Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/_nUioJBQYiP_fVr8BJqtm1b4PRs.roa
File: _nUioJBQYiP_fVr8BJqtm1b4PRs.roa (raw, json)
Hash identifier: 8TwcjLFByQyQOwz+CZFr+OHfzp46TUFKqsAmkEkj8SM=
Subject key identifier: FE:75:22:A0:90:50:62:23:FF:7D:5A:FC:04:9A:AD:9B:56:F8:3D:1B
Certificate issuer: /CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Certificate serial: 0194214413BC71EB91D3E05DE0DEF2BE2975
Authority key identifier: F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/_nUioJBQYiP_fVr8BJqtm1b4PRs.roa
Signing time: Wed 01 Jan 2025 09:48:17 +0000
ROA not before: Wed 01 Jan 2025 09:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12670
IP address blocks: 46.218.0.0/18 maxlen: 18
46.218.64.0/18 maxlen: 18
77.104.0.0/18 maxlen: 18
82.101.0.0/18 maxlen: 18
83.145.64.0/18 maxlen: 18
89.224.0.0/14 maxlen: 14
89.224.0.0/16 maxlen: 16
89.225.192.0/18 maxlen: 18
89.227.192.0/18 maxlen: 18
92.102.0.0/15 maxlen: 15
92.102.0.0/16 maxlen: 16
92.103.0.0/16 maxlen: 16
92.103.0.0/18 maxlen: 18
92.103.64.0/18 maxlen: 18
185.204.172.0/22 maxlen: 22
212.99.0.0/17 maxlen: 17
212.103.0.0/19 maxlen: 19
213.30.128.0/18 maxlen: 18
213.244.0.0/19 maxlen: 19
217.66.112.0/20 maxlen: 20
2a02:e000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:13:bc:71:eb:91:d3:e0:5d:e0:de:f2:be:29:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Validity
Not Before: Jan 1 09:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe7522a090506223ff7d5afc049aad9b56f83d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:f6:d9:82:46:c4:88:c5:86:38:ab:a8:f5:
3f:3f:78:9c:14:e4:67:40:4b:09:2a:bb:59:c5:93:
c2:b4:58:bd:b0:ac:2f:82:f8:85:36:24:1e:8a:9d:
ae:86:f2:89:2d:ca:1c:ca:16:cc:6b:21:fb:47:b9:
a3:36:6d:ce:57:6a:03:22:34:3c:9f:bb:54:5a:bd:
4c:ff:fb:4d:1f:28:d7:9f:d0:21:0c:af:4b:fe:fa:
ea:33:34:49:ec:65:7a:fe:aa:78:ba:8a:2f:c0:3a:
4e:0a:a3:7a:6f:5f:eb:01:54:d0:88:b1:06:c2:f8:
f2:89:f6:2c:aa:5f:4f:7a:b0:69:c4:78:8f:43:06:
30:44:86:78:27:84:6f:d1:cd:20:ac:f1:e7:8a:a2:
28:77:bf:58:95:ac:27:a8:87:97:ff:3b:77:96:26:
33:e0:68:10:1b:ad:50:3d:70:13:26:92:2c:12:86:
74:29:a2:43:08:38:32:17:34:cd:b3:38:25:47:e5:
25:f2:76:96:c5:f8:ce:ac:cf:84:1d:5a:a7:93:3b:
77:8f:90:57:64:2d:6b:ac:57:1c:46:35:f5:1f:57:
c1:b0:66:be:78:5c:59:11:c3:8c:71:7d:5a:d6:1a:
0e:fe:41:c5:2a:4d:43:92:1e:50:5f:9b:d5:99:69:
ce:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:75:22:A0:90:50:62:23:FF:7D:5A:FC:04:9A:AD:9B:56:F8:3D:1B
X509v3 Authority Key Identifier:
keyid:F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/_nUioJBQYiP_fVr8BJqtm1b4PRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.218.0.0/17
77.104.0.0/18
82.101.0.0/18
83.145.64.0/18
89.224.0.0/14
92.102.0.0/15
185.204.172.0/22
212.99.0.0/17
212.103.0.0/19
213.30.128.0/18
213.244.0.0/19
217.66.112.0/20
IPv6:
2a02:e000::/29
Signature Algorithm: sha256WithRSAEncryption
12:4a:d9:09:1b:01:a6:c8:10:ac:06:d9:a6:3c:2e:e2:f9:b2:
c1:b2:0d:25:41:c5:90:c8:6d:27:76:d7:aa:7f:74:87:8f:fa:
44:94:59:9c:00:d0:17:28:f2:17:bc:f5:5e:46:4e:9f:3d:37:
f8:21:f3:27:2e:5d:30:7f:17:f2:53:4e:4b:f5:e8:bb:1d:3f:
b2:31:ba:49:46:3b:a7:49:7b:71:0a:a8:e0:e2:84:76:08:fa:
6b:00:63:21:81:21:12:32:ab:a8:6e:7c:5d:d3:60:f3:ec:55:
0c:97:be:5e:29:0e:76:75:33:de:08:11:7e:80:5b:46:f6:8b:
db:e9:63:66:51:e9:54:61:a3:18:74:45:b1:34:89:17:e7:a9:
32:9c:55:46:e3:fa:c6:72:61:8a:bb:01:38:a3:d4:d6:b7:ca:
3d:2e:93:69:02:7a:14:cc:da:ee:ba:e5:64:af:f4:92:30:ad:
97:44:0d:ba:49:8d:f2:c7:25:a7:13:5e:65:1c:c5:85:01:5f:
db:b7:17:2f:e8:f9:13:ed:43:c0:3c:9d:39:1e:7d:89:a8:67:
3b:b4:b7:5e:ac:69:24:2d:5c:13:f2:86:6a:df:e1:a0:ab:a9:
f5:39:a8:6a:be:40:fe:ba:50:e5:16:e9:26:d8:dd:c5:1b:42:
e7:65:a9:c5
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZQhRBO8ceuR0+Bd4N7yvil1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTI4MTBmNDliMzZmZGQ2NDFjMzI2YmQxZGU0ZTQyZDEy
OGIwNDYwHhcNMjUwMTAxMDk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTc1MjJhMDkwNTA2MjIzZmY3ZDVhZmMwNDlhYWQ5YjU2ZjgzZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqan22YJGxIjFhjirqPU/P3icFORn
QEsJKrtZxZPCtFi9sKwvgviFNiQeip2uhvKJLcocyhbMayH7R7mjNm3OV2oDIjQ8
n7tUWr1M//tNHyjXn9AhDK9L/vrqMzRJ7GV6/qp4uoovwDpOCqN6b1/rAVTQiLEG
wvjyifYsql9PerBpxHiPQwYwRIZ4J4Rv0c0grPHniqIod79YlawnqIeX/zt3liYz
4GgQG61QPXATJpIsEoZ0KaJDCDgyFzTNszglR+Ul8naWxfjOrM+EHVqnkzt3j5BX
ZC1rrFccRjX1H1fBsGa+eFxZEcOMcX1a1hoO/kHFKk1Dkh5QX5vVmWnOEwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFP51IqCQUGIj/31a/ASarZtW+D0bMB8GA1UdIwQY
MBaAFPLigQ9Js2/dZBwya9HeTkLRKLBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAt
NTBkMmI3MGJjZjMxLzEvX25VaW9KQlFZaVBfZlZyOEJKcXRtMWI0UFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAtNTBkMmI3MGJjZjMx
LzEvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGAwQHLtoAAwQG
TWgAAwQGUmUAAwQGU5FAAwMCWeADAwFcZgMEArnMrAMEB9RjAAMEBdRnAAMEBtUe
gAMEBdX0AAMEBNlCcDANBAIAAjAHAwUDKgLgADANBgkqhkiG9w0BAQsFAAOCAQEA
EkrZCRsBpsgQrAbZpjwu4vmywbINJUHFkMhtJ3bXqn90h4/6RJRZnADQFyjyF7z1
XkZOnz03+CHzJy5dMH8X8lNOS/Xoux0/sjG6SUY7p0l7cQqo4OKEdgj6awBjIYEh
EjKrqG58XdNg8+xVDJe+XikOdnUz3ggRfoBbRvaL2+ljZlHpVGGjGHRFsTSJF+ep
MpxVRuP6xnJhirsBOKPU1rfKPS6TaQJ6FMza7rrlZK/0kjCtl0QNukmN8sclpxNe
ZRzFhQFf27cXL+j5E+1DwDydOR59iahnO7S3XqxpJC1cE/KGat/hoKup9Tmoar5A
/rpQ5RbpJtjdxRtC52WpxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:51:06 2025 by rpki-client