Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/l-3A_U0kAQ3vmUmh9bTUJNpcTDg.roa
File: l-3A_U0kAQ3vmUmh9bTUJNpcTDg.roa (raw, json)
Hash identifier: ENXh/Y0ORruV2ErBZtDraBToWnwThoF+COEbxgKwLXM=
Subject key identifier: 97:ED:C0:FD:4D:24:01:0D:EF:99:49:A1:F5:B4:D4:24:DA:5C:4C:38
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01944B6245CFE399EA69B7DD3F8A7253CCE7
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/l-3A_U0kAQ3vmUmh9bTUJNpcTDg.roa
Signing time: Thu 09 Jan 2025 14:05:19 +0000
ROA not before: Thu 09 Jan 2025 14:05:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 80.244.15.0/24 maxlen: 24
185.244.106.0/24 maxlen: 24
212.46.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:62:45:cf:e3:99:ea:69:b7:dd:3f:8a:72:53:cc:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 9 14:05:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97edc0fd4d24010def9949a1f5b4d424da5c4c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ef:9b:93:84:a6:4a:6a:0b:06:62:ff:90:40:
bc:b8:9b:ee:8b:5c:72:1f:1a:4f:70:80:78:6c:d0:
ff:5a:f8:9b:c4:2a:9f:b2:23:c2:0c:c7:56:54:2f:
74:62:79:11:a1:cc:89:d2:b0:c3:5c:33:d7:e6:3c:
b0:e5:a3:0b:95:4b:cd:ad:b8:08:d9:6a:7c:d4:e5:
03:12:1e:5b:7e:c8:69:ae:e5:a1:54:a7:51:bd:6f:
b8:7a:76:e8:f1:01:11:67:73:e1:26:59:a5:0d:db:
f0:5d:d5:2f:0b:a2:25:d5:8f:bc:3d:06:bf:5e:5d:
55:e3:89:36:f0:ec:68:ff:1e:af:62:b6:7c:98:1b:
b9:eb:9a:f4:3e:77:86:60:28:46:09:e1:4b:10:04:
22:ed:ed:15:d0:70:c6:41:5c:7e:0b:14:72:11:61:
61:4c:97:1d:1e:fa:42:cb:d1:8c:00:63:f8:76:09:
51:ce:5f:e1:f5:d4:bd:00:26:42:e8:a5:d8:1b:6b:
5b:d8:3c:20:e5:bd:7a:e8:b8:0c:73:55:e0:55:a4:
5c:4c:e0:6b:6d:fc:f6:93:aa:77:69:19:f5:83:13:
a1:1c:fc:bb:c1:f2:16:98:85:b7:95:54:44:47:58:
26:11:4b:fe:9b:f4:5d:c7:19:09:74:45:e0:b6:89:
26:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:ED:C0:FD:4D:24:01:0D:EF:99:49:A1:F5:B4:D4:24:DA:5C:4C:38
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/l-3A_U0kAQ3vmUmh9bTUJNpcTDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.15.0/24
185.244.106.0/24
212.46.37.0/24
Signature Algorithm: sha256WithRSAEncryption
23:d4:5d:e0:39:c4:22:37:b3:92:cf:0f:72:60:52:b9:d2:a0:
a5:95:26:93:26:41:15:64:63:fc:55:66:37:b1:cf:8b:c2:5b:
01:dd:6e:f3:d1:92:fd:56:1c:5a:85:ee:0f:36:5e:c0:f4:b8:
e1:37:f5:ca:85:16:49:ff:d9:41:53:06:30:bf:b6:dc:0a:e1:
e0:49:bb:73:9f:9d:5c:bb:5b:bc:ab:de:8d:8f:83:9b:fb:6b:
57:b9:4e:20:8c:97:b5:df:4f:10:48:d9:6f:76:2c:9e:19:47:
ec:4b:7a:d8:2c:d1:03:11:d9:32:85:7b:10:7f:02:8f:ac:ea:
73:f8:73:1f:28:56:d8:e2:47:9d:f2:0a:7a:a6:1e:01:0a:59:
5d:25:17:36:47:71:a3:b8:d3:09:35:e0:1b:b0:3d:e4:3d:36:
a3:07:a0:3c:4c:1a:b0:37:27:ad:f4:bc:4f:44:1a:a8:6b:dc:
40:aa:5a:f9:b2:37:d3:b6:0e:59:60:80:38:eb:15:4a:00:44:
35:8e:28:4a:81:0a:69:52:a6:ba:59:17:f9:04:44:36:7b:b8:
4d:66:1f:78:54:95:ae:91:ed:fa:f4:2c:43:96:89:55:f0:44:
ce:b5:c0:0c:1f:4c:98:6c:b3:ee:9a:6c:72:6e:92:a8:2b:7e:
3d:35:9b:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRLYkXP45nqabfdP4pyU8znMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMTA5MTQwNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VkYzBmZDRkMjQwMTBkZWY5OTQ5YTFmNWI0ZDQyNGRhNWM0YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2e+bk4SmSmoLBmL/kEC8uJvui1xy
HxpPcIB4bND/WvibxCqfsiPCDMdWVC90YnkRocyJ0rDDXDPX5jyw5aMLlUvNrbgI
2Wp81OUDEh5bfshpruWhVKdRvW+4enbo8QERZ3PhJlmlDdvwXdUvC6Il1Y+8PQa/
Xl1V44k28Oxo/x6vYrZ8mBu565r0PneGYChGCeFLEAQi7e0V0HDGQVx+CxRyEWFh
TJcdHvpCy9GMAGP4dglRzl/h9dS9ACZC6KXYG2tb2Dwg5b166LgMc1XgVaRcTOBr
bfz2k6p3aRn1gxOhHPy7wfIWmIW3lVRER1gmEUv+m/RdxxkJdEXgtokmewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJftwP1NJAEN75lJofW01CTaXEw4MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbC0zQV9VMGtBUTN2bVVtaDliVFVKTnBjVERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUPQPAwQA
ufRqAwQA1C4lMA0GCSqGSIb3DQEBCwUAA4IBAQAj1F3gOcQiN7OSzw9yYFK50qCl
lSaTJkEVZGP8VWY3sc+LwlsB3W7z0ZL9Vhxahe4PNl7A9LjhN/XKhRZJ/9lBUwYw
v7bcCuHgSbtzn51cu1u8q96Nj4Ob+2tXuU4gjJe1308QSNlvdiyeGUfsS3rYLNED
EdkyhXsQfwKPrOpz+HMfKFbY4ked8gp6ph4BClldJRc2R3GjuNMJNeAbsD3kPTaj
B6A8TBqwNyet9LxPRBqoa9xAqlr5sjfTtg5ZYIA46xVKAEQ1jihKgQppUqa6WRf5
BEQ2e7hNZh94VJWuke369CxDlolV8ETOtcAMH0yYbLPummxybpKoK349NZus
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:46:16 2025 by rpki-client