Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/289fc2-f278-4f66-b8ec-c743cb6d2fc3/1/oX3nNgieJ2JInSOqTkqnW4BSKKU.roa
File: oX3nNgieJ2JInSOqTkqnW4BSKKU.roa (raw, json)
Hash identifier: E/puRqDQplddqvaDsExSE6S/JUmdbOP6wn7iah2FAFE=
Subject key identifier: A1:7D:E7:36:08:9E:27:62:48:9D:23:AA:4E:4A:A7:5B:80:52:28:A5
Certificate issuer: /CN=c35f03949e661e24be0f1e08c64dad05e31c4eaf
Certificate serial: 019424B2D733C5D2A879C6290B474C3877E4
Authority key identifier: C3:5F:03:94:9E:66:1E:24:BE:0F:1E:08:C6:4D:AD:05:E3:1C:4E:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w18DlJ5mHiS-Dx4Ixk2tBeMcTq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/289fc2-f278-4f66-b8ec-c743cb6d2fc3/1/oX3nNgieJ2JInSOqTkqnW4BSKKU.roa
Signing time: Thu 02 Jan 2025 01:48:07 +0000
ROA not before: Thu 02 Jan 2025 01:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46071
IP address blocks: 46.40.203.0/24 maxlen: 24
46.40.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/289fc2-f278-4f66-b8ec-c743cb6d2fc3/1/w18DlJ5mHiS-Dx4Ixk2tBeMcTq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/289fc2-f278-4f66-b8ec-c743cb6d2fc3/1/w18DlJ5mHiS-Dx4Ixk2tBeMcTq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w18DlJ5mHiS-Dx4Ixk2tBeMcTq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:d7:33:c5:d2:a8:79:c6:29:0b:47:4c:38:77:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35f03949e661e24be0f1e08c64dad05e31c4eaf
Validity
Not Before: Jan 2 01:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a17de736089e2762489d23aa4e4aa75b805228a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:33:59:90:53:fa:47:41:35:fc:b1:7b:9c:
16:f0:a3:7b:74:47:b5:6e:06:bb:6f:e0:c7:86:0f:
90:be:39:aa:62:87:9b:91:55:8d:fe:51:5a:c5:dd:
f2:d5:c1:be:0b:61:ea:a6:ff:05:11:6d:e7:93:cb:
3b:e0:fe:97:8e:e1:fb:f8:93:2c:dd:a3:40:8b:48:
1d:1c:31:d2:2a:e8:ba:1b:d7:ca:3b:d8:cd:f0:54:
f2:49:01:09:ab:ba:6d:4c:2b:50:61:50:99:c5:5a:
db:09:10:c4:9d:61:de:df:2e:a3:e5:6c:75:21:51:
1a:72:b6:fd:fa:6b:fd:4b:38:12:d6:33:29:6f:36:
c7:5d:6c:66:ac:95:c7:29:5e:58:fa:e8:e2:15:9c:
d3:09:7b:1d:85:92:9f:60:40:be:87:24:f6:c6:6b:
8d:16:ef:45:08:7e:02:d2:8c:c7:fc:8e:95:8c:10:
1d:92:ab:0e:0a:7e:62:b8:2f:1f:3f:69:72:43:41:
72:d6:98:32:6e:70:a1:52:83:c2:a4:8b:20:5f:1a:
c4:45:d1:60:19:8c:eb:25:c9:79:3f:40:14:4b:3c:
31:a4:8b:53:9a:95:ae:cf:51:60:09:f8:83:b9:f0:
60:6c:5a:03:06:cc:0d:3c:54:56:e8:19:cc:17:62:
9a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7D:E7:36:08:9E:27:62:48:9D:23:AA:4E:4A:A7:5B:80:52:28:A5
X509v3 Authority Key Identifier:
keyid:C3:5F:03:94:9E:66:1E:24:BE:0F:1E:08:C6:4D:AD:05:E3:1C:4E:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w18DlJ5mHiS-Dx4Ixk2tBeMcTq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/289fc2-f278-4f66-b8ec-c743cb6d2fc3/1/oX3nNgieJ2JInSOqTkqnW4BSKKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/289fc2-f278-4f66-b8ec-c743cb6d2fc3/1/w18DlJ5mHiS-Dx4Ixk2tBeMcTq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.40.203.0/24
46.40.205.0/24
Signature Algorithm: sha256WithRSAEncryption
28:8e:17:a1:9f:1b:a4:07:e8:6e:98:58:62:9b:82:d8:6e:7c:
fc:8d:63:7d:ad:2d:9d:a3:12:a2:09:6f:f3:bd:cf:84:94:1b:
7d:48:f8:53:67:19:b4:1b:aa:0c:32:af:ef:ce:09:a8:34:d2:
c4:cc:3c:4b:c6:ed:40:23:25:6a:85:a3:31:27:5a:70:ef:89:
d5:94:54:7f:cc:a0:b3:e6:3d:16:9c:49:08:a7:1e:8c:80:be:
8e:f2:37:11:05:eb:b7:87:9d:9d:a0:c1:ca:4f:56:f2:a2:89:
8c:02:f2:0b:9c:b8:b8:fd:81:59:48:9d:8b:67:9e:c3:87:f9:
90:ed:d1:97:9a:04:b6:4c:d0:c1:d5:6b:bc:0f:41:b6:8a:43:
94:8c:eb:ca:86:6f:00:98:a3:85:b6:73:18:0d:fb:3b:60:5c:
71:a5:33:61:fd:7a:8b:ab:a1:54:f6:2a:63:7f:b1:93:e8:53:
8c:8b:12:23:d2:62:ce:fb:03:b9:7f:56:a6:43:6f:7b:25:42:
22:b8:83:22:4e:d3:3f:c8:92:5e:6c:9f:41:b3:74:14:6c:38:
a2:75:b5:5e:80:2f:fa:80:09:b9:6e:17:4b:60:d6:06:6b:81:
e5:df:ab:2a:0e:c5:71:0c:fe:5b:70:bd:8f:de:8c:96:93:61:
1e:d7:0a:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkstczxdKoecYpC0dMOHfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWYwMzk0OWU2NjFlMjRiZTBmMWUwOGM2NGRhZDA1ZTMx
YzRlYWYwHhcNMjUwMTAyMDE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdkZTczNjA4OWUyNzYyNDg5ZDIzYWE0ZTRhYTc1YjgwNTIyOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRkzWZBT+kdBNfyxe5wW8KN7dEe1
bga7b+DHhg+QvjmqYoebkVWN/lFaxd3y1cG+C2Hqpv8FEW3nk8s74P6XjuH7+JMs
3aNAi0gdHDHSKui6G9fKO9jN8FTySQEJq7ptTCtQYVCZxVrbCRDEnWHe3y6j5Wx1
IVEacrb9+mv9SzgS1jMpbzbHXWxmrJXHKV5Y+ujiFZzTCXsdhZKfYEC+hyT2xmuN
Fu9FCH4C0ozH/I6VjBAdkqsOCn5iuC8fP2lyQ0Fy1pgybnChUoPCpIsgXxrERdFg
GYzrJcl5P0AUSzwxpItTmpWuz1FgCfiDufBgbFoDBswNPFRW6BnMF2KaxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKF95zYInidiSJ0jqk5Kp1uAUiilMB8GA1UdIwQY
MBaAFMNfA5SeZh4kvg8eCMZNrQXjHE6vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE4RGxKNW1IaVMtRHg0SXhrMnRCZU1jVHE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yODlmYzItZjI3OC00ZjY2LWI4ZWMt
Yzc0M2NiNmQyZmMzLzEvb1gzbk5naWVKMkpJblNPcVRrcW5XNEJTS0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yODlmYzItZjI3OC00ZjY2LWI4ZWMtYzc0M2NiNmQyZmMz
LzEvdzE4RGxKNW1IaVMtRHg0SXhrMnRCZU1jVHE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALijLAwQA
LijNMA0GCSqGSIb3DQEBCwUAA4IBAQAojhehnxukB+humFhim4LYbnz8jWN9rS2d
oxKiCW/zvc+ElBt9SPhTZxm0G6oMMq/vzgmoNNLEzDxLxu1AIyVqhaMxJ1pw74nV
lFR/zKCz5j0WnEkIpx6MgL6O8jcRBeu3h52doMHKT1byoomMAvILnLi4/YFZSJ2L
Z57Dh/mQ7dGXmgS2TNDB1Wu8D0G2ikOUjOvKhm8AmKOFtnMYDfs7YFxxpTNh/XqL
q6FU9ipjf7GT6FOMixIj0mLO+wO5f1amQ297JUIiuIMiTtM/yJJebJ9Bs3QUbDii
dbVegC/6gAm5bhdLYNYGa4Hl36sqDsVxDP5bcL2P3oyWk2Ee1wr3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:31 2025 by rpki-client