Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/ff59f7-bfc3-4989-8b8d-e98d052cea7f/1/WntKpaBL0rwf0OHtGIxbqp43a48.roa
File: WntKpaBL0rwf0OHtGIxbqp43a48.roa (raw, json)
Hash identifier: RD+6zKliyi529qWw5SlqL86NJOiZz+f7ljpnnMAUmvo=
Subject key identifier: 5A:7B:4A:A5:A0:4B:D2:BC:1F:D0:E1:ED:18:8C:5B:AA:9E:37:6B:8F
Certificate issuer: /CN=7780cd4e74f185a8f1ad40521b611b74d516bf77
Certificate serial: 019425FDC22C8DFA88A94825D1280801C8FB
Authority key identifier: 77:80:CD:4E:74:F1:85:A8:F1:AD:40:52:1B:61:1B:74:D5:16:BF:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d4DNTnTxhajxrUBSG2EbdNUWv3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/ff59f7-bfc3-4989-8b8d-e98d052cea7f/1/WntKpaBL0rwf0OHtGIxbqp43a48.roa
Signing time: Thu 02 Jan 2025 07:49:34 +0000
ROA not before: Thu 02 Jan 2025 07:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49895
IP address blocks: 46.254.76.0/24 maxlen: 24
46.254.79.0/24 maxlen: 24
2a00:e800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/ff59f7-bfc3-4989-8b8d-e98d052cea7f/1/d4DNTnTxhajxrUBSG2EbdNUWv3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/ff59f7-bfc3-4989-8b8d-e98d052cea7f/1/d4DNTnTxhajxrUBSG2EbdNUWv3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/d4DNTnTxhajxrUBSG2EbdNUWv3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c2:2c:8d:fa:88:a9:48:25:d1:28:08:01:c8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7780cd4e74f185a8f1ad40521b611b74d516bf77
Validity
Not Before: Jan 2 07:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a7b4aa5a04bd2bc1fd0e1ed188c5baa9e376b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:07:29:b7:06:29:9c:06:4a:91:8f:7d:39:e0:
20:11:9a:da:b4:28:e0:0a:36:f9:e7:a6:2b:94:c1:
1b:27:2b:1c:ac:7c:f6:bc:14:c7:06:6c:45:26:7a:
7b:91:db:f6:2d:7d:1a:05:ad:49:f8:43:56:ea:4e:
81:89:59:54:3d:d7:94:bc:c7:cf:1b:aa:60:78:26:
1c:1a:c1:da:b8:73:49:f7:a6:67:15:03:91:73:d9:
95:04:9a:1d:39:24:b7:96:2a:25:8c:64:f2:6e:9c:
7a:e0:61:c7:63:5e:00:d5:63:61:f9:26:02:cb:79:
7a:0c:61:b9:0f:6e:e8:bf:e0:8c:45:c0:1a:e0:d7:
71:d5:8c:7c:1a:41:fc:0a:ca:b0:2d:3f:3e:6f:16:
18:39:cd:70:28:5e:79:ad:6a:b4:b9:ea:33:31:3b:
c9:b8:7a:0c:bd:56:44:0a:56:92:16:df:49:11:b2:
5a:3b:97:33:ab:34:c0:5a:30:24:9b:83:3f:11:2a:
ca:eb:94:88:1f:e4:b7:94:5f:d9:a4:6f:5b:b1:60:
48:55:b2:9c:59:39:12:46:a9:b8:15:1b:a3:e5:77:
87:a0:cf:5e:66:c5:3b:e3:f5:ab:71:7e:24:49:40:
73:28:c3:df:42:e6:81:21:83:35:41:bb:40:ea:57:
8a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7B:4A:A5:A0:4B:D2:BC:1F:D0:E1:ED:18:8C:5B:AA:9E:37:6B:8F
X509v3 Authority Key Identifier:
keyid:77:80:CD:4E:74:F1:85:A8:F1:AD:40:52:1B:61:1B:74:D5:16:BF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4DNTnTxhajxrUBSG2EbdNUWv3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ff59f7-bfc3-4989-8b8d-e98d052cea7f/1/WntKpaBL0rwf0OHtGIxbqp43a48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/ff59f7-bfc3-4989-8b8d-e98d052cea7f/1/d4DNTnTxhajxrUBSG2EbdNUWv3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.76.0/24
46.254.79.0/24
IPv6:
2a00:e800::/32
Signature Algorithm: sha256WithRSAEncryption
e7:a5:e5:d3:77:07:1c:ce:b8:10:58:00:14:b2:ae:1d:d5:d6:
c2:6d:94:94:49:f7:03:e8:78:10:13:22:1d:cd:f8:9d:25:39:
0e:e6:36:4c:77:52:58:85:da:a8:f6:99:54:cf:f9:fc:63:27:
b7:82:a4:1f:f7:f5:e3:fb:0f:3e:d8:a3:52:3b:4c:79:6b:a8:
66:c0:70:b6:3f:bc:88:18:28:83:8a:78:2b:e3:ed:7c:0d:35:
23:7c:2b:e7:12:2e:59:e1:33:18:c4:50:96:20:bf:54:ce:92:
56:53:3a:9b:9e:eb:7b:f2:4c:2b:8a:ed:c9:d0:a7:b2:9d:29:
0c:d0:04:d9:8e:04:47:82:56:4a:9c:0f:d1:c8:7f:13:f4:22:
b0:c6:e0:57:d7:ca:64:c3:0b:dc:e5:fd:65:10:3f:e9:4e:40:
39:c9:e2:24:70:4e:0c:3d:91:1b:94:64:2a:48:e6:6a:1a:96:
6d:fc:91:1f:af:bf:37:e8:ef:e9:f2:f8:de:f4:e8:c4:b1:b9:
3d:75:aa:9a:ea:d4:d1:e7:49:ec:b9:af:ed:84:c1:d5:d7:8a:
e7:21:f7:72:f0:8d:59:96:fb:e2:f6:f5:1d:66:ad:7f:33:a4:
4a:f6:54:eb:e6:f0:04:4e:56:16:fd:7d:1a:2a:f0:3a:9a:71:
08:96:69:08
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/cIsjfqIqUgl0SgIAcj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ODBjZDRlNzRmMTg1YThmMWFkNDA1MjFiNjExYjc0ZDUx
NmJmNzcwHhcNMjUwMTAyMDc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdiNGFhNWEwNGJkMmJjMWZkMGUxZWQxODhjNWJhYTllMzc2YjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwcptwYpnAZKkY99OeAgEZratCjg
Cjb556YrlMEbJyscrHz2vBTHBmxFJnp7kdv2LX0aBa1J+ENW6k6BiVlUPdeUvMfP
G6pgeCYcGsHauHNJ96ZnFQORc9mVBJodOSS3lioljGTybpx64GHHY14A1WNh+SYC
y3l6DGG5D27ov+CMRcAa4Ndx1Yx8GkH8CsqwLT8+bxYYOc1wKF55rWq0ueozMTvJ
uHoMvVZEClaSFt9JEbJaO5czqzTAWjAkm4M/ESrK65SIH+S3lF/ZpG9bsWBIVbKc
WTkSRqm4FRuj5XeHoM9eZsU74/WrcX4kSUBzKMPfQuaBIYM1QbtA6leKhwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFp7SqWgS9K8H9Dh7RiMW6qeN2uPMB8GA1UdIwQY
MBaAFHeAzU508YWo8a1AUhthG3TVFr93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDRETlRuVHhoYWp4clVCU0cyRWJkTlVXdjNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mZjU5ZjctYmZjMy00OTg5LThiOGQt
ZTk4ZDA1MmNlYTdmLzEvV250S3BhQkwwcndmME9IdEdJeGJxcDQzYTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9mZjU5ZjctYmZjMy00OTg5LThiOGQtZTk4ZDA1MmNlYTdm
LzEvZDRETlRuVHhoYWp4clVCU0cyRWJkTlVXdjNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALv5MAwQA
Lv5PMA0EAgACMAcDBQAqAOgAMA0GCSqGSIb3DQEBCwUAA4IBAQDnpeXTdwcczrgQ
WAAUsq4d1dbCbZSUSfcD6HgQEyIdzfidJTkO5jZMd1JYhdqo9plUz/n8Yye3gqQf
9/Xj+w8+2KNSO0x5a6hmwHC2P7yIGCiDingr4+18DTUjfCvnEi5Z4TMYxFCWIL9U
zpJWUzqbnut78kwriu3J0KeynSkM0ATZjgRHglZKnA/RyH8T9CKwxuBX18pkwwvc
5f1lED/pTkA5yeIkcE4MPZEblGQqSOZqGpZt/JEfr7836O/p8vje9OjEsbk9daqa
6tTR50nsua/thMHV14rnIfdy8I1Zlvvi9vUdZq1/M6RK9lTr5vAETlYW/X0aKvA6
mnEIlmkI
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:41 2025 by rpki-client