Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3bHFI98fNrO-AI7iYMdoY6Cy4Ec.roa
File: 3bHFI98fNrO-AI7iYMdoY6Cy4Ec.roa (raw, json)
Hash identifier: jNavEGcWKNfNKB84/MmKoUJXT5oHj4PAQhOkM5ErTv4=
Subject key identifier: DD:B1:C5:23:DF:1F:36:B3:BE:00:8E:E2:60:C7:68:63:A0:B2:E0:47
Certificate issuer: /CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Certificate serial: 019421B1E457AD7E1DB514B899724EABFE43
Authority key identifier: DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3bHFI98fNrO-AI7iYMdoY6Cy4Ec.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133752
IP address blocks: 2a00:c6c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e4:57:ad:7e:1d:b5:14:b8:99:72:4e:ab:fe:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de90d43293cfebf87e7eab2b0d553fd21a6e9641
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddb1c523df1f36b3be008ee260c76863a0b2e047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5d:8d:52:40:b5:21:d0:ee:c1:d7:5a:9f:2f:
0b:46:96:38:81:98:0d:99:69:7a:86:82:e7:34:d2:
6b:5b:de:1b:1a:9c:de:fc:9c:0b:03:8b:8f:de:05:
d2:1c:e1:6f:58:6d:dc:5b:01:9b:78:d2:41:2c:c5:
56:a7:92:25:ac:fb:b6:47:b4:ae:1e:f2:e7:9f:86:
f7:62:cb:34:23:f1:99:0f:8f:a3:16:5e:6a:d2:6a:
91:b2:01:6a:02:09:00:50:a0:45:5f:67:76:9e:b7:
1a:62:4a:e5:a6:0b:e3:85:d3:00:7c:08:2b:95:ce:
c2:cb:68:8c:da:d1:6b:3f:ab:37:6d:db:49:bc:1d:
a9:72:3c:25:7b:d4:18:80:b8:24:c0:cb:78:36:f7:
c8:39:29:fb:9e:f0:f9:41:18:42:8d:ad:0c:29:09:
62:d1:2d:c0:00:19:03:23:dc:b6:88:ea:f7:70:45:
0d:33:32:47:6c:17:0f:30:a2:d0:41:60:ab:f9:55:
7b:25:f1:24:99:15:55:3c:21:88:40:44:69:40:a9:
5e:5c:57:03:a0:80:25:15:71:26:7d:09:97:36:da:
5b:7f:50:0f:cd:3a:e2:e6:4f:8a:9c:5e:b6:a2:b8:
7b:d8:54:0d:cc:c9:8a:03:1e:b4:b5:81:ec:67:5d:
69:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B1:C5:23:DF:1F:36:B3:BE:00:8E:E2:60:C7:68:63:A0:B2:E0:47
X509v3 Authority Key Identifier:
keyid:DE:90:D4:32:93:CF:EB:F8:7E:7E:AB:2B:0D:55:3F:D2:1A:6E:96:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pDUMpPP6_h-fqsrDVU_0hpulkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3bHFI98fNrO-AI7iYMdoY6Cy4Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/647eba-d666-49c7-a089-53edc626b287/1/3pDUMpPP6_h-fqsrDVU_0hpulkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:c6c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
8b:46:65:3b:b4:d0:de:8c:e6:31:be:22:93:51:aa:a8:55:ad:
86:de:6e:e4:25:bb:ff:a5:c9:be:ef:d2:2d:07:74:6d:7e:05:
d6:c3:4f:db:2a:92:95:8f:9a:77:dd:ab:14:be:70:2a:4f:1c:
52:71:f4:31:80:99:10:04:f5:56:e8:ff:38:a0:9b:14:4a:08:
8b:5c:80:f4:4b:94:9a:7a:83:0a:2d:6d:5c:60:2a:85:b1:9e:
12:f0:ad:35:48:55:0e:32:cb:66:4c:9c:22:79:be:99:79:71:
0a:3d:ec:4d:bd:55:3f:79:0d:c3:de:b2:f0:a2:1c:e5:c5:b0:
cb:ba:df:e6:68:2a:eb:aa:2f:6c:74:04:75:8b:c5:3c:c9:2f:
a2:96:88:d5:f2:1b:e7:29:2b:e7:ba:bd:93:1c:de:7f:80:84:
d9:33:61:63:5b:6e:05:cb:a3:ba:1d:04:23:1c:ce:5e:72:ae:
06:c8:78:90:fe:51:73:fd:ca:23:18:65:43:5a:aa:de:00:ed:
b6:d8:c3:8d:ff:74:51:e4:0e:30:2a:4a:51:d6:06:9c:78:69:
22:ee:17:8f:30:10:7c:a0:e7:3c:9e:3a:d2:4e:39:27:79:13:
02:5a:ef:98:e7:1c:8e:49:ac:64:76:6c:51:41:7a:32:11:83:
3e:56:e0:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhseRXrX4dtRS4mXJOq/5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOTBkNDMyOTNjZmViZjg3ZTdlYWIyYjBkNTUzZmQyMWE2
ZTk2NDEwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGIxYzUyM2RmMWYzNmIzYmUwMDhlZTI2MGM3Njg2M2EwYjJlMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl2NUkC1IdDuwddany8LRpY4gZgN
mWl6hoLnNNJrW94bGpze/JwLA4uP3gXSHOFvWG3cWwGbeNJBLMVWp5IlrPu2R7Su
HvLnn4b3Yss0I/GZD4+jFl5q0mqRsgFqAgkAUKBFX2d2nrcaYkrlpgvjhdMAfAgr
lc7Cy2iM2tFrP6s3bdtJvB2pcjwle9QYgLgkwMt4NvfIOSn7nvD5QRhCja0MKQli
0S3AABkDI9y2iOr3cEUNMzJHbBcPMKLQQWCr+VV7JfEkmRVVPCGIQERpQKleXFcD
oIAlFXEmfQmXNtpbf1APzTri5k+KnF62orh72FQNzMmKAx60tYHsZ11pYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN2xxSPfHzazvgCO4mDHaGOgsuBHMB8GA1UdIwQY
MBaAFN6Q1DKTz+v4fn6rKw1VP9IabpZBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODkt
NTNlZGM2MjZiMjg3LzEvM2JIRkk5OGZOck8tQUk3aVlNZG9ZNkN5NEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82NDdlYmEtZDY2Ni00OWM3LWEwODktNTNlZGM2MjZiMjg3
LzEvM3BEVU1wUFA2X2gtZnFzckRWVV8waHB1bGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgDGwAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCLRmU7tNDejOYxviKTUaqoVa2G3m7kJbv/pcm+
79ItB3RtfgXWw0/bKpKVj5p33asUvnAqTxxScfQxgJkQBPVW6P84oJsUSgiLXID0
S5SaeoMKLW1cYCqFsZ4S8K01SFUOMstmTJwieb6ZeXEKPexNvVU/eQ3D3rLwohzl
xbDLut/maCrrqi9sdAR1i8U8yS+ilojV8hvnKSvnur2THN5/gITZM2FjW24Fy6O6
HQQjHM5ecq4GyHiQ/lFz/cojGGVDWqreAO222MON/3RR5A4wKkpR1gaceGki7heP
MBB8oOc8njrSTjkneRMCWu+Y5xyOSaxkdmxRQXoyEYM+VuDS
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:54:20 2025 by rpki-client