Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/k5l5N8zUJFbRVARzXWppNt0fQCM.roa
File: k5l5N8zUJFbRVARzXWppNt0fQCM.roa (raw, json)
Hash identifier: zKULduF69ToQv+uBgCJ/ZXvwjNpnYAReEcGPQFoBV8Y=
Subject key identifier: 93:99:79:37:CC:D4:24:56:D1:54:04:73:5D:6A:69:36:DD:1F:40:23
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 01966D007CB483AF8190436DCEF218E2436E
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/k5l5N8zUJFbRVARzXWppNt0fQCM.roa
Signing time: Fri 25 Apr 2025 12:51:10 +0000
ROA not before: Fri 25 Apr 2025 12:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.108.0/24 maxlen: 24
46.20.110.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:00:7c:b4:83:af:81:90:43:6d:ce:f2:18:e2:43:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Apr 25 12:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93997937ccd42456d15404735d6a6936dd1f4023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:4f:cb:91:a6:7d:08:be:c6:c9:b8:51:27:
8f:90:e6:3a:67:39:7b:93:0c:b9:9c:0a:dd:81:f7:
e2:8f:65:fb:68:b6:74:e0:15:ed:38:05:28:2a:c7:
47:82:eb:fd:32:33:a9:a2:d4:fb:de:c4:8c:04:17:
6e:e3:21:3f:68:e7:30:b1:84:1d:3e:ed:1b:2c:17:
a5:00:ee:bb:66:73:fc:bd:81:5f:17:c9:21:6f:dc:
a4:18:1a:5d:17:22:2e:35:e6:84:6e:bc:f3:0a:3e:
0d:90:4c:81:22:a1:01:2c:54:73:17:b3:c4:4e:33:
b8:57:e0:88:55:1a:79:fc:cb:11:92:80:dd:30:e5:
c0:41:b8:2c:23:f2:aa:ed:87:2f:0e:b5:a1:38:94:
dd:b8:52:f6:89:58:43:49:ff:ac:97:80:03:92:f3:
69:36:e7:09:de:fc:5e:23:f5:8c:2f:95:2e:0d:c3:
a4:b6:d2:a4:67:f5:14:31:3e:6e:d9:3f:d3:be:9f:
3f:5b:0b:c5:cf:09:10:df:a6:40:6d:02:66:76:58:
60:e9:62:a1:39:a0:5a:4d:11:a4:58:81:58:1e:51:
e0:42:db:fb:29:6d:7c:4a:b1:4b:ab:98:1e:4f:da:
19:df:ad:ef:2e:ba:b8:cc:93:91:b8:f4:af:fa:01:
76:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:99:79:37:CC:D4:24:56:D1:54:04:73:5D:6A:69:36:DD:1F:40:23
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/k5l5N8zUJFbRVARzXWppNt0fQCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
46.20.106.0/24
46.20.108.0/24
46.20.110.0/23
185.160.193.0-185.160.195.255
185.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
86:10:84:fa:b7:fb:5d:4f:5e:c6:e4:64:67:82:ef:40:89:5f:
d2:c7:55:85:73:07:cd:02:45:79:48:e3:ba:be:5b:49:0e:c9:
4b:cf:07:44:d0:5a:f1:a2:50:b2:c6:c6:52:33:c8:91:a4:1b:
24:2d:99:9d:e3:bd:13:1b:78:28:ff:ed:91:06:0c:5e:41:1e:
cc:eb:8c:dd:c8:5d:ed:28:78:12:45:66:2e:26:49:66:b4:96:
6b:d8:dd:58:0c:d8:1b:5c:ac:05:21:4d:38:34:d4:ec:b5:af:
7e:e8:12:28:96:b4:1b:03:91:71:85:c3:27:49:8b:c5:60:12:
61:8a:09:19:22:da:ae:67:fe:6b:59:aa:82:7f:cb:95:48:0f:
57:56:6a:1d:14:af:16:46:ab:52:d7:89:a7:64:5b:fd:06:3c:
e3:79:4d:97:c4:f2:72:ec:78:e5:4e:6d:a3:f7:01:f3:1e:49:
61:28:75:73:50:94:00:02:6e:ad:64:6f:92:ee:ab:82:b8:e9:
57:46:9b:ca:7e:ab:a0:01:94:fe:bb:a5:37:0a:cf:a1:0f:ab:
c5:b1:18:de:e3:09:cb:19:26:d0:d4:6b:1f:25:ee:96:d3:48:
b0:a3:ce:c6:ae:a2:be:c8:63:63:59:08:e2:82:77:c6:64:10:
49:be:b8:b4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZZtAHy0g6+BkENtzvIY4kNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwNDI1MTI1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzk5NzkzN2NjZDQyNDU2ZDE1NDA0NzM1ZDZhNjkzNmRkMWY0MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqJPy5GmfQi+xsm4USePkOY6Zzl7
kwy5nArdgffij2X7aLZ04BXtOAUoKsdHguv9MjOpotT73sSMBBdu4yE/aOcwsYQd
Pu0bLBelAO67ZnP8vYFfF8khb9ykGBpdFyIuNeaEbrzzCj4NkEyBIqEBLFRzF7PE
TjO4V+CIVRp5/MsRkoDdMOXAQbgsI/Kq7YcvDrWhOJTduFL2iVhDSf+sl4ADkvNp
NucJ3vxeI/WML5UuDcOkttKkZ/UUMT5u2T/Tvp8/WwvFzwkQ36ZAbQJmdlhg6WKh
OaBaTRGkWIFYHlHgQtv7KW18SrFLq5geT9oZ363vLrq4zJORuPSv+gF29QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJOZeTfM1CRW0VQEc11qaTbdH0AjMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvazVsNU44elVKRmJSVkFSelhXcHBOdDBmUUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALhRhAwQA
LhRnAwQALhRqAwQALhRsAwQBLhRuMAwDBAC5oMEDBAK5oMADBAK5qdwwDQYJKoZI
hvcNAQELBQADggEBAIYQhPq3+11PXsbkZGeC70CJX9LHVYVzB80CRXlI47q+W0kO
yUvPB0TQWvGiULLGxlIzyJGkGyQtmZ3jvRMbeCj/7ZEGDF5BHszrjN3IXe0oeBJF
Zi4mSWa0lmvY3VgM2BtcrAUhTTg01Oy1r37oEiiWtBsDkXGFwydJi8VgEmGKCRki
2q5n/mtZqoJ/y5VID1dWah0UrxZGq1LXiadkW/0GPON5TZfE8nLseOVObaP3AfMe
SWEodXNQlAACbq1kb5Luq4K46VdGm8p+q6ABlP67pTcKz6EPq8WxGN7jCcsZJtDU
ax8l7pbTSLCjzsauor7IY2NZCOKCd8ZkEEm+uLQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 17:35:34 2025 by rpki-client