:f6:40:c9:95:c1:55:7a:20:a2:22:08:be:
12:4d:4b:97
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZY9Wj0zpSV5M6HSVZuaDsUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2U4YzYyMmM4NzUzMmY4YzQ0OWYzNDc0MzNkYWU1MmI3
NzM4ZjAwHhcNMjUwNDE2MDY0NzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDNmOWE5ZGQ1ZjM2ZWMyNTBlYmUxMDk1NDU5YmI2MWZhODlhYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEoaRUaUYDn+bwzZP8W901+jczI+
yYuu6IxbMVGgM6J7eva1eTdADjNtJP6k/G1NNtvsF9Zn0kW6/9BIqYK7XSGTGqPh
LXrsVplWIhJNiYLwfYxCrEZLXwQ2NDuqENhk+Ier1f/SzmDKuvHykZkFH2hpwVI7
eb5fpg8fMjBVat5wrH+NQVvusSLCVlSJpvQR8jFp22j5TcyN711p2+CgadweJ+pI
HvSRPdoTpHaQfGOjuh1ljhoAVZ/kOUyw3sYhLr6cR2htzeOjLhmit41rCN5BGjMt
bHhyiBrvEGXvvb5ZYfzGe5aIAOqscxLdEgoxS9zM+9GA3TfiowVEOhREnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAA/mp3V827CUOvhCVRZu2H6iasgMB8GA1UdIwQY
MBaAFEp+jGIsh1MvjESfNHQz2uUrdzjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU242TVlpeUhVeS1NUko4MGREUGE1U3QzT1BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NDc4MzYtNzgyMi00ZWQ3LTgyOTEt
ZGFjMjViMjY2ZDhlLzEvQUQtYW5kWHpic0pRNi1FSlZGbTdZZnFKcXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NDc4MzYtNzgyMi00ZWQ3LTgyOTEtZGFjMjViMjY2ZDhl
LzEvU242TVlpeUhVeS1NUko4MGREUGE1U3QzT1BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZXIAwQD
LhNwAwQEbezQAwQEhhOQMA0EAgACMAcDBQMqBGAAMA0GCSqGSIb3DQEBCwUAA4IB
AQAehUZDsgnkf5kUsm6G2aYVtW/cwMl/AhU3EQndTavug10RBjIIacBwmvWT+2Lx
msG6PZD4v9h1iFzTDNPhq7FlLO1zrEG0JlTSfXyqqjBXnO2sKBjEUwc85k6LfDAu
2rNnEQrzU3YGKXzrBfSmhsNQ9sHTvP+IY3Hec2+W+m/hAIgCOZ9fDTD0dtg6W25z
2+Ww/FjslYgroj3KDo2J1xe0cQa3iXjBTvRpQuMS4nYzFh31DpW2abzfJhlqp6Fs
TvhWvdMHP7SrEvUCt/Qw0vSPXNxnAEdTTXMcqu5/intmB3T8PdjC5ntwIVb2Sms2
F2r2QMmVwVV6IKIiCL4STUuX
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:11:55 2025 by rpki-client