Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/C96sw6xf_q4Bml872ezS5QwuPKM.roa
File: C96sw6xf_q4Bml872ezS5QwuPKM.roa (raw, json)
Hash identifier: 2/r67N6rpZkczrn7hcHB6xRvt+THrcXJ5UQXsAic+BU=
Subject key identifier: 0B:DE:AC:C3:AC:5F:FE:AE:01:9A:5F:3B:D9:EC:D2:E5:0C:2E:3C:A3
Certificate issuer: /CN=79b5134b11f940911f0ff315c948daa53f732ee0
Certificate serial: 01973ABD0DC279A39F98E83CD9C5C7F8A7F1
Authority key identifier: 79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/C96sw6xf_q4Bml872ezS5QwuPKM.roa
Signing time: Wed 04 Jun 2025 11:39:17 +0000
ROA not before: Wed 04 Jun 2025 11:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 46.254.48.0/24 maxlen: 24
46.254.49.0/24 maxlen: 24
46.254.50.0/24 maxlen: 24
46.254.51.0/24 maxlen: 24
46.254.52.0/24 maxlen: 24
46.254.53.0/24 maxlen: 24
46.254.54.0/24 maxlen: 24
46.254.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:bd:0d:c2:79:a3:9f:98:e8:3c:d9:c5:c7:f8:a7:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79b5134b11f940911f0ff315c948daa53f732ee0
Validity
Not Before: Jun 4 11:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bdeacc3ac5ffeae019a5f3bd9ecd2e50c2e3ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:55:c4:5e:88:f8:6b:1a:e3:f6:d3:12:5d:fc:
12:ff:8d:68:9c:b3:c4:75:94:00:43:78:9a:57:03:
e1:00:22:93:44:e0:4b:e3:29:5a:07:22:a3:b1:c0:
2c:8a:77:7e:62:3b:4a:6d:fb:99:63:96:10:2d:41:
0d:cf:af:ee:c8:ee:04:83:48:80:94:36:39:e3:98:
c8:ae:c9:fb:e7:4b:b0:9f:c1:d8:bb:2e:c7:c0:90:
ce:fe:e6:6e:d7:03:08:1c:c9:9e:3c:2b:3c:5d:ec:
d6:3a:1f:f5:f5:cc:ab:57:c1:9c:d0:09:fc:f6:7b:
9e:0b:9e:44:98:8b:b4:4f:ae:b2:d0:5b:f0:c3:ec:
2d:db:55:60:36:a0:0f:ef:9d:ed:b3:e5:08:df:7f:
6d:49:d7:4d:63:e4:44:2b:d9:68:d1:3c:db:86:d9:
a3:d4:45:a2:c4:72:71:3d:4d:59:b7:f2:fd:fc:b3:
b3:cf:3f:a9:ba:0f:49:b8:53:7b:f6:79:e1:c4:46:
80:c9:82:d7:95:e5:89:1e:65:9d:ef:58:15:40:27:
1a:ea:bd:a4:90:c2:b8:11:a7:ba:0f:25:ca:4d:1b:
67:4d:9e:51:b2:b7:d1:e1:42:6c:ca:91:c6:2c:41:
6c:9c:28:41:11:c3:13:95:ed:1b:e2:60:69:c1:23:
e1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DE:AC:C3:AC:5F:FE:AE:01:9A:5F:3B:D9:EC:D2:E5:0C:2E:3C:A3
X509v3 Authority Key Identifier:
keyid:79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/C96sw6xf_q4Bml872ezS5QwuPKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.48.0/21
Signature Algorithm: sha256WithRSAEncryption
80:33:e7:42:85:89:61:bf:48:a6:c0:fb:4a:28:4c:69:32:8f:
6b:4a:2d:32:48:b1:d2:6b:4f:53:60:12:71:1a:78:38:a5:f5:
f5:f6:ac:b9:33:eb:a3:ea:f0:d5:2f:8d:42:37:e3:b8:c0:31:
c9:0b:d8:66:0b:3d:86:a5:40:54:5d:93:b9:96:57:ce:5a:9f:
aa:81:6d:db:8d:be:1d:b5:ca:f1:be:e1:f9:be:91:90:f8:d3:
7c:17:7c:f5:0e:34:0e:91:a7:6e:e2:eb:32:71:c1:8a:46:c5:
25:7d:21:dd:9d:32:cc:af:6c:93:2f:73:a0:ef:d7:dc:f0:6c:
02:21:91:0c:38:35:5d:32:7e:37:b0:23:9d:28:9d:7b:92:5e:
21:27:14:e1:b1:85:d7:27:1a:7c:64:da:c9:1e:52:d0:e4:03:
e0:e9:d0:7c:9b:65:f2:20:cc:63:a9:5a:96:bf:28:b0:a7:b1:
b2:a1:e0:ab:9f:eb:04:10:03:20:25:d3:16:75:1a:f8:f6:f6:
a4:2c:f4:e8:90:e6:52:b4:2d:4f:83:0f:fa:4d:c1:1a:84:95:
bc:91:3c:04:9c:8d:f8:71:b5:39:c8:47:43:ce:a7:09:f0:b3:
bd:d1:d2:9b:fc:64:f2:4b:09:06:31:e1:ad:02:5c:d8:da:9d:
14:88:3d:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc6vQ3CeaOfmOg82cXH+KfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YjUxMzRiMTFmOTQwOTExZjBmZjMxNWM5NDhkYWE1M2Y3
MzJlZTAwHhcNMjUwNjA0MTEzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmRlYWNjM2FjNWZmZWFlMDE5YTVmM2JkOWVjZDJlNTBjMmUzY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1XEXoj4axrj9tMSXfwS/41onLPE
dZQAQ3iaVwPhACKTROBL4ylaByKjscAsind+YjtKbfuZY5YQLUENz6/uyO4Eg0iA
lDY545jIrsn750uwn8HYuy7HwJDO/uZu1wMIHMmePCs8XezWOh/19cyrV8Gc0An8
9nueC55EmIu0T66y0Fvww+wt21VgNqAP753ts+UI339tSddNY+REK9lo0Tzbhtmj
1EWixHJxPU1Zt/L9/LOzzz+pug9JuFN79nnhxEaAyYLXleWJHmWd71gVQCca6r2k
kMK4Eae6DyXKTRtnTZ5RsrfR4UJsypHGLEFsnChBEcMTle0b4mBpwSPh7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAverMOsX/6uAZpfO9ns0uUMLjyjMB8GA1UdIwQY
MBaAFHm1E0sR+UCRHw/zFclI2qU/cy7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYt
Y2VjMjJlYTc5NTEzLzEvQzk2c3c2eGZfcTRCbWw4NzJlelM1UXd1UEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYtY2VjMjJlYTc5NTEz
LzEvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv4wMA0G
CSqGSIb3DQEBCwUAA4IBAQCAM+dChYlhv0imwPtKKExpMo9rSi0ySLHSa09TYBJx
Gng4pfX19qy5M+uj6vDVL41CN+O4wDHJC9hmCz2GpUBUXZO5llfOWp+qgW3bjb4d
tcrxvuH5vpGQ+NN8F3z1DjQOkadu4usyccGKRsUlfSHdnTLMr2yTL3Og79fc8GwC
IZEMODVdMn43sCOdKJ17kl4hJxThsYXXJxp8ZNrJHlLQ5APg6dB8m2XyIMxjqVqW
vyiwp7GyoeCrn+sEEAMgJdMWdRr49vakLPTokOZStC1Pgw/6TcEahJW8kTwEnI34
cbU5yEdDzqcJ8LO90dKb/GTySwkGMeGtAlzY2p0UiD0B
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:45:21 2025 by rpki-client