Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/d0vd09ijftZxQ36MggmGV19KbF8.roa
File: d0vd09ijftZxQ36MggmGV19KbF8.roa (raw, json)
Hash identifier: qQnSCjOjuDvlDGOH0RwUYDIFq1N35gmrsquQwH69sXM=
Subject key identifier: 77:4B:DD:D3:D8:A3:7E:D6:71:43:7E:8C:82:09:86:57:5F:4A:6C:5F
Certificate issuer: /CN=3b4df9a5460cbd450b4e75380393a821e85c74d8
Certificate serial: 019424B3A39F1328FA7F37F5F14598B63FBF
Authority key identifier: 3B:4D:F9:A5:46:0C:BD:45:0B:4E:75:38:03:93:A8:21:E8:5C:74:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/d0vd09ijftZxQ36MggmGV19KbF8.roa
Signing time: Thu 02 Jan 2025 01:49:00 +0000
ROA not before: Thu 02 Jan 2025 01:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59715
IP address blocks: 185.5.200.0/22 maxlen: 24
2a02:cdc0::/29 maxlen: 52
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a3:9f:13:28:fa:7f:37:f5:f1:45:98:b6:3f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b4df9a5460cbd450b4e75380393a821e85c74d8
Validity
Not Before: Jan 2 01:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=774bddd3d8a37ed671437e8c820986575f4a6c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8f:61:8d:c3:d5:89:2d:c2:cf:da:d2:6d:71:
02:45:6c:e9:f2:22:ea:21:c4:55:4e:3e:7a:78:37:
04:bc:fd:4e:1f:ba:6c:58:2d:0e:eb:90:10:3e:cb:
ac:df:8e:dc:c3:38:5a:f1:fd:af:03:df:e7:9f:17:
df:04:aa:71:5b:bd:54:73:20:a8:f2:47:d2:da:b5:
58:ff:6b:45:9b:4f:3e:fc:22:34:a5:49:14:45:ad:
f0:7b:58:ad:43:57:e1:c0:37:07:2f:6a:3a:36:51:
05:e0:42:41:7e:45:70:f6:f3:69:ef:be:ec:36:34:
10:3f:19:9d:16:4a:e4:89:cb:7a:01:1e:c7:9a:d1:
2c:41:b5:b8:23:de:5e:e3:66:19:2f:0a:70:48:81:
19:1f:92:ee:18:d6:2a:86:32:31:be:b2:ba:1d:12:
ab:43:5a:f6:2b:7e:3e:f4:7a:b1:04:d6:61:9b:01:
c3:73:31:79:24:28:81:be:05:b6:d1:c6:6e:5d:3e:
1d:c7:37:20:f4:66:9e:38:b4:44:c5:a2:8f:25:87:
5f:e0:d4:de:58:6b:03:a6:b6:4e:d9:c4:65:67:af:
c2:13:04:f8:4f:bf:ad:4a:65:5a:6f:0e:58:2b:37:
4d:b2:82:27:72:36:b4:d8:54:0b:fb:d6:b7:3d:bd:
92:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4B:DD:D3:D8:A3:7E:D6:71:43:7E:8C:82:09:86:57:5F:4A:6C:5F
X509v3 Authority Key Identifier:
keyid:3B:4D:F9:A5:46:0C:BD:45:0B:4E:75:38:03:93:A8:21:E8:5C:74:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O035pUYMvUULTnU4A5OoIehcdNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/d0vd09ijftZxQ36MggmGV19KbF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/04975c-ef49-4754-96f9-9812d7cfd694/1/O035pUYMvUULTnU4A5OoIehcdNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.200.0/22
IPv6:
2a02:cdc0::/29
Signature Algorithm: sha256WithRSAEncryption
87:97:fe:42:f8:d3:46:3e:f6:a2:1f:23:31:13:eb:73:0e:69:
25:7d:94:bb:6c:7d:ff:17:3b:42:c9:a8:e5:00:1a:21:ba:d9:
59:7b:21:7a:d8:cb:e6:d3:09:ca:00:0d:bd:6f:37:bd:65:e1:
76:cf:de:eb:72:54:a4:08:36:ec:dd:84:5d:7b:73:d2:db:ed:
77:b3:fb:cd:fa:64:58:6c:2d:09:9d:8b:d9:37:5e:f8:89:40:
ec:7f:64:51:fd:2b:6d:1c:4c:12:9f:83:96:56:ef:31:8d:57:
7b:48:25:14:e1:48:f6:15:40:2d:24:43:5b:ed:dc:b4:50:56:
96:92:04:13:49:ad:f5:91:ec:31:27:e3:2c:b0:44:1f:00:4c:
22:0c:79:88:84:42:8c:32:c9:ab:2c:2c:22:0c:ad:f6:53:4e:
cd:89:36:03:f0:fe:ba:84:b4:75:b9:50:9d:66:6d:35:29:5f:
45:c0:34:8a:f7:09:fc:3b:a5:fb:cb:3d:5d:e5:e3:28:79:db:
0a:7f:38:84:a2:ac:94:2a:ad:78:57:75:0c:12:b9:f4:3f:2e:
1d:09:8e:b5:4f:66:b1:d7:17:de:0e:b0:c5:5f:21:2c:fc:72:
88:92:eb:57:74:42:b1:18:a8:d8:5e:64:9c:a5:97:e3:55:34:
51:3d:6e:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks6OfEyj6fzf18UWYtj+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNGRmOWE1NDYwY2JkNDUwYjRlNzUzODAzOTNhODIxZTg1
Yzc0ZDgwHhcNMjUwMTAyMDE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzRiZGRkM2Q4YTM3ZWQ2NzE0MzdlOGM4MjA5ODY1NzVmNGE2YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y9hjcPViS3Cz9rSbXECRWzp8iLq
IcRVTj56eDcEvP1OH7psWC0O65AQPsus347cwzha8f2vA9/nnxffBKpxW71UcyCo
8kfS2rVY/2tFm08+/CI0pUkURa3we1itQ1fhwDcHL2o6NlEF4EJBfkVw9vNp777s
NjQQPxmdFkrkict6AR7HmtEsQbW4I95e42YZLwpwSIEZH5LuGNYqhjIxvrK6HRKr
Q1r2K34+9HqxBNZhmwHDczF5JCiBvgW20cZuXT4dxzcg9GaeOLRExaKPJYdf4NTe
WGsDprZO2cRlZ6/CEwT4T7+tSmVabw5YKzdNsoIncja02FQL+9a3Pb2SKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHdL3dPYo37WcUN+jIIJhldfSmxfMB8GA1UdIwQY
MBaAFDtN+aVGDL1FC051OAOTqCHoXHTYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzAzNXBVWU12VVVMVG5VNEE1T29JZWhjZE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wNDk3NWMtZWY0OS00NzU0LTk2Zjkt
OTgxMmQ3Y2ZkNjk0LzEvZDB2ZDA5aWpmdFp4UTM2TWdnbUdWMTlLYkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wNDk3NWMtZWY0OS00NzU0LTk2ZjktOTgxMmQ3Y2ZkNjk0
LzEvTzAzNXBVWU12VVVMVG5VNEE1T29JZWhjZE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQXIMA0E
AgACMAcDBQMqAs3AMA0GCSqGSIb3DQEBCwUAA4IBAQCHl/5C+NNGPvaiHyMxE+tz
DmklfZS7bH3/FztCyajlABohutlZeyF62Mvm0wnKAA29bze9ZeF2z97rclSkCDbs
3YRde3PS2+13s/vN+mRYbC0JnYvZN174iUDsf2RR/SttHEwSn4OWVu8xjVd7SCUU
4Uj2FUAtJENb7dy0UFaWkgQTSa31kewxJ+MssEQfAEwiDHmIhEKMMsmrLCwiDK32
U07NiTYD8P66hLR1uVCdZm01KV9FwDSK9wn8O6X7yz1d5eMoedsKfziEoqyUKq14
V3UMErn0Py4dCY61T2ax1xfeDrDFXyEs/HKIkutXdEKxGKjYXmScpZfjVTRRPW6h
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:58:07 2025 by rpki-client