Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/3cHkY6M3wghqy0E4fRU4kWGrFkQ.roa
File: 3cHkY6M3wghqy0E4fRU4kWGrFkQ.roa (raw, json)
Hash identifier: PisxdaF0q8E/ZaKxH7iqkdJWp2eWRH5HsNlfuhmL4YA=
Subject key identifier: DD:C1:E4:63:A3:37:C2:08:6A:CB:41:38:7D:15:38:91:61:AB:16:44
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 01951D5E2093E61FDF0F9CF0C1A601448589
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/3cHkY6M3wghqy0E4fRU4kWGrFkQ.roa
Signing time: Wed 19 Feb 2025 08:41:02 +0000
ROA not before: Wed 19 Feb 2025 08:41:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43289
IP address blocks: 103.197.148.0/22 maxlen: 24
178.17.160.0/20 maxlen: 24
178.175.128.0/19 maxlen: 24
178.175.160.0/20 maxlen: 24
193.200.160.0/24 maxlen: 24
2a00:1dc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:5e:20:93:e6:1f:df:0f:9c:f0:c1:a6:01:44:85:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Feb 19 08:41:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddc1e463a337c2086acb41387d15389161ab1644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ac:18:fa:f9:3f:4e:15:b1:54:e0:1b:5e:a4:
62:5c:83:f7:55:02:d4:e3:47:7e:26:13:83:34:b9:
8f:dd:2e:35:6a:f1:89:9a:98:0e:0d:8b:ac:96:3a:
f1:ed:5d:72:2a:83:0b:57:8f:1e:80:bb:b8:c8:33:
6f:b4:62:40:8a:6d:cd:88:cc:2f:fe:51:94:69:f4:
f1:20:8e:ff:8c:aa:81:e8:60:02:e0:0a:5c:45:58:
ad:34:17:40:78:a5:fc:d7:5b:a8:5e:19:d9:c9:89:
49:3f:fa:42:2a:a5:f9:70:35:55:2f:b8:80:d4:94:
88:f5:3f:91:00:20:1d:53:12:12:f9:0c:30:61:e7:
0c:5e:4c:0f:4f:fa:26:a8:48:b7:e7:5f:16:11:c8:
cd:2c:29:87:60:7c:94:62:08:b5:17:15:94:ee:44:
06:21:bb:9c:0e:2d:1c:28:eb:c9:07:ed:34:ce:9f:
4b:66:d3:e7:92:30:c2:73:25:a4:80:87:cd:8e:f9:
e6:f6:50:e6:7a:c2:a2:b7:5a:3a:42:4d:1f:b4:f4:
67:f2:5e:9e:de:e7:a1:77:c3:a1:bc:13:97:b2:94:
c2:e5:9f:38:1e:1a:a8:65:7c:47:67:50:16:ae:6d:
32:81:ee:1d:ec:df:a2:62:ac:62:04:78:32:40:73:
0b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C1:E4:63:A3:37:C2:08:6A:CB:41:38:7D:15:38:91:61:AB:16:44
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/3cHkY6M3wghqy0E4fRU4kWGrFkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.197.148.0/22
178.17.160.0/20
178.175.128.0-178.175.175.255
193.200.160.0/24
IPv6:
2a00:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
63:d1:96:8c:a3:1a:01:0e:a5:0a:0d:ab:ff:e2:1c:a2:d3:47:
cf:6c:cc:6d:dc:9c:a9:19:b3:5f:eb:dc:16:fa:09:97:97:e5:
27:67:4d:82:ec:4b:4e:8e:e7:50:5b:7e:b2:f2:f1:f6:16:48:
c6:76:16:be:1a:94:97:67:8c:1e:7d:c7:82:5a:c9:48:c6:41:
d9:0d:b4:8a:cb:9c:67:0a:0b:28:37:7c:83:96:33:79:29:75:
70:51:69:b0:48:44:72:11:e8:82:c2:ab:13:e9:90:13:0b:3d:
02:99:b6:e1:22:4a:1b:ee:a2:af:37:de:3e:dc:52:3c:15:da:
9d:f7:a5:05:b0:e6:12:b5:b7:ca:55:7d:8b:43:fd:52:82:ad:
d0:2d:23:ea:30:31:d2:5d:00:15:ac:f1:fa:c8:52:fa:95:eb:
db:41:08:75:f4:35:b0:c9:4f:4b:92:cd:7d:0c:bc:c5:fc:9f:
44:01:ba:da:7b:5e:db:9a:30:5e:89:44:c1:2c:6c:41:87:2e:
f1:fc:ed:83:4b:79:65:87:f9:bb:3e:1e:e1:ea:7f:84:9a:f1:
e5:21:4d:12:c6:36:f1:ea:37:8e:88:22:32:1f:35:be:66:f1:
47:66:55:ce:24:49:3b:5d:9c:42:13:0c:57:cf:b9:30:74:7c:
ce:1b:b8:5c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZUdXiCT5h/fD5zwwaYBRIWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjUwMjE5MDg0MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGMxZTQ2M2EzMzdjMjA4NmFjYjQxMzg3ZDE1Mzg5MTYxYWIxNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qwY+vk/ThWxVOAbXqRiXIP3VQLU
40d+JhODNLmP3S41avGJmpgODYusljrx7V1yKoMLV48egLu4yDNvtGJAim3NiMwv
/lGUafTxII7/jKqB6GAC4ApcRVitNBdAeKX811uoXhnZyYlJP/pCKqX5cDVVL7iA
1JSI9T+RACAdUxIS+QwwYecMXkwPT/omqEi3518WEcjNLCmHYHyUYgi1FxWU7kQG
IbucDi0cKOvJB+00zp9LZtPnkjDCcyWkgIfNjvnm9lDmesKit1o6Qk0ftPRn8l6e
3uehd8OhvBOXspTC5Z84HhqoZXxHZ1AWrm0yge4d7N+iYqxiBHgyQHMLSwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFN3B5GOjN8IIastBOH0VOJFhqxZEMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvM2NIa1k2TTN3Z2hxeTBFNGZSVTRrV0dyRmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCZ8WUAwQE
shGgMAwDBAeyr4ADBASyr6ADBADByKAwDQQCAAIwBwMFAyoAHcAwDQYJKoZIhvcN
AQELBQADggEBAGPRloyjGgEOpQoNq//iHKLTR89szG3cnKkZs1/r3Bb6CZeX5Sdn
TYLsS06O51BbfrLy8fYWSMZ2Fr4alJdnjB59x4JayUjGQdkNtIrLnGcKCyg3fIOW
M3kpdXBRabBIRHIR6ILCqxPpkBMLPQKZtuEiShvuoq833j7cUjwV2p33pQWw5hK1
t8pVfYtD/VKCrdAtI+owMdJdABWs8frIUvqV69tBCHX0NbDJT0uSzX0MvMX8n0QB
utp7XtuaMF6JRMEsbEGHLvH87YNLeWWH+bs+HuHqf4Sa8eUhTRLGNvHqN46IIjIf
Nb5m8UdmVc4kSTtdnEITDFfPuTB0fM4buFw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:15:32 2025 by rpki-client