Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/l3JzatKnSb-qTPQjQ9VOzx8MD7g.roa
File: l3JzatKnSb-qTPQjQ9VOzx8MD7g.roa (raw, json)
Hash identifier: 40hMQclA6AyvTYjGgbc8RhGg1fGmdxgMO6uT9Avjx2U=
Subject key identifier: 97:72:73:6A:D2:A7:49:BF:AA:4C:F4:23:43:D5:4E:CF:1F:0C:0F:B8
Certificate issuer: /CN=f973209625e2a03ddeecf91bb480548e5729d479
Certificate serial: 01941FFA3C80EE873771E6537EDF413D6967
Authority key identifier: F9:73:20:96:25:E2:A0:3D:DE:EC:F9:1B:B4:80:54:8E:57:29:D4:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/l3JzatKnSb-qTPQjQ9VOzx8MD7g.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209323
IP address blocks: 147.78.144.0/22 maxlen: 22
2a09:24c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3c:80:ee:87:37:71:e6:53:7e:df:41:3d:69:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f973209625e2a03ddeecf91bb480548e5729d479
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9772736ad2a749bfaa4cf42343d54ecf1f0c0fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:06:a9:77:4f:8f:81:1a:0c:0e:85:2c:48:02:
24:f4:ef:e3:1d:03:8a:90:d1:93:e5:ce:3d:e0:8b:
96:73:da:bc:fc:73:a7:32:ec:8a:d6:7a:e0:3d:24:
0a:01:61:15:8a:2f:42:48:6e:e9:bb:18:74:09:aa:
01:fa:26:b8:76:3f:9b:de:3c:3c:da:26:f8:59:db:
4d:92:3f:4a:68:b4:3c:ac:d0:ee:fe:64:c8:18:39:
30:2c:19:4a:29:38:28:52:c7:82:a8:13:8a:6a:9d:
24:1d:e6:6b:52:0f:c2:ae:61:19:e1:5c:0c:52:7c:
be:f6:f2:a4:6e:f7:ab:59:cf:ea:0e:f3:8c:4c:8d:
ba:bc:50:bf:b4:5e:71:76:f6:68:ba:a3:a6:f5:50:
08:91:92:83:4a:55:39:28:4c:46:4c:2b:1a:77:6e:
f0:55:9d:f6:6f:2c:71:f0:7e:d5:5b:e1:70:c0:94:
fd:50:55:0e:d5:ad:37:11:41:0f:d9:c3:11:41:55:
3b:70:7b:93:ee:8a:38:ed:ad:e2:0b:9b:7c:3b:cc:
57:55:d5:f2:64:0c:6c:a1:1b:cf:52:78:a9:b6:9a:
4f:7d:55:cf:d7:16:21:01:b6:4f:73:a8:ea:fa:37:
62:b2:d8:4a:e2:5f:b4:75:c5:6f:d7:0f:15:a2:4d:
a8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:72:73:6A:D2:A7:49:BF:AA:4C:F4:23:43:D5:4E:CF:1F:0C:0F:B8
X509v3 Authority Key Identifier:
keyid:F9:73:20:96:25:E2:A0:3D:DE:EC:F9:1B:B4:80:54:8E:57:29:D4:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XMgliXioD3e7PkbtIBUjlcp1Hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/l3JzatKnSb-qTPQjQ9VOzx8MD7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/af54e8-bd63-427d-8cc8-f4ecebbb1ec2/1/1-XMgliXioD3e7PkbtIBUjlcp1Hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.144.0/22
IPv6:
2a09:24c0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:f7:60:a3:56:a2:74:d5:e2:ae:dc:58:8b:8a:01:ff:be:59:
85:12:cf:d9:f6:90:c5:c8:34:fc:b1:c9:fa:00:63:84:52:22:
8a:ca:de:32:a4:7c:b9:0c:0a:f2:d1:4d:11:84:8f:79:6d:0b:
f8:55:59:77:8d:a6:75:5f:71:45:6a:4f:9a:f7:a6:ee:b0:86:
13:bc:d1:4c:67:b9:e9:f5:85:de:60:8c:e8:6a:f7:c5:0d:25:
85:78:b1:4c:82:d6:a5:a2:ce:98:57:f5:36:0e:22:51:72:06:
ff:e7:b2:6a:fc:19:18:87:87:0d:a8:15:7c:e5:d0:76:1d:b3:
0b:4e:d3:b1:84:19:e6:e1:6e:3b:2b:40:b5:41:b2:32:a0:2a:
06:a7:b9:5a:81:1d:f9:4e:78:20:de:10:ab:7f:f1:66:f3:f6:
80:fd:8b:cd:8d:41:10:92:86:b8:03:69:7d:09:48:0b:36:c5:
58:f9:79:26:11:fa:1e:66:97:62:f1:81:42:ea:33:97:7d:7f:
63:f4:2e:f7:d8:b7:93:c5:29:05:68:ce:59:48:0b:21:de:6a:
54:71:87:15:e6:32:7f:24:c8:c4:fa:14:c2:7f:25:6a:ec:6e:
a7:93:34:b0:27:a0:8a:65:83:7e:5a:1a:c1:16:55:50:41:1e:
a8:70:e5:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+jyA7oc3ceZTft9BPWlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NzMyMDk2MjVlMmEwM2RkZWVjZjkxYmI0ODA1NDhlNTcy
OWQ0NzkwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzcyNzM2YWQyYTc0OWJmYWE0Y2Y0MjM0M2Q1NGVjZjFmMGMwZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQapd0+PgRoMDoUsSAIk9O/jHQOK
kNGT5c494IuWc9q8/HOnMuyK1nrgPSQKAWEVii9CSG7puxh0CaoB+ia4dj+b3jw8
2ib4WdtNkj9KaLQ8rNDu/mTIGDkwLBlKKTgoUseCqBOKap0kHeZrUg/CrmEZ4VwM
Uny+9vKkbverWc/qDvOMTI26vFC/tF5xdvZouqOm9VAIkZKDSlU5KExGTCsad27w
VZ32byxx8H7VW+FwwJT9UFUO1a03EUEP2cMRQVU7cHuT7oo47a3iC5t8O8xXVdXy
ZAxsoRvPUniptppPfVXP1xYhAbZPc6jq+jdisthK4l+0dcVv1w8Vok2oIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJdyc2rSp0m/qkz0I0PVTs8fDA+4MB8GA1UdIwQY
MBaAFPlzIJYl4qA93uz5G7SAVI5XKdR5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YTWdsaVhpb0QzZTdQa2J0SUJVamxjcDFIay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQvYWY1NGU4LWJkNjMtNDI3ZC04Y2M4
LWY0ZWNlYmJiMWVjMi8xL2wzSnphdEtuU2ItcVRQUWpROVZPeng4TUQ3Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWQvYWY1NGU4LWJkNjMtNDI3ZC04Y2M4LWY0ZWNlYmJiMWVj
Mi8xLzEtWE1nbGlYaW9EM2U3UGtidElCVWpsY3AxSGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAKTTpAw
DQQCAAIwBwMFACoJJMAwDQYJKoZIhvcNAQELBQADggEBAA73YKNWonTV4q7cWIuK
Af++WYUSz9n2kMXINPyxyfoAY4RSIorK3jKkfLkMCvLRTRGEj3ltC/hVWXeNpnVf
cUVqT5r3pu6whhO80Uxnuen1hd5gjOhq98UNJYV4sUyC1qWizphX9TYOIlFyBv/n
smr8GRiHhw2oFXzl0HYdswtO07GEGebhbjsrQLVBsjKgKganuVqBHflOeCDeEKt/
8Wbz9oD9i82NQRCShrgDaX0JSAs2xVj5eSYR+h5ml2LxgULqM5d9f2P0LvfYt5PF
KQVozllICyHealRxhxXmMn8kyMT6FMJ/JWrsbqeTNLAnoIplg35aGsEWVVBBHqhw
5W0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:59 2025 by rpki-client