Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/3xjGI42bQNLx70HTJ7kXgEwsSsw.roa
File: 3xjGI42bQNLx70HTJ7kXgEwsSsw.roa (raw, json)
Hash identifier: GpJV9iaqS5V9Mqcyg97TbadTb1FKNWn4xyXU6QZ9kGs=
Subject key identifier: DF:18:C6:23:8D:9B:40:D2:F1:EF:41:D3:27:B9:17:80:4C:2C:4A:CC
Certificate issuer: /CN=1c766b058c096753a34ad625d53275cd2dba5b33
Certificate serial: 019426D9D8BF6B2AFA142BA1B8101A1C5FC1
Authority key identifier: 1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/3xjGI42bQNLx70HTJ7kXgEwsSsw.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51431
IP address blocks: 185.171.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 12:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d8:bf:6b:2a:fa:14:2b:a1:b8:10:1a:1c:5f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c766b058c096753a34ad625d53275cd2dba5b33
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df18c6238d9b40d2f1ef41d327b917804c2c4acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:35:e4:e2:90:9b:af:d4:3a:13:89:ca:0a:a7:
71:c1:98:a6:e7:de:63:34:0d:8b:be:e9:be:b6:0d:
e7:5d:b3:00:20:a7:04:60:78:8a:d5:b7:29:2d:1e:
d8:84:07:69:7a:33:4d:10:ca:37:31:19:41:39:73:
b0:6f:b4:e7:74:0e:db:92:4c:23:8a:52:46:a1:bf:
1a:d1:e8:70:5d:5e:df:cf:69:bb:65:5a:41:3f:33:
e7:33:c2:e4:55:33:94:21:91:39:17:3f:76:49:9b:
f5:e8:3f:84:96:72:9c:4f:a3:5a:1a:14:04:7b:77:
e4:e6:c2:9b:f5:25:d8:d5:79:1b:70:a4:4d:47:25:
e8:49:f0:15:98:49:56:63:32:89:45:41:26:ad:bb:
6f:3f:ff:51:30:d8:46:d5:14:ab:10:7a:d6:0b:71:
9b:f7:53:2c:49:23:31:d0:b8:ed:01:54:e0:c2:fa:
b2:e8:3c:0a:9c:48:a5:68:e3:da:e1:62:cb:61:1d:
0b:a9:f8:ed:08:7b:93:cb:a7:40:c0:af:8e:9d:60:
22:5e:2d:c2:f4:c4:42:36:25:04:51:a7:0c:91:6d:
9f:f8:bb:a5:9e:ed:ca:54:1a:fc:ff:01:58:83:99:
91:7d:22:89:48:ee:c2:b8:26:b9:cf:57:a4:a8:60:
6e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:18:C6:23:8D:9B:40:D2:F1:EF:41:D3:27:B9:17:80:4C:2C:4A:CC
X509v3 Authority Key Identifier:
keyid:1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/3xjGI42bQNLx70HTJ7kXgEwsSsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.53.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:9c:e5:bb:a3:87:f5:ce:29:0a:60:31:4a:c4:8a:94:05:39:
72:f7:a1:24:3c:6f:54:01:85:33:4c:d0:99:eb:67:51:04:b9:
6d:3d:f2:f3:ef:db:d5:56:a8:3f:5f:91:bb:54:1c:50:6f:fc:
07:51:b5:11:85:ce:9b:98:94:be:a3:fd:79:48:9c:45:ae:24:
92:3f:3f:ba:91:a8:6d:99:e6:e9:41:50:85:e0:00:ef:7c:9d:
ac:ec:92:40:1c:2d:ec:4d:28:f7:b4:29:b6:0b:54:7b:a2:be:
60:04:23:64:81:cc:c0:11:25:81:02:f5:c0:91:f9:26:e6:67:
99:ef:9e:65:61:0a:f9:c6:1c:3a:9f:72:78:a3:0e:a0:cf:a5:
b8:30:33:f8:57:26:4e:17:04:27:f1:bb:fc:80:fa:5f:73:13:
83:6b:09:c1:48:69:14:71:18:28:b3:7a:88:f5:c5:b9:5e:15:
2b:87:e5:66:9c:3d:a4:de:68:a4:ea:0e:f8:b8:89:0b:20:5e:
7b:2f:14:cd:eb:9d:f3:c5:b4:67:00:42:3a:d5:dd:33:45:32:
75:56:64:ae:11:ff:73:38:92:47:a5:26:ba:58:4b:d3:8a:a9:
77:3e:6a:bf:3e:5d:12:8b:07:ec:3c:fc:fb:05:9b:3a:b2:f9:
f0:03:f1:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2di/ayr6FCuhuBAaHF/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzY2YjA1OGMwOTY3NTNhMzRhZDYyNWQ1MzI3NWNkMmRi
YTViMzMwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE4YzYyMzhkOWI0MGQyZjFlZjQxZDMyN2I5MTc4MDRjMmM0YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzXk4pCbr9Q6E4nKCqdxwZim595j
NA2Lvum+tg3nXbMAIKcEYHiK1bcpLR7YhAdpejNNEMo3MRlBOXOwb7TndA7bkkwj
ilJGob8a0ehwXV7fz2m7ZVpBPzPnM8LkVTOUIZE5Fz92SZv16D+ElnKcT6NaGhQE
e3fk5sKb9SXY1XkbcKRNRyXoSfAVmElWYzKJRUEmrbtvP/9RMNhG1RSrEHrWC3Gb
91MsSSMx0LjtAVTgwvqy6DwKnEilaOPa4WLLYR0LqfjtCHuTy6dAwK+OnWAiXi3C
9MRCNiUEUacMkW2f+Lulnu3KVBr8/wFYg5mRfSKJSO7CuCa5z1ekqGBuPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8YxiONm0DS8e9B0ye5F4BMLErMMB8GA1UdIwQY
MBaAFBx2awWMCWdTo0rWJdUydc0tulszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzIt
ODE5MTdkZmZkY2Q3LzEvM3hqR0k0MmJRTkx4NzBIVEo3a1hnRXdzU3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzItODE5MTdkZmZkY2Q3
LzEvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuas1MA0G
CSqGSIb3DQEBCwUAA4IBAQAanOW7o4f1zikKYDFKxIqUBTly96EkPG9UAYUzTNCZ
62dRBLltPfLz79vVVqg/X5G7VBxQb/wHUbURhc6bmJS+o/15SJxFriSSPz+6kaht
mebpQVCF4ADvfJ2s7JJAHC3sTSj3tCm2C1R7or5gBCNkgczAESWBAvXAkfkm5meZ
755lYQr5xhw6n3J4ow6gz6W4MDP4VyZOFwQn8bv8gPpfcxODawnBSGkUcRgos3qI
9cW5XhUrh+VmnD2k3mik6g74uIkLIF57LxTN653zxbRnAEI61d0zRTJ1VmSuEf9z
OJJHpSa6WEvTiql3Pmq/Pl0SiwfsPPz7BZs6svnwA/Fz
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:16 2025 by rpki-client