Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/IX3hpyLIN4WhHMana79sWPUI4X0.roa
File: IX3hpyLIN4WhHMana79sWPUI4X0.roa (raw, json)
Hash identifier: rCe6IZNZSjHSC1lZ+kxokCfhrF01W07U8ihTWZLrEJU=
Subject key identifier: 21:7D:E1:A7:22:C8:37:85:A1:1C:C6:A7:6B:BF:6C:58:F5:08:E1:7D
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 01942521C340A31E90749A36FC1858F6A085
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/IX3hpyLIN4WhHMana79sWPUI4X0.roa
Signing time: Thu 02 Jan 2025 03:49:16 +0000
ROA not before: Thu 02 Jan 2025 03:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33438
IP address blocks: 193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:c3:40:a3:1e:90:74:9a:36:fc:18:58:f6:a0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Jan 2 03:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=217de1a722c83785a11cc6a76bbf6c58f508e17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7e:f4:37:ca:a8:16:31:49:06:51:aa:d0:67:
b0:4b:89:7b:21:03:8d:12:24:e9:f4:7e:91:99:4e:
36:4b:01:7c:51:ec:53:c1:3d:d2:d1:57:f8:b3:e7:
c1:69:ea:55:68:71:a9:9d:77:5a:1b:07:93:b2:4f:
80:4d:9a:cf:2e:02:4e:8b:36:8f:a2:46:7b:23:87:
6e:6a:99:bc:5a:c3:6b:a7:cf:41:32:d5:59:1d:6a:
23:f8:60:5a:11:fb:b1:e2:4b:3a:67:9e:44:00:cd:
d0:9f:34:30:08:2e:ef:08:6b:a6:48:d7:af:bd:c8:
3f:76:38:f6:15:3b:4d:6e:b5:73:75:89:21:85:23:
f9:d8:37:3b:08:f5:59:67:a5:43:c7:08:06:3e:f7:
87:4c:5b:b7:30:e9:37:51:b8:7b:df:e0:33:d5:a1:
20:28:a1:e3:cb:9d:aa:5c:8b:b8:c9:bc:f1:da:08:
fa:78:93:94:55:40:7d:a4:c5:26:32:04:07:67:b2:
ec:c5:e3:c5:d7:aa:fe:06:79:7c:b6:e2:f5:30:d3:
3c:76:9d:d7:1c:2d:e5:2f:33:a1:4a:d5:46:b8:bd:
f3:54:c2:c1:a0:db:c0:1d:95:c8:00:71:87:aa:2f:
1e:c6:21:35:21:81:96:15:13:6c:3f:20:92:f4:1b:
58:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7D:E1:A7:22:C8:37:85:A1:1C:C6:A7:6B:BF:6C:58:F5:08:E1:7D
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/IX3hpyLIN4WhHMana79sWPUI4X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
72:46:df:04:d5:d2:59:0b:1f:5b:d2:49:3b:c9:0d:c8:42:c4:
45:d3:d5:9f:97:05:d9:24:e1:43:bd:51:1f:37:ff:a7:02:71:
d9:f6:6b:bd:28:c9:3a:1d:47:89:aa:43:f4:f7:4a:27:83:6d:
67:0f:7c:a6:57:f6:78:45:cd:4d:90:a9:32:2a:bb:33:6c:93:
60:c9:e7:aa:53:a8:b7:92:95:31:c1:03:0e:f8:45:96:f2:37:
b5:07:21:0c:7a:d2:6b:b5:3f:b2:d6:9b:75:15:6c:5c:34:f4:
73:7a:95:62:12:2a:ca:b5:82:8c:8d:6d:a9:bc:3a:c5:bf:01:
2e:14:0e:ec:61:f2:4e:01:b6:b9:50:78:7c:fa:e5:94:d5:8e:
60:bb:b5:39:f0:44:be:d4:7c:62:36:51:1f:4f:45:59:91:45:
57:48:a2:36:6f:a1:15:c7:af:f9:e7:6b:92:71:3f:77:e2:f7:
c1:df:24:60:c7:8e:1f:33:4f:d2:5e:74:c4:4b:23:ba:85:ec:
0d:72:9c:c0:fa:28:04:12:20:c7:4a:33:ad:ab:b1:7f:8f:32:
82:60:50:7a:f8:11:7a:02:bd:7c:a4:9f:8c:c1:76:ed:c3:1b:
29:d6:2b:b2:49:ac:29:ea:38:33:dc:58:8a:6e:82:e1:5d:90:
dc:be:e2:ed
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQlIcNAox6QdJo2/BhY9qCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjUwMTAyMDM0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTdkZTFhNzIyYzgzNzg1YTExY2M2YTc2YmJmNmM1OGY1MDhlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1370N8qoFjFJBlGq0GewS4l7IQON
EiTp9H6RmU42SwF8UexTwT3S0Vf4s+fBaepVaHGpnXdaGweTsk+ATZrPLgJOizaP
okZ7I4duapm8WsNrp89BMtVZHWoj+GBaEfux4ks6Z55EAM3QnzQwCC7vCGumSNev
vcg/djj2FTtNbrVzdYkhhSP52Dc7CPVZZ6VDxwgGPveHTFu3MOk3Ubh73+Az1aEg
KKHjy52qXIu4ybzx2gj6eJOUVUB9pMUmMgQHZ7LsxePF16r+Bnl8tuL1MNM8dp3X
HC3lLzOhStVGuL3zVMLBoNvAHZXIAHGHqi8exiE1IYGWFRNsPyCS9BtYdwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCF94aciyDeFoRzGp2u/bFj1COF9MB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvSVgzaHB5TElONFdoSE1hbmE3OXNXUFVJNFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQAwYrcAwQB
w8hUMBoEAgACMBQwEgMHASoBB4iqqgMHACoBB4iqrDANBgkqhkiG9w0BAQsFAAOC
AQEAckbfBNXSWQsfW9JJO8kNyELERdPVn5cF2SThQ71RHzf/pwJx2fZrvSjJOh1H
iapD9PdKJ4NtZw98plf2eEXNTZCpMiq7M2yTYMnnqlOot5KVMcEDDvhFlvI3tQch
DHrSa7U/stabdRVsXDT0c3qVYhIqyrWCjI1tqbw6xb8BLhQO7GHyTgG2uVB4fPrl
lNWOYLu1OfBEvtR8YjZRH09FWZFFV0iiNm+hFcev+edrknE/d+L3wd8kYMeOHzNP
0l50xEsjuoXsDXKcwPooBBIgx0ozrauxf48ygmBQevgRegK9fKSfjMF27cMbKdYr
skmsKeo4M9xYim6C4V2Q3L7i7Q==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:28:51 2025 by rpki-client