Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/AUgXKhms5sel_c-ikTQEBeiAHIk.roa
File: AUgXKhms5sel_c-ikTQEBeiAHIk.roa (raw, json)
Hash identifier: nkhniPrHRdiqlVaDZb6XiBwOlDSdmietDMUaVI90HtM=
Subject key identifier: 01:48:17:2A:19:AC:E6:C7:A5:FD:CF:A2:91:34:04:05:E8:80:1C:89
Certificate issuer: /CN=46cfc41a419a7bbd6d8e8c4ee685595b6a40b9f1
Certificate serial: 019422FBBA5B3CE32CB0423269A0A3FD62CC
Authority key identifier: 46:CF:C4:1A:41:9A:7B:BD:6D:8E:8C:4E:E6:85:59:5B:6A:40:B9:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/AUgXKhms5sel_c-ikTQEBeiAHIk.roa
Signing time: Wed 01 Jan 2025 17:48:30 +0000
ROA not before: Wed 01 Jan 2025 17:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9044
IP address blocks: 82.220.0.0/16 maxlen: 18
185.252.240.0/22 maxlen: 23
194.124.208.0/24 maxlen: 24
212.41.64.0/18 maxlen: 19
212.101.0.0/19 maxlen: 20
2001:1680::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ba:5b:3c:e3:2c:b0:42:32:69:a0:a3:fd:62:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46cfc41a419a7bbd6d8e8c4ee685595b6a40b9f1
Validity
Not Before: Jan 1 17:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0148172a19ace6c7a5fdcfa291340405e8801c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:45:b0:41:13:ac:14:7d:fd:68:98:4c:fe:cc:
7e:96:68:79:f6:b7:23:18:cb:0a:fb:3b:5c:39:e1:
e2:9b:74:52:27:7a:91:22:d4:3f:6a:eb:fa:9d:e2:
02:47:4f:46:bb:a3:2d:85:cc:83:3f:5a:ba:a8:cc:
ca:b0:9d:03:3b:73:95:f5:87:51:69:e5:a3:b3:6d:
48:5e:0f:4d:24:7b:c7:1c:cc:1e:a3:d5:23:c4:83:
c6:fb:b5:63:01:fb:e7:98:d1:fd:84:2b:5e:2f:eb:
19:df:07:3d:77:40:72:f5:03:8b:86:1f:1c:ce:2c:
e7:fc:d5:f4:c8:2e:38:78:15:57:46:81:aa:ed:a7:
d7:01:19:57:b2:f2:c4:7c:33:12:a7:b2:ca:59:31:
d3:84:4c:20:42:c9:28:98:fc:68:b2:62:4b:17:53:
41:96:60:54:8f:7c:39:1b:36:e0:c4:2b:6e:b8:4b:
d8:dd:ec:20:ec:f8:b5:9a:59:8a:7b:c7:47:2b:a1:
c8:1c:a5:2f:de:d7:35:d2:52:7e:57:ec:0e:a6:d1:
0a:ae:97:93:71:1c:16:50:e0:77:02:bd:1e:c0:aa:
bd:24:ed:e9:f7:03:18:b4:65:90:e1:4f:4c:6d:33:
ba:24:9b:4b:b1:8d:76:a3:35:3e:09:d3:c6:71:e9:
f6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:48:17:2A:19:AC:E6:C7:A5:FD:CF:A2:91:34:04:05:E8:80:1C:89
X509v3 Authority Key Identifier:
keyid:46:CF:C4:1A:41:9A:7B:BD:6D:8E:8C:4E:E6:85:59:5B:6A:40:B9:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/AUgXKhms5sel_c-ikTQEBeiAHIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.220.0.0/16
185.252.240.0/22
194.124.208.0/24
212.41.64.0/18
212.101.0.0/19
IPv6:
2001:1680::/29
Signature Algorithm: sha256WithRSAEncryption
29:e7:c0:95:c1:c9:a8:f1:41:22:53:b2:26:27:d8:b3:a5:ee:
da:0e:0b:80:cd:1a:af:28:66:60:df:fe:e9:db:57:f0:b9:f9:
ef:1d:25:b4:d7:82:a5:c9:06:8a:7f:d2:7c:14:8a:75:0a:8e:
80:81:84:f9:c7:93:49:a4:c3:21:47:51:78:af:ab:94:91:0c:
21:08:a2:8d:22:a1:b2:6a:ba:70:72:7d:57:85:a7:35:62:bd:
98:1e:d2:8a:61:25:d3:f7:b0:49:36:bb:14:5a:e5:ca:41:a3:
4d:bf:f9:94:d3:74:f6:42:f6:c3:83:ea:95:18:ac:66:af:36:
07:16:0b:35:9a:60:6b:b9:25:db:e0:ca:22:2a:2d:d3:a4:2b:
a0:68:d4:19:76:c8:ec:3d:7a:36:ba:c1:14:9b:c1:89:31:11:
c6:c2:ab:b4:cf:f8:72:0b:e7:98:72:f8:fc:61:8d:56:c1:72:
06:ee:b0:7d:d2:d4:6f:31:4b:d8:77:19:63:eb:96:65:d7:0c:
b4:33:ed:78:2a:5d:7e:91:e0:a9:cf:f3:59:78:2e:8e:e5:00:
ef:a1:8e:3e:e9:91:e4:81:a6:b7:9a:a4:22:a3:85:7c:9b:16:
ab:33:4c:c3:ad:a1:28:92:ad:21:55:d8:d8:fe:63:e4:81:cf:
b1:b9:03:2a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQi+7pbPOMssEIyaaCj/WLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2ZjNDFhNDE5YTdiYmQ2ZDhlOGM0ZWU2ODU1OTViNmE0
MGI5ZjEwHhcNMjUwMTAxMTc0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQ4MTcyYTE5YWNlNmM3YTVmZGNmYTI5MTM0MDQwNWU4ODAxYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUWwQROsFH39aJhM/sx+lmh59rcj
GMsK+ztcOeHim3RSJ3qRItQ/auv6neICR09Gu6MthcyDP1q6qMzKsJ0DO3OV9YdR
aeWjs21IXg9NJHvHHMweo9UjxIPG+7VjAfvnmNH9hCteL+sZ3wc9d0By9QOLhh8c
zizn/NX0yC44eBVXRoGq7afXARlXsvLEfDMSp7LKWTHThEwgQskomPxosmJLF1NB
lmBUj3w5GzbgxCtuuEvY3ewg7Pi1mlmKe8dHK6HIHKUv3tc10lJ+V+wOptEKrpeT
cRwWUOB3Ar0ewKq9JO3p9wMYtGWQ4U9MbTO6JJtLsY12ozU+CdPGcen2AQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAFIFyoZrObHpf3PopE0BAXogByJMB8GA1UdIwQY
MBaAFEbPxBpBmnu9bY6MTuaFWVtqQLnxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNfRUdrR2FlNzF0am94TzVvVlpXMnBBdWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yYzIzN2EtOGJiYy00OWMzLWFkZWEt
Y2MzMzc2ZWY3MzAwLzEvQVVnWEtobXM1c2VsX2MtaWtUUUVCZWlBSElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yYzIzN2EtOGJiYy00OWMzLWFkZWEtY2MzMzc2ZWY3MzAw
LzEvUnNfRUdrR2FlNzF0am94TzVvVlpXMnBBdWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAUtwDBAK5
/PADBADCfNADBAbUKUADBAXUZQAwDQQCAAIwBwMFAyABFoAwDQYJKoZIhvcNAQEL
BQADggEBACnnwJXByajxQSJTsiYn2LOl7toOC4DNGq8oZmDf/unbV/C5+e8dJbTX
gqXJBop/0nwUinUKjoCBhPnHk0mkwyFHUXivq5SRDCEIoo0iobJqunByfVeFpzVi
vZge0ophJdP3sEk2uxRa5cpBo02/+ZTTdPZC9sOD6pUYrGavNgcWCzWaYGu5Jdvg
yiIqLdOkK6Bo1Bl2yOw9eja6wRSbwYkxEcbCq7TP+HIL55hy+PxhjVbBcgbusH3S
1G8xS9h3GWPrlmXXDLQz7XgqXX6R4KnP81l4Lo7lAO+hjj7pkeSBpreapCKjhXyb
FqszTMOtoSiSrSFV2Nj+Y+SBz7G5Ayo=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:59:49 2025 by rpki-client