Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_CmBe41AMweE_lzyL4NbSpxXcLQ.roa
File: _CmBe41AMweE_lzyL4NbSpxXcLQ.roa (raw, json)
Hash identifier: O6zOtN0rivp7BtQj0Yo5dZPAUFp2+XgpwtntntQgeIA=
Subject key identifier: FC:29:81:7B:8D:40:33:07:84:FE:5C:F2:2F:83:5B:4A:9C:57:70:B4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019643E829252E0F5ACF5FFC80E2ECC50AF4
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_CmBe41AMweE_lzyL4NbSpxXcLQ.roa
Signing time: Thu 17 Apr 2025 13:20:10 +0000
ROA not before: Thu 17 Apr 2025 13:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 46.249.109.0/24 maxlen: 24
82.115.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:43:e8:29:25:2e:0f:5a:cf:5f:fc:80:e2:ec:c5:0a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 17 13:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc29817b8d40330784fe5cf22f835b4a9c5770b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ba:8d:bb:8a:8a:64:a4:bc:96:71:56:e0:24:
4a:a6:95:42:84:f2:a6:3e:c0:e6:76:af:f6:70:e0:
8d:e5:e6:9a:1b:2b:5f:26:23:b4:b8:50:d4:99:e1:
3b:8d:1e:09:48:d8:97:3b:d5:2c:5d:02:78:19:73:
f1:c1:5f:37:65:2b:a4:83:79:3a:9e:56:e6:a9:a6:
0e:58:9a:4a:17:37:b1:0d:f3:f4:3e:59:85:63:34:
1f:49:3f:52:3f:de:5e:28:08:34:f5:78:76:39:19:
b8:81:e7:55:c0:f6:29:a0:a8:b0:f8:5d:a5:e6:09:
80:9b:fc:be:12:11:11:f1:fd:ee:ac:eb:49:7c:aa:
93:7b:38:76:c5:16:aa:61:eb:e2:bb:8a:91:30:ea:
47:3c:e9:62:e2:dc:72:f3:21:b5:8c:6d:e6:3a:06:
d3:30:e4:a4:d3:ba:1a:7e:7c:0b:d1:38:d0:e1:0d:
97:28:3c:5d:ab:6e:9a:9c:a0:2e:24:f7:08:84:ea:
2d:10:51:7a:5d:0a:30:0f:2e:42:86:7c:6f:40:6b:
d7:5b:f3:5b:af:2c:da:5d:be:57:fd:27:31:b9:c1:
60:ed:c9:87:b2:33:78:fc:f2:4d:7d:66:5c:78:ec:
c8:13:aa:31:2b:75:f1:61:51:8c:74:73:47:94:f5:
e4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:29:81:7B:8D:40:33:07:84:FE:5C:F2:2F:83:5B:4A:9C:57:70:B4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/_CmBe41AMweE_lzyL4NbSpxXcLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.109.0/24
82.115.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:49:13:fa:73:08:e4:51:ad:d2:bf:b8:74:93:ba:a5:1b:90:
26:44:52:4f:4d:1e:1f:e9:d1:d4:d7:08:0d:e7:16:0e:2c:18:
8a:e6:3a:c1:e2:ea:ea:8f:6e:1e:ee:74:f7:2f:a7:2c:89:7c:
5a:33:89:d3:5b:05:d0:81:14:f6:1f:ed:d2:c1:0f:a2:40:9f:
42:df:13:09:ce:52:4f:66:d0:6a:d0:fb:86:68:08:2a:f9:ab:
20:c3:aa:e6:30:fc:99:a8:5a:b1:8d:40:e5:81:a1:86:cd:29:
83:01:3f:c4:91:c9:47:8e:bd:e7:3d:67:21:a5:a5:76:7a:a4:
ba:dc:fb:eb:36:d6:e4:8b:1a:aa:0f:bd:d6:5e:56:af:59:62:
be:af:c9:fa:55:83:75:37:61:d1:d5:15:6c:c5:33:71:03:1b:
58:92:bc:e9:82:ca:79:7d:9d:05:0b:50:00:18:12:d8:62:66:
d5:61:7a:89:96:a9:ab:25:4f:61:ee:aa:08:31:87:5c:f1:59:
9f:65:33:a7:85:81:29:1f:ed:fb:bb:0f:45:5e:e4:c2:85:91:
b0:37:32:74:3f:18:66:cc:23:ce:7a:59:d6:d1:7a:8f:40:ae:
9a:9b:36:d4:20:57:35:ec:3a:fa:23:e7:8b:a7:c2:f3:e2:07:
d9:5c:72:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZD6CklLg9az1/8gOLsxQr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDE3MTMyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI5ODE3YjhkNDAzMzA3ODRmZTVjZjIyZjgzNWI0YTljNTc3MGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rqNu4qKZKS8lnFW4CRKppVChPKm
PsDmdq/2cOCN5eaaGytfJiO0uFDUmeE7jR4JSNiXO9UsXQJ4GXPxwV83ZSukg3k6
nlbmqaYOWJpKFzexDfP0PlmFYzQfST9SP95eKAg09Xh2ORm4gedVwPYpoKiw+F2l
5gmAm/y+EhER8f3urOtJfKqTezh2xRaqYeviu4qRMOpHPOli4txy8yG1jG3mOgbT
MOSk07oafnwL0TjQ4Q2XKDxdq26anKAuJPcIhOotEFF6XQowDy5ChnxvQGvXW/Nb
ryzaXb5X/ScxucFg7cmHsjN4/PJNfWZceOzIE6oxK3XxYVGMdHNHlPXkBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwpgXuNQDMHhP5c8i+DW0qcV3C0MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvX0NtQmU0MUFNd2VFX2x6eUw0TmJTcHhYY0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALvltAwQA
UnMcMA0GCSqGSIb3DQEBCwUAA4IBAQCySRP6cwjkUa3Sv7h0k7qlG5AmRFJPTR4f
6dHU1wgN5xYOLBiK5jrB4urqj24e7nT3L6csiXxaM4nTWwXQgRT2H+3SwQ+iQJ9C
3xMJzlJPZtBq0PuGaAgq+asgw6rmMPyZqFqxjUDlgaGGzSmDAT/EkclHjr3nPWch
paV2eqS63PvrNtbkixqqD73WXlavWWK+r8n6VYN1N2HR1RVsxTNxAxtYkrzpgsp5
fZ0FC1AAGBLYYmbVYXqJlqmrJU9h7qoIMYdc8VmfZTOnhYEpH+37uw9FXuTChZGw
NzJ0PxhmzCPOelnW0XqPQK6amzbUIFc17Dr6I+eLp8Lz4gfZXHJP
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:57:24 2025 by rpki-client