Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/4TNcEamcxMBJdxuRNcPnkIPobhU.roa
File: 4TNcEamcxMBJdxuRNcPnkIPobhU.roa (raw, json)
Hash identifier: m5tTan6cU+uoGi79hby9WpCdyKNlJQA9BZkDNvmdK4g=
Subject key identifier: E1:33:5C:11:A9:9C:C4:C0:49:77:1B:91:35:C3:E7:90:83:E8:6E:15
Certificate issuer: /CN=7bcb127c7cd778607296b88386e894ae1de385bf
Certificate serial: 0196648D17EC77510131D3890CC0DF47E255
Authority key identifier: 7B:CB:12:7C:7C:D7:78:60:72:96:B8:83:86:E8:94:AE:1D:E3:85:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/4TNcEamcxMBJdxuRNcPnkIPobhU.roa
Signing time: Wed 23 Apr 2025 21:28:10 +0000
ROA not before: Wed 23 Apr 2025 21:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198430
IP address blocks: 46.174.168.0/21 maxlen: 24
46.174.168.0/22 maxlen: 22
46.174.169.0/24 maxlen: 24
46.174.170.0/23 maxlen: 23
46.174.170.0/24 maxlen: 24
46.174.171.0/24 maxlen: 24
91.234.252.0/23 maxlen: 24
91.237.172.0/23 maxlen: 24
91.239.28.0/22 maxlen: 24
91.246.168.0/22 maxlen: 24
193.150.50.0/23 maxlen: 24
194.28.228.0/22 maxlen: 24
194.28.228.0/23 maxlen: 23
194.28.228.0/24 maxlen: 24
194.28.229.0/24 maxlen: 24
194.28.230.0/23 maxlen: 23
194.28.230.0/24 maxlen: 24
194.28.231.0/24 maxlen: 24
2001:678:d40::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:64:8d:17:ec:77:51:01:31:d3:89:0c:c0:df:47:e2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bcb127c7cd778607296b88386e894ae1de385bf
Validity
Not Before: Apr 23 21:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1335c11a99cc4c049771b9135c3e79083e86e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:49:1c:b2:40:7e:eb:e7:4f:c6:07:6e:76:ff:
9c:8f:bf:7f:ad:ba:e7:3d:73:c6:da:74:53:1a:83:
94:3f:4c:5c:2b:48:18:f5:ba:50:aa:d2:f3:5e:00:
9b:38:aa:b6:a8:e1:40:33:09:7b:b3:e3:ac:aa:c9:
45:ab:83:93:97:88:66:4e:7b:f9:6a:43:80:72:30:
1b:26:2c:6d:1b:34:7b:b7:3c:18:62:c7:74:29:a2:
f7:97:e4:a3:20:eb:37:43:8f:99:c7:7c:82:52:1f:
fb:a0:fe:bf:76:d8:91:56:35:9a:b2:b1:e6:28:8a:
c9:0c:59:46:a5:08:cd:3f:a3:f3:0f:9e:8b:d8:37:
32:4b:c3:65:53:99:e9:21:11:69:40:1d:1c:c6:ee:
bb:4a:bc:94:d9:93:32:f9:58:a8:37:68:89:c0:6d:
1b:03:4d:7c:36:8e:d3:df:e9:f9:51:81:8e:7f:d9:
6c:4f:d2:4d:48:91:ee:1b:4c:71:78:51:55:cb:eb:
eb:19:f4:8b:77:e2:a5:4a:78:39:b3:30:fb:c5:d3:
26:06:b1:01:50:42:4e:60:f9:ba:af:e9:5d:4f:ba:
ee:50:94:05:3a:f1:66:09:d1:94:cc:24:f9:df:06:
63:f1:ee:d5:33:06:02:3e:b7:b7:b4:9a:8a:76:9f:
20:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:33:5C:11:A9:9C:C4:C0:49:77:1B:91:35:C3:E7:90:83:E8:6E:15
X509v3 Authority Key Identifier:
keyid:7B:CB:12:7C:7C:D7:78:60:72:96:B8:83:86:E8:94:AE:1D:E3:85:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/4TNcEamcxMBJdxuRNcPnkIPobhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.168.0/21
91.234.252.0/23
91.237.172.0/23
91.239.28.0/22
91.246.168.0/22
193.150.50.0/23
194.28.228.0/22
IPv6:
2001:678:d40::/48
Signature Algorithm: sha256WithRSAEncryption
29:ee:66:51:0a:9a:be:df:e6:8c:3f:88:7d:16:da:20:3b:09:
08:65:d4:c5:5b:b8:bb:cd:49:4b:9f:4c:b5:f3:03:e7:6e:87:
ef:55:9d:33:ba:b6:80:f8:fd:15:ef:d9:bb:84:dc:a1:43:ad:
f6:8b:ce:fc:d8:94:a0:da:44:8a:2b:02:ec:11:c2:5d:74:ce:
71:47:fc:ad:c2:d9:30:79:0f:7c:73:ae:f5:ad:c9:97:74:a2:
e1:33:d8:f9:81:73:ec:95:cc:e6:c4:43:f1:7e:2c:7f:f2:7a:
91:b6:80:2d:7a:38:7c:ea:47:96:60:dd:3d:56:59:f9:ee:91:
88:92:a9:f8:9a:57:a2:27:50:5c:fc:91:c3:5e:9b:f7:2e:66:
1f:ec:a6:95:60:e8:bd:9f:d5:3e:f5:46:0c:a8:b7:1a:2f:07:
2f:01:22:63:8c:84:0a:79:18:8a:07:f0:4a:29:49:08:47:fa:
a6:f7:fe:e9:a2:25:4d:3e:da:32:23:50:4f:38:1b:f4:0b:84:
d8:08:17:a2:05:4d:8d:6d:56:3b:cd:57:19:5c:b0:a4:38:0b:
0a:a2:f5:98:8f:c5:6b:9c:d9:66:bd:f9:ce:f0:d5:b5:df:21:
77:24:ec:88:9e:bf:ed:59:9b:09:33:33:b3:fb:98:e9:5b:0b:
19:cb:d9:e0
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZZkjRfsd1EBMdOJDMDfR+JVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiY2IxMjdjN2NkNzc4NjA3Mjk2Yjg4Mzg2ZTg5NGFlMWRl
Mzg1YmYwHhcNMjUwNDIzMjEyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMzNWMxMWE5OWNjNGMwNDk3NzFiOTEzNWMzZTc5MDgzZTg2ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0kcskB+6+dPxgdudv+cj79/rbrn
PXPG2nRTGoOUP0xcK0gY9bpQqtLzXgCbOKq2qOFAMwl7s+OsqslFq4OTl4hmTnv5
akOAcjAbJixtGzR7tzwYYsd0KaL3l+SjIOs3Q4+Zx3yCUh/7oP6/dtiRVjWasrHm
KIrJDFlGpQjNP6PzD56L2DcyS8NlU5npIRFpQB0cxu67SryU2ZMy+VioN2iJwG0b
A018No7T3+n5UYGOf9lsT9JNSJHuG0xxeFFVy+vrGfSLd+KlSng5szD7xdMmBrEB
UEJOYPm6r+ldT7ruUJQFOvFmCdGUzCT53wZj8e7VMwYCPre3tJqKdp8gaQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOEzXBGpnMTASXcbkTXD55CD6G4VMB8GA1UdIwQY
MBaAFHvLEnx813hgcpa4g4bolK4d44W/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThzU2ZIelhlR0J5bHJpRGh1aVVyaDNqaGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9kNjBmZDgtMDNkNS00YWFiLTlkYWIt
MmUyMGE3OWY3MTQ1LzEvNFROY0VhbWN4TUJKZHh1Uk5jUG5rSVBvYmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9kNjBmZDgtMDNkNS00YWFiLTlkYWItMmUyMGE3OWY3MTQ1
LzEvZThzU2ZIelhlR0J5bHJpRGh1aVVyaDNqaGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDLq6oAwQB
W+r8AwQBW+2sAwQCW+8cAwQCW/aoAwQBwZYyAwQCwhzkMA8EAgACMAkDBwAgAQZ4
DUAwDQYJKoZIhvcNAQELBQADggEBACnuZlEKmr7f5ow/iH0W2iA7CQhl1MVbuLvN
SUufTLXzA+duh+9VnTO6toD4/RXv2buE3KFDrfaLzvzYlKDaRIorAuwRwl10znFH
/K3C2TB5D3xzrvWtyZd0ouEz2PmBc+yVzObEQ/F+LH/yepG2gC16OHzqR5Zg3T1W
WfnukYiSqfiaV6InUFz8kcNem/cuZh/sppVg6L2f1T71RgyotxovBy8BImOMhAp5
GIoH8EopSQhH+qb3/umiJU0+2jIjUE84G/QLhNgIF6IFTY1tVjvNVxlcsKQ4Cwqi
9ZiPxWuc2Wa9+c7w1bXfIXck7Iiev+1ZmwkzM7P7mOlbCxnL2eA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:44:19 2025 by rpki-client