Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/3YFzPEGiHndZmZ_eV1KbJ4S1riY.roa
File: 3YFzPEGiHndZmZ_eV1KbJ4S1riY.roa (raw, json)
Hash identifier: FCQDUK+ghfu3EK3q9DQ8TjIhvTkAHxB9mFLDZLBtP9Y=
Subject key identifier: DD:81:73:3C:41:A2:1E:77:59:99:9F:DE:57:52:9B:27:84:B5:AE:26
Certificate issuer: /CN=b55800300fa4017f970c95d767d812fd10d0dcbc
Certificate serial: 019425FD39C4D5DEAB541D1C8046D58195AC
Authority key identifier: B5:58:00:30:0F:A4:01:7F:97:0C:95:D7:67:D8:12:FD:10:D0:DC:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/3YFzPEGiHndZmZ_eV1KbJ4S1riY.roa
Signing time: Thu 02 Jan 2025 07:48:59 +0000
ROA not before: Thu 02 Jan 2025 07:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203
IP address blocks: 95.130.110.0/24 maxlen: 24
195.93.196.0/24 maxlen: 24
195.93.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:39:c4:d5:de:ab:54:1d:1c:80:46:d5:81:95:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55800300fa4017f970c95d767d812fd10d0dcbc
Validity
Not Before: Jan 2 07:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd81733c41a21e7759999fde57529b2784b5ae26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:c6:83:fa:44:03:6f:84:57:53:4b:5a:fc:
95:04:ba:39:db:34:e4:53:22:7a:49:47:41:fe:b5:
ba:28:a5:c3:27:5c:4d:56:29:aa:2b:12:1a:74:47:
c5:16:ad:57:72:21:e8:f7:a4:41:30:be:2b:c8:7b:
aa:ec:a7:34:fb:75:81:2c:f6:3e:a2:9e:53:b3:c7:
d7:0d:a0:fa:42:6d:33:60:b2:da:17:01:b4:bd:b0:
1b:37:3a:b1:a5:df:a4:0b:ea:b0:54:58:b7:ed:7e:
66:7c:b6:21:c6:94:08:f1:2d:4d:d3:37:83:c5:40:
66:2a:26:76:a6:78:49:94:81:34:03:ba:1e:4f:ab:
f4:2f:62:85:86:b7:37:7e:63:bb:f8:15:8f:e7:78:
24:7f:4b:32:f9:1a:8b:28:74:b1:01:16:24:3c:5f:
66:32:78:af:24:18:db:d4:b4:fc:b0:d0:2a:93:2e:
59:6f:56:02:f7:2a:2b:5c:50:11:e7:d5:c7:91:4a:
48:45:91:04:0c:b1:27:98:fe:f9:3e:ce:f3:e6:45:
6b:a7:08:7c:e0:71:2d:59:f0:7a:61:97:91:02:21:
f2:9d:6e:f2:af:3d:4d:cb:6a:f8:d8:ae:e3:fe:4f:
a5:0b:98:88:fe:d3:33:66:54:bc:39:5e:66:9b:c5:
61:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:81:73:3C:41:A2:1E:77:59:99:9F:DE:57:52:9B:27:84:B5:AE:26
X509v3 Authority Key Identifier:
keyid:B5:58:00:30:0F:A4:01:7F:97:0C:95:D7:67:D8:12:FD:10:D0:DC:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/3YFzPEGiHndZmZ_eV1KbJ4S1riY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.110.0/24
195.93.196.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:4f:70:74:fc:6f:85:ee:c1:fc:a6:fe:60:69:f8:f9:c3:fa:
02:4f:f4:5c:1f:cf:eb:43:15:0f:fd:b7:f3:29:99:c7:40:4f:
fa:a6:fb:4a:a7:3e:b3:36:9d:19:c3:8c:11:ba:ee:89:09:92:
da:a3:b2:ea:bb:71:6a:9a:0e:c7:ec:38:0c:b0:38:36:13:69:
7a:c1:6a:be:ff:c6:fd:3b:aa:e5:6b:4e:01:d6:30:42:29:b5:
83:92:cc:46:af:35:da:01:03:a7:fb:f0:bd:c5:6b:5a:d9:6b:
49:46:a3:01:a5:4d:a6:a4:ad:86:44:e8:70:e4:25:80:5f:6b:
90:4b:2a:a7:d3:e5:24:56:71:37:9c:b4:51:fd:6e:e6:8c:80:
93:ae:8b:59:32:3e:e5:f3:10:75:17:05:44:54:e4:54:73:fc:
90:e6:2d:19:d2:b1:b2:09:68:29:cd:67:db:f4:67:df:77:20:
38:3b:7d:c4:49:b1:a0:88:15:4f:6b:4c:96:51:f3:1f:c9:1c:
ef:7c:05:4b:a9:5b:2a:66:c3:f2:76:b3:3b:d6:b4:1a:a8:61:
03:07:a3:e7:13:7a:07:72:42:61:70:ad:72:3c:6d:3a:42:fc:
7f:fd:62:a9:ee:75:7c:2d:76:5f:c1:9c:87:2c:1c:3e:a0:df:
69:c8:a9:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/TnE1d6rVB0cgEbVgZWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTgwMDMwMGZhNDAxN2Y5NzBjOTVkNzY3ZDgxMmZkMTBk
MGRjYmMwHhcNMjUwMTAyMDc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDgxNzMzYzQxYTIxZTc3NTk5OTlmZGU1NzUyOWIyNzg0YjVhZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs33Gg/pEA2+EV1NLWvyVBLo52zTk
UyJ6SUdB/rW6KKXDJ1xNVimqKxIadEfFFq1XciHo96RBML4ryHuq7Kc0+3WBLPY+
op5Ts8fXDaD6Qm0zYLLaFwG0vbAbNzqxpd+kC+qwVFi37X5mfLYhxpQI8S1N0zeD
xUBmKiZ2pnhJlIE0A7oeT6v0L2KFhrc3fmO7+BWP53gkf0sy+RqLKHSxARYkPF9m
MnivJBjb1LT8sNAqky5Zb1YC9yorXFAR59XHkUpIRZEEDLEnmP75Ps7z5kVrpwh8
4HEtWfB6YZeRAiHynW7yrz1Ny2r42K7j/k+lC5iI/tMzZlS8OV5mm8VhfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2BczxBoh53WZmf3ldSmyeEta4mMB8GA1UdIwQY
MBaAFLVYADAPpAF/lwyV12fYEv0Q0Ny8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZnQU1BLWtBWC1YREpYWFo5Z1NfUkRRM0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84YTg0ODctOTMxYS00MmZiLWI2NjQt
YzUyZGY0YWE1MjFkLzEvM1lGelBFR2lIbmRabVpfZVYxS2JKNFMxcmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84YTg0ODctOTMxYS00MmZiLWI2NjQtYzUyZGY0YWE1MjFk
LzEvdFZnQU1BLWtBWC1YREpYWFo5Z1NfUkRRM0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX4JuAwQB
w13EMA0GCSqGSIb3DQEBCwUAA4IBAQC0T3B0/G+F7sH8pv5gafj5w/oCT/RcH8/r
QxUP/bfzKZnHQE/6pvtKpz6zNp0Zw4wRuu6JCZLao7Lqu3Fqmg7H7DgMsDg2E2l6
wWq+/8b9O6rla04B1jBCKbWDksxGrzXaAQOn+/C9xWta2WtJRqMBpU2mpK2GROhw
5CWAX2uQSyqn0+UkVnE3nLRR/W7mjICTrotZMj7l8xB1FwVEVORUc/yQ5i0Z0rGy
CWgpzWfb9GffdyA4O33ESbGgiBVPa0yWUfMfyRzvfAVLqVsqZsPydrM71rQaqGED
B6PnE3oHckJhcK1yPG06Qvx//WKp7nV8LXZfwZyHLBw+oN9pyKks
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:43:58 2025 by rpki-client