Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/cNQzFblAKvFr8hGK7lwE2E-QroQ.roa
File: cNQzFblAKvFr8hGK7lwE2E-QroQ.roa (raw, json)
Hash identifier: 6L0JpdKsg5wIV7DiGvLclmuCfLf4+RgtvQ0jAlVXODk=
Subject key identifier: 70:D4:33:15:B9:40:2A:F1:6B:F2:11:8A:EE:5C:04:D8:4F:90:AE:84
Certificate issuer: /CN=3d23758dfb6f1d43dcd64d0f0ab27ef715135952
Certificate serial: 019422203A3DA492B6AE41A1EA331B094503
Authority key identifier: 3D:23:75:8D:FB:6F:1D:43:DC:D6:4D:0F:0A:B2:7E:F7:15:13:59:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/cNQzFblAKvFr8hGK7lwE2E-QroQ.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29010
IP address blocks: 185.193.144.0/22 maxlen: 24
195.39.222.0/23 maxlen: 24
2a01:a780::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3a:3d:a4:92:b6:ae:41:a1:ea:33:1b:09:45:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d23758dfb6f1d43dcd64d0f0ab27ef715135952
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70d43315b9402af16bf2118aee5c04d84f90ae84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4d:9a:32:b2:22:30:8a:43:df:39:8f:9f:84:
63:05:f5:4d:c4:23:1c:33:20:21:44:b6:ad:e9:0f:
4d:d2:18:c3:3b:6c:4f:13:1e:0f:17:75:5a:6f:8d:
c4:e5:fe:21:16:06:ca:2a:91:5c:8e:7a:a0:15:c9:
19:a2:69:00:b8:26:e6:fd:be:37:0e:ae:05:8a:a8:
e6:52:ba:22:ab:42:81:2a:da:7d:0d:69:65:3f:9e:
25:52:ba:75:f1:2b:d4:a0:74:e3:3f:ed:de:3a:49:
2e:80:6c:c0:40:74:3f:a1:4f:61:3c:e1:4c:63:fc:
f6:d0:52:a9:5d:7e:d7:eb:94:fc:65:a1:b1:fe:5d:
1f:78:86:b9:c6:c5:97:6c:95:f7:f5:e8:55:06:bc:
8c:7d:9a:99:4c:4a:5f:f6:81:b3:8f:b9:e5:5d:1c:
42:3a:8f:14:0d:42:9e:90:07:f2:ef:c0:cf:e8:bb:
31:45:cb:36:2a:a2:65:b9:ff:44:66:69:e9:e7:e5:
db:8e:b3:84:30:0b:28:cf:99:07:41:36:c1:35:8c:
a9:7d:b8:a5:5e:cd:1b:ea:6c:b8:5b:36:f3:9f:e9:
61:7b:e7:58:54:ca:03:9b:36:76:d9:5f:2c:c4:9b:
eb:69:e0:b3:3c:e9:a2:21:97:1e:ce:21:6d:af:b8:
fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D4:33:15:B9:40:2A:F1:6B:F2:11:8A:EE:5C:04:D8:4F:90:AE:84
X509v3 Authority Key Identifier:
keyid:3D:23:75:8D:FB:6F:1D:43:DC:D6:4D:0F:0A:B2:7E:F7:15:13:59:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/cNQzFblAKvFr8hGK7lwE2E-QroQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.144.0/22
195.39.222.0/23
IPv6:
2a01:a780::/32
Signature Algorithm: sha256WithRSAEncryption
7d:2b:ae:18:2a:66:79:79:6a:20:05:88:9f:59:9f:34:a5:d7:
7c:e5:b3:af:00:c6:75:c0:31:e9:42:51:7a:d8:65:a4:60:5a:
68:33:90:e9:3c:ec:d5:86:db:ad:41:41:b7:e1:54:60:ef:62:
af:c3:ca:e4:19:86:72:c5:83:79:bd:63:14:02:72:6e:a8:42:
e5:29:cc:2b:e5:37:29:28:1d:2e:42:e0:90:62:c0:e7:12:a4:
cb:0f:de:06:ec:ba:89:80:0e:e6:1c:11:eb:9d:79:07:d4:79:
e8:f1:45:7c:3f:c2:41:e2:7d:39:64:27:a9:85:fa:01:43:5f:
c6:48:4d:3d:df:96:ce:9e:6c:66:00:cd:2c:eb:fd:5c:09:1e:
0a:16:ce:bb:91:97:d0:42:f7:2e:70:d5:b1:bd:60:37:6c:e3:
d0:0f:4b:73:5b:6c:0e:08:b1:da:ca:39:91:f4:d2:b0:6b:c0:
1a:97:bb:05:b5:7b:03:38:d7:06:3c:6a:b1:bd:32:da:a8:b2:
29:bf:f2:74:8c:2a:5f:3b:5f:52:96:32:ef:ce:23:02:92:6a:
69:40:f6:df:3b:e8:40:2b:fd:97:18:d2:bb:c7:98:c0:65:c6:
c4:92:f3:55:a0:51:c3:82:91:a1:42:53:6b:26:43:0a:75:f6:
21:77:9c:b9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiIDo9pJK2rkGh6jMbCUUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMjM3NThkZmI2ZjFkNDNkY2Q2NGQwZjBhYjI3ZWY3MTUx
MzU5NTIwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGQ0MzMxNWI5NDAyYWYxNmJmMjExOGFlZTVjMDRkODRmOTBhZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA502aMrIiMIpD3zmPn4RjBfVNxCMc
MyAhRLat6Q9N0hjDO2xPEx4PF3Vab43E5f4hFgbKKpFcjnqgFckZomkAuCbm/b43
Dq4FiqjmUroiq0KBKtp9DWllP54lUrp18SvUoHTjP+3eOkkugGzAQHQ/oU9hPOFM
Y/z20FKpXX7X65T8ZaGx/l0feIa5xsWXbJX39ehVBryMfZqZTEpf9oGzj7nlXRxC
Oo8UDUKekAfy78DP6LsxRcs2KqJluf9EZmnp5+XbjrOEMAsoz5kHQTbBNYypfbil
Xs0b6my4Wzbzn+lhe+dYVMoDmzZ22V8sxJvraeCzPOmiIZceziFtr7j76QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHDUMxW5QCrxa/IRiu5cBNhPkK6EMB8GA1UdIwQY
MBaAFD0jdY37bx1D3NZNDwqyfvcVE1lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFNOMWpmdHZIVVBjMWswUENySi05eFVUV1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82NmVmYjQtZDJlYy00MGQ2LTlhM2Ut
Nzk5MGU4N2JiZDVmLzEvY05RekZibEFLdkZyOGhHSzdsd0UyRS1Rcm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82NmVmYjQtZDJlYy00MGQ2LTlhM2UtNzk5MGU4N2JiZDVm
LzEvUFNOMWpmdHZIVVBjMWswUENySi05eFVUV1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucGQAwQB
wyfeMA0EAgACMAcDBQAqAaeAMA0GCSqGSIb3DQEBCwUAA4IBAQB9K64YKmZ5eWog
BYifWZ80pdd85bOvAMZ1wDHpQlF62GWkYFpoM5DpPOzVhtutQUG34VRg72Kvw8rk
GYZyxYN5vWMUAnJuqELlKcwr5TcpKB0uQuCQYsDnEqTLD94G7LqJgA7mHBHrnXkH
1Hno8UV8P8JB4n05ZCephfoBQ1/GSE0935bOnmxmAM0s6/1cCR4KFs67kZfQQvcu
cNWxvWA3bOPQD0tzW2wOCLHayjmR9NKwa8Aal7sFtXsDONcGPGqxvTLaqLIpv/J0
jCpfO19SljLvziMCkmppQPbfO+hAK/2XGNK7x5jAZcbEkvNVoFHDgpGhQlNrJkMK
dfYhd5y5
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:27:59 2025 by rpki-client