Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/PHjk7HksQoreVKkNoHfGHx9i_5s.roa
File: PHjk7HksQoreVKkNoHfGHx9i_5s.roa (raw, json)
Hash identifier: LsNFpMXLkk/tBemYYBeM13khUpwfZGn1bGo9IS0Am88=
Subject key identifier: 3C:78:E4:EC:79:2C:42:8A:DE:54:A9:0D:A0:77:C6:1F:1F:62:FF:9B
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 01942143CA3D5C51A7482C7926234464C580
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/PHjk7HksQoreVKkNoHfGHx9i_5s.roa
Signing time: Wed 01 Jan 2025 09:47:58 +0000
ROA not before: Wed 01 Jan 2025 09:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59962
IP address blocks: 46.209.32.0/24 maxlen: 24
46.209.33.0/24 maxlen: 24
46.209.34.0/24 maxlen: 24
46.209.35.0/24 maxlen: 24
46.209.36.0/24 maxlen: 24
46.209.37.0/24 maxlen: 24
46.209.38.0/24 maxlen: 24
46.209.39.0/24 maxlen: 24
46.209.168.0/24 maxlen: 24
46.209.169.0/24 maxlen: 24
46.209.170.0/24 maxlen: 24
46.209.171.0/24 maxlen: 24
46.209.172.0/24 maxlen: 24
46.209.173.0/24 maxlen: 24
46.209.174.0/24 maxlen: 24
46.209.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ca:3d:5c:51:a7:48:2c:79:26:23:44:64:c5:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 1 09:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c78e4ec792c428ade54a90da077c61f1f62ff9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a0:74:58:c3:5a:7c:a9:68:35:15:c3:af:b0:
eb:dc:47:5f:c4:c7:28:ad:25:20:6f:82:31:b5:5e:
03:81:75:75:c9:80:e7:d3:12:df:17:4f:32:2d:fd:
45:4d:ad:d6:b0:c4:e2:41:84:37:58:07:48:2e:81:
9a:56:06:fc:68:35:15:15:a9:47:1c:ec:59:27:45:
a3:f7:c8:07:c7:8b:47:c3:d5:b2:dc:a4:35:90:46:
33:95:9b:20:8e:4c:d8:8e:fe:f2:b2:f1:9f:c5:30:
11:b7:9d:3f:5d:e9:39:d9:63:30:47:0d:bc:b9:2d:
e1:fd:4f:f3:68:28:f8:9c:4c:91:d3:11:62:cc:f0:
e9:57:31:ea:43:cb:10:b5:21:e2:ff:b6:f6:82:7c:
42:f4:11:f1:e7:1a:ca:51:81:8e:0c:9f:9c:fe:b6:
92:27:3e:10:9c:56:bb:00:8d:f3:12:09:1f:ef:54:
f7:61:4f:71:7b:5a:40:66:3e:19:fa:fa:18:cd:7a:
45:ec:3f:4e:76:31:bf:69:57:d8:0c:89:f6:88:1b:
c1:72:c5:15:60:23:cf:69:a6:23:50:d5:78:21:08:
91:42:f6:9f:b5:67:25:c1:ab:5a:e4:a0:14:d0:ee:
31:8c:f0:67:de:d7:a4:5a:0f:a1:1b:c2:d9:59:35:
08:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:78:E4:EC:79:2C:42:8A:DE:54:A9:0D:A0:77:C6:1F:1F:62:FF:9B
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/PHjk7HksQoreVKkNoHfGHx9i_5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.209.32.0/21
46.209.168.0/21
Signature Algorithm: sha256WithRSAEncryption
10:79:47:cc:85:6c:f9:99:64:16:c2:52:10:41:c1:e5:6f:57:
2e:18:0c:d4:39:dc:60:38:70:6d:9c:c4:f0:df:f8:57:72:57:
35:91:2f:e0:ab:65:86:fd:cf:7c:40:8f:5d:ad:bb:a2:0d:77:
41:a0:8a:18:aa:d7:a2:f4:d0:e8:9d:fc:a1:4e:25:57:e2:01:
54:63:d0:6b:80:cc:f3:e2:01:de:a5:99:26:fc:2f:07:0b:29:
b1:31:5a:25:06:1c:d9:bc:80:ab:79:85:14:49:b5:93:c4:fd:
e7:08:29:f0:e1:1d:91:96:62:f3:8c:09:7f:bc:d3:42:e7:b1:
b8:54:29:b2:cd:7e:f7:00:a1:d7:cd:42:55:c1:b2:73:b0:55:
1a:c7:c3:8e:de:1e:77:7c:6f:5d:d5:ca:6c:10:1f:eb:05:71:
ed:32:d4:2a:cd:98:7c:ec:42:d1:97:32:11:b6:d6:97:27:ba:
29:5b:69:79:4d:71:20:82:d0:a7:03:f0:a7:2c:99:89:a8:b3:
a0:3d:9f:d0:37:0f:29:50:3a:6c:9f:5b:1a:46:03:a4:db:1e:
80:7d:5b:e5:1d:a8:01:1a:37:74:e1:40:ce:8c:91:e8:65:3a:
90:c3:5a:1c:cb:0e:8f:b9:b1:69:f2:30:97:12:7a:0e:78:4e:
8d:9f:b1:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ8o9XFGnSCx5JiNEZMWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjUwMTAxMDk0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc4ZTRlYzc5MmM0MjhhZGU1NGE5MGRhMDc3YzYxZjFmNjJmZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKB0WMNafKloNRXDr7Dr3EdfxMco
rSUgb4IxtV4DgXV1yYDn0xLfF08yLf1FTa3WsMTiQYQ3WAdILoGaVgb8aDUVFalH
HOxZJ0Wj98gHx4tHw9Wy3KQ1kEYzlZsgjkzYjv7ysvGfxTARt50/Xek52WMwRw28
uS3h/U/zaCj4nEyR0xFizPDpVzHqQ8sQtSHi/7b2gnxC9BHx5xrKUYGODJ+c/raS
Jz4QnFa7AI3zEgkf71T3YU9xe1pAZj4Z+voYzXpF7D9OdjG/aVfYDIn2iBvBcsUV
YCPPaaYjUNV4IQiRQvaftWclwata5KAU0O4xjPBn3tekWg+hG8LZWTUItwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDx45Ox5LEKK3lSpDaB3xh8fYv+bMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvUEhqazdIa3NRb3JlVktrTm9IZkdIeDlpXzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLtEgAwQD
LtGoMA0GCSqGSIb3DQEBCwUAA4IBAQAQeUfMhWz5mWQWwlIQQcHlb1cuGAzUOdxg
OHBtnMTw3/hXclc1kS/gq2WG/c98QI9drbuiDXdBoIoYqtei9NDonfyhTiVX4gFU
Y9BrgMzz4gHepZkm/C8HCymxMVolBhzZvICreYUUSbWTxP3nCCnw4R2RlmLzjAl/
vNNC57G4VCmyzX73AKHXzUJVwbJzsFUax8OO3h53fG9d1cpsEB/rBXHtMtQqzZh8
7ELRlzIRttaXJ7opW2l5TXEggtCnA/CnLJmJqLOgPZ/QNw8pUDpsn1saRgOk2x6A
fVvlHagBGjd04UDOjJHoZTqQw1ocyw6PubFp8jCXEnoOeE6Nn7Gy
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:55 2025 by rpki-client