Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/rh4C4bkDzF0UU-Rq2Hn8tux9MW4.roa
File: rh4C4bkDzF0UU-Rq2Hn8tux9MW4.roa (raw, json)
Hash identifier: PnszswRHTfQc38hg/sKdIb8fJt96HNWBV5hNMabDEVE=
Subject key identifier: AE:1E:02:E1:B9:03:CC:5D:14:53:E4:6A:D8:79:FC:B6:EC:7D:31:6E
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0195FB7D558753AA1573DA7DC00FAC9EBF85
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/rh4C4bkDzF0UU-Rq2Hn8tux9MW4.roa
Signing time: Thu 03 Apr 2025 11:50:49 +0000
ROA not before: Thu 03 Apr 2025 11:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49304
IP address blocks: 46.3.40.0/21 maxlen: 24
46.3.96.0/20 maxlen: 24
46.3.192.0/22 maxlen: 24
46.232.48.0/21 maxlen: 24
46.232.56.0/21 maxlen: 24
46.232.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:7d:55:87:53:aa:15:73:da:7d:c0:0f:ac:9e:bf:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Apr 3 11:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae1e02e1b903cc5d1453e46ad879fcb6ec7d316e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:46:b8:31:09:89:b0:44:23:21:44:50:16:
a9:f1:5c:b5:e8:76:57:11:24:4c:7a:fd:61:23:24:
f4:67:0a:99:f6:ed:e5:45:94:39:bd:6e:b8:dd:70:
1a:2c:e7:33:c1:bb:4b:b9:17:b5:f4:0c:02:33:be:
03:9b:ba:2e:64:b0:27:03:4c:50:81:5c:ba:50:2a:
98:10:f4:fd:7f:c6:8d:78:0f:04:46:79:f8:0a:ec:
af:1b:40:e9:a4:d4:6d:7a:86:2f:96:22:69:fd:72:
d6:a4:23:de:9f:c2:06:04:a4:6b:5d:47:fe:1b:9a:
95:f5:df:4a:c7:d3:d2:ae:13:08:cb:55:73:f1:49:
d8:19:70:59:5c:f6:19:e5:15:3b:8e:71:f4:a6:83:
06:37:bb:49:bd:67:47:97:6d:09:f0:94:f9:da:60:
82:15:17:ed:6a:d0:2f:d2:3a:72:79:ca:8c:5f:0b:
5b:f0:4b:ac:b2:ad:5e:a1:57:75:7b:fb:d3:40:56:
8c:44:f2:11:6c:fc:71:ca:88:79:73:41:55:a9:b2:
39:39:33:ff:81:b4:a4:f9:47:56:a3:97:68:12:62:
f1:e5:1d:c0:37:48:69:1c:88:bf:89:5d:a8:5f:e2:
1b:80:d7:fd:f5:48:4a:b8:21:cc:b5:c6:80:fc:3e:
c3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1E:02:E1:B9:03:CC:5D:14:53:E4:6A:D8:79:FC:B6:EC:7D:31:6E
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/rh4C4bkDzF0UU-Rq2Hn8tux9MW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.40.0/21
46.3.96.0/20
46.3.192.0/22
46.232.48.0/20
46.232.104.0/21
Signature Algorithm: sha256WithRSAEncryption
55:a3:c6:e3:af:3a:cf:33:d5:0a:79:a5:43:ed:18:c9:3b:f2:
8a:fd:92:83:ea:af:37:ed:49:ff:93:1c:c3:d6:f0:e2:7c:91:
a1:50:5f:30:72:8f:1b:01:b4:7d:3c:02:0e:62:e6:27:a3:a5:
df:ba:be:1c:7b:fa:79:d9:f7:02:df:8d:ac:84:02:65:52:86:
eb:99:a2:95:4a:00:cd:41:2a:91:1c:20:6c:30:ee:9c:e6:32:
55:ca:f7:56:3d:23:29:a3:4d:ae:a2:56:1c:0b:ef:9f:b4:1e:
80:63:c9:18:03:ad:00:2a:2c:f4:43:83:2b:9a:e6:29:fc:5a:
ce:8c:a9:12:04:5d:49:ed:fe:9b:1e:a4:db:89:88:35:9b:80:
47:ed:72:c1:a6:bb:bf:a1:1c:22:cf:e6:46:b2:df:51:31:ab:
a6:01:01:94:0c:b7:9c:ec:29:bf:f9:c1:6a:21:c7:5f:cb:42:
23:e1:22:97:7d:a3:cd:5c:8f:d4:4c:05:e2:2f:c7:10:60:d0:
a7:d5:ea:de:f2:49:8c:c4:c4:08:aa:8e:e5:e1:68:64:74:8a:
70:43:26:03:51:ce:3b:f5:28:5a:d7:a1:ab:fc:76:d5:75:ec:
73:c6:82:b4:dc:e3:c4:a1:20:83:c2:6c:86:21:f4:b8:9f:46:
f7:5d:84:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZX7fVWHU6oVc9p9wA+snr+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNDAzMTE1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFlMDJlMWI5MDNjYzVkMTQ1M2U0NmFkODc5ZmNiNmVjN2QzMTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgFGuDEJibBEIyFEUBap8Vy16HZX
ESRMev1hIyT0ZwqZ9u3lRZQ5vW643XAaLOczwbtLuRe19AwCM74Dm7ouZLAnA0xQ
gVy6UCqYEPT9f8aNeA8ERnn4CuyvG0DppNRteoYvliJp/XLWpCPen8IGBKRrXUf+
G5qV9d9Kx9PSrhMIy1Vz8UnYGXBZXPYZ5RU7jnH0poMGN7tJvWdHl20J8JT52mCC
FRftatAv0jpyecqMXwtb8Eussq1eoVd1e/vTQFaMRPIRbPxxyoh5c0FVqbI5OTP/
gbSk+UdWo5doEmLx5R3AN0hpHIi/iV2oX+IbgNf99UhKuCHMtcaA/D7D3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK4eAuG5A8xdFFPkath5/LbsfTFuMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvcmg0QzRia0R6RjBVVS1ScTJIbjh0dXg5TVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLgMoAwQE
LgNgAwQCLgPAAwQELugwAwQDLuhoMA0GCSqGSIb3DQEBCwUAA4IBAQBVo8bjrzrP
M9UKeaVD7RjJO/KK/ZKD6q837Un/kxzD1vDifJGhUF8wco8bAbR9PAIOYuYno6Xf
ur4ce/p52fcC342shAJlUobrmaKVSgDNQSqRHCBsMO6c5jJVyvdWPSMpo02uolYc
C++ftB6AY8kYA60AKiz0Q4MrmuYp/FrOjKkSBF1J7f6bHqTbiYg1m4BH7XLBpru/
oRwiz+ZGst9RMaumAQGUDLec7Cm/+cFqIcdfy0Ij4SKXfaPNXI/UTAXiL8cQYNCn
1ere8kmMxMQIqo7l4WhkdIpwQyYDUc479Sha16Gr/HbVdexzxoK03OPEoSCDwmyG
IfS4n0b3XYRl
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:54 2025 by rpki-client