Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2zHtlNzBguVKDS5nTasTmyjW9hE.roa
File: 2zHtlNzBguVKDS5nTasTmyjW9hE.roa (raw, json)
Hash identifier: m9msWqaYN8otuMiejG9SIvRQgF5RRPTjT4hMG5TzZ+g=
Subject key identifier: DB:31:ED:94:DC:C1:82:E5:4A:0D:2E:67:4D:AB:13:9B:28:D6:F6:11
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0195FBB09B9F2FF8D352890DEDA9810CD67C
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2zHtlNzBguVKDS5nTasTmyjW9hE.roa
Signing time: Thu 03 Apr 2025 12:46:50 +0000
ROA not before: Thu 03 Apr 2025 12:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:b0:9b:9f:2f:f8:d3:52:89:0d:ed:a9:81:0c:d6:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Apr 3 12:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db31ed94dcc182e54a0d2e674dab139b28d6f611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b6:88:73:49:aa:14:bf:0f:5c:72:4b:f2:81:
92:94:5e:eb:77:11:fe:74:f9:8f:82:c3:ce:be:ae:
ec:d0:cd:20:6f:62:20:0b:a8:a3:1e:36:22:1a:2a:
65:91:8e:c2:cb:96:64:f8:09:cc:c5:e9:8d:8b:91:
cd:11:28:3f:ab:6e:e9:6a:4a:06:8c:df:29:b6:d9:
95:22:fb:69:12:60:c7:fd:a2:e4:37:31:22:8a:51:
37:77:d3:2e:af:b2:64:6e:c6:fc:cd:42:e0:91:cf:
5c:f1:9c:6a:6a:8e:16:73:13:87:4d:6a:d3:cf:7f:
d3:5d:43:a7:18:56:ee:25:41:58:a0:66:d8:54:68:
ae:01:39:5d:6a:ea:73:16:0e:4e:1e:92:c9:f8:28:
12:9e:cd:68:5c:42:1c:e0:0c:b5:13:b3:17:87:27:
b0:06:0a:3c:69:45:82:7f:91:ee:82:98:95:37:51:
f8:cf:91:84:07:cb:dc:ab:b4:5f:60:cb:2e:87:77:
14:72:d7:09:52:f1:3b:b5:a7:aa:ed:ae:ee:62:01:
62:d7:38:ae:b0:23:4c:db:8d:1e:ab:ee:61:92:5d:
7b:76:00:81:9d:3e:16:18:e7:e5:c3:90:ec:f6:97:
1a:08:f2:a8:6b:30:21:4c:71:23:97:26:bc:c1:0f:
30:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:31:ED:94:DC:C1:82:E5:4A:0D:2E:67:4D:AB:13:9B:28:D6:F6:11
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2zHtlNzBguVKDS5nTasTmyjW9hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:69:e3:f6:84:5f:19:e3:f1:6c:b2:51:91:14:10:5e:d6:ac:
9b:bd:30:a6:4a:26:83:6d:5a:a0:03:06:35:46:8f:30:28:7f:
9a:1e:26:84:c0:86:a2:d6:64:be:81:0a:90:1d:3e:e8:c3:50:
96:40:75:33:ad:90:1b:b2:23:24:69:42:c8:ff:54:b2:89:d0:
22:d6:19:26:fa:fd:a6:40:b1:6d:bc:7a:92:df:9a:44:8d:4d:
f5:ea:f9:46:8a:ee:58:9d:af:bf:fc:c9:08:7e:99:fe:ce:52:
a6:bc:c6:b2:17:a7:c0:ee:ab:03:9a:d1:46:02:89:b6:33:ee:
5d:c3:88:1b:40:e9:ac:10:2f:28:3d:6b:05:23:eb:f9:e7:82:
87:a0:17:05:55:86:23:a0:6e:14:0d:f4:c8:46:9b:fc:b6:2c:
86:fe:10:fe:a1:ac:5b:de:62:0c:23:eb:ca:e6:31:3d:2c:ad:
49:84:af:38:3b:08:52:4f:06:0e:20:6f:87:0e:88:d8:8f:3d:
15:7a:07:a4:10:a4:9f:d6:1c:a1:b7:76:79:df:7d:47:c1:0c:
ff:25:a6:06:4c:f1:55:03:79:58:0a:60:f8:7d:4a:de:0f:a8:
fe:d8:d8:97:35:fe:5d:2d:70:11:ce:f6:43:e9:9e:fd:47:7c:
ec:0b:d7:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX7sJufL/jTUokN7amBDNZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwNDAzMTI0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMxZWQ5NGRjYzE4MmU1NGEwZDJlNjc0ZGFiMTM5YjI4ZDZmNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LaIc0mqFL8PXHJL8oGSlF7rdxH+
dPmPgsPOvq7s0M0gb2IgC6ijHjYiGiplkY7Cy5Zk+AnMxemNi5HNESg/q27pakoG
jN8pttmVIvtpEmDH/aLkNzEiilE3d9Mur7Jkbsb8zULgkc9c8Zxqao4WcxOHTWrT
z3/TXUOnGFbuJUFYoGbYVGiuATldaupzFg5OHpLJ+CgSns1oXEIc4Ay1E7MXhyew
Bgo8aUWCf5HugpiVN1H4z5GEB8vcq7RfYMsuh3cUctcJUvE7taeq7a7uYgFi1ziu
sCNM240eq+5hkl17dgCBnT4WGOflw5Ds9pcaCPKoazAhTHEjlya8wQ8wzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsx7ZTcwYLlSg0uZ02rE5so1vYRMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMnpIdGxOekJndVZLRFM1blRhc1RteWpXOWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiViAwQA
LiVxMA0GCSqGSIb3DQEBCwUAA4IBAQAqaeP2hF8Z4/FsslGRFBBe1qybvTCmSiaD
bVqgAwY1Ro8wKH+aHiaEwIai1mS+gQqQHT7ow1CWQHUzrZAbsiMkaULI/1SyidAi
1hkm+v2mQLFtvHqS35pEjU316vlGiu5Yna+//MkIfpn+zlKmvMayF6fA7qsDmtFG
Aom2M+5dw4gbQOmsEC8oPWsFI+v554KHoBcFVYYjoG4UDfTIRpv8tiyG/hD+oaxb
3mIMI+vK5jE9LK1JhK84OwhSTwYOIG+HDojYjz0VegekEKSf1hyht3Z5331HwQz/
JaYGTPFVA3lYCmD4fUreD6j+2NiXNf5dLXARzvZD6Z79R3zsC9er
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:08 2025 by rpki-client