Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/HRiBqkMm3jYdrvB2_suIlLpeJLU.roa
File: HRiBqkMm3jYdrvB2_suIlLpeJLU.roa (raw, json)
Hash identifier: thuo/2wKh04k5fV07y+BJSuu+CRS6TthbxD3yT9m+AM=
Subject key identifier: 1D:18:81:AA:43:26:DE:36:1D:AE:F0:76:FE:CB:88:94:BA:5E:24:B5
Certificate issuer: /CN=b2735983dfb227a246df98876ec9d1af91f3d779
Certificate serial: 019423D6F53E26EA32F63BC3257AB973A7E5
Authority key identifier: B2:73:59:83:DF:B2:27:A2:46:DF:98:87:6E:C9:D1:AF:91:F3:D7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/HRiBqkMm3jYdrvB2_suIlLpeJLU.roa
Signing time: Wed 01 Jan 2025 21:47:57 +0000
ROA not before: Wed 01 Jan 2025 21:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197581
IP address blocks: 46.235.232.0/21 maxlen: 21
46.235.232.0/24 maxlen: 24
46.235.233.0/24 maxlen: 24
46.235.234.0/24 maxlen: 24
46.235.235.0/24 maxlen: 24
46.235.236.0/24 maxlen: 24
46.235.237.0/24 maxlen: 24
46.235.238.0/24 maxlen: 24
46.235.239.0/24 maxlen: 24
2a00:5ec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.mft
rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f5:3e:26:ea:32:f6:3b:c3:25:7a:b9:73:a7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2735983dfb227a246df98876ec9d1af91f3d779
Validity
Not Before: Jan 1 21:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d1881aa4326de361daef076fecb8894ba5e24b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:82:dc:84:d4:cf:1a:c1:e5:37:17:e4:10:af:
f9:69:de:c1:21:2f:71:f4:be:86:d3:3b:05:43:19:
da:aa:04:79:ae:d2:4a:96:fa:95:8f:f0:9a:97:16:
d9:3c:25:72:73:fe:54:4a:a2:68:1c:23:86:b4:be:
7d:bc:95:71:2f:ee:f5:73:ed:89:d7:30:2f:dc:37:
7a:ab:5c:fe:14:67:ea:49:29:ae:d1:a7:4c:10:e6:
b2:04:2e:c4:c2:31:cd:f0:7e:d7:82:95:69:23:6f:
fc:aa:0e:ec:46:74:f7:80:9f:78:34:bf:c5:d6:96:
af:f6:30:93:d3:4a:4d:d1:ce:17:81:e2:c4:1a:c8:
d3:9c:0b:68:b3:36:fb:cf:35:bc:b3:af:65:75:4e:
16:97:ef:af:0d:ad:66:63:1b:93:ed:0d:27:1b:aa:
02:0e:6a:65:e7:43:87:63:f9:dc:92:4b:47:39:fc:
cc:7e:76:57:c5:21:fc:c5:68:40:f6:5b:39:db:32:
f7:0f:5a:e4:0a:08:48:aa:73:72:cc:4a:ea:40:cc:
92:1c:6e:38:9a:7b:43:27:3d:29:5f:ca:d3:33:4c:
a1:50:36:82:ed:9e:e9:16:57:1c:54:a3:b5:7c:fd:
79:84:77:67:93:4e:58:98:f3:27:0c:51:c8:25:55:
41:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:18:81:AA:43:26:DE:36:1D:AE:F0:76:FE:CB:88:94:BA:5E:24:B5
X509v3 Authority Key Identifier:
keyid:B2:73:59:83:DF:B2:27:A2:46:DF:98:87:6E:C9:D1:AF:91:F3:D7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snNZg9-yJ6JG35iHbsnRr5Hz13k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/HRiBqkMm3jYdrvB2_suIlLpeJLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/475e19-9fbf-4d43-9285-ec5b325c6eb2/1/snNZg9-yJ6JG35iHbsnRr5Hz13k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.232.0/21
IPv6:
2a00:5ec0::/32
Signature Algorithm: sha256WithRSAEncryption
60:34:84:89:be:74:ec:06:cb:0d:8a:c2:32:aa:b7:26:45:74:
33:3f:72:1a:b5:c4:19:25:b2:77:7c:cf:8e:3d:bc:34:2b:24:
9a:a1:59:9b:fe:39:82:a0:1c:af:be:82:8e:2a:63:f6:c5:1f:
48:ce:9b:b4:97:bb:3f:01:48:86:5e:5a:25:3a:3a:f9:82:cd:
01:94:ad:15:71:6f:8b:4a:17:ef:bb:02:47:a5:e4:db:b1:6d:
69:98:0f:fa:e3:01:75:d2:38:a1:5c:5a:45:89:02:04:86:33:
56:dc:6d:32:b7:3e:13:08:62:3b:c7:c3:b5:73:5c:f5:a2:3d:
08:56:68:81:2b:ba:40:75:75:28:bc:f1:d5:e8:56:9f:00:24:
b9:8b:8e:d3:13:c0:40:05:c8:d1:c3:4c:1b:a1:ac:7a:36:45:
20:8c:f0:8b:e4:99:b4:cd:22:28:d8:e2:21:92:d5:c6:c4:d3:
ef:5f:ed:04:0a:2f:0e:d0:39:4f:1a:64:ca:09:a7:c6:a3:3f:
96:37:3c:5b:4c:e0:da:76:d0:65:b1:0e:8a:ee:d9:ca:79:49:
55:e4:e5:3a:75:fa:d6:28:18:a7:aa:13:b8:80:c3:d8:12:79:
33:9b:89:0c:02:6c:11:85:79:fa:de:db:01:63:a7:4d:f7:83:
98:5b:aa:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1vU+Juoy9jvDJXq5c6flMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNzM1OTgzZGZiMjI3YTI0NmRmOTg4NzZlYzlkMWFmOTFm
M2Q3NzkwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDE4ODFhYTQzMjZkZTM2MWRhZWYwNzZmZWNiODg5NGJhNWUyNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroLchNTPGsHlNxfkEK/5ad7BIS9x
9L6G0zsFQxnaqgR5rtJKlvqVj/CalxbZPCVyc/5USqJoHCOGtL59vJVxL+71c+2J
1zAv3Dd6q1z+FGfqSSmu0adMEOayBC7EwjHN8H7XgpVpI2/8qg7sRnT3gJ94NL/F
1pav9jCT00pN0c4XgeLEGsjTnAtoszb7zzW8s69ldU4Wl++vDa1mYxuT7Q0nG6oC
Dmpl50OHY/nckktHOfzMfnZXxSH8xWhA9ls52zL3D1rkCghIqnNyzErqQMySHG44
mntDJz0pX8rTM0yhUDaC7Z7pFlccVKO1fP15hHdnk05YmPMnDFHIJVVBiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB0YgapDJt42Ha7wdv7LiJS6XiS1MB8GA1UdIwQY
MBaAFLJzWYPfsieiRt+Yh27J0a+R89d5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc25OWmc5LXlKNkpHMzVpSGJzblJyNUh6MTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80NzVlMTktOWZiZi00ZDQzLTkyODUt
ZWM1YjMyNWM2ZWIyLzEvSFJpQnFrTW0zallkcnZCMl9zdUlsTHBlSkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80NzVlMTktOWZiZi00ZDQzLTkyODUtZWM1YjMyNWM2ZWIy
LzEvc25OWmc5LXlKNkpHMzVpSGJzblJyNUh6MTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuvoMA0E
AgACMAcDBQAqAF7AMA0GCSqGSIb3DQEBCwUAA4IBAQBgNISJvnTsBssNisIyqrcm
RXQzP3IatcQZJbJ3fM+OPbw0KySaoVmb/jmCoByvvoKOKmP2xR9Izpu0l7s/AUiG
XlolOjr5gs0BlK0VcW+LShfvuwJHpeTbsW1pmA/64wF10jihXFpFiQIEhjNW3G0y
tz4TCGI7x8O1c1z1oj0IVmiBK7pAdXUovPHV6FafACS5i47TE8BABcjRw0wboax6
NkUgjPCL5Jm0zSIo2OIhktXGxNPvX+0ECi8O0DlPGmTKCafGoz+WNzxbTODadtBl
sQ6K7tnKeUlV5OU6dfrWKBinqhO4gMPYEnkzm4kMAmwRhXn63tsBY6dN94OYW6oq
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:46:59 2025 by rpki-client