Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/3tVWAqpuhZmIvirALPURMbWbRUo.roa
File: 3tVWAqpuhZmIvirALPURMbWbRUo.roa (raw, json)
Hash identifier: 8vZgncUoPoI0S65ff9n3cIU9sKbrNMXpH1mUnl/CdOM=
Subject key identifier: DE:D5:56:02:AA:6E:85:99:88:BE:2A:C0:2C:F5:11:31:B5:9B:45:4A
Certificate issuer: /CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Certificate serial: 019424449238692FE74280DF4723DD332073
Authority key identifier: 2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/3tVWAqpuhZmIvirALPURMbWbRUo.roa
Signing time: Wed 01 Jan 2025 23:47:41 +0000
ROA not before: Wed 01 Jan 2025 23:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14080
IP address blocks: 185.107.198.0/24 maxlen: 24
2a06:45c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:92:38:69:2f:e7:42:80:df:47:23:dd:33:20:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Validity
Not Before: Jan 1 23:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ded55602aa6e859988be2ac02cf51131b59b454a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:df:49:c8:70:3e:60:c1:4c:7b:6c:5c:6a:d7:
af:34:37:8a:93:2b:50:76:35:f8:cd:82:19:d1:54:
c8:cd:ad:d9:7c:73:f5:51:b6:4e:9d:77:8c:53:40:
5f:5d:8f:8e:8b:58:b7:ca:6f:fe:de:e9:ef:6e:6f:
c3:83:97:c9:85:2e:6c:ea:e9:40:e8:4a:ea:29:e7:
0e:3b:40:b4:43:fc:2d:85:40:05:1b:fd:ae:12:79:
e7:7c:c6:41:3a:c6:c4:97:7c:da:cd:73:74:81:a5:
c2:69:05:e4:76:35:e4:da:74:23:cf:04:07:c8:8e:
32:b9:c2:d1:e7:53:77:36:37:ee:e8:1a:c1:e1:97:
f8:8c:3c:34:91:f3:8e:49:6d:af:6f:6b:84:82:92:
56:1c:74:00:2e:ee:4c:aa:47:98:26:e8:06:d3:3d:
f0:36:fe:75:22:1c:13:cc:21:40:6d:1a:05:2c:fe:
07:40:4e:49:80:a0:3e:02:a0:ab:c6:74:be:07:5a:
f5:b5:2d:0c:8a:4c:75:b5:77:26:ca:f9:e8:57:a9:
8b:5f:0c:cf:90:d9:f1:1c:94:be:1c:b7:89:27:ab:
91:1d:b7:ea:08:ca:9a:bb:dc:2e:66:57:e9:28:9b:
51:84:33:38:25:56:08:a9:67:ed:e0:ec:f3:bf:13:
36:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D5:56:02:AA:6E:85:99:88:BE:2A:C0:2C:F5:11:31:B5:9B:45:4A
X509v3 Authority Key Identifier:
keyid:2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/3tVWAqpuhZmIvirALPURMbWbRUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.198.0/24
IPv6:
2a06:45c1::/32
Signature Algorithm: sha256WithRSAEncryption
01:e0:b4:34:58:d3:f0:b1:61:a5:3a:7b:b4:17:30:cd:6e:f7:
48:a7:e5:ee:13:65:76:60:e6:ad:29:a8:44:8a:b1:79:36:e2:
9b:1d:b1:4f:8a:56:a6:ad:a2:5c:4f:13:c5:2b:29:ce:ac:b2:
0f:12:3f:df:dd:8a:f7:49:5b:69:ff:b7:d3:2d:e5:ba:82:c4:
a5:c7:5f:5f:76:5a:fb:12:c2:c2:cf:43:a4:9d:11:4d:a4:74:
e2:8b:1f:df:06:ec:5d:41:b8:f9:3c:1c:04:77:e0:e3:b3:d4:
a6:12:87:4b:ec:e1:81:96:d1:b1:42:11:2f:ff:17:11:6f:65:
b7:72:3d:50:d9:d4:f9:30:9c:ba:ee:b7:bf:fb:15:5b:c7:90:
e6:54:f1:3a:19:2b:11:72:46:30:50:61:ca:c6:b8:74:d1:6a:
4d:10:8d:e4:2b:78:19:71:bb:96:45:e0:c1:83:16:c1:0e:c4:
47:fd:76:61:95:ae:57:26:14:bc:64:e1:75:b6:c6:f5:bc:c4:
4c:75:45:24:61:5f:f3:bb:ff:eb:12:a0:e1:e7:50:27:24:ac:
92:a6:66:aa:58:8e:c5:36:82:c2:fe:7a:50:82:e4:f4:46:8f:
af:bd:4f:50:bf:c3:47:17:b9:b5:2e:57:13:0d:47:2a:c0:44:
06:d6:f3:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRJI4aS/nQoDfRyPdMyBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjM3YzVhZmZlOTM1NDNhZTJmZTZlMWZmZWQxODIzOTZl
YjliYjMwHhcNMjUwMTAxMjM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ1NTYwMmFhNmU4NTk5ODhiZTJhYzAyY2Y1MTEzMWI1OWI0NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1d9JyHA+YMFMe2xcatevNDeKkytQ
djX4zYIZ0VTIza3ZfHP1UbZOnXeMU0BfXY+Oi1i3ym/+3unvbm/Dg5fJhS5s6ulA
6ErqKecOO0C0Q/wthUAFG/2uEnnnfMZBOsbEl3zazXN0gaXCaQXkdjXk2nQjzwQH
yI4yucLR51N3Njfu6BrB4Zf4jDw0kfOOSW2vb2uEgpJWHHQALu5MqkeYJugG0z3w
Nv51IhwTzCFAbRoFLP4HQE5JgKA+AqCrxnS+B1r1tS0Mikx1tXcmyvnoV6mLXwzP
kNnxHJS+HLeJJ6uRHbfqCMqau9wuZlfpKJtRhDM4JVYIqWft4OzzvxM22QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN7VVgKqboWZiL4qwCz1ETG1m0VKMB8GA1UdIwQY
MBaAFCsjfFr/6TVDri/m4f/tGCOW65uzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEt
MTQ3MDJhNGQyNjYwLzEvM3RWV0FxcHVoWm1JdmlyQUxQVVJNYldiUlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEtMTQ3MDJhNGQyNjYw
LzEvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWvGMA0E
AgACMAcDBQAqBkXBMA0GCSqGSIb3DQEBCwUAA4IBAQAB4LQ0WNPwsWGlOnu0FzDN
bvdIp+XuE2V2YOatKahEirF5NuKbHbFPilamraJcTxPFKynOrLIPEj/f3Yr3SVtp
/7fTLeW6gsSlx19fdlr7EsLCz0OknRFNpHTiix/fBuxdQbj5PBwEd+Djs9SmEodL
7OGBltGxQhEv/xcRb2W3cj1Q2dT5MJy67re/+xVbx5DmVPE6GSsRckYwUGHKxrh0
0WpNEI3kK3gZcbuWReDBgxbBDsRH/XZhla5XJhS8ZOF1tsb1vMRMdUUkYV/zu//r
EqDh51AnJKySpmaqWI7FNoLC/npQguT0Ro+vvU9Qv8NHF7m1LlcTDUcqwEQG1vNe
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:55:53 2025 by rpki-client