Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/3jPGpewzhpF6QW5c-b9C1ppr_5g.roa
File: 3jPGpewzhpF6QW5c-b9C1ppr_5g.roa (raw, json)
Hash identifier: uzkvFRVtaHZXOuf7oZow92u48Mw81Oun9aBE8Ib4MKs=
Subject key identifier: DE:33:C6:A5:EC:33:86:91:7A:41:6E:5C:F9:BF:42:D6:9A:6B:FF:98
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220486971B86B2B9FA17935955B5433
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/3jPGpewzhpF6QW5c-b9C1ppr_5g.roa
Signing time: Wed 01 Jan 2025 13:48:48 +0000
ROA not before: Wed 01 Jan 2025 13:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212844
IP address blocks: 2a0e:8f02:f008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:48:69:71:b8:6b:2b:9f:a1:79:35:95:5b:54:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de33c6a5ec3386917a416e5cf9bf42d69a6bff98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0a:3a:bd:78:2f:e3:24:80:ba:06:96:3d:df:
a2:69:fb:c9:bd:de:b8:7e:e9:63:3a:18:f0:c9:0a:
05:fa:4a:53:ca:b6:86:d1:54:53:cd:97:13:91:6a:
7d:a0:e2:85:79:26:f2:f5:00:ab:be:6a:73:91:20:
c7:63:f3:bb:10:11:38:2b:eb:00:87:47:41:e7:00:
14:8b:c4:50:52:9f:56:09:fc:32:b8:6d:80:7f:64:
28:f9:af:62:04:78:bf:16:35:33:53:1d:6a:6c:30:
c6:d3:e8:f2:5d:8c:09:32:fe:46:63:c3:e4:ae:6f:
5b:fd:dc:90:1b:1e:e2:0a:f1:47:2c:4c:f7:f9:a2:
50:91:40:33:3a:24:06:c9:e6:39:cc:c8:2e:6c:80:
83:58:0b:1a:c3:15:d4:07:6f:4e:26:e0:66:29:0f:
90:9e:2f:04:40:23:d3:cb:79:c5:d2:07:7d:34:81:
b0:0f:8b:08:93:c0:33:77:d2:45:42:15:0a:1a:de:
e1:53:27:65:85:d1:87:20:ce:78:ab:c5:27:22:bd:
07:c8:3b:3d:4c:0b:6a:c0:ef:7b:47:80:21:3c:d5:
f4:95:f8:07:0b:02:b1:69:c6:3f:27:9f:1e:78:a4:
d4:08:83:53:60:d1:d8:d1:34:7b:74:b9:ee:0e:75:
ff:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:33:C6:A5:EC:33:86:91:7A:41:6E:5C:F9:BF:42:D6:9A:6B:FF:98
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/3jPGpewzhpF6QW5c-b9C1ppr_5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f008::/48
Signature Algorithm: sha256WithRSAEncryption
a2:60:68:7b:7d:9f:b4:5b:1f:5b:29:31:0f:9a:ce:a6:e5:21:
89:62:d5:4e:14:1e:3e:ae:26:89:70:56:4b:26:f8:fd:b0:b2:
e3:f2:7e:6a:d2:1e:e3:e6:23:23:01:bf:c8:34:a1:58:9f:e7:
26:f6:3f:00:85:64:9b:5e:d2:c8:6b:37:1e:7a:13:3e:3e:12:
53:e7:7b:51:6a:7e:76:00:ce:f1:df:a2:10:4e:27:6d:66:10:
0c:21:09:1d:47:02:72:f7:77:7d:ae:bc:4d:7a:2a:53:7d:53:
50:3d:fe:8f:1a:bc:8d:bc:40:9b:14:2c:31:06:c9:27:0c:0e:
f9:49:60:a3:2d:57:d0:42:70:b7:48:57:33:b9:9b:21:fa:7f:
d3:16:4f:c4:a3:57:7b:1c:64:bd:0e:46:f8:67:19:72:c9:5e:
12:e6:2e:85:c4:64:fc:37:e5:44:19:e3:48:11:df:13:ae:3b:
16:7d:1e:59:91:0d:0c:1e:41:5c:9e:1c:7c:0a:df:9c:c2:2f:
85:08:69:16:da:63:15:93:34:a7:32:62:c6:81:5a:03:47:a2:
18:a5:1e:63:75:bf:01:cc:60:65:b4:56:79:d0:af:5a:a5:ca:
f7:84:5e:b3:75:77:85:63:a5:55:33:3d:d9:18:d6:46:9a:bc:
ea:22:52:44
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIEhpcbhrK5+heTWVW1QzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMzYzZhNWVjMzM4NjkxN2E0MTZlNWNmOWJmNDJkNjlhNmJmZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7go6vXgv4ySAugaWPd+iafvJvd64
fuljOhjwyQoF+kpTyraG0VRTzZcTkWp9oOKFeSby9QCrvmpzkSDHY/O7EBE4K+sA
h0dB5wAUi8RQUp9WCfwyuG2Af2Qo+a9iBHi/FjUzUx1qbDDG0+jyXYwJMv5GY8Pk
rm9b/dyQGx7iCvFHLEz3+aJQkUAzOiQGyeY5zMgubICDWAsawxXUB29OJuBmKQ+Q
ni8EQCPTy3nF0gd9NIGwD4sIk8Azd9JFQhUKGt7hUydlhdGHIM54q8UnIr0HyDs9
TAtqwO97R4AhPNX0lfgHCwKxacY/J58eeKTUCINTYNHY0TR7dLnuDnX/tQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN4zxqXsM4aRekFuXPm/Qtaaa/+YMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvM2pQR3Bld3pocEY2UVc1Yy1iOUMxcHByXzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCiYGh7fZ+0Wx9bKTEPms6m5SGJYtVOFB4+riaJ
cFZLJvj9sLLj8n5q0h7j5iMjAb/INKFYn+cm9j8AhWSbXtLIazceehM+PhJT53tR
an52AM7x36IQTidtZhAMIQkdRwJy93d9rrxNeipTfVNQPf6PGryNvECbFCwxBskn
DA75SWCjLVfQQnC3SFczuZsh+n/TFk/Eo1d7HGS9Dkb4ZxlyyV4S5i6FxGT8N+VE
GeNIEd8TrjsWfR5ZkQ0MHkFcnhx8Ct+cwi+FCGkW2mMVkzSnMmLGgVoDR6IYpR5j
db8BzGBltFZ50K9apcr3hF6zdXeFY6VVMz3ZGNZGmrzqIlJE
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:57:42 2025 by rpki-client