Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3GpFaqQcQN9oMifABgrQUFoG0kE.roa
File: 3GpFaqQcQN9oMifABgrQUFoG0kE.roa (raw, json)
Hash identifier: WY/ivhDoFD/EbNKAvaxEqHPsDCFDZM/+fS+MHyM0i7w=
Subject key identifier: DC:6A:45:6A:A4:1C:40:DF:68:32:27:C0:06:0A:D0:50:5A:06:D2:41
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01982DED0875A5C320C1E9696DD9A13C8627
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3GpFaqQcQN9oMifABgrQUFoG0kE.roa
Signing time: Mon 21 Jul 2025 16:59:25 +0000
ROA not before: Mon 21 Jul 2025 16:59:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 146943
IP address blocks: 93.120.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:ed:08:75:a5:c3:20:c1:e9:69:6d:d9:a1:3c:86:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jul 21 16:59:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc6a456aa41c40df683227c0060ad0505a06d241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:65:8b:1f:67:96:2a:00:f0:55:23:c0:26:
d5:46:ce:33:8e:68:1e:02:52:33:ac:92:4d:40:26:
fc:35:68:8b:77:87:51:37:4a:ed:9b:56:cb:6b:66:
0d:b7:db:8e:73:10:ae:9f:ba:0d:8c:f7:01:d9:8c:
fb:f3:ad:82:ce:42:52:2a:83:62:8c:c6:47:34:26:
40:f4:59:4b:6b:eb:58:8c:45:6d:07:8b:9b:65:1e:
a3:09:6b:86:ff:39:77:3c:72:92:0b:b0:9e:e7:fb:
0d:4e:7a:62:c4:65:e2:af:17:22:09:e7:11:44:0e:
4b:50:ae:ab:b7:55:22:a1:93:6c:db:b1:01:62:6d:
c2:21:f8:6d:7e:50:a0:20:2d:00:6d:85:29:9a:59:
cd:a7:fa:24:e4:1f:4b:b7:90:6f:54:a2:71:71:7b:
c4:a6:25:bd:d2:ec:89:66:28:2e:10:e2:99:bb:91:
56:1e:dd:08:d9:07:84:b9:fa:c9:94:5e:c6:4a:df:
db:54:09:2c:fc:82:f5:64:c1:0b:2e:05:9e:be:22:
a4:0d:7f:fd:21:4a:d5:df:52:c1:68:6e:ef:a0:09:
76:94:c6:3b:0c:43:79:48:fa:16:88:cf:3a:05:1b:
19:1c:e1:cd:9b:be:86:e3:02:5c:09:89:ed:82:08:
8d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:6A:45:6A:A4:1C:40:DF:68:32:27:C0:06:0A:D0:50:5A:06:D2:41
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/3GpFaqQcQN9oMifABgrQUFoG0kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.120.39.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ea:de:6d:38:a9:bd:67:2a:07:f4:95:d1:be:ea:6e:25:c0:
e3:d9:ea:36:70:78:5b:3a:38:56:1b:66:6d:6d:05:5f:ee:bd:
72:5f:a2:95:25:82:a1:03:53:70:a9:17:01:31:ca:1d:de:2c:
59:8e:47:16:0d:dd:cb:1e:1b:27:a3:ed:07:bc:a6:ea:0f:40:
f0:35:3a:f4:3f:9e:48:d5:26:af:27:4a:59:50:55:a4:cc:04:
fb:56:99:c1:9e:a9:4c:53:29:a5:0b:82:e8:7b:29:19:26:79:
48:79:0f:05:71:db:a2:d6:a6:4e:f6:7c:76:1d:ce:42:8a:56:
66:57:45:2e:e6:f6:92:be:d8:56:58:48:20:ce:de:03:21:72:
3e:b7:33:e6:33:55:91:d6:ea:9f:1b:d1:cf:24:d7:23:07:91:
22:7a:58:04:4e:d8:b1:7c:44:36:d6:b7:9a:95:d9:2c:4b:ae:
11:90:41:29:02:ec:a0:24:aa:1e:b0:68:77:fd:bb:5a:bc:e3:
42:50:4f:9a:63:1b:1c:3a:ab:f1:f0:2c:fa:af:d4:80:a3:10:
d0:a2:89:62:cc:94:38:87:5f:6d:a8:52:53:96:fc:c9:6c:dc:
59:fa:13:ea:57:4a:bf:bd:25:59:cc:32:9a:96:e2:38:bc:97:
38:f8:92:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgt7Qh1pcMgwelpbdmhPIYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNzIxMTY1OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzZhNDU2YWE0MWM0MGRmNjgzMjI3YzAwNjBhZDA1MDVhMDZkMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscllix9nlioA8FUjwCbVRs4zjmge
AlIzrJJNQCb8NWiLd4dRN0rtm1bLa2YNt9uOcxCun7oNjPcB2Yz7862CzkJSKoNi
jMZHNCZA9FlLa+tYjEVtB4ubZR6jCWuG/zl3PHKSC7Ce5/sNTnpixGXirxciCecR
RA5LUK6rt1UioZNs27EBYm3CIfhtflCgIC0AbYUpmlnNp/ok5B9Lt5BvVKJxcXvE
piW90uyJZiguEOKZu5FWHt0I2QeEufrJlF7GSt/bVAks/IL1ZMELLgWeviKkDX/9
IUrV31LBaG7voAl2lMY7DEN5SPoWiM86BRsZHOHNm76G4wJcCYntggiNKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxqRWqkHEDfaDInwAYK0FBaBtJBMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvM0dwRmFxUWNRTjlvTWlmQUJnclFVRm9HMGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXgnMA0G
CSqGSIb3DQEBCwUAA4IBAQA96t5tOKm9ZyoH9JXRvupuJcDj2eo2cHhbOjhWG2Zt
bQVf7r1yX6KVJYKhA1NwqRcBMcod3ixZjkcWDd3LHhsno+0HvKbqD0DwNTr0P55I
1SavJ0pZUFWkzAT7VpnBnqlMUymlC4LoeykZJnlIeQ8Fcdui1qZO9nx2Hc5CilZm
V0Uu5vaSvthWWEggzt4DIXI+tzPmM1WR1uqfG9HPJNcjB5EielgETtixfEQ21rea
ldksS64RkEEpAuygJKoesGh3/btavONCUE+aYxscOqvx8Cz6r9SAoxDQoolizJQ4
h19tqFJTlvzJbNxZ+hPqV0q/vSVZzDKaluI4vJc4+JK4
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:09:17 2025 by rpki-client