Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/9O5dSbjYP7CKebfq3udyDWQ-8qo.roa
File: 9O5dSbjYP7CKebfq3udyDWQ-8qo.roa (raw, json)
Hash identifier: dSfT3SWrTibx/fqvSGXLvGAtplCZ8CPdd3iXIRIH8Vo=
Subject key identifier: F4:EE:5D:49:B8:D8:3F:B0:8A:79:B7:EA:DE:E7:72:0D:64:3E:F2:AA
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 019720791216684634E7E16690C37B14CF19
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/9O5dSbjYP7CKebfq3udyDWQ-8qo.roa
Signing time: Fri 30 May 2025 09:14:54 +0000
ROA not before: Fri 30 May 2025 09:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 03:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:20:79:12:16:68:46:34:e7:e1:66:90:c3:7b:14:cf:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: May 30 09:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4ee5d49b8d83fb08a79b7eadee7720d643ef2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:3f:97:1e:24:d9:80:46:f1:6a:4e:5a:65:
58:94:e0:f7:de:b6:0e:4f:ec:28:f3:71:d1:d4:cc:
9e:ce:a1:6e:76:6c:80:cc:cb:37:42:09:99:f1:cb:
fb:c2:42:47:05:2b:82:1d:ed:b3:cc:29:53:00:0c:
5e:95:87:95:d7:d9:7e:f5:96:ac:75:69:6b:67:2b:
85:70:71:6a:ce:d3:4f:f1:8d:6a:9f:17:1b:21:4b:
24:a3:9d:52:b1:ee:2f:3c:2e:4d:77:0a:b2:ee:3f:
7e:dc:d2:e6:a9:ad:bb:57:f2:69:06:61:d7:73:5d:
52:c1:f3:5c:f7:24:24:9d:1d:e8:fd:b5:b5:51:14:
83:10:63:1e:3f:0f:e1:6e:71:48:d2:21:6f:ab:7c:
87:c5:5f:9d:b5:48:5d:90:0e:50:04:e1:1a:4d:72:
a8:38:04:cf:61:c8:23:91:04:02:f5:0c:a8:18:4f:
88:c0:16:37:8b:4d:f4:82:a4:22:27:f6:d4:ed:c5:
c0:35:9b:88:2e:d6:91:51:99:46:35:f0:c9:7e:f2:
03:51:02:78:31:8b:47:e0:9a:24:d3:00:51:a0:75:
94:ba:80:a7:c8:b7:4c:60:55:66:65:bb:43:9a:ca:
0e:1f:b6:1b:cd:ef:ba:f2:49:06:38:26:bc:12:bd:
50:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EE:5D:49:B8:D8:3F:B0:8A:79:B7:EA:DE:E7:72:0D:64:3E:F2:AA
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/9O5dSbjYP7CKebfq3udyDWQ-8qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
46.20.106.0/24
46.20.110.0/23
185.160.194.0/23
185.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:ba:38:6f:19:b8:4e:40:c0:54:31:8f:bc:0b:7c:49:03:63:
79:bd:fe:a6:88:dd:4d:67:06:e3:9d:4a:95:79:2b:fb:71:06:
b0:07:5f:2f:3e:bd:54:b9:1c:a3:a5:02:e7:9e:e9:6c:78:84:
fd:59:6b:cf:2c:5c:9a:4b:a4:52:ef:15:ec:fa:47:0a:59:cd:
dc:e2:4e:73:f6:0c:6a:71:0a:03:8d:77:40:d2:47:35:3a:48:
06:1e:11:db:df:6a:8b:49:c3:86:15:6e:b4:10:a2:44:90:18:
46:01:ef:67:f3:a7:1c:03:f6:dd:14:f2:73:b7:d2:a5:12:07:
64:9e:ec:ca:a6:f5:48:7e:17:a8:4e:42:fa:9c:a0:9f:5e:cd:
94:b1:66:02:05:3b:46:52:a4:88:a9:a3:f8:3d:37:c2:a5:df:
93:d5:28:77:83:27:e8:bb:bc:5d:b5:be:ec:f3:b4:02:51:8f:
a8:95:8f:56:3e:7a:81:cc:2b:7f:71:56:9b:8c:20:e6:7b:29:
cd:c9:b1:67:e3:2f:cc:f1:b2:b6:3e:20:3d:b3:03:7f:89:60:
8d:4d:f8:be:f1:99:d6:3c:73:47:72:c6:30:59:d0:b4:71:fb:
8c:29:9c:05:40:42:f8:54:e4:a4:28:55:22:18:24:83:3e:53:
6f:4d:f8:a4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZcgeRIWaEY05+FmkMN7FM8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwNTMwMDkxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGVlNWQ0OWI4ZDgzZmIwOGE3OWI3ZWFkZWU3NzIwZDY0M2VmMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjc/lx4k2YBG8WpOWmVYlOD33rYO
T+wo83HR1MyezqFudmyAzMs3QgmZ8cv7wkJHBSuCHe2zzClTAAxelYeV19l+9Zas
dWlrZyuFcHFqztNP8Y1qnxcbIUsko51Sse4vPC5Ndwqy7j9+3NLmqa27V/JpBmHX
c11SwfNc9yQknR3o/bW1URSDEGMePw/hbnFI0iFvq3yHxV+dtUhdkA5QBOEaTXKo
OATPYcgjkQQC9QyoGE+IwBY3i030gqQiJ/bU7cXANZuILtaRUZlGNfDJfvIDUQJ4
MYtH4Jok0wBRoHWUuoCnyLdMYFVmZbtDmsoOH7Ybze+68kkGOCa8Er1Q6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPTuXUm42D+winm36t7ncg1kPvKqMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvOU81ZFNiallQN0NLZWJmcTN1ZHlEV1EtOHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALhRhAwQA
LhRnAwQALhRqAwQBLhRuAwQBuaDCAwQCuancMA0GCSqGSIb3DQEBCwUAA4IBAQAa
ujhvGbhOQMBUMY+8C3xJA2N5vf6miN1NZwbjnUqVeSv7cQawB18vPr1UuRyjpQLn
nulseIT9WWvPLFyaS6RS7xXs+kcKWc3c4k5z9gxqcQoDjXdA0kc1OkgGHhHb32qL
ScOGFW60EKJEkBhGAe9n86ccA/bdFPJzt9KlEgdknuzKpvVIfheoTkL6nKCfXs2U
sWYCBTtGUqSIqaP4PTfCpd+T1Sh3gyfou7xdtb7s87QCUY+olY9WPnqBzCt/cVab
jCDmeynNybFn4y/M8bK2PiA9swN/iWCNTfi+8ZnWPHNHcsYwWdC0cfuMKZwFQEL4
VOSkKFUiGCSDPlNvTfik
-----END CERTIFICATE-----
Generated at Wed Jun 18 12:10:02 2025 by rpki-client