Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/L3japBVNpBh3MS3O6cGKRK0Np9I.roa
File: L3japBVNpBh3MS3O6cGKRK0Np9I.roa (raw, json)
Hash identifier: TTq0YoL58wEAWKm8Mf/3aldn22xGhOKXxygyNCaKTWE=
Subject key identifier: 2F:78:DA:A4:15:4D:A4:18:77:31:2D:CE:E9:C1:8A:44:AD:0D:A7:D2
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCA64F54674672268160AF0F7B274A
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/L3japBVNpBh3MS3O6cGKRK0Np9I.roa
Signing time: Thu 02 Jan 2025 07:48:22 +0000
ROA not before: Thu 02 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24723
IP address blocks: 46.229.158.0/23 maxlen: 23
46.229.158.0/24 maxlen: 24
46.229.159.0/24 maxlen: 24
77.79.198.0/24 maxlen: 24
77.79.255.0/24 maxlen: 24
85.232.240.0/24 maxlen: 24
85.232.243.0/24 maxlen: 24
195.238.184.0/22 maxlen: 22
206.252.228.0/23 maxlen: 23
206.252.230.0/24 maxlen: 24
206.252.236.0/22 maxlen: 22
206.252.252.0/22 maxlen: 22
206.252.253.0/24 maxlen: 24
2001:1a68:3::/48 maxlen: 48
2001:1a68:2c::/48 maxlen: 48
2001:1a68:34::/48 maxlen: 48
2001:1a68:37::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:a6:4f:54:67:46:72:26:81:60:af:0f:7b:27:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f78daa4154da41877312dcee9c18a44ad0da7d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:ce:f5:70:57:2a:e5:48:b4:1e:82:0a:59:
6d:d6:b9:6d:a4:16:f0:98:a1:cf:02:3d:5b:3c:01:
4c:a7:f6:68:ba:a3:ab:44:5a:9f:8a:39:28:cb:84:
e3:cb:76:0d:30:f7:9e:ca:86:8e:24:f0:5d:1f:11:
e5:cf:71:81:47:79:9e:3b:7b:78:3d:d7:27:23:17:
da:6d:c3:bb:ad:8c:ce:d3:3c:79:40:4a:95:c6:bb:
d1:ca:02:93:38:9e:77:ba:bc:65:e5:87:ce:3d:8c:
fa:0b:fd:37:fc:c5:a2:10:ac:ce:87:62:ba:97:f3:
e2:ee:25:f0:97:d6:17:9e:86:c6:1b:79:67:c1:16:
08:07:4a:46:c2:64:16:61:45:08:44:a2:b0:54:00:
55:5f:86:be:ee:e3:bc:57:85:0b:fc:5a:3d:4e:f6:
a3:67:76:e9:a7:da:c8:24:19:58:3f:6b:5e:84:37:
de:78:4a:7c:f9:5a:1d:9e:83:db:21:ed:ec:3f:26:
b2:a9:cf:a0:13:cd:d3:2d:2e:9d:e2:20:de:dd:95:
f5:6b:6c:d2:96:bd:45:22:b0:1e:c8:a9:d2:f2:9d:
b3:c4:88:a2:0d:f1:59:72:05:b9:6a:23:69:29:97:
12:6d:08:4e:b7:6a:57:fe:94:d7:3f:d2:b6:55:5d:
7c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:78:DA:A4:15:4D:A4:18:77:31:2D:CE:E9:C1:8A:44:AD:0D:A7:D2
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/L3japBVNpBh3MS3O6cGKRK0Np9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.158.0/23
77.79.198.0/24
77.79.255.0/24
85.232.240.0/24
85.232.243.0/24
195.238.184.0/22
206.252.228.0-206.252.230.255
206.252.236.0/22
206.252.252.0/22
IPv6:
2001:1a68:3::/48
2001:1a68:2c::/48
2001:1a68:34::/48
2001:1a68:37::/48
Signature Algorithm: sha256WithRSAEncryption
ad:0f:cf:30:7f:1d:2f:9d:6b:d5:12:03:0c:3c:36:d0:3e:ca:
75:6e:ab:12:d9:20:53:bc:0d:4a:da:1e:0a:ea:fb:81:a8:95:
f0:b4:5e:42:21:67:32:ad:5d:fb:bb:c1:a7:b8:04:bd:c3:52:
37:91:0d:f0:bc:39:4a:dc:75:05:bb:a0:2f:85:f7:62:25:37:
76:31:b8:e8:c9:69:38:a6:68:4f:ec:82:ad:85:c6:75:57:c9:
20:65:9a:5f:ac:88:73:2d:04:c4:1b:84:3f:d9:a8:2c:1b:fe:
25:fe:42:cd:86:16:00:a6:4c:75:35:b0:13:34:b3:e6:4a:0f:
5f:19:3d:28:1b:59:7f:f1:07:02:3d:8a:3d:09:e4:58:72:73:
83:66:30:11:b5:7d:76:92:04:1b:2c:98:52:6d:1d:3c:ce:df:
d8:f1:d6:74:5b:99:5c:16:26:d3:76:5b:12:97:d5:71:1b:b8:
92:2c:ab:ea:ea:dd:d6:1d:e4:ad:61:68:4c:81:dc:92:5d:d6:
4d:39:4e:85:5e:9d:e5:00:78:84:d5:83:47:f8:02:d8:9a:74:
4f:d9:a0:74:82:65:3f:fc:41:0a:e8:cb:54:1c:5a:86:3c:ea:
60:69:99:e3:58:ed:d5:4f:4f:13:a5:2d:d4:50:8e:1a:60:c4:
59:3c:60:09
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZQl/KZPVGdGciaBYK8PeydKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjc4ZGFhNDE1NGRhNDE4NzczMTJkY2VlOWMxOGE0NGFkMGRhN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppLO9XBXKuVItB6CCllt1rltpBbw
mKHPAj1bPAFMp/ZouqOrRFqfijkoy4Tjy3YNMPeeyoaOJPBdHxHlz3GBR3meO3t4
PdcnIxfabcO7rYzO0zx5QEqVxrvRygKTOJ53urxl5YfOPYz6C/03/MWiEKzOh2K6
l/Pi7iXwl9YXnobGG3lnwRYIB0pGwmQWYUUIRKKwVABVX4a+7uO8V4UL/Fo9Tvaj
Z3bpp9rIJBlYP2tehDfeeEp8+VodnoPbIe3sPyayqc+gE83TLS6d4iDe3ZX1a2zS
lr1FIrAeyKnS8p2zxIiiDfFZcgW5aiNpKZcSbQhOt2pX/pTXP9K2VV18NQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFC942qQVTaQYdzEtzunBikStDafSMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvTDNqYXBCVk5wQmgzTVMzTzZjR0tSSzBOcDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwRAQCAAEwPgMEAS7lngME
AE1PxgMEAE1P/wMEAFXo8AMEAFXo8wMEAsPuuDAMAwQCzvzkAwQAzvzmAwQCzvzs
AwQCzvz8MCoEAgACMCQDBwAgARpoAAMDBwAgARpoACwDBwAgARpoADQDBwAgARpo
ADcwDQYJKoZIhvcNAQELBQADggEBAK0PzzB/HS+da9USAww8NtA+ynVuqxLZIFO8
DUraHgrq+4GolfC0XkIhZzKtXfu7wae4BL3DUjeRDfC8OUrcdQW7oC+F92IlN3Yx
uOjJaTimaE/sgq2FxnVXySBlml+siHMtBMQbhD/ZqCwb/iX+Qs2GFgCmTHU1sBM0
s+ZKD18ZPSgbWX/xBwI9ij0J5Fhyc4NmMBG1fXaSBBssmFJtHTzO39jx1nRbmVwW
JtN2WxKX1XEbuJIsq+rq3dYd5K1haEyB3JJd1k05ToVeneUAeITVg0f4AtiadE/Z
oHSCZT/8QQroy1QcWoY86mBpmeNY7dVPTxOlLdRQjhpgxFk8YAk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:06 2025 by rpki-client