Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/kidKlu5oDBem3t0h8aiG0Vv8dvw.roa
File: kidKlu5oDBem3t0h8aiG0Vv8dvw.roa (raw, json)
Hash identifier: Xo2YDFkznVnl+RRSUSAYifFOhE1syeVNtNcN0kJvN2Q=
Subject key identifier: 92:27:4A:96:EE:68:0C:17:A6:DE:DD:21:F1:A8:86:D1:5B:FC:76:FC
Certificate issuer: /CN=facd901aba0d36b656cf98e0c02917e3aaa289b4
Certificate serial: 01942068768570836824114D61A6393526AB
Authority key identifier: FA:CD:90:1A:BA:0D:36:B6:56:CF:98:E0:C0:29:17:E3:AA:A2:89:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-s2QGroNNrZWz5jgwCkX46qiibQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/kidKlu5oDBem3t0h8aiG0Vv8dvw.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51975
IP address blocks: 46.151.208.0/22 maxlen: 22
46.151.212.0/22 maxlen: 22
185.79.248.0/23 maxlen: 23
185.79.250.0/23 maxlen: 23
2a05:78c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/1-s2QGroNNrZWz5jgwCkX46qiibQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/1-s2QGroNNrZWz5jgwCkX46qiibQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-s2QGroNNrZWz5jgwCkX46qiibQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:76:85:70:83:68:24:11:4d:61:a6:39:35:26:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=facd901aba0d36b656cf98e0c02917e3aaa289b4
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92274a96ee680c17a6dedd21f1a886d15bfc76fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:66:23:9d:cc:46:ef:2f:77:99:b3:59:b9:
ee:3d:d0:cb:fb:86:cd:94:77:4f:f4:08:1f:e1:f3:
38:7f:4d:d1:09:42:84:1b:fb:f3:cf:e1:f8:1a:28:
1d:6a:86:8c:e4:79:2d:83:5c:6a:16:bb:b5:17:33:
43:91:7d:aa:c0:75:d1:97:9c:e0:1c:68:af:ad:36:
43:cb:6e:c0:8c:12:ee:0a:fd:cd:ac:a1:b4:26:8d:
36:26:3a:8b:a8:eb:38:21:15:10:50:92:58:b8:e7:
d0:be:a9:ad:03:fa:39:1e:3d:b0:55:08:82:72:3d:
f3:02:06:bf:ee:00:a4:a6:3e:76:b5:d0:55:7f:0f:
37:08:45:b5:84:fc:72:f2:58:5d:79:7b:c3:ae:e0:
95:ae:07:8a:59:1d:14:a5:27:5d:f4:ce:6b:d4:fe:
0c:3c:59:cc:c0:18:ef:9d:27:bf:f8:cd:22:5a:c5:
42:e3:9f:85:35:60:9f:98:73:64:79:04:51:89:15:
96:53:2a:bc:ed:65:d3:73:b4:bc:00:f4:f5:bc:ac:
21:54:5a:e2:10:64:8f:96:c7:a4:b5:1b:6b:ee:85:
7b:31:d4:3a:35:c2:27:10:3c:6e:61:63:b9:4e:b0:
18:74:b3:81:2b:83:27:e6:6c:b1:12:76:08:cc:88:
5b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:27:4A:96:EE:68:0C:17:A6:DE:DD:21:F1:A8:86:D1:5B:FC:76:FC
X509v3 Authority Key Identifier:
keyid:FA:CD:90:1A:BA:0D:36:B6:56:CF:98:E0:C0:29:17:E3:AA:A2:89:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-s2QGroNNrZWz5jgwCkX46qiibQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/kidKlu5oDBem3t0h8aiG0Vv8dvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/a526ca-379e-495d-8f15-00fe05c2bfc6/1/1-s2QGroNNrZWz5jgwCkX46qiibQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.208.0/21
185.79.248.0/22
IPv6:
2a05:78c0::/32
Signature Algorithm: sha256WithRSAEncryption
71:1e:19:18:6a:7b:01:f4:7b:c8:29:3b:b6:09:2c:46:3e:3b:
e2:79:3e:d1:2d:03:db:fa:78:90:4a:f3:30:24:5b:ae:73:0b:
60:7b:6b:34:5a:3a:4b:0a:5c:09:07:7c:fd:b7:5c:af:dd:4f:
8c:fd:58:26:cf:88:2e:a3:fd:46:9e:41:04:d2:14:37:2c:9a:
18:0b:0b:89:5c:08:0d:06:9c:42:b5:08:98:96:86:c8:ff:cc:
49:0a:fc:73:2f:b7:6c:53:0a:87:94:86:f6:fe:62:72:19:29:
de:6c:80:76:a3:67:9c:f6:e1:47:48:3d:70:38:a5:26:fe:38:
7f:e5:b7:16:cb:50:a7:64:9a:a4:c5:03:ef:56:4d:8d:15:ef:
e9:49:79:61:c2:35:00:39:e5:58:bf:f7:fa:40:92:85:85:1b:
37:ac:24:84:b9:74:70:1b:2e:49:af:6a:b5:4b:da:17:dd:4d:
38:27:b0:6a:6e:4c:e8:aa:1a:72:71:30:7e:64:b0:96:8c:f5:
5f:d4:33:42:4b:c2:24:ba:7b:fa:45:07:69:dc:38:1e:be:66:
e5:13:ca:34:0c:7b:e3:b9:12:71:fb:e9:8b:42:81:38:d7:e2:
e4:ee:6e:c0:5e:0f:32:33:57:d3:11:a1:b7:ce:9f:a1:47:b9:
59:8a:d0:31
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQgaHaFcINoJBFNYaY5NSarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2Q5MDFhYmEwZDM2YjY1NmNmOThlMGMwMjkxN2UzYWFh
Mjg5YjQwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI3NGE5NmVlNjgwYzE3YTZkZWRkMjFmMWE4ODZkMTViZmM3NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttFmI53MRu8vd5mzWbnuPdDL+4bN
lHdP9Agf4fM4f03RCUKEG/vzz+H4GigdaoaM5Hktg1xqFru1FzNDkX2qwHXRl5zg
HGivrTZDy27AjBLuCv3NrKG0Jo02JjqLqOs4IRUQUJJYuOfQvqmtA/o5Hj2wVQiC
cj3zAga/7gCkpj52tdBVfw83CEW1hPxy8lhdeXvDruCVrgeKWR0UpSdd9M5r1P4M
PFnMwBjvnSe/+M0iWsVC45+FNWCfmHNkeQRRiRWWUyq87WXTc7S8APT1vKwhVFri
EGSPlsektRtr7oV7MdQ6NcInEDxuYWO5TrAYdLOBK4Mn5myxEnYIzIhbQwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJInSpbuaAwXpt7dIfGohtFb/Hb8MB8GA1UdIwQY
MBaAFPrNkBq6DTa2Vs+Y4MApF+Oqoom0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zMlFHcm9OTnJaV3o1amd3Q2tYNDZxaWliUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEvYTUyNmNhLTM3OWUtNDk1ZC04ZjE1
LTAwZmUwNWMyYmZjNi8xL2tpZEtsdTVvREJlbTN0MGg4YWlHMFZ2OGR2dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjEvYTUyNmNhLTM3OWUtNDk1ZC04ZjE1LTAwZmUwNWMyYmZj
Ni8xLzEtczJRR3JvTk5yWld6NWpnd0NrWDQ2cWlpYlEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAMul9AD
BAK5T/gwDQQCAAIwBwMFACoFeMAwDQYJKoZIhvcNAQELBQADggEBAHEeGRhqewH0
e8gpO7YJLEY+O+J5PtEtA9v6eJBK8zAkW65zC2B7azRaOksKXAkHfP23XK/dT4z9
WCbPiC6j/UaeQQTSFDcsmhgLC4lcCA0GnEK1CJiWhsj/zEkK/HMvt2xTCoeUhvb+
YnIZKd5sgHajZ5z24UdIPXA4pSb+OH/ltxbLUKdkmqTFA+9WTY0V7+lJeWHCNQA5
5Vi/9/pAkoWFGzesJIS5dHAbLkmvarVL2hfdTTgnsGpuTOiqGnJxMH5ksJaM9V/U
M0JLwiS6e/pFB2ncOB6+ZuUTyjQMe+O5EnH76YtCgTjX4uTubsBeDzIzV9MRobfO
n6FHuVmK0DE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:40:49 2025 by rpki-client