Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/oiNGI_bcpF3mEjO_RBCVzx3DK1U.roa
File: oiNGI_bcpF3mEjO_RBCVzx3DK1U.roa (raw, json)
Hash identifier: B10wqz2PklYpjTBreQiuSX6phPWOejbhGojqUuKrxdY=
Subject key identifier: A2:23:46:23:F6:DC:A4:5D:E6:12:33:BF:44:10:95:CF:1D:C3:2B:55
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369E3584CA7214C1323BBAE340733C6
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/oiNGI_bcpF3mEjO_RBCVzx3DK1U.roa
Signing time: Wed 01 Jan 2025 19:48:49 +0000
ROA not before: Wed 01 Jan 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 46.3.191.0/24 maxlen: 24
46.3.200.0/24 maxlen: 24
46.3.201.0/24 maxlen: 24
46.3.250.0/24 maxlen: 24
46.232.67.0/24 maxlen: 24
46.232.72.0/21 maxlen: 24
46.232.96.0/21 maxlen: 24
149.126.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 08:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e3:58:4c:a7:21:4c:13:23:bb:ae:34:07:33:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2234623f6dca45de61233bf441095cf1dc32b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e8:73:2a:37:51:0a:c9:f9:27:c1:98:12:a9:
dc:a0:04:99:0c:4d:4b:73:78:24:c0:e3:57:ef:bc:
32:55:c9:64:9d:3e:de:40:8d:70:62:0a:55:f0:4c:
fd:1e:e1:51:07:52:e2:ea:24:00:71:5c:28:3e:af:
a7:6b:d2:04:f1:1e:56:1c:35:fa:67:ad:b4:f1:4f:
49:57:15:fd:2f:fc:37:95:e4:97:5e:be:1c:10:d8:
8e:cb:09:68:33:ae:c7:19:25:6b:0e:94:98:28:a1:
38:4e:3e:8a:c3:0f:71:32:e6:bb:7e:b4:df:22:32:
76:5d:cd:88:ac:0a:73:d5:d6:13:a0:44:9e:86:b1:
8b:9c:77:e4:27:9e:8f:16:af:3c:0b:15:39:6b:6c:
a8:9a:27:d3:63:34:41:43:97:db:ea:bb:d2:9d:92:
fd:a2:39:f2:71:4f:f3:17:33:45:9a:d7:bc:e0:c4:
a7:c8:db:fc:5d:5d:8f:d1:15:58:da:4d:e3:3d:2e:
10:19:86:12:61:7d:e4:50:aa:7f:2b:75:b1:b6:f5:
01:4d:f2:91:da:96:69:99:96:01:58:d9:31:64:f9:
99:04:f7:6b:d1:0f:74:cc:e4:f9:d1:b4:4d:92:47:
f4:3e:4e:a2:96:a5:64:a8:4f:bd:e7:30:71:f7:d0:
74:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:23:46:23:F6:DC:A4:5D:E6:12:33:BF:44:10:95:CF:1D:C3:2B:55
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/oiNGI_bcpF3mEjO_RBCVzx3DK1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.191.0/24
46.3.200.0/23
46.3.250.0/24
46.232.67.0/24
46.232.72.0/21
46.232.96.0/21
149.126.252.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a9:c2:64:44:2d:3b:df:06:4a:9d:ab:c8:c0:45:e9:e5:ac:
da:64:86:fd:30:19:9c:1c:2c:ad:8b:86:f1:72:d9:1e:9c:79:
80:28:06:bc:26:a1:c5:3f:7c:0a:1a:bf:02:77:5a:a1:6d:54:
0c:dd:c5:8f:cf:35:e7:1b:2f:ae:ff:1f:98:d1:07:c7:2d:af:
45:6d:e7:9b:2e:28:07:af:d1:ee:54:f8:56:cf:aa:3c:27:35:
d3:2c:f4:a7:82:53:16:33:e8:e4:fa:a5:75:d9:f9:89:67:29:
70:54:32:0e:72:2d:ae:35:fd:91:eb:b4:7e:50:77:4b:5c:39:
44:22:4a:86:23:78:fc:97:3e:10:a0:3a:79:b8:5d:90:fc:a5:
44:f2:89:0d:d4:c8:8e:42:a8:11:52:62:6e:47:39:3a:dc:61:
c4:ee:e5:cb:df:08:41:20:44:57:a3:8e:14:40:62:61:03:65:
81:fe:f3:4b:bb:7b:46:d3:53:c8:31:5b:fc:3d:d4:89:1c:ed:
f8:dd:4b:33:5d:f6:e0:5f:38:55:75:75:4b:f2:d2:a7:06:67:
1e:40:e4:15:b5:79:5d:6a:de:68:27:2a:1e:3a:c0:25:2b:3b:
9b:f5:10:37:75:8a:03:34:93:12:f7:ac:4e:0a:f2:bb:9b:ba:
08:68:60:54
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjaeNYTKchTBMju640BzPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIzNDYyM2Y2ZGNhNDVkZTYxMjMzYmY0NDEwOTVjZjFkYzMyYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ehzKjdRCsn5J8GYEqncoASZDE1L
c3gkwONX77wyVclknT7eQI1wYgpV8Ez9HuFRB1Li6iQAcVwoPq+na9IE8R5WHDX6
Z6208U9JVxX9L/w3leSXXr4cENiOywloM67HGSVrDpSYKKE4Tj6Kww9xMua7frTf
IjJ2Xc2IrApz1dYToESehrGLnHfkJ56PFq88CxU5a2yomifTYzRBQ5fb6rvSnZL9
ojnycU/zFzNFmte84MSnyNv8XV2P0RVY2k3jPS4QGYYSYX3kUKp/K3WxtvUBTfKR
2pZpmZYBWNkxZPmZBPdr0Q90zOT50bRNkkf0Pk6ilqVkqE+95zBx99B0awIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKIjRiP23KRd5hIzv0QQlc8dwytVMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvb2lOR0lfYmNwRjNtRWpPX1JCQ1Z6eDNESzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALgO/AwQB
LgPIAwQALgP6AwQALuhDAwQDLuhIAwQDLuhgAwQAlX78MA0GCSqGSIb3DQEBCwUA
A4IBAQCQqcJkRC073wZKnavIwEXp5azaZIb9MBmcHCyti4bxctkenHmAKAa8JqHF
P3wKGr8Cd1qhbVQM3cWPzzXnGy+u/x+Y0QfHLa9FbeebLigHr9HuVPhWz6o8JzXT
LPSnglMWM+jk+qV12fmJZylwVDIOci2uNf2R67R+UHdLXDlEIkqGI3j8lz4QoDp5
uF2Q/KVE8okN1MiOQqgRUmJuRzk63GHE7uXL3whBIERXo44UQGJhA2WB/vNLu3tG
01PIMVv8PdSJHO343UszXfbgXzhVdXVL8tKnBmceQOQVtXldat5oJyoeOsAlKzub
9RA3dYoDNJMS96xOCvK7m7oIaGBU
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:00:07 2025 by rpki-client