Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3HtwkT95c4BvctrZZJ4dreWdYa0.roa
File: 3HtwkT95c4BvctrZZJ4dreWdYa0.roa (raw, json)
Hash identifier: 2Da4Bok2PXZylT9jV8MFmzVUScHtevU5HgdinS17zLI=
Subject key identifier: DC:7B:70:91:3F:79:73:80:6F:72:DA:D9:64:9E:1D:AD:E5:9D:61:AD
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0196A1D4A84B882217AD266E811BE8A53948
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3HtwkT95c4BvctrZZJ4dreWdYa0.roa
Signing time: Mon 05 May 2025 19:03:10 +0000
ROA not before: Mon 05 May 2025 19:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207569
IP address blocks: 46.243.1.0/24 maxlen: 24
46.243.4.0/24 maxlen: 24
46.243.6.0/24 maxlen: 24
185.37.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 10:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:d4:a8:4b:88:22:17:ad:26:6e:81:1b:e8:a5:39:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: May 5 19:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc7b70913f7973806f72dad9649e1dade59d61ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:31:4b:da:02:87:c2:c8:43:bb:a0:97:9a:7f:
e2:a8:4d:ce:5b:7d:1e:a6:e1:cb:69:e2:7a:cd:ae:
c4:be:c3:f3:82:73:b0:3a:d1:bf:85:24:4d:94:6c:
cc:41:37:96:f6:fb:1f:c2:4d:f2:8a:49:72:cd:5b:
2b:08:9e:47:16:63:56:3c:42:07:0f:1f:d9:fe:ea:
99:5a:39:52:82:bf:6f:95:6a:14:7d:d0:46:79:7a:
f7:62:46:d3:dd:3a:65:42:8f:a6:1e:73:c6:75:69:
ee:f0:58:f4:e1:50:24:f3:ea:61:7a:82:34:13:df:
e9:ca:de:a5:3f:33:5e:bd:01:a3:33:0c:2e:80:aa:
0a:63:24:eb:f2:2c:06:f9:c3:2e:79:5d:20:ec:83:
5f:f6:b0:35:6e:89:83:82:2c:c6:df:44:6e:4c:2b:
9c:c6:23:97:79:ae:86:d7:09:12:d1:9a:e0:6a:47:
cf:e9:6c:4a:36:e7:64:00:81:7a:0b:a9:8b:5d:9b:
51:9f:b2:1b:20:12:59:88:ff:54:74:4f:f9:c9:97:
fb:e7:33:51:59:e9:c8:ca:ac:f2:0f:51:2e:c0:46:
fd:db:1c:bd:ab:94:b2:2b:fa:a7:dd:f8:21:66:01:
6c:35:c6:04:fc:e0:07:82:07:18:94:82:9d:79:1d:
b5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:7B:70:91:3F:79:73:80:6F:72:DA:D9:64:9E:1D:AD:E5:9D:61:AD
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/3HtwkT95c4BvctrZZJ4dreWdYa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.1.0/24
46.243.4.0/24
46.243.6.0/24
185.37.193.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:cb:dd:c1:e3:c7:a2:69:1f:2f:9e:64:2e:28:7d:26:72:02:
bd:21:7a:08:f2:66:a6:5b:64:ca:11:5c:4f:af:f5:b9:a1:f5:
31:ca:42:25:d7:e9:74:e3:55:f3:68:bb:c9:ff:b0:cf:ec:7e:
5a:a1:67:94:31:d5:18:60:61:9a:a0:6a:2b:12:d9:15:8c:1e:
5e:42:f2:ca:c3:d3:48:e3:7b:ea:ce:e1:c6:7a:57:0b:1b:9c:
1a:83:57:0f:e0:4e:39:36:ad:cd:37:7f:fe:ce:f8:97:14:cb:
1b:53:28:c7:0e:95:2e:ec:67:31:17:81:06:fb:29:67:6b:cb:
53:d9:a1:c4:27:46:f2:b6:c4:5e:31:2a:73:59:58:4d:eb:4d:
c4:1d:df:a8:8c:2d:4e:06:77:a1:cb:8b:98:6c:ff:b9:83:b4:
db:0c:49:02:75:4b:12:3e:55:3d:bd:00:9e:41:5a:3e:c7:19:
a5:8c:8e:97:41:a7:27:60:20:74:e7:a6:64:a5:2e:2a:8e:61:
60:b2:07:3c:ea:28:79:1b:d6:69:e0:2b:c6:d3:96:87:cd:b2:
5f:4e:3a:86:ee:51:63:96:19:55:9d:2f:b9:e8:81:be:84:6b:
50:b1:1c:7c:51:49:a4:34:8c:50:73:a6:fa:ea:c4:ff:cc:56:
ea:16:15:3d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZah1KhLiCIXrSZugRvopTlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNTA1MTkwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzdiNzA5MTNmNzk3MzgwNmY3MmRhZDk2NDllMWRhZGU1OWQ2MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzFL2gKHwshDu6CXmn/iqE3OW30e
puHLaeJ6za7EvsPzgnOwOtG/hSRNlGzMQTeW9vsfwk3yiklyzVsrCJ5HFmNWPEIH
Dx/Z/uqZWjlSgr9vlWoUfdBGeXr3YkbT3TplQo+mHnPGdWnu8Fj04VAk8+pheoI0
E9/pyt6lPzNevQGjMwwugKoKYyTr8iwG+cMueV0g7INf9rA1bomDgizG30RuTCuc
xiOXea6G1wkS0ZrgakfP6WxKNudkAIF6C6mLXZtRn7IbIBJZiP9UdE/5yZf75zNR
WenIyqzyD1EuwEb92xy9q5SyK/qn3fghZgFsNcYE/OAHggcYlIKdeR21hQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNx7cJE/eXOAb3La2WSeHa3lnWGtMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvM0h0d2tUOTVjNEJ2Y3RyWlpKNGRyZVdkWWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALvMBAwQA
LvMEAwQALvMGAwQAuSXBMA0GCSqGSIb3DQEBCwUAA4IBAQAuy93B48eiaR8vnmQu
KH0mcgK9IXoI8mamW2TKEVxPr/W5ofUxykIl1+l041XzaLvJ/7DP7H5aoWeUMdUY
YGGaoGorEtkVjB5eQvLKw9NI43vqzuHGelcLG5wag1cP4E45Nq3NN3/+zviXFMsb
UyjHDpUu7GcxF4EG+ylna8tT2aHEJ0bytsReMSpzWVhN603EHd+ojC1OBnehy4uY
bP+5g7TbDEkCdUsSPlU9vQCeQVo+xxmljI6XQacnYCB056ZkpS4qjmFgsgc86ih5
G9Zp4CvG05aHzbJfTjqG7lFjlhlVnS+56IG+hGtQsRx8UUmkNIxQc6b66sT/zFbq
FhU9
-----END CERTIFICATE-----
Generated at Sun May 11 20:08:23 2025 by rpki-client