Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/rbnSXDC1FbZAz-eMU6Dmiy0DDjc.roa
File: rbnSXDC1FbZAz-eMU6Dmiy0DDjc.roa (raw, json)
Hash identifier: qp2cmXz5RMsnMSGFRPXZhlI3ljzK4bX/LVxBov0f/IY=
Subject key identifier: AD:B9:D2:5C:30:B5:15:B6:40:CF:E7:8C:53:A0:E6:8B:2D:03:0E:37
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 01969017A31D693F5F5B5B32DD5F1723376A
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/rbnSXDC1FbZAz-eMU6Dmiy0DDjc.roa
Signing time: Fri 02 May 2025 08:23:10 +0000
ROA not before: Fri 02 May 2025 08:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.41.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.mft
rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:17:a3:1d:69:3f:5f:5b:5b:32:dd:5f:17:23:37:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: May 2 08:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adb9d25c30b515b640cfe78c53a0e68b2d030e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:85:c7:6d:d2:f2:75:2a:c9:04:57:6c:77:ba:
3b:00:eb:9b:06:d9:d7:0f:e9:c2:24:f7:c4:86:bb:
53:89:96:68:05:c0:be:1f:94:e8:e5:9b:71:cc:f1:
0b:29:e6:d7:2e:4b:a8:ae:a1:0f:44:49:8d:35:9c:
58:3b:d8:40:e4:98:ec:a2:38:99:9a:40:ad:54:d9:
d1:30:02:ea:95:f9:cf:54:4e:de:15:98:99:70:16:
cc:e0:a6:85:d6:51:0a:75:68:44:df:02:77:82:1b:
10:0c:93:b7:48:bf:ff:db:7a:ec:13:f3:12:3e:92:
ce:9e:88:47:3f:41:af:3c:71:58:93:3b:58:e1:27:
6e:5a:d2:33:63:44:61:e3:a3:e0:31:7f:0c:d2:d6:
9d:99:bd:85:45:36:a1:ca:6c:58:66:2c:9a:23:3a:
cd:99:85:46:d3:94:73:3b:fc:f2:eb:1b:a1:df:c2:
84:c0:f4:e8:ad:69:cc:75:1b:f0:1b:cd:f4:2a:c4:
55:a4:7e:29:84:a9:53:67:f0:1d:2b:31:c3:b4:87:
3a:d0:08:fc:a2:ce:bb:fb:08:09:18:35:88:0b:04:
ad:d4:68:b0:64:84:a0:82:fc:74:d2:9d:dd:34:10:
73:7b:a0:e2:2f:c4:0e:6a:43:96:66:b2:34:37:2a:
c5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B9:D2:5C:30:B5:15:B6:40:CF:E7:8C:53:A0:E6:8B:2D:03:0E:37
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/rbnSXDC1FbZAz-eMU6Dmiy0DDjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/23
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
65:fe:82:6f:cf:eb:a1:e0:7f:3e:57:2b:b4:11:4b:50:4a:43:
1d:79:9c:20:6c:86:85:57:18:6d:ed:92:c7:c8:b6:9b:ad:88:
fc:3a:8d:64:d4:58:6a:0d:bc:6c:08:92:58:83:56:f4:65:a3:
ab:78:07:79:9d:d2:ab:73:a5:96:5d:07:5a:90:1b:65:f0:c6:
d9:35:0e:a7:26:9a:fd:8a:0e:bf:84:d8:c0:ec:52:45:f1:28:
9a:79:20:e9:31:20:c7:9e:7d:15:99:bc:93:fe:52:68:7a:0f:
93:bb:39:37:75:81:9e:6b:a1:1e:37:b2:75:c6:f7:ac:a2:a3:
d7:b1:4f:5d:93:47:03:e3:cc:da:bc:20:60:0a:8b:ce:53:b1:
f6:48:1f:cb:1c:41:5c:9b:d8:13:c5:3e:1e:d1:1d:4f:8a:fd:
f9:cb:40:23:05:46:03:d1:76:1f:cf:d5:c7:a3:51:96:27:ff:
a4:68:7c:d2:a2:14:fa:8f:e8:f3:bd:bd:e0:2f:55:4e:fe:bf:
d3:20:6e:0e:fa:6e:a2:ac:c3:c8:39:6b:d4:0a:84:20:e3:53:
d5:ca:15:7b:ba:44:98:4c:72:58:8e:5b:4a:91:bb:6c:f8:a2:
90:a6:e1:4e:15:d5:ff:20:49:18:3a:c8:0d:a9:ba:7d:ef:7d:
fd:3f:1f:b2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZaQF6MdaT9fW1sy3V8XIzdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjUwNTAyMDgyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGI5ZDI1YzMwYjUxNWI2NDBjZmU3OGM1M2EwZTY4YjJkMDMwZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYXHbdLydSrJBFdsd7o7AOubBtnX
D+nCJPfEhrtTiZZoBcC+H5To5ZtxzPELKebXLkuorqEPREmNNZxYO9hA5JjsojiZ
mkCtVNnRMALqlfnPVE7eFZiZcBbM4KaF1lEKdWhE3wJ3ghsQDJO3SL//23rsE/MS
PpLOnohHP0GvPHFYkztY4SduWtIzY0Rh46PgMX8M0tadmb2FRTahymxYZiyaIzrN
mYVG05RzO/zy6xuh38KEwPTorWnMdRvwG830KsRVpH4phKlTZ/AdKzHDtIc60Aj8
os67+wgJGDWICwSt1GiwZISggvx00p3dNBBze6DiL8QOakOWZrI0NyrFoQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK250lwwtRW2QM/njFOg5ostAw43MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvcmJuU1hEQzFGYlpBei1lTVU2RG1peTBERGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAEuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAGX+gm/P66Hgfz5X
K7QRS1BKQx15nCBshoVXGG3tksfItputiPw6jWTUWGoNvGwIkliDVvRlo6t4B3md
0qtzpZZdB1qQG2Xwxtk1Dqcmmv2KDr+E2MDsUkXxKJp5IOkxIMeefRWZvJP+Umh6
D5O7OTd1gZ5roR43snXG96yio9exT12TRwPjzNq8IGAKi85TsfZIH8scQVyb2BPF
Ph7RHU+K/fnLQCMFRgPRdh/P1cejUZYn/6RofNKiFPqP6PO9veAvVU7+v9Mgbg76
bqKsw8g5a9QKhCDjU9XKFXu6RJhMcliOW0qRu2z4opCm4U4V1f8gSRg6yA2pun3v
ff0/H7I=
-----END CERTIFICATE-----
Generated at Sat May 10 16:34:02 2025 by rpki-client