Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/RrIUgGzA_6uRGMIHp97XatRgZIk.roa
File: RrIUgGzA_6uRGMIHp97XatRgZIk.roa (raw, json)
Hash identifier: 3NT/lPqavpni/vGyQU257tSAfic3v6CA2/+wCtzuUCs=
Subject key identifier: 46:B2:14:80:6C:C0:FF:AB:91:18:C2:07:A7:DE:D7:6A:D4:60:64:89
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 0196B3D9FF7A6A3E3A068F410746AC960EDB
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/RrIUgGzA_6uRGMIHp97XatRgZIk.roa
Signing time: Fri 09 May 2025 07:02:10 +0000
ROA not before: Fri 09 May 2025 07:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21069
IP address blocks: 46.231.200.0/21 maxlen: 24
80.74.128.0/20 maxlen: 24
80.74.144.0/20 maxlen: 24
81.173.82.0/23 maxlen: 24
81.173.84.0/22 maxlen: 24
94.126.16.0/21 maxlen: 24
185.46.56.0/22 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:d9:ff:7a:6a:3e:3a:06:8f:41:07:46:ac:96:0e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: May 9 07:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46b214806cc0ffab9118c207a7ded76ad4606489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:59:ba:de:c9:9d:23:3d:0e:64:51:35:90:
8f:db:8b:19:61:c4:76:d1:df:f0:5e:e4:ec:0e:cf:
84:9e:aa:5b:55:a4:16:fc:06:4d:e7:01:76:51:18:
c3:ba:89:b7:03:e7:1a:e7:78:34:fd:ac:55:f3:e0:
ae:2a:26:c3:d4:16:f0:f1:fe:18:23:a6:c7:65:d3:
aa:78:1c:d4:4c:09:d7:7a:44:bb:ea:9c:cf:38:c9:
68:24:83:44:e1:01:93:b5:ed:b0:93:73:14:59:0b:
81:4b:04:fa:4b:40:46:b7:c3:97:ed:c9:eb:47:dd:
c6:0f:41:6e:f7:d0:50:13:1d:c4:f5:fe:0f:e0:8b:
0a:9e:16:34:e0:9c:c6:5c:8a:4d:50:2d:7a:ac:a1:
ac:01:dc:4c:2a:91:54:20:e8:bf:d1:1b:34:ab:04:
ab:af:3d:9f:fa:30:33:fb:33:c4:0c:65:b0:56:2f:
06:db:8e:fb:47:a3:05:5f:4e:c6:ed:91:60:f9:6a:
86:b3:06:6f:d5:c0:53:99:b6:3f:96:a6:2d:4b:22:
47:7c:b1:6a:62:be:c1:a4:3b:d1:46:32:09:5d:f7:
aa:a4:08:0a:ee:ab:0e:81:3f:24:c3:0d:89:bb:42:
2b:71:d6:83:65:d4:7e:b1:50:e4:9d:9b:15:d6:20:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B2:14:80:6C:C0:FF:AB:91:18:C2:07:A7:DE:D7:6A:D4:60:64:89
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/RrIUgGzA_6uRGMIHp97XatRgZIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.200.0/21
80.74.128.0/19
81.173.82.0-81.173.87.255
94.126.16.0/21
185.46.56.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
1b:97:51:ea:35:2b:48:c4:aa:82:58:47:45:09:99:74:e5:01:
ac:bb:04:81:38:29:12:16:db:f0:39:4f:25:16:48:57:8a:03:
60:b3:4e:5c:14:9c:33:26:52:e4:08:a9:8f:c6:4b:54:70:fe:
51:3c:fd:b8:38:9d:10:ae:80:12:ce:37:50:8f:f5:b1:c1:99:
13:e2:3b:a5:bb:19:98:bf:b6:5a:ab:20:bc:12:da:78:33:a3:
2e:56:e6:22:81:dd:d9:ce:29:0e:73:a0:68:49:cf:41:bd:fb:
47:79:b3:29:27:82:37:cf:0b:03:39:0e:40:09:be:60:3d:0c:
72:59:b9:c3:83:b4:30:e4:a4:21:59:21:c6:d6:1d:27:95:35:
22:a2:1c:7e:89:03:90:17:fa:25:ab:55:6f:c4:83:2d:ff:0a:
82:75:da:20:0b:0c:a3:15:0f:47:4c:f5:fc:c7:34:97:89:65:
31:65:94:88:73:ae:2f:32:34:90:e9:61:df:3d:de:59:a9:ba:
36:16:ae:d7:8d:f5:08:ae:57:cd:94:ff:31:6e:22:dd:6a:37:
f7:ce:5c:dd:c7:0d:05:26:fe:21:83:96:00:79:59:bc:c9:fa:
55:75:78:a1:ca:7a:68:c8:ac:bc:e5:1d:15:10:09:79:f3:78:
1a:18:6f:7d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZaz2f96aj46Bo9BB0aslg7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjUwNTA5MDcwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmIyMTQ4MDZjYzBmZmFiOTExOGMyMDdhN2RlZDc2YWQ0NjA2NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q5Zut7JnSM9DmRRNZCP24sZYcR2
0d/wXuTsDs+EnqpbVaQW/AZN5wF2URjDuom3A+ca53g0/axV8+CuKibD1Bbw8f4Y
I6bHZdOqeBzUTAnXekS76pzPOMloJINE4QGTte2wk3MUWQuBSwT6S0BGt8OX7cnr
R93GD0Fu99BQEx3E9f4P4IsKnhY04JzGXIpNUC16rKGsAdxMKpFUIOi/0Rs0qwSr
rz2f+jAz+zPEDGWwVi8G2477R6MFX07G7ZFg+WqGswZv1cBTmbY/lqYtSyJHfLFq
Yr7BpDvRRjIJXfeqpAgK7qsOgT8kww2Ju0IrcdaDZdR+sVDknZsV1iBf9wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFEayFIBswP+rkRjCB6fe12rUYGSJMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvUnJJVWdHekFfNnVSR01JSHA5N1hhdFJnWklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDLufIAwQF
UEqAMAwDBAFRrVIDBANRrVADBANefhADBAK5LjgwDQQCAAIwBwMFACoAESgwDQYJ
KoZIhvcNAQELBQADggEBABuXUeo1K0jEqoJYR0UJmXTlAay7BIE4KRIW2/A5TyUW
SFeKA2CzTlwUnDMmUuQIqY/GS1Rw/lE8/bg4nRCugBLON1CP9bHBmRPiO6W7GZi/
tlqrILwS2ngzoy5W5iKB3dnOKQ5zoGhJz0G9+0d5sykngjfPCwM5DkAJvmA9DHJZ
ucODtDDkpCFZIcbWHSeVNSKiHH6JA5AX+iWrVW/Egy3/CoJ12iALDKMVD0dM9fzH
NJeJZTFllIhzri8yNJDpYd893lmpujYWrteN9QiuV82U/zFuIt1qN/fOXN3HDQUm
/iGDlgB5WbzJ+lV1eKHKemjIrLzlHRUQCXnzeBoYb30=
-----END CERTIFICATE-----
Generated at Tue May 13 05:41:03 2025 by rpki-client