Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/pHg3fEVrwNWgFz991qV6KPcu5xA.roa
File: pHg3fEVrwNWgFz991qV6KPcu5xA.roa (raw, json)
Hash identifier: wMJRSjPRa5lgwwV29VivxNhjx7zQbcTApyfxiZCZGUM=
Subject key identifier: A4:78:37:7C:45:6B:C0:D5:A0:17:3F:7D:D6:A5:7A:28:F7:2E:E7:10
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01944D0DD27DFC1674C10AC73A396A8FFEC5
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/pHg3fEVrwNWgFz991qV6KPcu5xA.roa
Signing time: Thu 09 Jan 2025 21:52:19 +0000
ROA not before: Thu 09 Jan 2025 21:52:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31287
IP address blocks: 46.55.252.0/22 maxlen: 22
46.55.252.0/24 maxlen: 24
46.55.253.0/24 maxlen: 24
46.55.254.0/24 maxlen: 24
77.78.152.0/21 maxlen: 21
77.78.153.0/24 maxlen: 24
77.78.154.0/24 maxlen: 24
77.78.159.0/24 maxlen: 24
80.72.64.0/24 maxlen: 24
80.72.72.0/24 maxlen: 24
85.187.3.0/24 maxlen: 24
85.187.4.0/24 maxlen: 24
85.187.6.0/24 maxlen: 24
85.187.8.0/24 maxlen: 24
85.187.10.0/23 maxlen: 23
85.187.15.0/24 maxlen: 24
85.187.18.0/24 maxlen: 24
85.187.20.0/24 maxlen: 24
85.187.42.0/24 maxlen: 24
85.187.50.0/24 maxlen: 24
85.187.62.0/24 maxlen: 24
85.187.63.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
85.187.222.0/24 maxlen: 24
85.187.232.0/24 maxlen: 24
85.187.248.0/24 maxlen: 24
151.237.29.0/24 maxlen: 24
151.237.91.0/24 maxlen: 24
151.237.92.0/24 maxlen: 24
151.237.93.0/24 maxlen: 24
151.237.128.0/24 maxlen: 24
185.46.160.0/22 maxlen: 22
185.46.163.0/24 maxlen: 24
185.72.58.0/24 maxlen: 24
185.200.40.0/22 maxlen: 22
195.85.215.0/24 maxlen: 24
2a01:9e40::/32 maxlen: 32
2a03:b540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4d:0d:d2:7d:fc:16:74:c1:0a:c7:3a:39:6a:8f:fe:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 9 21:52:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a478377c456bc0d5a0173f7dd6a57a28f72ee710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7b:48:fb:45:c0:69:4f:c7:4d:eb:6e:7c:f0:
d0:1a:13:ef:a2:68:f4:33:49:93:ae:76:85:89:ce:
9a:de:d9:fd:93:ad:0c:30:1b:e2:f2:64:19:01:cd:
c1:c6:bd:39:54:86:9f:d1:ad:f4:27:c0:0b:7a:21:
03:b5:9f:c1:8c:4c:5a:05:aa:ac:ff:10:a2:f3:cb:
55:dd:db:f5:e3:9c:41:2f:85:05:a6:06:a6:54:7d:
ec:f3:c6:fa:6f:58:84:c6:7d:01:f3:f4:f5:3a:38:
28:89:57:e4:6b:5f:a2:a7:56:39:7c:ac:3b:15:2f:
de:1e:b2:f3:df:14:a5:04:45:5f:2b:d9:4d:f6:12:
06:f7:d1:97:40:e8:d5:96:6a:20:0a:b1:6a:f8:3d:
04:88:b2:53:c1:48:05:88:9a:cb:b3:9f:6b:ea:ee:
28:f9:b3:e9:2c:cc:3c:8f:da:96:fd:4c:8d:ff:af:
25:5e:90:e7:02:da:8d:96:52:43:35:52:03:86:fe:
ca:b6:2c:ca:7d:b6:f2:bf:02:bb:f1:fa:2f:72:54:
64:0b:39:3d:15:d4:e7:c2:d3:52:50:60:27:4a:ef:
1a:6f:2e:a7:86:7c:df:0d:57:a3:39:d9:f1:ea:e4:
78:69:7b:d4:45:c6:26:03:dd:52:77:b6:fb:07:b0:
76:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:78:37:7C:45:6B:C0:D5:A0:17:3F:7D:D6:A5:7A:28:F7:2E:E7:10
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/pHg3fEVrwNWgFz991qV6KPcu5xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.252.0/22
77.78.152.0/21
80.72.64.0/24
80.72.72.0/24
85.187.3.0-85.187.4.255
85.187.6.0/24
85.187.8.0/24
85.187.10.0/23
85.187.15.0/24
85.187.18.0/24
85.187.20.0/24
85.187.42.0/24
85.187.50.0/24
85.187.62.0/23
85.187.184.0/23
85.187.222.0/24
85.187.232.0/24
85.187.248.0/24
151.237.29.0/24
151.237.91.0-151.237.93.255
151.237.128.0/24
185.46.160.0/22
185.72.58.0/24
185.200.40.0/22
195.85.215.0/24
IPv6:
2a01:9e40::/32
2a03:b540::/32
Signature Algorithm: sha256WithRSAEncryption
c5:6e:a0:f6:0d:c5:44:f3:2f:f3:de:17:f6:1f:4e:06:91:76:
ae:20:10:5b:44:8c:bd:d5:a1:1f:a3:44:f3:43:7d:ef:cd:b5:
a8:96:28:01:0c:33:93:a7:d2:00:77:94:8a:4b:74:af:87:0f:
2a:22:6e:ad:a1:17:17:dd:b1:78:47:e3:79:91:fd:63:4f:b2:
db:ec:1c:23:8a:18:fa:cc:d9:23:5d:e2:90:e2:55:ac:4c:f4:
df:3f:b8:a2:cc:1a:84:87:c4:a0:9f:3d:66:ca:83:e4:b2:f2:
e5:12:b3:5d:6e:4e:57:9a:2e:f0:17:e2:e5:52:73:f6:42:da:
64:50:54:90:b0:3e:cd:7c:f8:8d:ce:d7:6a:b8:3f:83:8d:a8:
5e:b6:b2:2f:96:27:c2:84:c8:ed:6c:44:4b:40:9a:14:54:da:
0e:2d:58:61:a2:a7:a5:8b:b4:3a:40:9e:3d:2c:1a:fe:33:13:
01:ff:73:88:9e:e0:df:6c:7e:fe:63:97:c9:64:44:dd:e8:67:
fe:28:37:bb:30:3d:dc:97:c3:f1:b5:a9:8f:ea:4f:12:04:b8:
c0:b8:07:ef:a1:18:b4:39:e2:6a:87:ca:4a:8e:43:d1:c2:c5:
53:60:d4:7d:a5:a7:30:e2:8b:b0:cd:83:63:e3:eb:6e:9a:03:
0c:7f:4b:41
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZRNDdJ9/BZ0wQrHOjlqj/7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjUwMTA5MjE1MjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc4Mzc3YzQ1NmJjMGQ1YTAxNzNmN2RkNmE1N2EyOGY3MmVlNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03tI+0XAaU/HTetufPDQGhPvomj0
M0mTrnaFic6a3tn9k60MMBvi8mQZAc3Bxr05VIaf0a30J8ALeiEDtZ/BjExaBaqs
/xCi88tV3dv145xBL4UFpgamVH3s88b6b1iExn0B8/T1OjgoiVfka1+ip1Y5fKw7
FS/eHrLz3xSlBEVfK9lN9hIG99GXQOjVlmogCrFq+D0EiLJTwUgFiJrLs59r6u4o
+bPpLMw8j9qW/UyN/68lXpDnAtqNllJDNVIDhv7KtizKfbbyvwK78fovclRkCzk9
FdTnwtNSUGAnSu8aby6nhnzfDVejOdnx6uR4aXvURcYmA91Sd7b7B7B2WwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFKR4N3xFa8DVoBc/fdaleij3LucQMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvcEhnM2ZFVnJ3TldnRno5OTFxVjZLUGN1NXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBrQQCAAEwgaYDBAIu
N/wDBANNTpgDBABQSEADBABQSEgwDAMEAFW7AwMEAFW7BAMEAFW7BgMEAFW7CAME
AVW7CgMEAFW7DwMEAFW7EgMEAFW7FAMEAFW7KgMEAFW7MgMEAVW7PgMEAVW7uAME
AFW73gMEAFW76AMEAFW7+AMEAJftHTAMAwQAl+1bAwQBl+1cAwQAl+2AAwQCuS6g
AwQAuUg6AwQCucgoAwQAw1XXMBQEAgACMA4DBQAqAZ5AAwUAKgO1QDANBgkqhkiG
9w0BAQsFAAOCAQEAxW6g9g3FRPMv894X9h9OBpF2riAQW0SMvdWhH6NE80N97821
qJYoAQwzk6fSAHeUikt0r4cPKiJuraEXF92xeEfjeZH9Y0+y2+wcI4oY+szZI13i
kOJVrEz03z+4oswahIfEoJ89ZsqD5LLy5RKzXW5OV5ou8Bfi5VJz9kLaZFBUkLA+
zXz4jc7Xarg/g42oXrayL5YnwoTI7WxES0CaFFTaDi1YYaKnpYu0OkCePSwa/jMT
Af9ziJ7g32x+/mOXyWRE3ehn/ig3uzA93JfD8bWpj+pPEgS4wLgH76EYtDniaofK
So5D0cLFU2DUfaWnMOKLsM2DY+PrbpoDDH9LQQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:05:56 2025 by rpki-client