Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/s5i_5wQ4_7M-HybTJU4UVXQHFrc.roa
File: s5i_5wQ4_7M-HybTJU4UVXQHFrc.roa (raw, json)
Hash identifier: cMPzuVDjBzNlIE9nP4d6ZjU1EE0q53jdrLL/axSPLpI=
Subject key identifier: B3:98:BF:E7:04:38:FF:B3:3E:1F:26:D3:25:4E:14:55:74:07:16:B7
Certificate issuer: /CN=572abd85a58991ab71a17fd7541fb8de96f55a7d
Certificate serial: 019426D9A46899E59D4439E95AC7E1A42A80
Authority key identifier: 57:2A:BD:85:A5:89:91:AB:71:A1:7F:D7:54:1F:B8:DE:96:F5:5A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/s5i_5wQ4_7M-HybTJU4UVXQHFrc.roa
Signing time: Thu 02 Jan 2025 11:49:45 +0000
ROA not before: Thu 02 Jan 2025 11:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42760
IP address blocks: 46.227.224.0/21 maxlen: 21
77.74.0.0/21 maxlen: 21
185.74.28.0/22 maxlen: 22
193.246.101.0/24 maxlen: 24
193.246.120.0/24 maxlen: 24
2a02:cd8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Vyq9haWJkatxoX_XVB-43pb1Wn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Vyq9haWJkatxoX_XVB-43pb1Wn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:a4:68:99:e5:9d:44:39:e9:5a:c7:e1:a4:2a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572abd85a58991ab71a17fd7541fb8de96f55a7d
Validity
Not Before: Jan 2 11:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b398bfe70438ffb33e1f26d3254e1455740716b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:1c:bc:88:c8:2a:20:72:ff:c3:1c:b7:e8:9e:
b6:2e:1f:23:c9:3a:ec:24:ad:cf:40:c1:d5:b6:9f:
02:7b:17:54:0f:a6:0d:20:70:00:9e:ee:d1:62:4a:
f5:22:71:03:f0:f3:a8:65:17:73:3e:11:5a:7b:77:
ba:b7:35:03:08:d3:73:e6:9b:3f:2a:8b:e3:95:82:
bb:7a:39:e9:a0:0b:01:70:5a:fb:16:e5:b1:c1:f7:
f3:82:a4:f9:c4:c1:a6:1e:b3:16:72:9e:96:b7:41:
33:b5:9c:be:3a:79:ce:43:50:74:f9:24:4d:b5:ac:
d2:27:99:01:71:11:a4:38:e9:44:f3:10:e3:78:56:
e6:c7:fc:e1:3e:dc:f0:ef:8f:55:9b:87:53:5b:cb:
e7:d8:44:92:76:7a:7b:e5:d7:7a:79:27:51:cb:50:
67:bf:08:d3:8b:b0:57:38:23:b9:32:89:ca:80:46:
6f:c5:e2:0c:7d:ed:00:86:71:c4:34:ee:f3:ce:59:
f2:76:1a:e3:7e:29:b0:77:80:15:16:95:06:a3:ae:
56:e4:7b:d7:0d:08:ad:7b:16:3a:63:c4:6d:1e:ab:
d1:2a:ae:8c:aa:a6:3a:79:42:75:63:2e:b3:7d:0c:
79:a2:73:ef:81:a6:9a:4d:62:cb:c5:d7:54:bf:1c:
b7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:98:BF:E7:04:38:FF:B3:3E:1F:26:D3:25:4E:14:55:74:07:16:B7
X509v3 Authority Key Identifier:
keyid:57:2A:BD:85:A5:89:91:AB:71:A1:7F:D7:54:1F:B8:DE:96:F5:5A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vyq9haWJkatxoX_XVB-43pb1Wn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/s5i_5wQ4_7M-HybTJU4UVXQHFrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/861c6c-a47a-4654-a4ef-61fac286d387/1/Vyq9haWJkatxoX_XVB-43pb1Wn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.224.0/21
77.74.0.0/21
185.74.28.0/22
193.246.101.0/24
193.246.120.0/24
IPv6:
2a02:cd8::/32
Signature Algorithm: sha256WithRSAEncryption
65:a7:4f:ce:30:30:ec:ee:a5:62:6a:75:37:3c:4b:36:d0:87:
56:0a:d2:dd:5f:2e:42:38:01:d9:cf:ba:0b:7a:a8:28:5d:8b:
ae:e5:19:56:79:e2:4c:5e:e8:22:65:a6:aa:24:ad:29:28:d6:
0c:93:69:3e:67:10:18:66:b6:79:05:42:5c:d7:0f:b0:ca:8a:
ba:d7:20:de:da:fe:19:49:45:8c:52:74:33:67:07:2a:32:93:
f9:8f:b4:d7:81:44:f4:aa:fa:27:a6:47:15:79:60:ac:f2:60:
4a:5f:5a:da:21:a8:af:f7:bf:6e:31:57:65:83:99:2d:0f:87:
83:d1:47:74:e6:e8:e8:af:ff:1a:c5:59:c6:c8:a6:c3:86:7d:
fc:c2:09:c9:76:d5:0e:ce:3f:61:7a:d5:ba:7f:6b:fa:d9:40:
ea:53:6f:37:27:7c:ab:9d:29:8b:e7:10:3d:1a:11:b2:ad:5a:
66:4c:74:94:a8:bc:eb:4d:34:f4:70:72:7a:56:1f:3d:77:e0:
df:62:95:34:a5:34:73:ba:dd:d8:06:10:35:7d:f1:cf:45:11:
5f:a9:1f:97:aa:9d:4f:60:3a:3c:d6:d5:04:5e:af:34:e0:d9:
ad:be:ef:8a:7f:1b:01:8e:4e:2d:0e:38:54:22:e4:a1:73:31:
45:64:9c:7a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQm2aRomeWdRDnpWsfhpCqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MmFiZDg1YTU4OTkxYWI3MWExN2ZkNzU0MWZiOGRlOTZm
NTVhN2QwHhcNMjUwMTAyMTE0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk4YmZlNzA0MzhmZmIzM2UxZjI2ZDMyNTRlMTQ1NTc0MDcxNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Ry8iMgqIHL/wxy36J62Lh8jyTrs
JK3PQMHVtp8CexdUD6YNIHAAnu7RYkr1InED8POoZRdzPhFae3e6tzUDCNNz5ps/
KovjlYK7ejnpoAsBcFr7FuWxwffzgqT5xMGmHrMWcp6Wt0EztZy+OnnOQ1B0+SRN
tazSJ5kBcRGkOOlE8xDjeFbmx/zhPtzw749Vm4dTW8vn2ESSdnp75dd6eSdRy1Bn
vwjTi7BXOCO5MonKgEZvxeIMfe0AhnHENO7zzlnydhrjfimwd4AVFpUGo65W5HvX
DQitexY6Y8RtHqvRKq6MqqY6eUJ1Yy6zfQx5onPvgaaaTWLLxddUvxy3JwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLOYv+cEOP+zPh8m0yVOFFV0Bxa3MB8GA1UdIwQY
MBaAFFcqvYWliZGrcaF/11QfuN6W9Vp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnlxOWhhV0prYXR4b1hfWFZCLTQzcGIxV24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84NjFjNmMtYTQ3YS00NjU0LWE0ZWYt
NjFmYWMyODZkMzg3LzEvczVpXzV3UTRfN00tSHliVEpVNFVWWFFIRnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84NjFjNmMtYTQ3YS00NjU0LWE0ZWYtNjFmYWMyODZkMzg3
LzEvVnlxOWhhV0prYXR4b1hfWFZCLTQzcGIxV24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLuPgAwQD
TUoAAwQCuUocAwQAwfZlAwQAwfZ4MA0EAgACMAcDBQAqAgzYMA0GCSqGSIb3DQEB
CwUAA4IBAQBlp0/OMDDs7qVianU3PEs20IdWCtLdXy5COAHZz7oLeqgoXYuu5RlW
eeJMXugiZaaqJK0pKNYMk2k+ZxAYZrZ5BUJc1w+wyoq61yDe2v4ZSUWMUnQzZwcq
MpP5j7TXgUT0qvonpkcVeWCs8mBKX1raIaiv979uMVdlg5ktD4eD0Ud05ujor/8a
xVnGyKbDhn38wgnJdtUOzj9hetW6f2v62UDqU283J3yrnSmL5xA9GhGyrVpmTHSU
qLzrTTT0cHJ6Vh89d+DfYpU0pTRzut3YBhA1ffHPRRFfqR+Xqp1PYDo81tUEXq80
4Nmtvu+KfxsBjk4tDjhUIuShczFFZJx6
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:38:45 2025 by rpki-client