Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/3fVp55RM8WJ-CAkYXQzPen4QsPU.roa
File: 3fVp55RM8WJ-CAkYXQzPen4QsPU.roa (raw, json)
Hash identifier: GhSbT3tbIT6J4s8weD/xKmKS+sqFk4JjUnduge7t9L0=
Subject key identifier: DD:F5:69:E7:94:4C:F1:62:7E:08:09:18:5D:0C:CF:7A:7E:10:B0:F5
Certificate issuer: /CN=77a350d9fe4e9f90ff3e84e2f960cb5dc3d6cee1
Certificate serial: 019426D8C969BA28D88A6D72D00B4FEE7B76
Authority key identifier: 77:A3:50:D9:FE:4E:9F:90:FF:3E:84:E2:F9:60:CB:5D:C3:D6:CE:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/3fVp55RM8WJ-CAkYXQzPen4QsPU.roa
Signing time: Thu 02 Jan 2025 11:48:49 +0000
ROA not before: Thu 02 Jan 2025 11:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 193.5.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.mft
rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:c9:69:ba:28:d8:8a:6d:72:d0:0b:4f:ee:7b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77a350d9fe4e9f90ff3e84e2f960cb5dc3d6cee1
Validity
Not Before: Jan 2 11:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddf569e7944cf1627e0809185d0ccf7a7e10b0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d1:20:24:cc:62:f7:eb:6a:62:a3:cb:fb:2f:
9d:4e:2b:21:04:da:ab:3b:16:c7:9c:8c:42:7f:ee:
21:59:e9:4d:ab:24:c1:c8:b0:29:85:fa:15:e3:aa:
3d:21:83:a5:be:e9:24:5c:8c:30:16:f5:4e:9b:f9:
95:7d:cb:e3:b6:af:78:2c:33:53:36:57:6d:d3:e1:
27:96:45:79:22:51:5a:01:e2:6c:ff:85:ad:dd:4c:
da:f2:5c:0f:ad:46:a1:29:8e:41:df:d2:1b:8f:7c:
0b:de:26:63:69:e5:d0:e3:73:be:b6:42:32:aa:1e:
84:86:2b:2d:a9:2d:6b:45:3e:bc:41:61:c5:72:85:
0e:38:00:6b:32:a1:00:7c:8c:e9:42:47:9f:8e:f6:
ab:87:9c:fd:62:fa:af:4d:af:7b:5f:04:d5:56:01:
94:92:18:ee:93:de:a9:01:a9:2e:04:9f:af:4c:6f:
b6:7a:b7:9a:4e:ec:e6:f2:4f:8b:3f:3f:fd:a8:9e:
e1:48:82:90:fb:bf:59:1d:73:46:3a:73:03:c7:17:
e1:99:9d:09:58:23:d1:ff:17:c9:0b:78:b6:66:79:
db:7f:a4:9c:91:94:74:4b:77:30:88:5b:58:8e:b5:
78:96:b8:71:af:05:0d:ef:d5:1b:7a:4d:eb:54:7b:
f6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F5:69:E7:94:4C:F1:62:7E:08:09:18:5D:0C:CF:7A:7E:10:B0:F5
X509v3 Authority Key Identifier:
keyid:77:A3:50:D9:FE:4E:9F:90:FF:3E:84:E2:F9:60:CB:5D:C3:D6:CE:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6NQ2f5On5D_PoTi-WDLXcPWzuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/3fVp55RM8WJ-CAkYXQzPen4QsPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8bc44b-5d5a-4b54-ab91-da1c515e5b29/1/d6NQ2f5On5D_PoTi-WDLXcPWzuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.254.0/24
Signature Algorithm: sha256WithRSAEncryption
77:55:98:a4:64:67:c1:f2:0b:7f:33:b6:cc:fe:94:a7:5d:86:
2a:ed:07:18:13:68:fc:a3:56:c6:81:fe:ef:f2:2f:fe:19:c6:
ea:6e:99:fc:8b:a7:87:ec:a7:56:6b:ea:09:3c:e1:e6:05:a1:
f8:91:45:76:9d:dc:64:d1:1a:52:76:93:8c:bd:56:5a:43:f3:
c5:6f:05:e0:b5:98:c1:cf:a4:f0:ef:f5:39:7b:60:f5:02:d4:
52:c0:75:fa:97:3a:56:7b:db:78:46:bc:c4:e4:ac:3c:29:64:
79:72:9f:15:31:dc:aa:45:21:9a:7e:c1:d5:8f:18:ed:b0:fa:
dc:17:46:ef:8d:21:81:2b:24:17:f9:0a:77:1a:b9:4a:a8:d1:
2b:f0:21:96:e0:4d:ae:9d:fe:56:c7:94:53:44:b2:db:53:09:
dc:32:02:f7:b5:46:fe:ca:94:49:1a:66:30:38:23:5b:e4:23:
0c:e1:3c:e6:d1:50:ef:fc:f7:9e:b2:14:1f:38:fd:6a:10:bf:
53:d3:fa:55:bb:d9:ff:2a:87:c5:63:13:44:bb:08:ad:fe:59:
12:ec:0d:5e:92:13:69:f2:0e:20:25:89:55:3e:cc:21:17:7d:
b6:47:ff:26:a2:5c:c0:19:b7:f2:e1:1c:f5:53:64:ff:5b:8c:
5e:66:f4:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2MlpuijYim1y0AtP7nt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YTM1MGQ5ZmU0ZTlmOTBmZjNlODRlMmY5NjBjYjVkYzNk
NmNlZTEwHhcNMjUwMTAyMTE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY1NjllNzk0NGNmMTYyN2UwODA5MTg1ZDBjY2Y3YTdlMTBiMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNEgJMxi9+tqYqPL+y+dTishBNqr
OxbHnIxCf+4hWelNqyTByLAphfoV46o9IYOlvukkXIwwFvVOm/mVfcvjtq94LDNT
Nldt0+EnlkV5IlFaAeJs/4Wt3Uza8lwPrUahKY5B39Ibj3wL3iZjaeXQ43O+tkIy
qh6EhistqS1rRT68QWHFcoUOOABrMqEAfIzpQkefjvarh5z9YvqvTa97XwTVVgGU
khjuk96pAakuBJ+vTG+2ereaTuzm8k+LPz/9qJ7hSIKQ+79ZHXNGOnMDxxfhmZ0J
WCPR/xfJC3i2Znnbf6SckZR0S3cwiFtYjrV4lrhxrwUN79Ubek3rVHv2lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN31aeeUTPFifggJGF0Mz3p+ELD1MB8GA1UdIwQY
MBaAFHejUNn+Tp+Q/z6E4vlgy13D1s7hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDZOUTJmNU9uNURfUG9UaS1XRExYY1BXenVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84YmM0NGItNWQ1YS00YjU0LWFiOTEt
ZGExYzUxNWU1YjI5LzEvM2ZWcDU1Uk04V0otQ0FrWVhRelBlbjRRc1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84YmM0NGItNWQ1YS00YjU0LWFiOTEtZGExYzUxNWU1YjI5
LzEvZDZOUTJmNU9uNURfUG9UaS1XRExYY1BXenVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQX+MA0G
CSqGSIb3DQEBCwUAA4IBAQB3VZikZGfB8gt/M7bM/pSnXYYq7QcYE2j8o1bGgf7v
8i/+Gcbqbpn8i6eH7KdWa+oJPOHmBaH4kUV2ndxk0RpSdpOMvVZaQ/PFbwXgtZjB
z6Tw7/U5e2D1AtRSwHX6lzpWe9t4RrzE5Kw8KWR5cp8VMdyqRSGafsHVjxjtsPrc
F0bvjSGBKyQX+Qp3GrlKqNEr8CGW4E2unf5Wx5RTRLLbUwncMgL3tUb+ypRJGmYw
OCNb5CMM4Tzm0VDv/PeeshQfOP1qEL9T0/pVu9n/KofFYxNEuwit/lkS7A1ekhNp
8g4gJYlVPswhF322R/8molzAGbfy4Rz1U2T/W4xeZvS4
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:59:57 2025 by rpki-client