Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/w3UqKWnMOF5NaXpk2iA4PKS4_bM.roa
File: w3UqKWnMOF5NaXpk2iA4PKS4_bM.roa (raw, json)
Hash identifier: u2j3jAMfurHPfPAg9hddmCUv1bl75zA9+z27+zKCwbI=
Subject key identifier: C3:75:2A:29:69:CC:38:5E:4D:69:7A:64:DA:20:38:3C:A4:B8:FD:B3
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 019423D71CFAC537F9D77E0C822DB532C9BD
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/w3UqKWnMOF5NaXpk2iA4PKS4_bM.roa
Signing time: Wed 01 Jan 2025 21:48:07 +0000
ROA not before: Wed 01 Jan 2025 21:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55256
IP address blocks: 31.186.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:1c:fa:c5:37:f9:d7:7e:0c:82:2d:b5:32:c9:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 21:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3752a2969cc385e4d697a64da20383ca4b8fdb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b8:de:ea:0f:c1:0b:d9:59:6d:6a:98:a0:8e:
67:14:f8:c3:8d:17:d3:df:3a:b3:db:a8:6f:b5:86:
78:98:f4:39:df:84:b5:49:e8:76:57:50:67:a4:c8:
c2:7f:a4:8a:f8:d0:8d:4c:18:f3:2f:bd:f0:dc:6d:
6d:00:ba:20:a1:8a:33:84:0d:5b:a3:34:2b:ae:d6:
be:45:d7:95:ee:5c:d5:6c:39:80:bf:ce:75:de:16:
12:cc:09:3f:f0:03:7f:19:0e:eb:d8:81:3b:ca:0d:
d5:c6:92:56:40:f4:08:62:1c:d9:8b:b0:3e:d3:d9:
f8:55:1f:75:a0:25:15:48:60:cd:ae:cf:5d:f3:bc:
cf:8f:04:59:82:31:4b:1b:40:87:ff:61:28:da:c1:
5c:02:3a:9a:28:97:6e:1b:f9:92:49:c4:cc:9a:e5:
dd:d7:ea:e1:45:25:3b:d4:19:3f:93:c4:00:70:3a:
3b:e4:67:bc:45:0f:50:3e:ea:98:d7:72:7b:d3:ab:
9f:26:0e:61:08:1e:8c:4d:84:db:8f:9e:cc:af:97:
7d:65:35:74:24:ec:4c:0d:fa:62:4c:b3:f1:f0:cb:
1b:31:3a:db:b8:ef:81:18:df:92:d9:89:36:63:66:
3b:14:e0:47:ea:83:52:8b:69:18:60:cb:be:b3:43:
48:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:75:2A:29:69:CC:38:5E:4D:69:7A:64:DA:20:38:3C:A4:B8:FD:B3
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/w3UqKWnMOF5NaXpk2iA4PKS4_bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.239.0/24
Signature Algorithm: sha256WithRSAEncryption
03:05:90:77:fc:94:35:99:1c:65:d4:c7:5d:73:c3:3b:83:eb:
41:e6:64:47:1f:0e:dd:88:ad:76:d3:b2:73:7c:8c:14:bd:aa:
f0:89:60:2b:61:20:69:5e:c7:3f:65:4a:9d:a7:bb:32:dc:39:
bd:aa:71:1a:28:60:0a:9a:de:7d:dc:fe:fd:90:67:b2:d9:1c:
27:03:f0:b9:91:bd:bb:e7:e4:de:9b:7b:07:fb:be:a5:5e:d1:
00:3e:25:a1:ed:46:68:b3:43:83:9a:0d:f5:c2:6b:11:9a:88:
4f:5d:00:21:28:10:b7:82:34:ea:53:fa:b7:84:3a:1a:a9:9e:
5a:22:06:fd:0a:c9:71:f7:fe:8c:c2:11:f4:1c:be:ea:39:5a:
a9:9e:f2:82:74:49:ee:62:a0:9a:ca:18:ce:3b:7e:db:bc:29:
e4:7d:5e:09:11:0c:f3:0f:fe:52:84:4c:3e:8f:0c:ef:d2:e5:
a3:a8:3c:b4:21:13:45:cc:54:e2:d6:77:70:cd:1c:28:eb:87:
2e:62:5e:56:c7:16:56:02:04:1e:ab:50:e5:10:63:ed:38:40:
79:9a:61:b6:11:1a:bd:48:c6:8c:47:9e:6f:24:b0:d7:f5:64:
68:22:01:10:af:2a:3b:d3:e8:ee:bb:dd:7c:cf:8f:d3:9a:23:
99:6d:cd:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xz6xTf5134Mgi21Msm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjUwMTAxMjE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc1MmEyOTY5Y2MzODVlNGQ2OTdhNjRkYTIwMzgzY2E0YjhmZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbje6g/BC9lZbWqYoI5nFPjDjRfT
3zqz26hvtYZ4mPQ534S1Seh2V1BnpMjCf6SK+NCNTBjzL73w3G1tALogoYozhA1b
ozQrrta+RdeV7lzVbDmAv8513hYSzAk/8AN/GQ7r2IE7yg3VxpJWQPQIYhzZi7A+
09n4VR91oCUVSGDNrs9d87zPjwRZgjFLG0CH/2Eo2sFcAjqaKJduG/mSScTMmuXd
1+rhRSU71Bk/k8QAcDo75Ge8RQ9QPuqY13J706ufJg5hCB6MTYTbj57Mr5d9ZTV0
JOxMDfpiTLPx8MsbMTrbuO+BGN+S2Yk2Y2Y7FOBH6oNSi2kYYMu+s0NImwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMN1KilpzDheTWl6ZNogODykuP2zMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvdzNVcUtXbk1PRjVOYVhwazJpQTRQS1M0X2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH7rvMA0G
CSqGSIb3DQEBCwUAA4IBAQADBZB3/JQ1mRxl1Mddc8M7g+tB5mRHHw7diK1207Jz
fIwUvarwiWArYSBpXsc/ZUqdp7sy3Dm9qnEaKGAKmt593P79kGey2RwnA/C5kb27
5+Tem3sH+76lXtEAPiWh7UZos0ODmg31wmsRmohPXQAhKBC3gjTqU/q3hDoaqZ5a
Igb9Cslx9/6MwhH0HL7qOVqpnvKCdEnuYqCayhjOO37bvCnkfV4JEQzzD/5ShEw+
jwzv0uWjqDy0IRNFzFTi1ndwzRwo64cuYl5WxxZWAgQeq1DlEGPtOEB5mmG2ERq9
SMaMR55vJLDX9WRoIgEQryo70+juu918z4/TmiOZbc2K
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:13:08 2025 by rpki-client