Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/RdMfFmFjHDJDX_-5uaaUXQKDls0.roa
File: RdMfFmFjHDJDX_-5uaaUXQKDls0.roa (raw, json)
Hash identifier: O6jVvm7OX0OHLjep55ba573pokqJBTfgyVcBvBUtHtI=
Subject key identifier: 45:D3:1F:16:61:63:1C:32:43:5F:FF:B9:B9:A6:94:5D:02:83:96:CD
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 0194228DECCC90468C6DEFC75D8A9FA62A6C
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/RdMfFmFjHDJDX_-5uaaUXQKDls0.roa
Signing time: Wed 01 Jan 2025 15:48:34 +0000
ROA not before: Wed 01 Jan 2025 15:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49100
IP address blocks: 46.143.24.0/21 maxlen: 32
46.143.32.0/20 maxlen: 32
79.127.0.0/21 maxlen: 32
79.127.64.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ec:cc:90:46:8c:6d:ef:c7:5d:8a:9f:a6:2a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 1 15:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45d31f1661631c32435fffb9b9a6945d028396cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:59:87:51:6c:14:63:3c:65:30:77:ba:bb:
37:b5:c5:a4:1a:1e:af:76:94:d5:38:85:35:41:f3:
a6:8d:23:a7:d8:8b:15:2c:4c:9d:6f:cf:c6:50:1a:
ef:88:4a:43:ab:71:35:a5:7b:6f:99:9b:3f:b9:a9:
67:b3:4b:ba:c5:7f:8d:42:99:89:dc:6c:45:98:9c:
73:18:ba:d2:33:d6:41:56:bf:8d:3a:89:2e:77:98:
27:fc:6e:ab:d1:35:e0:df:cc:99:c7:6d:24:75:de:
68:fd:99:90:ae:a6:65:00:37:28:77:73:89:07:c1:
5b:8d:7c:0f:5c:03:e9:38:3e:6a:8d:8a:a5:4e:e1:
86:a4:7b:e4:1b:82:c0:fd:7c:4e:38:9c:d6:1c:52:
d4:8c:c2:da:13:e1:2b:7d:34:ca:28:93:96:c9:fd:
b3:80:2d:79:6f:26:c1:86:19:4f:ee:20:f2:b0:a7:
81:96:9d:0f:2f:a2:5e:6e:fc:c6:39:4a:f0:6f:37:
33:25:47:22:eb:8a:5a:6a:b9:5b:fa:98:21:fd:66:
5f:40:91:f1:48:0f:81:e9:2a:12:30:96:83:4f:7e:
f9:18:cb:b9:da:8c:d1:63:11:20:c5:9c:b5:6c:ac:
24:22:70:da:da:f5:1d:e5:1d:36:75:3d:c4:f8:d2:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D3:1F:16:61:63:1C:32:43:5F:FF:B9:B9:A6:94:5D:02:83:96:CD
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/RdMfFmFjHDJDX_-5uaaUXQKDls0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.24.0-46.143.47.255
79.127.0.0/21
79.127.64.0/20
Signature Algorithm: sha256WithRSAEncryption
41:77:58:46:01:dd:54:f3:ef:cc:ec:d7:59:a9:71:c4:45:1e:
15:71:b3:67:f5:45:87:7d:ef:c8:b3:a1:5e:f8:02:b2:df:c0:
1a:53:02:ac:c3:b2:c5:74:8f:83:2b:b7:2b:7f:12:0f:15:0c:
86:51:25:dd:1b:d0:fe:09:e8:04:6b:b1:d6:e2:a2:7e:29:1b:
36:f9:9e:b9:c6:2c:ff:d4:c8:a3:b6:61:7a:33:bd:a0:70:d0:
14:ff:83:10:2f:46:e6:fd:0a:67:1e:57:ea:f0:5b:36:4d:8b:
b6:68:de:4b:82:44:0b:50:7f:27:ea:bf:be:fe:9a:5c:14:7d:
bd:69:16:ff:10:4c:9d:1b:82:cc:47:1a:46:9f:cb:fb:9a:2d:
22:76:a3:f5:f6:9b:39:eb:6c:29:3f:9d:3b:66:6e:e4:7c:0b:
03:1f:69:7f:44:e2:af:94:07:27:61:b8:bd:44:a5:95:ca:7d:
c0:8f:b4:b3:13:c8:ec:d0:ac:99:fd:3c:c7:e1:9d:2d:be:4f:
3e:8b:f6:b5:f7:4f:9f:76:63:7c:a9:4b:c0:a4:f7:93:d2:77:
c7:31:f5:38:9e:74:74:65:d4:ad:6c:2f:35:9e:07:2a:07:27:
c6:7e:3f:95:53:a4:cf:f2:d6:4f:f2:56:67:da:a5:34:f1:b7:
5c:ce:eb:db
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQijezMkEaMbe/HXYqfpipsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjUwMTAxMTU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQzMWYxNjYxNjMxYzMyNDM1ZmZmYjliOWE2OTQ1ZDAyODM5NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtulZh1FsFGM8ZTB3urs3tcWkGh6v
dpTVOIU1QfOmjSOn2IsVLEydb8/GUBrviEpDq3E1pXtvmZs/ualns0u6xX+NQpmJ
3GxFmJxzGLrSM9ZBVr+NOokud5gn/G6r0TXg38yZx20kdd5o/ZmQrqZlADcod3OJ
B8FbjXwPXAPpOD5qjYqlTuGGpHvkG4LA/XxOOJzWHFLUjMLaE+ErfTTKKJOWyf2z
gC15bybBhhlP7iDysKeBlp0PL6JebvzGOUrwbzczJUci64paarlb+pgh/WZfQJHx
SA+B6SoSMJaDT375GMu52ozRYxEgxZy1bKwkInDa2vUd5R02dT3E+NJBvwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEXTHxZhYxwyQ1//ubmmlF0Cg5bNMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvUmRNZkZtRmpIREpEWF8tNXVhYVVYUUtEbHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMujxgD
BAQujyADBANPfwADBARPf0AwDQYJKoZIhvcNAQELBQADggEBAEF3WEYB3VTz78zs
11mpccRFHhVxs2f1RYd978izoV74ArLfwBpTAqzDssV0j4Mrtyt/Eg8VDIZRJd0b
0P4J6ARrsdbion4pGzb5nrnGLP/UyKO2YXozvaBw0BT/gxAvRub9CmceV+rwWzZN
i7Zo3kuCRAtQfyfqv77+mlwUfb1pFv8QTJ0bgsxHGkafy/uaLSJ2o/X2mznrbCk/
nTtmbuR8CwMfaX9E4q+UBydhuL1EpZXKfcCPtLMTyOzQrJn9PMfhnS2+Tz6L9rX3
T592Y3ypS8Ck95PSd8cx9TiedHRl1K1sLzWeByoHJ8Z+P5VTpM/y1k/yVmfapTTx
t1zO69s=
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:05:47 2025 by rpki-client