Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/mdUceimjZwfVVG0REiUEooQJhAE.roa
File: mdUceimjZwfVVG0REiUEooQJhAE.roa (raw, json)
Hash identifier: LzFwucR3C7CoRMDtQiS0SQDDS6RSOm6dTPZ+EmCdgOw=
Subject key identifier: 99:D5:1C:7A:29:A3:67:07:D5:54:6D:11:12:25:04:A2:84:09:84:01
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0194612E4B40F973FF542EEA17C4CE8EB185
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/mdUceimjZwfVVG0REiUEooQJhAE.roa
Signing time: Mon 13 Jan 2025 19:40:11 +0000
ROA not before: Mon 13 Jan 2025 19:40:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203639
IP address blocks: 46.21.20.0/24 maxlen: 24
46.21.23.0/24 maxlen: 24
46.21.28.0/24 maxlen: 24
46.21.30.0/24 maxlen: 24
185.155.186.0/24 maxlen: 24
185.155.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 13:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:2e:4b:40:f9:73:ff:54:2e:ea:17:c4:ce:8e:b1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 13 19:40:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99d51c7a29a36707d5546d11122504a284098401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0b:8a:9a:88:ab:94:ef:38:25:50:c2:ca:54:
35:db:31:5d:28:7a:88:03:7a:37:11:66:fc:7a:31:
73:9f:b7:9e:a5:1c:d2:87:a5:6e:73:6d:9b:cb:5a:
21:5e:70:50:fa:17:a5:a0:26:28:26:3e:ac:f1:7a:
a6:fe:c5:d3:ca:1a:a2:da:49:cf:ec:22:16:c8:26:
86:34:cf:c6:67:6d:93:7d:5e:37:88:61:46:36:9c:
9e:4a:d7:b8:d9:8e:44:d2:0b:92:86:c2:a2:c3:33:
53:1d:07:e4:8e:ec:4d:0a:2f:27:eb:ef:e8:a7:81:
8a:21:f5:49:bd:d0:e5:a6:7f:94:9a:ac:9d:56:38:
9b:1d:87:62:c6:99:22:7d:21:c2:86:b2:cd:8c:2f:
b9:ea:3d:ea:9d:a2:43:c2:20:a1:3d:5c:12:5f:e8:
05:13:d2:4c:39:ad:76:b7:27:9d:db:40:35:50:94:
62:08:04:fd:fe:0d:57:4d:2b:d2:16:a9:c8:7c:4e:
b4:40:4c:fa:de:5d:39:38:9c:99:05:19:fc:35:9f:
6b:d3:fb:37:1c:41:96:42:ab:ad:1a:05:49:8f:ec:
f5:5c:d0:f6:c8:1d:4d:3c:f4:fc:be:82:94:73:be:
7b:85:64:13:2e:ae:fe:bb:46:16:51:8c:28:42:a6:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D5:1C:7A:29:A3:67:07:D5:54:6D:11:12:25:04:A2:84:09:84:01
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/mdUceimjZwfVVG0REiUEooQJhAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.20.0/24
46.21.23.0/24
46.21.28.0/24
46.21.30.0/24
185.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:7f:1e:f9:6b:e5:81:fa:ce:30:92:9a:66:1b:42:11:55:91:
18:32:37:2c:6b:5b:e0:fc:1c:0b:3a:b3:92:35:8a:55:0c:e0:
48:0a:86:eb:e5:24:e4:ea:c4:6a:e8:61:15:31:89:b9:1f:84:
a8:61:d4:88:97:b2:da:00:be:62:7a:6e:b1:80:9e:b2:8f:d5:
e7:42:ad:34:d1:1a:94:19:a7:e6:87:eb:92:83:da:c8:4b:f0:
ce:a9:98:33:86:08:d1:0a:ae:0b:f7:2b:23:65:6b:54:60:bb:
ec:99:6d:b6:3b:1f:67:a4:ef:1d:37:a8:64:d5:50:02:b4:b8:
77:1c:c7:05:c8:1d:37:4e:11:1a:50:06:cf:06:4e:98:4d:ea:
db:74:44:d6:a0:2d:f6:96:a5:6b:e8:7c:61:7a:78:ef:59:93:
d9:8c:da:6e:41:b9:76:51:14:0c:78:d5:5c:09:58:bc:c4:ef:
f7:f0:0c:67:17:55:2f:f2:4a:e8:66:1e:23:84:e7:04:38:c6:
8b:51:39:d1:da:e3:da:28:cd:96:44:e3:36:4d:15:06:79:6f:
95:3f:4c:cd:13:e3:fb:d7:f2:36:2d:8c:86:3e:89:97:ae:6e:
88:8d:b2:ca:ee:5c:0e:2d:8a:e9:76:aa:0e:f8:6e:b5:9f:a8:
e6:2f:2f:33
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZRhLktA+XP/VC7qF8TOjrGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjUwMTEzMTk0MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ1MWM3YTI5YTM2NzA3ZDU1NDZkMTExMjI1MDRhMjg0MDk4NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQuKmoirlO84JVDCylQ12zFdKHqI
A3o3EWb8ejFzn7eepRzSh6Vuc22by1ohXnBQ+heloCYoJj6s8Xqm/sXTyhqi2knP
7CIWyCaGNM/GZ22TfV43iGFGNpyeSte42Y5E0guShsKiwzNTHQfkjuxNCi8n6+/o
p4GKIfVJvdDlpn+UmqydVjibHYdixpkifSHChrLNjC+56j3qnaJDwiChPVwSX+gF
E9JMOa12tyed20A1UJRiCAT9/g1XTSvSFqnIfE60QEz63l05OJyZBRn8NZ9r0/s3
HEGWQqutGgVJj+z1XND2yB1NPPT8voKUc757hWQTLq7+u0YWUYwoQqb1iwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJnVHHopo2cH1VRtERIlBKKECYQBMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvbWRVY2VpbWpad2ZWVkcwUkVpVUVvb1FKaEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALhUUAwQA
LhUXAwQALhUcAwQALhUeAwQBuZu6MA0GCSqGSIb3DQEBCwUAA4IBAQAdfx75a+WB
+s4wkppmG0IRVZEYMjcsa1vg/BwLOrOSNYpVDOBICobr5STk6sRq6GEVMYm5H4So
YdSIl7LaAL5iem6xgJ6yj9XnQq000RqUGafmh+uSg9rIS/DOqZgzhgjRCq4L9ysj
ZWtUYLvsmW22Ox9npO8dN6hk1VACtLh3HMcFyB03ThEaUAbPBk6YTerbdETWoC32
lqVr6HxhenjvWZPZjNpuQbl2URQMeNVcCVi8xO/38AxnF1Uv8kroZh4jhOcEOMaL
UTnR2uPaKM2WROM2TRUGeW+VP0zNE+P71/I2LYyGPomXrm6IjbLK7lwOLYrpdqoO
+G61n6jmLy8z
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:03:03 2025 by rpki-client