Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/SMigdfBEZBCpmCAUQemz1HzXzsY.roa
File: SMigdfBEZBCpmCAUQemz1HzXzsY.roa (raw, json)
Hash identifier: rYoGdgZTMvC2OSoASCQvWU0g5tSPQxjtZ99HNktE1UI=
Subject key identifier: 48:C8:A0:75:F0:44:64:10:A9:98:20:14:41:E9:B3:D4:7C:D7:CE:C6
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 01942747D0B1D6596B5BF7DA0AADA6658A72
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/SMigdfBEZBCpmCAUQemz1HzXzsY.roa
Signing time: Thu 02 Jan 2025 13:50:05 +0000
ROA not before: Thu 02 Jan 2025 13:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199959
IP address blocks: 2.58.14.0/23 maxlen: 23
45.86.162.0/24 maxlen: 24
46.30.188.0/24 maxlen: 24
46.30.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d0:b1:d6:59:6b:5b:f7:da:0a:ad:a6:65:8a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 2 13:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48c8a075f0446410a998201441e9b3d47cd7cec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ca:c6:28:09:8f:75:3f:39:26:bb:4a:2b:c4:
cc:4c:54:a1:d8:0d:6f:4b:7c:83:f9:7d:3b:75:3e:
e8:40:34:ed:cf:eb:d1:1a:83:41:64:b8:2d:45:c6:
fa:1a:b4:80:38:2e:26:a6:bd:bc:b9:a6:cc:30:80:
71:97:6a:cc:3d:2f:17:9b:5a:0e:bb:26:3e:f6:8c:
15:ac:16:58:fc:38:eb:d4:02:72:67:23:32:91:1d:
e2:8e:e9:05:f2:b6:4e:27:7b:30:16:47:53:ff:c7:
d7:74:74:20:7d:2e:41:c6:0b:eb:36:9f:a7:ea:4f:
50:dd:45:89:b0:0d:ce:e6:24:b2:2e:80:f9:69:46:
5c:d2:1a:3c:53:05:ba:ec:ce:26:3a:5d:f8:17:e7:
d4:db:8d:0e:02:c7:5b:bf:31:54:b4:b3:38:6a:8a:
95:79:f5:84:d6:31:4f:ca:13:a3:0c:15:9e:6c:7e:
74:9c:de:bb:53:3d:a3:fd:7d:3b:18:db:92:44:e6:
bd:8c:fe:4d:a5:ab:ac:b4:22:e9:cf:a2:ac:85:78:
8f:9f:7b:05:a9:c9:7e:29:cf:86:ba:d6:71:8b:92:
88:24:44:da:83:03:c3:f6:e9:17:27:37:0f:4d:0f:
ad:9f:33:33:0b:da:30:a2:f0:4c:0d:6c:4b:43:b5:
d0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C8:A0:75:F0:44:64:10:A9:98:20:14:41:E9:B3:D4:7C:D7:CE:C6
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/SMigdfBEZBCpmCAUQemz1HzXzsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.14.0/23
45.86.162.0/24
46.30.188.0/24
46.30.191.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:05:b1:ce:66:a6:15:07:9e:96:da:2a:a0:5b:ed:5c:e7:17:
50:60:82:3b:45:78:73:81:2e:f7:f6:21:11:f0:c3:f8:57:62:
1b:b5:59:dc:f7:4f:d3:6e:16:95:f4:27:2c:ba:4a:d0:80:1f:
dd:0e:16:24:8f:e6:4e:95:53:49:35:1a:5e:56:31:ce:40:cc:
c5:f0:38:aa:28:0f:86:4a:ec:61:94:af:68:e3:3f:5f:7c:f8:
f6:05:04:e0:ee:69:c8:c7:4e:3c:57:df:62:82:ed:44:89:5d:
29:bf:a9:fd:a7:86:15:98:8b:e4:c4:3d:f1:d1:b9:88:fd:ae:
35:cf:00:c3:d8:96:93:e4:a6:d9:2b:a9:39:f1:46:33:a5:78:
c1:79:cc:33:95:a2:3a:15:c3:59:24:4d:a7:84:a8:b2:00:fd:
45:7f:a3:d3:92:e5:be:a9:4e:d6:62:45:3a:ea:f6:dd:2d:47:
ea:25:c4:95:f6:1b:37:65:6f:a2:47:c8:04:9e:89:9b:f1:dd:
05:96:81:83:08:17:6c:43:3d:cd:27:7f:90:d9:a4:30:3e:61:
d4:f4:e7:9e:c2:fc:6e:73:a9:cc:2e:5f:c5:7c:c9:d8:97:c1:
4a:f1:9d:d9:0b:e7:e8:e4:5f:ff:7b:cf:d3:fd:7e:2f:2f:ee:
e4:4e:9d:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnR9Cx1llrW/faCq2mZYpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjUwMTAyMTM1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM4YTA3NWYwNDQ2NDEwYTk5ODIwMTQ0MWU5YjNkNDdjZDdjZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8rGKAmPdT85JrtKK8TMTFSh2A1v
S3yD+X07dT7oQDTtz+vRGoNBZLgtRcb6GrSAOC4mpr28uabMMIBxl2rMPS8Xm1oO
uyY+9owVrBZY/Djr1AJyZyMykR3ijukF8rZOJ3swFkdT/8fXdHQgfS5BxgvrNp+n
6k9Q3UWJsA3O5iSyLoD5aUZc0ho8UwW67M4mOl34F+fU240OAsdbvzFUtLM4aoqV
efWE1jFPyhOjDBWebH50nN67Uz2j/X07GNuSROa9jP5NpaustCLpz6KshXiPn3sF
qcl+Kc+GutZxi5KIJETagwPD9ukXJzcPTQ+tnzMzC9owovBMDWxLQ7XQPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEjIoHXwRGQQqZggFEHps9R8187GMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvU01pZ2RmQkVaQkNwbUNBVVFlbXoxSHpYenNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjoOAwQA
LVaiAwQALh68AwQALh6/MA0GCSqGSIb3DQEBCwUAA4IBAQAdBbHOZqYVB56W2iqg
W+1c5xdQYII7RXhzgS739iER8MP4V2IbtVnc90/TbhaV9CcsukrQgB/dDhYkj+ZO
lVNJNRpeVjHOQMzF8DiqKA+GSuxhlK9o4z9ffPj2BQTg7mnIx048V99igu1EiV0p
v6n9p4YVmIvkxD3x0bmI/a41zwDD2JaT5KbZK6k58UYzpXjBecwzlaI6FcNZJE2n
hKiyAP1Ff6PTkuW+qU7WYkU66vbdLUfqJcSV9hs3ZW+iR8gEnomb8d0FloGDCBds
Qz3NJ3+Q2aQwPmHU9Oeewvxuc6nMLl/FfMnYl8FK8Z3ZC+fo5F//e8/T/X4vL+7k
Tp01
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:32:08 2025 by rpki-client