Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/RigxE8CkNVH4KlaPlwQNra2xaCI.roa
File: RigxE8CkNVH4KlaPlwQNra2xaCI.roa (raw, json)
Hash identifier: kb9oL+5E3TBU4Y3tK0vOv3TZyWxxjndNtV2AaTLhZUs=
Subject key identifier: 46:28:31:13:C0:A4:35:51:F8:2A:56:8F:97:04:0D:AD:AD:B1:68:22
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 0194F9478A48D8CBF49AE818C2EA75D3904A
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/RigxE8CkNVH4KlaPlwQNra2xaCI.roa
Signing time: Wed 12 Feb 2025 08:30:02 +0000
ROA not before: Wed 12 Feb 2025 08:30:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48407
IP address blocks: 81.90.16.0/20 maxlen: 20
81.90.18.0/24 maxlen: 24
81.90.19.0/24 maxlen: 24
81.90.31.0/24 maxlen: 24
93.94.50.0/24 maxlen: 24
93.94.53.0/24 maxlen: 24
93.94.55.0/24 maxlen: 24
2a00:8b20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:47:8a:48:d8:cb:f4:9a:e8:18:c2:ea:75:d3:90:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Feb 12 08:30:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46283113c0a43551f82a568f97040dadadb16822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:04:66:63:49:32:af:2a:df:fd:c8:b3:11:
c9:0d:ae:79:32:b3:43:cf:4d:f1:e4:f5:0e:7a:7e:
bf:22:f9:fd:7b:35:d1:9f:93:76:5b:6d:1d:8e:20:
8e:27:c8:a5:ee:7f:d7:10:2b:38:f8:e3:08:d8:63:
b8:d7:10:78:7c:e3:f3:7c:68:8f:91:11:a5:1c:a3:
b9:ae:2a:26:57:f7:99:16:df:1d:6e:1e:2f:0e:25:
82:6a:cd:85:7b:99:a8:b3:3c:c0:e7:d1:18:9c:b3:
cb:7e:91:a6:f4:4c:e9:92:80:03:c1:5c:34:34:3f:
fb:c5:9a:a5:47:d5:9a:d8:6d:76:79:1b:90:6b:75:
af:29:ed:b6:1e:06:61:d4:20:8d:b8:0f:a4:14:5c:
43:2f:86:74:42:f5:20:36:58:fa:f1:8e:4e:04:44:
db:bf:96:2e:b1:80:08:6d:de:5f:c4:73:f0:e1:39:
d2:a1:d0:9c:83:aa:cc:4a:4f:45:ce:e6:03:59:18:
f5:67:4a:f9:28:0c:b6:1e:20:d0:dc:b7:ec:dc:54:
df:a6:ea:57:12:43:ab:ac:b9:f1:f9:31:14:cd:5a:
67:b4:83:9c:6a:95:18:7e:7d:b1:bd:5e:ce:9e:72:
48:7b:63:fa:a9:90:91:3e:94:e8:ba:66:64:54:88:
98:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:28:31:13:C0:A4:35:51:F8:2A:56:8F:97:04:0D:AD:AD:B1:68:22
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/RigxE8CkNVH4KlaPlwQNra2xaCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.16.0/20
93.94.50.0/24
93.94.53.0/24
93.94.55.0/24
IPv6:
2a00:8b20::/32
Signature Algorithm: sha256WithRSAEncryption
aa:7f:78:0c:12:0a:e7:f9:95:db:a9:b3:58:3f:5d:50:bd:ab:
c5:e7:5c:81:b5:38:12:32:f4:7c:05:fc:ac:d7:82:b0:e0:2a:
d1:8e:ad:75:3e:2a:e1:8a:d0:fc:4b:90:73:4f:cb:a3:c5:f4:
53:71:9e:12:97:99:44:d6:75:fe:c2:39:c0:d9:25:cd:9e:1d:
da:12:9a:74:3e:76:1e:b9:cd:bb:71:31:9d:f0:2d:19:4f:32:
99:45:a2:a0:38:df:1f:65:92:d9:7e:d0:d2:17:ee:7f:38:13:
6c:e6:ea:e2:ef:d5:4d:83:12:77:24:3e:79:bc:aa:44:e6:a1:
15:1f:71:a1:a7:1a:58:7c:82:d5:9b:6c:7d:a9:3c:b6:a0:e3:
70:0a:4a:1b:1b:c3:7b:1c:62:16:9e:65:94:ea:30:03:9a:c9:
a8:fb:49:d9:62:45:89:4a:c3:91:7e:02:79:14:86:8a:c6:c4:
84:bf:38:16:cf:c6:42:5a:3d:51:88:64:d2:3d:0e:a9:b7:8a:
ba:f2:aa:c8:7c:99:1a:d7:49:fe:81:13:39:a6:dd:8e:49:69:
82:64:f6:b2:0b:a1:8a:6c:24:bd:15:2b:52:ae:54:c5:f1:1c:
4b:7e:88:96:62:a9:7a:85:75:9e:3b:8e:d2:e0:41:92:bb:86:
99:a7:20:aa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZT5R4pI2Mv0mugYwup105BKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwMjEyMDgzMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI4MzExM2MwYTQzNTUxZjgyYTU2OGY5NzA0MGRhZGFkYjE2ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuUEZmNJMq8q3/3IsxHJDa55MrND
z03x5PUOen6/Ivn9ezXRn5N2W20djiCOJ8il7n/XECs4+OMI2GO41xB4fOPzfGiP
kRGlHKO5riomV/eZFt8dbh4vDiWCas2Fe5moszzA59EYnLPLfpGm9EzpkoADwVw0
ND/7xZqlR9Wa2G12eRuQa3WvKe22HgZh1CCNuA+kFFxDL4Z0QvUgNlj68Y5OBETb
v5YusYAIbd5fxHPw4TnSodCcg6rMSk9FzuYDWRj1Z0r5KAy2HiDQ3Lfs3FTfpupX
EkOrrLnx+TEUzVpntIOcapUYfn2xvV7OnnJIe2P6qZCRPpToumZkVIiYiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEYoMRPApDVR+CpWj5cEDa2tsWgiMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvUmlneEU4Q2tOVkg0S2xhUGx3UU5yYTJ4YUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUVoQAwQA
XV4yAwQAXV41AwQAXV43MA0EAgACMAcDBQAqAIsgMA0GCSqGSIb3DQEBCwUAA4IB
AQCqf3gMEgrn+ZXbqbNYP11QvavF51yBtTgSMvR8Bfys14Kw4CrRjq11PirhitD8
S5BzT8ujxfRTcZ4Sl5lE1nX+wjnA2SXNnh3aEpp0PnYeuc27cTGd8C0ZTzKZRaKg
ON8fZZLZftDSF+5/OBNs5uri79VNgxJ3JD55vKpE5qEVH3GhpxpYfILVm2x9qTy2
oONwCkobG8N7HGIWnmWU6jADmsmo+0nZYkWJSsORfgJ5FIaKxsSEvzgWz8ZCWj1R
iGTSPQ6pt4q68qrIfJka10n+gRM5pt2OSWmCZPayC6GKbCS9FStSrlTF8RxLfoiW
Yql6hXWeO47S4EGSu4aZpyCq
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:44:55 2025 by rpki-client