Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/rWHh4mQ0uaKggoKTpG34xhoULNA.roa
File: rWHh4mQ0uaKggoKTpG34xhoULNA.roa (raw, json)
Hash identifier: E9+8lA/ClMI1O0rcr+QMuqVLJyMAlgl6OS/N6XXdTOQ=
Subject key identifier: AD:61:E1:E2:64:34:B9:A2:A0:82:82:93:A4:6D:F8:C6:1A:14:2C:D0
Certificate issuer: /CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Certificate serial: 0194221FE46D842079F2C8E8E33DA2123167
Authority key identifier: 61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/rWHh4mQ0uaKggoKTpG34xhoULNA.roa
Signing time: Wed 01 Jan 2025 13:48:22 +0000
ROA not before: Wed 01 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51790
IP address blocks: 46.19.8.0/23 maxlen: 24
46.19.10.0/23 maxlen: 24
46.19.12.0/23 maxlen: 24
46.19.14.0/23 maxlen: 24
185.57.144.0/23 maxlen: 23
185.57.145.0/24 maxlen: 24
185.57.146.0/24 maxlen: 24
185.92.228.0/24 maxlen: 24
185.97.52.0/22 maxlen: 24
185.185.88.0/22 maxlen: 24
193.3.59.0/24 maxlen: 24
209.16.152.0/22 maxlen: 23
217.61.252.0/24 maxlen: 24
2a02:28b0::/32 maxlen: 32
2a02:28b1::/32 maxlen: 32
2a02:28b2::/32 maxlen: 32
2a02:28b7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e4:6d:84:20:79:f2:c8:e8:e3:3d:a2:12:31:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Validity
Not Before: Jan 1 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad61e1e26434b9a2a0828293a46df8c61a142cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c1:47:fa:ba:63:00:2b:df:21:fa:e3:59:86:
0c:78:74:ef:e4:e3:f6:8f:00:da:a4:76:10:1b:20:
7c:0a:0e:5c:cc:51:a1:4b:a8:08:b3:51:5f:60:4e:
1e:b0:b9:9d:1d:5e:3a:62:d1:9e:57:b6:d2:61:c3:
df:6f:25:8b:7d:78:6e:2b:32:81:ed:2b:e0:dd:61:
e3:0f:4f:65:0a:70:23:6a:7c:42:11:ce:f8:ab:37:
47:77:45:a2:b9:c5:71:b6:b1:57:80:35:1b:f0:89:
ff:69:90:4a:1e:69:d7:4f:01:53:b1:7e:ec:4b:b5:
95:37:7a:14:2e:75:93:95:73:f0:f5:a1:59:7f:b9:
f8:9e:1c:32:be:89:9e:ca:aa:d3:15:4d:25:31:c0:
e8:44:10:12:8b:80:dc:a4:70:f1:46:87:1f:79:18:
d8:9e:12:9c:a4:3b:01:ef:7d:d5:08:44:72:6c:66:
9e:39:8a:96:cc:a6:4f:d3:aa:b0:47:fd:07:45:b7:
58:3f:12:0e:a4:70:96:fe:81:de:99:e9:70:ba:1c:
86:4e:1d:31:49:92:5b:c7:42:34:0f:f4:a0:6c:89:
9e:5c:1a:d0:d8:11:6d:cb:ff:4f:e8:64:61:87:66:
9b:67:21:ca:1e:21:63:19:6f:13:24:b3:eb:13:b2:
79:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:61:E1:E2:64:34:B9:A2:A0:82:82:93:A4:6D:F8:C6:1A:14:2C:D0
X509v3 Authority Key Identifier:
keyid:61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/rWHh4mQ0uaKggoKTpG34xhoULNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.8.0/21
185.57.144.0-185.57.146.255
185.92.228.0/24
185.97.52.0/22
185.185.88.0/22
193.3.59.0/24
209.16.152.0/22
217.61.252.0/24
IPv6:
2a02:28b0::-2a02:28b2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:28b7::/32
Signature Algorithm: sha256WithRSAEncryption
55:bf:8f:cb:b5:a0:49:bc:79:0f:40:2e:59:70:8a:6e:24:86:
46:d6:e6:18:e3:61:ec:38:52:d4:98:e4:94:0c:b5:de:77:c7:
58:c1:f6:fd:0d:14:f4:4f:7f:83:60:96:70:ca:61:21:bc:50:
82:6a:b6:59:c4:6f:c1:04:c7:09:ec:59:2f:84:9a:24:f8:e6:
50:f5:38:aa:48:d8:8f:54:75:d0:cf:67:c0:df:6e:a2:ef:43:
39:e1:f3:0a:92:55:f6:d7:16:ce:49:32:87:d4:c9:78:35:bc:
a5:63:29:a0:c7:7f:45:78:ca:29:69:e7:c9:ca:90:94:92:17:
05:29:96:e3:f1:18:43:76:12:69:3d:8a:66:cc:0e:47:da:46:
de:b1:da:0d:6e:c0:6f:7d:f8:e0:36:4d:0d:10:21:3d:c8:e3:
1e:84:01:41:3d:ab:6e:d7:3b:81:9b:39:39:8d:65:94:dd:e0:
3e:b5:08:c5:84:84:16:6f:e5:0e:75:4a:78:1d:a3:8e:8f:15:
26:84:09:c8:5b:b1:da:d3:55:19:dd:1d:83:b6:f0:79:c1:4e:
76:19:3c:28:ff:40:c6:2f:d0:2a:ca:93:c4:a2:01:58:98:94:
bb:e0:df:1d:55:d0:f7:6f:86:4a:f0:41:02:40:77:3b:94:b2:
83:ca:50:da
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZQiH+RthCB58sjo4z2iEjFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGM5NTg1ODg5Zjk4ZTBjNzdmOWI2Y2Q4MDM2MWFhMDJi
ZGQ2OGUwHhcNMjUwMTAxMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDYxZTFlMjY0MzRiOWEyYTA4MjgyOTNhNDZkZjhjNjFhMTQyY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsFH+rpjACvfIfrjWYYMeHTv5OP2
jwDapHYQGyB8Cg5czFGhS6gIs1FfYE4esLmdHV46YtGeV7bSYcPfbyWLfXhuKzKB
7Svg3WHjD09lCnAjanxCEc74qzdHd0WiucVxtrFXgDUb8In/aZBKHmnXTwFTsX7s
S7WVN3oULnWTlXPw9aFZf7n4nhwyvomeyqrTFU0lMcDoRBASi4DcpHDxRocfeRjY
nhKcpDsB733VCERybGaeOYqWzKZP06qwR/0HRbdYPxIOpHCW/oHemelwuhyGTh0x
SZJbx0I0D/SgbImeXBrQ2BFty/9P6GRhh2abZyHKHiFjGW8TJLPrE7J58wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFK1h4eJkNLmioIKCk6Rt+MYaFCzQMB8GA1UdIwQY
MBaAFGFMlYWIn5jgx3+bbNgDYaoCvdaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjIt
MGI0NTc1YjY5YzU3LzEvcldIaDRtUTB1YUtnZ29LVHBHMzR4aG9VTE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjItMGI0NTc1YjY5YzU3
LzEvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzA+BAIAATA4AwQDLhMIMAwD
BAS5OZADBAC5OZIDBAC5XOQDBAK5YTQDBAK5uVgDBADBAzsDBALREJgDBADZPfww
HQQCAAIwFzAOAwUEKgIosAMFACoCKLIDBQAqAii3MA0GCSqGSIb3DQEBCwUAA4IB
AQBVv4/LtaBJvHkPQC5ZcIpuJIZG1uYY42HsOFLUmOSUDLXed8dYwfb9DRT0T3+D
YJZwymEhvFCCarZZxG/BBMcJ7FkvhJok+OZQ9TiqSNiPVHXQz2fA326i70M54fMK
klX21xbOSTKH1Ml4NbylYymgx39FeMopaefJypCUkhcFKZbj8RhDdhJpPYpmzA5H
2kbesdoNbsBvffjgNk0NECE9yOMehAFBPatu1zuBmzk5jWWU3eA+tQjFhIQWb+UO
dUp4HaOOjxUmhAnIW7Ha01UZ3R2DtvB5wU52GTwo/0DGL9AqypPEogFYmJS74N8d
VdD3b4ZK8EECQHc7lLKDylDa
-----END CERTIFICATE-----
Generated at Wed Apr 16 20:56:28 2025 by rpki-client