Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/_yKSWrkDkRwLuyeEw7V9pcbzBzQ.roa
File: _yKSWrkDkRwLuyeEw7V9pcbzBzQ.roa (raw, json)
Hash identifier: jLNM2sHX2vfylKcapyq9YpIDhus6LKaV5p0RDPeX+Ps=
Subject key identifier: FF:22:92:5A:B9:03:91:1C:0B:BB:27:84:C3:B5:7D:A5:C6:F3:07:34
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 019424449B27A4A6C180171A649254E636C6
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/_yKSWrkDkRwLuyeEw7V9pcbzBzQ.roa
Signing time: Wed 01 Jan 2025 23:47:43 +0000
ROA not before: Wed 01 Jan 2025 23:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43733
IP address blocks: 46.130.0.0/16 maxlen: 16
46.130.0.0/17 maxlen: 17
46.130.128.0/17 maxlen: 17
46.130.255.0/24 maxlen: 24
83.139.24.0/21 maxlen: 21
83.139.24.0/22 maxlen: 22
83.139.28.0/22 maxlen: 22
83.139.32.0/22 maxlen: 22
185.36.36.0/22 maxlen: 22
185.36.36.0/24 maxlen: 24
217.76.0.0/20 maxlen: 20
217.76.0.0/21 maxlen: 21
217.76.0.0/24 maxlen: 24
217.76.1.0/24 maxlen: 24
217.76.2.0/24 maxlen: 24
217.76.8.0/21 maxlen: 21
2a00:1f28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:9b:27:a4:a6:c1:80:17:1a:64:92:54:e6:36:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Jan 1 23:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff22925ab903911c0bbb2784c3b57da5c6f30734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c4:66:b5:a6:00:03:52:9e:16:79:5e:e6:a7:
76:fb:2a:de:73:a0:10:67:7a:94:2a:83:ba:46:f1:
4d:bd:a3:cb:14:88:a6:7e:a0:41:be:d9:36:4b:6f:
ee:4d:61:58:25:df:c9:34:3a:e6:39:90:81:f4:27:
9d:aa:34:ca:58:c9:0b:45:c1:ed:0a:b0:63:c3:ee:
3f:4b:a8:c9:dd:06:0d:2e:b1:4f:28:49:c3:dc:91:
b1:f9:2c:60:e5:b6:dd:99:b8:0a:78:93:ae:43:e8:
f1:44:3e:b8:c0:25:cb:4b:81:27:e3:70:c0:9c:27:
04:8e:55:24:98:5e:3c:d3:b8:99:4a:2c:18:48:15:
f1:62:8f:62:49:06:0d:c7:58:87:ac:cc:64:86:d8:
c8:38:4f:52:10:fc:bb:2a:a1:5e:c5:73:59:7f:ce:
0a:e9:42:57:db:16:f7:7a:19:99:a9:9e:c2:70:ba:
a6:d3:6d:74:41:d5:85:bb:c8:d6:51:7e:5a:c0:59:
69:38:f4:39:05:16:d1:52:cc:65:2b:ae:c8:32:bd:
e4:0d:cf:95:74:bf:7d:3a:82:bf:94:0d:98:1b:2a:
5a:e5:1b:f8:79:3d:66:62:4e:a9:41:a3:32:e7:25:
e2:ce:7c:95:7e:30:fa:30:8d:ad:65:85:64:11:be:
f8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:22:92:5A:B9:03:91:1C:0B:BB:27:84:C3:B5:7D:A5:C6:F3:07:34
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/_yKSWrkDkRwLuyeEw7V9pcbzBzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.130.0.0/16
83.139.24.0-83.139.35.255
185.36.36.0/22
217.76.0.0/20
IPv6:
2a00:1f28::/32
Signature Algorithm: sha256WithRSAEncryption
0e:09:ba:83:dc:29:49:bf:97:2f:be:46:e6:79:a8:57:6f:15:
f0:22:91:ac:7c:bf:40:1e:80:d4:70:73:f9:a0:c4:fd:d4:2d:
aa:9c:c1:95:c1:80:ae:91:b1:1a:1e:54:0c:44:4e:b6:f0:8d:
d6:b5:cf:59:24:ac:c3:d4:07:53:27:8e:48:8b:9f:88:37:54:
65:96:74:aa:3c:8f:0c:df:69:2a:23:ba:6c:11:79:d6:bd:24:
e6:dd:8f:92:b0:f7:3b:76:63:43:56:95:53:56:5d:75:36:da:
19:68:c4:8c:67:df:ff:d9:e2:14:7f:90:da:ab:0a:70:6a:cd:
27:47:a3:21:1b:b9:26:d0:98:66:de:f2:70:1d:57:ce:70:ab:
2a:a1:9c:fd:a0:c5:8c:28:36:65:1b:89:79:0c:7f:3c:10:a7:
fb:3f:12:c8:33:c9:c5:1e:4c:f1:26:b7:a7:03:a3:db:16:c6:
7e:7f:82:7a:9b:dd:67:41:4f:95:42:8f:08:87:1d:0f:09:ec:
4a:22:c2:9c:c7:13:e2:17:ec:49:2b:5e:78:0c:af:54:9f:27:
1d:42:99:35:4c:6d:a1:b7:ca:d7:14:7a:85:75:a3:fb:33:dc:
ce:3c:38:b3:63:d7:aa:d0:d0:8e:2f:7e:ea:a9:8f:ea:f4:93:
f0:33:d5:14
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQkRJsnpKbBgBcaZJJU5jbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwMTAxMjM0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjIyOTI1YWI5MDM5MTFjMGJiYjI3ODRjM2I1N2RhNWM2ZjMwNzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8RmtaYAA1KeFnle5qd2+yrec6AQ
Z3qUKoO6RvFNvaPLFIimfqBBvtk2S2/uTWFYJd/JNDrmOZCB9CedqjTKWMkLRcHt
CrBjw+4/S6jJ3QYNLrFPKEnD3JGx+Sxg5bbdmbgKeJOuQ+jxRD64wCXLS4En43DA
nCcEjlUkmF4807iZSiwYSBXxYo9iSQYNx1iHrMxkhtjIOE9SEPy7KqFexXNZf84K
6UJX2xb3ehmZqZ7CcLqm0210QdWFu8jWUX5awFlpOPQ5BRbRUsxlK67IMr3kDc+V
dL99OoK/lA2YGypa5Rv4eT1mYk6pQaMy5yXiznyVfjD6MI2tZYVkEb74awIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFP8iklq5A5EcC7snhMO1faXG8wc0MB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvX3lLU1dya0RrUndMdXllRXc3VjlwY2J6QnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwMALoIwDAME
A1OLGAMEAlOLIAMEArkkJAMEBNlMADANBAIAAjAHAwUAKgAfKDANBgkqhkiG9w0B
AQsFAAOCAQEADgm6g9wpSb+XL75G5nmoV28V8CKRrHy/QB6A1HBz+aDE/dQtqpzB
lcGArpGxGh5UDEROtvCN1rXPWSSsw9QHUyeOSIufiDdUZZZ0qjyPDN9pKiO6bBF5
1r0k5t2PkrD3O3ZjQ1aVU1ZddTbaGWjEjGff/9niFH+Q2qsKcGrNJ0ejIRu5JtCY
Zt7ycB1XznCrKqGc/aDFjCg2ZRuJeQx/PBCn+z8SyDPJxR5M8Sa3pwOj2xbGfn+C
epvdZ0FPlUKPCIcdDwnsSiLCnMcT4hfsSSteeAyvVJ8nHUKZNUxtobfK1xR6hXWj
+zPczjw4s2PXqtDQji9+6qmP6vST8DPVFA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:38:53 2025 by rpki-client