Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/TOzNLtk2EcFN8tWWUcBYc6SMW8E.roa
File: TOzNLtk2EcFN8tWWUcBYc6SMW8E.roa (raw, json)
Hash identifier: q/YjRgOTnjUrtQ6qzvmbEUmVOXxgxmvQW4n5HH9vrjQ=
Subject key identifier: 4C:EC:CD:2E:D9:36:11:C1:4D:F2:D5:96:51:C0:58:73:A4:8C:5B:C1
Certificate issuer: /CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Certificate serial: 01941FFA0F3CD76A0534B90514C8FF3B9464
Authority key identifier: A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/TOzNLtk2EcFN8tWWUcBYc6SMW8E.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48091
IP address blocks: 185.140.236.0/23 maxlen: 24
195.93.216.0/23 maxlen: 24
2001:67c:256c::/48 maxlen: 48
2a05:37c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0f:3c:d7:6a:05:34:b9:05:14:c8:ff:3b:94:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ceccd2ed93611c14df2d59651c05873a48c5bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3f:5a:b6:d2:3e:64:bd:29:29:82:12:f4:52:
6c:b4:02:7c:46:03:b8:2c:b6:ad:6a:9a:22:35:76:
35:eb:53:61:b3:e9:e7:bb:eb:e8:90:03:8f:7a:8b:
61:80:2d:64:b0:0d:56:54:2d:70:d5:4b:a7:82:cc:
e8:57:60:22:c8:1a:16:df:26:20:1c:26:45:95:50:
9a:61:50:2a:9d:b0:35:9c:b1:31:25:ae:bb:6b:0c:
5e:e1:a5:c0:49:b8:d5:e0:67:8a:98:74:ac:4a:38:
23:ad:5f:db:1a:ea:2a:d0:b3:ef:dc:eb:d3:01:21:
96:22:38:14:28:68:3c:a5:df:c0:a1:c7:1f:c1:67:
a5:dd:9c:dc:d3:e3:5f:59:f8:c6:7d:af:6d:cb:01:
81:13:da:18:fa:f1:0e:78:e2:43:7a:c5:16:31:c7:
3f:5e:26:5f:aa:f1:9d:ff:44:9b:df:52:d2:a3:45:
8d:70:40:33:ab:40:fc:ac:be:3f:0f:29:e6:66:1f:
46:ea:6b:ed:d5:fa:ee:7c:1a:09:49:eb:97:20:08:
17:5e:c5:ab:8b:ef:0f:87:3d:b4:52:e8:dd:c8:25:
75:12:2b:5c:bb:58:b1:ff:27:cb:55:f5:52:bc:69:
33:e9:48:c5:e3:f6:48:f6:34:b6:91:58:5a:a0:88:
f5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:EC:CD:2E:D9:36:11:C1:4D:F2:D5:96:51:C0:58:73:A4:8C:5B:C1
X509v3 Authority Key Identifier:
keyid:A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/TOzNLtk2EcFN8tWWUcBYc6SMW8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.236.0/23
195.93.216.0/23
IPv6:
2001:67c:256c::/48
2a05:37c0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:c0:2c:c3:d7:7b:65:8d:71:1f:2c:18:6a:b9:bc:1f:8f:b6:
20:44:db:5e:bb:34:90:d9:70:2d:f8:01:71:ac:3e:ce:c4:ff:
18:ae:00:ed:08:37:41:6d:3b:20:df:94:65:ff:1d:7e:5b:ac:
28:c5:7b:ae:6e:55:84:31:d8:6c:ab:c1:74:0c:8a:a1:da:2a:
20:e0:90:c1:cc:18:4b:f4:04:41:d0:0b:89:77:4f:1d:67:07:
e5:8e:f6:57:c0:66:59:63:00:f1:df:42:07:31:30:3b:e1:a1:
32:de:50:fb:9a:5c:f4:c1:af:29:56:39:4d:06:56:40:3a:9a:
f7:02:6f:88:48:ad:a7:65:8a:30:13:f2:b4:ca:d7:09:89:d2:
42:62:c4:d1:4e:bf:7b:e4:f5:c0:02:e0:85:07:24:6a:a6:22:
46:64:8e:e7:5b:94:16:55:a4:ed:35:fc:70:0c:55:55:6b:1d:
eb:0b:ab:99:6e:a4:ef:f8:ad:9d:05:53:7d:25:03:a3:4b:9b:
02:12:af:45:f1:41:81:db:a8:b7:29:b1:4c:ec:2f:fb:dc:13:
b9:23:83:c1:ce:d6:aa:97:b4:38:00:e4:e9:1d:37:ae:cb:5c:
47:18:74:76:5f:3a:66:ba:61:04:3a:4f:fb:d0:2d:01:ce:15:
cf:8b:08:fc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQf+g8812oFNLkFFMj/O5RkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OGNmYjliNWY0NDVmZDJmNmNjZmExNzljMzdjNTM0NDli
MmFmMDYwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2VjY2QyZWQ5MzYxMWMxNGRmMmQ1OTY1MWMwNTg3M2E0OGM1YmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7z9attI+ZL0pKYIS9FJstAJ8RgO4
LLatapoiNXY161Nhs+nnu+vokAOPeothgC1ksA1WVC1w1UungszoV2AiyBoW3yYg
HCZFlVCaYVAqnbA1nLExJa67awxe4aXASbjV4GeKmHSsSjgjrV/bGuoq0LPv3OvT
ASGWIjgUKGg8pd/AoccfwWel3Zzc0+NfWfjGfa9tywGBE9oY+vEOeOJDesUWMcc/
XiZfqvGd/0Sb31LSo0WNcEAzq0D8rL4/DynmZh9G6mvt1frufBoJSeuXIAgXXsWr
i+8Phz20UujdyCV1Eitcu1ix/yfLVfVSvGkz6UjF4/ZI9jS2kVhaoIj1QwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEzszS7ZNhHBTfLVllHAWHOkjFvBMB8GA1UdIwQY
MBaAFKmM+5tfRF/S9sz6F5w3xTRJsq8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVl6N20xOUVYOUwyelBvWG5EZkZORW15cndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kZjg1NTEtM2Y5Zi00NGIyLWI3ZTQt
ODg2NTkzZjdkY2UwLzEvVE96Tkx0azJFY0ZOOHRXV1VjQlljNlNNVzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kZjg1NTEtM2Y5Zi00NGIyLWI3ZTQtODg2NTkzZjdkY2Uw
LzEvcVl6N20xOUVYOUwyelBvWG5EZkZORW15cndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBuYzsAwQB
w13YMBYEAgACMBADBwAgAQZ8JWwDBQAqBTfAMA0GCSqGSIb3DQEBCwUAA4IBAQC9
wCzD13tljXEfLBhqubwfj7YgRNteuzSQ2XAt+AFxrD7OxP8YrgDtCDdBbTsg35Rl
/x1+W6woxXuublWEMdhsq8F0DIqh2iog4JDBzBhL9ARB0AuJd08dZwfljvZXwGZZ
YwDx30IHMTA74aEy3lD7mlz0wa8pVjlNBlZAOpr3Am+ISK2nZYowE/K0ytcJidJC
YsTRTr975PXAAuCFByRqpiJGZI7nW5QWVaTtNfxwDFVVax3rC6uZbqTv+K2dBVN9
JQOjS5sCEq9F8UGB26i3KbFM7C/73BO5I4PBztaql7Q4AOTpHTeuy1xHGHR2Xzpm
umEEOk/70C0BzhXPiwj8
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:12 2025 by rpki-client