Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/qyHLXm2OQcgseK9h-t2g9Lu5Ec4.roa
File: qyHLXm2OQcgseK9h-t2g9Lu5Ec4.roa (raw, json)
Hash identifier: YNT2mRKizx1FX7u+UHZvlqK93lAk1uCUPDeUJgC1SYs=
Subject key identifier: AB:21:CB:5E:6D:8E:41:C8:2C:78:AF:61:FA:DD:A0:F4:BB:B9:11:CE
Certificate issuer: /CN=79b5134b11f940911f0ff315c948daa53f732ee0
Certificate serial: 01973AC0B925AF51C5807D45837FA4915BD2
Authority key identifier: 79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/qyHLXm2OQcgseK9h-t2g9Lu5Ec4.roa
Signing time: Wed 04 Jun 2025 11:43:18 +0000
ROA not before: Wed 04 Jun 2025 11:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52033
IP address blocks: 46.254.48.0/21 maxlen: 21
46.254.48.0/24 maxlen: 24
46.254.49.0/24 maxlen: 24
46.254.50.0/24 maxlen: 24
46.254.51.0/24 maxlen: 24
46.254.52.0/24 maxlen: 24
46.254.53.0/24 maxlen: 24
46.254.54.0/24 maxlen: 24
46.254.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:c0:b9:25:af:51:c5:80:7d:45:83:7f:a4:91:5b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79b5134b11f940911f0ff315c948daa53f732ee0
Validity
Not Before: Jun 4 11:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab21cb5e6d8e41c82c78af61fadda0f4bbb911ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:32:8a:d7:fe:cd:ac:5d:79:81:a7:a6:3a:
22:28:f4:30:6b:6d:96:cb:27:ab:2e:eb:54:ca:8e:
e3:49:4a:53:a5:c8:1e:08:ae:75:13:16:2c:b4:19:
de:86:5a:e6:43:90:6f:ef:c7:96:b0:77:05:45:fa:
6a:8d:35:95:20:70:b8:5a:db:d6:33:be:e6:7e:cf:
27:6f:e2:5e:32:f3:d2:ac:06:52:4c:57:93:73:19:
39:f1:36:5e:9a:aa:94:84:e9:fc:53:1a:5c:a9:d9:
91:75:d6:fc:76:60:10:c1:96:4c:c4:0e:22:1f:a5:
6e:80:a9:aa:f1:d8:0d:ff:50:ae:e2:ca:54:ef:b5:
29:f1:35:c6:a8:80:ec:d9:f1:80:12:0f:71:82:18:
86:d2:06:21:24:21:3b:77:45:9f:15:71:e3:a1:fa:
b2:1f:d0:aa:dc:7c:98:2a:e7:8b:a3:79:a5:19:c2:
d2:90:70:f1:2e:81:51:85:bd:98:46:f9:1e:71:96:
dd:11:45:a4:89:c0:cd:8e:c6:a8:a4:69:1c:6a:8b:
15:da:c7:69:6c:3f:d6:cf:60:fd:36:51:63:e1:42:
31:4d:df:72:76:27:23:b1:1a:f9:8c:e0:10:4b:bf:
39:33:ed:0b:c9:ff:38:e3:90:0f:57:6c:9d:93:35:
c0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:21:CB:5E:6D:8E:41:C8:2C:78:AF:61:FA:DD:A0:F4:BB:B9:11:CE
X509v3 Authority Key Identifier:
keyid:79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/qyHLXm2OQcgseK9h-t2g9Lu5Ec4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.48.0/21
Signature Algorithm: sha256WithRSAEncryption
23:3e:e0:29:c2:d3:8e:ff:80:72:b2:fc:aa:02:d1:6b:94:f0:
ad:4d:1d:a8:77:ff:8d:fb:56:24:88:9f:7b:43:cd:03:11:46:
b4:b2:7a:f2:dd:69:4c:4c:c6:06:d1:b9:ef:52:82:7c:d4:d1:
40:51:3f:0a:c6:9b:50:43:7f:54:b7:aa:a3:c1:f0:da:9f:37:
2a:51:b2:fe:a7:b0:5a:5b:e9:be:d6:57:39:c9:14:f1:65:01:
9b:96:80:23:54:74:de:70:3c:fb:57:7b:7d:f2:f7:c0:a1:fa:
b7:9f:45:ee:e4:dc:f8:cf:44:f6:27:ec:37:5d:44:bc:75:08:
a2:4e:80:5f:de:5f:29:c5:8e:b2:75:7b:e4:25:75:d4:20:ea:
e2:84:7b:09:90:8d:6b:6a:e6:9b:c7:fb:19:c1:1d:ef:02:f3:
38:8f:83:22:03:36:e9:f4:a2:28:e9:cb:34:c1:73:ce:16:27:
8e:fe:bc:96:54:22:d5:43:a4:08:3b:48:3b:11:42:45:bd:c4:
5d:7c:f6:1d:55:ca:d2:a8:46:d5:55:65:1a:29:aa:82:99:e5:
52:91:dc:99:c0:8a:e6:76:6d:6a:c5:3a:0b:49:65:26:f0:05:
dd:e2:a3:b5:a0:47:4a:1b:0c:d3:04:d2:0d:df:df:54:d9:50:
e2:3f:a8:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc6wLklr1HFgH1Fg3+kkVvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YjUxMzRiMTFmOTQwOTExZjBmZjMxNWM5NDhkYWE1M2Y3
MzJlZTAwHhcNMjUwNjA0MTE0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjIxY2I1ZTZkOGU0MWM4MmM3OGFmNjFmYWRkYTBmNGJiYjkxMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v0yitf+zaxdeYGnpjoiKPQwa22W
yyerLutUyo7jSUpTpcgeCK51ExYstBnehlrmQ5Bv78eWsHcFRfpqjTWVIHC4WtvW
M77mfs8nb+JeMvPSrAZSTFeTcxk58TZemqqUhOn8UxpcqdmRddb8dmAQwZZMxA4i
H6VugKmq8dgN/1Cu4spU77Up8TXGqIDs2fGAEg9xghiG0gYhJCE7d0WfFXHjofqy
H9Cq3HyYKueLo3mlGcLSkHDxLoFRhb2YRvkecZbdEUWkicDNjsaopGkcaosV2sdp
bD/Wz2D9NlFj4UIxTd9ydicjsRr5jOAQS785M+0Lyf8445APV2ydkzXAFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKshy15tjkHILHivYfrdoPS7uRHOMB8GA1UdIwQY
MBaAFHm1E0sR+UCRHw/zFclI2qU/cy7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYt
Y2VjMjJlYTc5NTEzLzEvcXlITFhtMk9RY2dzZUs5aC10Mmc5THU1RWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYtY2VjMjJlYTc5NTEz
LzEvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv4wMA0G
CSqGSIb3DQEBCwUAA4IBAQAjPuApwtOO/4BysvyqAtFrlPCtTR2od/+N+1YkiJ97
Q80DEUa0snry3WlMTMYG0bnvUoJ81NFAUT8KxptQQ39Ut6qjwfDanzcqUbL+p7Ba
W+m+1lc5yRTxZQGbloAjVHTecDz7V3t98vfAofq3n0Xu5Nz4z0T2J+w3XUS8dQii
ToBf3l8pxY6ydXvkJXXUIOrihHsJkI1rauabx/sZwR3vAvM4j4MiAzbp9KIo6cs0
wXPOFieO/ryWVCLVQ6QIO0g7EUJFvcRdfPYdVcrSqEbVVWUaKaqCmeVSkdyZwIrm
dm1qxToLSWUm8AXd4qO1oEdKGwzTBNIN399U2VDiP6j6
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:17:51 2025 by rpki-client