Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/3wVT7ByFOgSRbNZYozrG_4k5Lf4.roa
File: 3wVT7ByFOgSRbNZYozrG_4k5Lf4.roa (raw, json)
Hash identifier: nWjMCvThnl/TirQoWGzb1aGz9gls9gsUGL9UH7UK99U=
Subject key identifier: DF:05:53:EC:1C:85:3A:04:91:6C:D6:58:A3:3A:C6:FF:89:39:2D:FE
Certificate issuer: /CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
Certificate serial: 01941FFA15CAE004DFE99872EC120AC1035A
Authority key identifier: FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/3wVT7ByFOgSRbNZYozrG_4k5Lf4.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 80.210.95.0/24 maxlen: 24
85.194.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/1-yNrIT1WST87B35rQfQuTz34zc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/1-yNrIT1WST87B35rQfQuTz34zc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:15:ca:e0:04:df:e9:98:72:ec:12:0a:c1:03:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb236b213d56493f3b077e6b41f42e4f3df8cdce
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df0553ec1c853a04916cd658a33ac6ff89392dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1e:57:f7:0d:21:52:71:46:51:7c:45:d5:62:
9b:7e:11:ea:35:35:bb:60:57:3a:01:a6:c8:36:a0:
c6:38:37:31:9d:56:96:95:8e:0e:d9:8d:0e:80:7a:
25:28:29:f7:3d:6b:82:f2:d1:9e:f6:b9:e3:54:66:
30:54:a6:6b:be:b2:65:63:86:02:81:43:78:9c:15:
63:a1:c5:6f:ea:90:1c:3c:33:93:32:8a:29:03:12:
41:74:68:19:e3:a6:7b:58:e4:ae:c8:7b:2c:76:00:
bc:b6:e1:75:b4:8b:52:7e:3b:0c:7c:4c:c4:2e:f8:
ed:c6:a2:05:44:ee:9e:ac:3e:88:4c:bf:96:60:19:
83:b0:28:84:7b:f5:02:d1:7e:1d:f7:e7:af:a9:78:
c3:90:89:a1:2b:8b:90:61:78:84:25:aa:65:83:d7:
a1:65:2b:9a:c2:47:d4:64:d3:76:ca:c3:49:23:58:
9c:97:00:a1:f2:a4:e3:38:8c:ac:be:92:16:7b:96:
c7:83:ff:64:b8:ad:5c:fc:26:80:64:8b:4f:4b:6b:
79:0d:07:da:dc:68:46:a9:bb:bd:ac:96:96:3c:e0:
fe:83:32:f3:f0:b1:9c:b7:45:04:fe:c9:d8:1f:49:
69:6d:66:62:54:7a:26:4c:5e:a1:a2:31:a1:5e:b2:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:05:53:EC:1C:85:3A:04:91:6C:D6:58:A3:3A:C6:FF:89:39:2D:FE
X509v3 Authority Key Identifier:
keyid:FB:23:6B:21:3D:56:49:3F:3B:07:7E:6B:41:F4:2E:4F:3D:F8:CD:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yNrIT1WST87B35rQfQuTz34zc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/3wVT7ByFOgSRbNZYozrG_4k5Lf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/20f4ac-80d9-40e2-a9e6-1c88eebeb293/1/1-yNrIT1WST87B35rQfQuTz34zc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.210.95.0/24
85.194.254.0/23
Signature Algorithm: sha256WithRSAEncryption
89:d8:29:1b:bd:ec:84:30:26:ee:b0:38:1f:88:f8:a0:c8:9a:
7a:bf:d0:48:2c:c7:8a:ad:3f:66:09:09:8a:8c:b7:d9:63:ef:
84:da:d8:8b:ff:eb:ad:50:35:b0:5d:7d:07:fd:7a:e9:02:36:
ed:9c:78:cc:21:22:24:e4:9e:b8:98:21:a5:94:ed:32:0a:82:
b4:54:03:10:20:9d:a4:b2:64:a7:39:f0:17:1d:1d:2a:29:57:
bf:5e:7c:93:e9:32:99:65:ac:43:77:6b:d4:a5:04:40:c1:a4:
41:01:6f:f8:6a:94:3b:c5:ae:7e:c0:94:0b:a0:b2:96:96:74:
02:00:8f:d3:c0:37:01:07:c2:f4:21:48:6b:94:c5:e8:b1:37:
2c:a2:7d:d9:01:85:47:2d:01:f7:5f:69:e4:a2:c9:e6:cd:4f:
88:29:9a:6a:0a:83:44:08:aa:a5:4d:5c:3f:fa:b7:ba:2d:b9:
bd:89:b6:ef:2a:80:71:5d:1d:58:47:3a:52:7c:f6:28:73:90:
01:4d:8c:31:0f:7c:0a:da:db:ae:cf:0c:91:0b:76:46:b6:4b:
3e:3a:50:f3:39:15:25:d2:b4:d6:79:fc:ce:2c:48:31:7c:01:
a2:f8:5e:76:30:f5:92:ce:de:d8:81:51:d5:b0:9e:2c:a2:3b:
3d:46:12:98
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQf+hXK4ATf6Zhy7BIKwQNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMjM2YjIxM2Q1NjQ5M2YzYjA3N2U2YjQxZjQyZTRmM2Rm
OGNkY2UwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjA1NTNlYzFjODUzYTA0OTE2Y2Q2NThhMzNhYzZmZjg5MzkyZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwR5X9w0hUnFGUXxF1WKbfhHqNTW7
YFc6AabINqDGODcxnVaWlY4O2Y0OgHolKCn3PWuC8tGe9rnjVGYwVKZrvrJlY4YC
gUN4nBVjocVv6pAcPDOTMoopAxJBdGgZ46Z7WOSuyHssdgC8tuF1tItSfjsMfEzE
LvjtxqIFRO6erD6ITL+WYBmDsCiEe/UC0X4d9+evqXjDkImhK4uQYXiEJaplg9eh
ZSuawkfUZNN2ysNJI1iclwCh8qTjOIysvpIWe5bHg/9kuK1c/CaAZItPS2t5DQfa
3GhGqbu9rJaWPOD+gzLz8LGct0UE/snYH0lpbWZiVHomTF6hojGhXrJt+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN8FU+wchToEkWzWWKM6xv+JOS3+MB8GA1UdIwQY
MBaAFPsjayE9Vkk/Owd+a0H0Lk89+M3OMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15TnJJVDFXU1Q4N0IzNXJRZlF1VHozNHpjNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUvMjBmNGFjLTgwZDktNDBlMi1hOWU2
LTFjODhlZWJlYjI5My8xLzN3VlQ3QnlGT2dTUmJOWllvenJHXzRrNUxmNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODUvMjBmNGFjLTgwZDktNDBlMi1hOWU2LTFjODhlZWJlYjI5
My8xLzEteU5ySVQxV1NUODdCMzVyUWZRdVR6MzR6YzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABQ0l8D
BAFVwv4wDQYJKoZIhvcNAQELBQADggEBAInYKRu97IQwJu6wOB+I+KDImnq/0Egs
x4qtP2YJCYqMt9lj74Ta2Iv/661QNbBdfQf9eukCNu2ceMwhIiTknriYIaWU7TIK
grRUAxAgnaSyZKc58BcdHSopV79efJPpMpllrEN3a9SlBEDBpEEBb/hqlDvFrn7A
lAugspaWdAIAj9PANwEHwvQhSGuUxeixNyyifdkBhUctAfdfaeSiyebNT4gpmmoK
g0QIqqVNXD/6t7otub2Jtu8qgHFdHVhHOlJ89ihzkAFNjDEPfAra267PDJELdka2
Sz46UPM5FSXStNZ5/M4sSDF8AaL4XnYw9ZLO3tiBUdWwniyiOz1GEpg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:15:38 2025 by rpki-client