Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/3aGZcGWIs_eMlaFgLeBFbbKoNDQ.roa
File: 3aGZcGWIs_eMlaFgLeBFbbKoNDQ.roa (raw, json)
Hash identifier: TFkuucN4UO3fh05NKBE3AbRffgRyYyePtYVgR0x7i+c=
Subject key identifier: DD:A1:99:70:65:88:B3:F7:8C:95:A1:60:2D:E0:45:6D:B2:A8:34:34
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 0194252208AE53B46F39D1EC96CC68F71124
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/3aGZcGWIs_eMlaFgLeBFbbKoNDQ.roa
Signing time: Thu 02 Jan 2025 03:49:34 +0000
ROA not before: Thu 02 Jan 2025 03:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39238
IP address blocks: 45.153.72.0/23 maxlen: 23
185.183.160.0/22 maxlen: 22
193.109.217.0/24 maxlen: 24
2a05:541:1a1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:08:ae:53:b4:6f:39:d1:ec:96:cc:68:f7:11:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 2 03:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dda199706588b3f78c95a1602de0456db2a83434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:91:5a:6d:09:d5:89:8a:2f:03:ca:04:26:
51:c8:ff:91:4d:72:66:c6:33:c8:ed:23:3d:1e:0f:
88:ad:1c:c4:85:cb:96:20:9d:86:64:37:b3:c7:bb:
18:6f:43:09:b6:de:7b:08:57:79:cb:88:b7:a6:d8:
1c:fe:e5:0a:e3:ee:3c:c2:8d:12:a4:ac:31:0b:87:
d1:62:57:9d:a3:34:9e:35:64:02:e7:57:dc:ec:0a:
10:71:72:bc:24:d1:5c:2c:07:b7:60:47:26:e5:16:
f7:52:c9:21:d6:2b:c6:12:d7:60:29:f6:68:58:b9:
a8:9e:32:99:6c:78:79:f5:fe:4d:d6:6e:29:89:fb:
46:82:78:6a:48:49:a5:e6:fa:da:02:15:95:80:d2:
bd:f3:d7:50:42:e0:ca:84:4e:4d:b4:ef:41:b0:7e:
46:80:26:23:f2:fb:8d:b5:7f:52:7a:4a:5e:37:16:
c5:db:b2:76:b6:1c:84:c2:10:64:5a:1f:28:4c:b8:
6b:e1:3e:2b:de:bf:68:67:33:b0:d0:a0:09:b9:04:
90:fa:9e:65:3c:07:f5:cb:07:43:0c:eb:8d:d4:a4:
e2:6a:9f:08:c6:06:42:c7:2b:5a:40:64:2b:4f:c7:
e8:c7:f2:a1:56:0c:2d:ce:46:2c:50:45:e4:04:ff:
96:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A1:99:70:65:88:B3:F7:8C:95:A1:60:2D:E0:45:6D:B2:A8:34:34
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/3aGZcGWIs_eMlaFgLeBFbbKoNDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.72.0/23
185.183.160.0/22
193.109.217.0/24
IPv6:
2a05:541:1a1::/48
Signature Algorithm: sha256WithRSAEncryption
52:9d:19:0e:95:ed:a4:5f:19:84:e3:f5:27:9b:ab:77:e5:68:
4e:92:1d:09:ab:65:74:0a:e9:c8:1e:f1:33:03:c3:9c:5d:ac:
9f:f8:00:43:bc:f5:50:ce:b8:2d:1c:02:8c:31:fe:a2:ba:79:
b3:81:39:7c:c8:87:00:31:5e:a3:7b:40:19:19:21:56:72:3d:
86:32:68:0a:02:3d:66:c2:83:22:81:75:83:9b:04:19:cf:4a:
f9:58:b3:69:b4:64:93:43:9c:51:fa:61:54:1e:83:3c:de:bc:
a0:ed:47:39:32:6b:1c:63:60:f6:35:ef:98:0d:3a:c7:ec:43:
e2:94:1e:41:c3:d5:05:ab:b7:6f:45:3d:06:a2:5b:c8:58:e9:
25:64:e5:84:c4:b5:3b:fa:1c:da:8e:a8:ae:a9:ad:25:3d:36:
58:c4:eb:4d:b3:bb:ca:37:48:6a:db:d4:91:99:16:88:cb:75:
24:35:bd:05:64:35:a0:56:33:aa:f4:64:50:66:b0:d6:e4:f6:
3c:05:08:4b:10:ad:3b:69:e9:ea:ee:e4:b2:9c:09:16:6d:97:
0f:3b:a3:f8:eb:8c:c0:25:0a:c7:5d:8e:2b:fd:e2:8b:37:f7:
b4:31:9c:97:d6:96:53:f5:a3:1c:89:a0:35:5a:d5:03:e2:b4:
ac:e8:0c:c9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQlIgiuU7RvOdHslsxo9xEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjUwMTAyMDM0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGExOTk3MDY1ODhiM2Y3OGM5NWExNjAyZGUwNDU2ZGIyYTgzNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrORWm0J1YmKLwPKBCZRyP+RTXJm
xjPI7SM9Hg+IrRzEhcuWIJ2GZDezx7sYb0MJtt57CFd5y4i3ptgc/uUK4+48wo0S
pKwxC4fRYledozSeNWQC51fc7AoQcXK8JNFcLAe3YEcm5Rb3Uskh1ivGEtdgKfZo
WLmonjKZbHh59f5N1m4piftGgnhqSEml5vraAhWVgNK989dQQuDKhE5NtO9BsH5G
gCYj8vuNtX9SekpeNxbF27J2thyEwhBkWh8oTLhr4T4r3r9oZzOw0KAJuQSQ+p5l
PAf1ywdDDOuN1KTiap8IxgZCxytaQGQrT8fox/KhVgwtzkYsUEXkBP+WTQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFN2hmXBliLP3jJWhYC3gRW2yqDQ0MB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvM2FHWmNHV0lzX2VNbGFGZ0xlQkZiYktvTkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBLZlIAwQC
ubegAwQAwW3ZMA8EAgACMAkDBwAqBQVBAaEwDQYJKoZIhvcNAQELBQADggEBAFKd
GQ6V7aRfGYTj9Sebq3flaE6SHQmrZXQK6cge8TMDw5xdrJ/4AEO89VDOuC0cAowx
/qK6ebOBOXzIhwAxXqN7QBkZIVZyPYYyaAoCPWbCgyKBdYObBBnPSvlYs2m0ZJND
nFH6YVQegzzevKDtRzkyaxxjYPY175gNOsfsQ+KUHkHD1QWrt29FPQaiW8hY6SVk
5YTEtTv6HNqOqK6prSU9NljE602zu8o3SGrb1JGZFojLdSQ1vQVkNaBWM6r0ZFBm
sNbk9jwFCEsQrTtp6eru5LKcCRZtlw87o/jrjMAlCsddjiv94os397QxnJfWllP1
oxyJoDVa1QPitKzoDMk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:31 2025 by rpki-client