Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/J3AnlmRd8KV9FjMNJWSewkoF5pA.roa
File: J3AnlmRd8KV9FjMNJWSewkoF5pA.roa (raw, json)
Hash identifier: LQP9quLOodVQ4mgPTSTMffrskMV0tHPWx16MglvOnDg=
Subject key identifier: 27:70:27:96:64:5D:F0:A5:7D:16:33:0D:25:64:9E:C2:4A:05:E6:90
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194274850BA496B63739D0DC5801CDF52D5
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/J3AnlmRd8KV9FjMNJWSewkoF5pA.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 270026
IP address blocks: 141.136.56.0/23 maxlen: 23
141.136.56.0/24 maxlen: 24
141.136.57.0/24 maxlen: 24
181.41.152.0/24 maxlen: 24
181.41.153.0/24 maxlen: 24
181.41.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:50:ba:49:6b:63:73:9d:0d:c5:80:1c:df:52:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27702796645df0a57d16330d25649ec24a05e690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:82:23:17:0f:ef:a1:b6:36:ad:11:81:08:8b:
11:de:22:fc:8f:7c:04:9f:a1:cd:4c:e3:f8:89:26:
25:d1:81:d0:c4:b1:95:be:2e:ce:b9:7b:d7:80:b2:
12:c0:d1:61:dc:c8:d7:4e:97:36:88:6b:7c:c5:f9:
15:63:53:42:12:0e:1e:1f:b6:c9:41:ea:19:79:81:
bd:dd:2d:35:c3:05:8d:f4:76:83:a8:b6:66:d4:31:
f2:44:60:0f:fb:15:41:fa:be:7b:88:f9:f1:21:6d:
ba:1e:57:4b:0c:94:1c:b5:d8:02:85:33:0c:6e:a6:
0e:40:95:8a:f6:cf:ad:20:ec:04:91:f6:94:96:fa:
8f:e2:d0:09:9d:92:a4:27:f8:17:4c:6b:cd:2f:07:
9f:2d:69:b5:ae:98:cf:da:6e:b5:4b:c9:92:22:fb:
34:fc:22:74:6f:c2:33:35:71:4d:b5:79:d3:b1:15:
ef:54:44:50:ce:f9:b8:39:17:97:7c:39:6a:5a:42:
b2:5e:ec:55:97:c6:71:52:09:61:6d:5c:1f:09:89:
45:cc:4c:47:e0:58:e3:3e:e1:b4:c5:b9:a5:ba:b8:
5b:3e:76:61:af:0a:81:34:2d:65:f2:d7:73:a4:c3:
5c:49:90:9e:8a:cf:ee:4e:eb:59:90:95:da:1b:d5:
b2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:70:27:96:64:5D:F0:A5:7D:16:33:0D:25:64:9E:C2:4A:05:E6:90
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/J3AnlmRd8KV9FjMNJWSewkoF5pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.56.0/23
181.41.152.0/23
181.41.155.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:b9:df:c8:5d:8c:24:cf:fb:bd:fc:07:01:4c:a4:fa:30:16:
46:aa:b2:ff:bd:4d:85:ba:a4:f5:0e:88:08:d9:ef:60:f3:10:
f2:79:7f:7a:77:95:6d:a2:d5:3b:76:cd:33:88:41:c2:f5:2c:
f9:b0:69:80:76:52:81:c0:28:44:fd:48:5e:7f:ea:71:ee:cb:
73:cd:d1:60:a5:85:92:b8:60:4c:03:a9:7f:ed:b2:7f:3a:ed:
7a:55:10:ef:af:2d:f2:14:ec:fb:a2:d0:92:db:df:13:02:19:
d8:24:44:dd:2b:02:95:76:61:53:49:95:68:aa:f7:3d:db:1a:
26:e4:ea:6d:c3:c1:77:b9:e0:98:a2:ef:81:9e:0a:d3:5a:b3:
1a:8e:18:c1:01:1e:21:b2:ca:fa:4d:68:82:9d:ca:05:ab:b8:
29:b7:de:7c:af:ab:49:cd:29:c4:cb:63:d5:db:be:4f:76:41:
40:8e:19:be:d4:58:a0:df:12:d9:04:87:96:1c:0a:4c:fe:68:
57:a9:34:f0:a5:46:34:6c:19:fa:aa:c6:9b:5e:61:a9:62:2d:
ae:5c:54:0e:9f:cc:4e:ca:00:1e:52:b4:10:7e:d3:aa:9f:83:
ef:3d:7b:1f:9d:d3:d8:f6:09:d4:fe:f6:67:40:8d:24:9d:c1:
3e:ea:4c:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSFC6SWtjc50NxYAc31LVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzcwMjc5NjY0NWRmMGE1N2QxNjMzMGQyNTY0OWVjMjRhMDVlNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoIjFw/vobY2rRGBCIsR3iL8j3wE
n6HNTOP4iSYl0YHQxLGVvi7OuXvXgLISwNFh3MjXTpc2iGt8xfkVY1NCEg4eH7bJ
QeoZeYG93S01wwWN9HaDqLZm1DHyRGAP+xVB+r57iPnxIW26HldLDJQctdgChTMM
bqYOQJWK9s+tIOwEkfaUlvqP4tAJnZKkJ/gXTGvNLwefLWm1rpjP2m61S8mSIvs0
/CJ0b8IzNXFNtXnTsRXvVERQzvm4OReXfDlqWkKyXuxVl8ZxUglhbVwfCYlFzExH
4FjjPuG0xbmlurhbPnZhrwqBNC1l8tdzpMNcSZCeis/uTutZkJXaG9WyBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCdwJ5ZkXfClfRYzDSVknsJKBeaQMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvSjNBbmxtUmQ4S1Y5RmpNTkpXU2V3a29GNXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBjYg4AwQB
tSmYAwQAtSmbMA0GCSqGSIb3DQEBCwUAA4IBAQB9ud/IXYwkz/u9/AcBTKT6MBZG
qrL/vU2FuqT1DogI2e9g8xDyeX96d5VtotU7ds0ziEHC9Sz5sGmAdlKBwChE/Uhe
f+px7stzzdFgpYWSuGBMA6l/7bJ/Ou16VRDvry3yFOz7otCS298TAhnYJETdKwKV
dmFTSZVoqvc92xom5Optw8F3ueCYou+BngrTWrMajhjBAR4hssr6TWiCncoFq7gp
t958r6tJzSnEy2PV275PdkFAjhm+1Fig3xLZBIeWHApM/mhXqTTwpUY0bBn6qsab
XmGpYi2uXFQOn8xOygAeUrQQftOqn4PvPXsfndPY9gnU/vZnQI0kncE+6kzU
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:19:49 2025 by rpki-client