Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/3TokWR4YD8bSZEEhB7xAs3QiTtE.roa
File: 3TokWR4YD8bSZEEhB7xAs3QiTtE.roa (raw, json)
Hash identifier: RQJgzQDwW0ULI6tga86UlMO09rIAHDn5nerh47DR2BI=
Subject key identifier: DD:3A:24:59:1E:18:0F:C6:D2:64:41:21:07:BC:40:B3:74:22:4E:D1
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B61E7FE651514B270D0EB02AEFAFA3
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/3TokWR4YD8bSZEEhB7xAs3QiTtE.roa
Signing time: Thu 02 Jan 2025 15:50:34 +0000
ROA not before: Thu 02 Jan 2025 15:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208465
IP address blocks: 147.234.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1e:7f:e6:51:51:4b:27:0d:0e:b0:2a:ef:af:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd3a24591e180fc6d264412107bc40b374224ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e6:71:51:fd:20:27:00:9c:e6:e7:09:03:29:
54:56:46:c1:28:e3:52:78:e2:a4:60:4d:3c:42:30:
f2:4e:39:24:5d:69:01:95:ec:d9:94:f8:4c:8a:d1:
e3:0a:e2:31:07:e1:67:48:46:ba:bd:13:38:d0:3e:
29:b6:73:f9:3c:b0:49:5f:df:e4:9b:13:b2:5e:87:
d9:2f:25:e0:ec:ea:91:31:7a:05:40:29:8d:f6:86:
db:b1:a5:3f:5a:18:0f:35:a7:4d:56:ab:f2:f6:ad:
dd:43:65:a1:b3:7b:bb:9f:5f:53:e7:61:fc:5e:a4:
5f:97:d0:f2:55:d0:b5:0d:95:fa:bb:69:69:35:89:
1c:0c:d8:c6:93:81:50:75:04:3f:22:bf:74:1d:2e:
19:a4:95:f3:f0:30:5f:e4:2b:e8:f6:53:35:c2:d3:
d8:47:2c:7c:62:80:e8:6a:1c:a1:b0:3d:de:96:2d:
74:e2:51:91:17:91:83:b7:e1:0a:f3:7f:6c:2a:5e:
cf:82:d1:ff:1b:0f:bd:1a:a4:48:5b:87:2d:c5:f1:
84:d6:52:83:a8:a0:e4:f8:5e:2b:3a:5a:c2:3e:5d:
6b:ac:a2:0a:cb:c2:71:fc:d7:03:ec:0c:04:39:19:
c1:61:f3:ca:d2:20:92:3d:20:c7:5f:e8:1b:c7:ff:
47:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3A:24:59:1E:18:0F:C6:D2:64:41:21:07:BC:40:B3:74:22:4E:D1
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/3TokWR4YD8bSZEEhB7xAs3QiTtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.29.0/24
Signature Algorithm: sha256WithRSAEncryption
06:85:c9:56:f7:17:38:cd:61:be:19:14:ef:0e:86:27:f1:5f:
7b:d8:35:4d:8e:65:78:c9:2c:6e:85:e2:31:93:07:34:73:fc:
25:56:42:80:2c:61:81:0f:6c:4b:2b:b8:03:ea:28:3b:42:32:
ad:6b:d7:17:05:b3:2a:f7:11:58:7e:0a:af:f1:1c:69:ff:4c:
43:21:48:71:a2:0b:c8:4a:ab:cf:60:5c:b1:be:91:3b:60:6b:
5c:3e:d0:26:a8:3b:02:29:93:bc:9e:83:ff:38:24:ed:52:09:
61:0c:3c:1d:1d:f7:0e:a3:29:41:b3:87:bc:a1:f6:7e:f7:ea:
12:41:da:22:26:f7:4d:d5:5a:a0:3d:73:9c:68:fb:f2:b2:7e:
21:21:61:17:84:af:35:82:2f:81:07:9f:23:41:0c:8c:e2:15:
5a:5b:e6:d6:87:b2:23:00:17:2a:87:7e:5a:f7:a6:04:8c:bf:
b8:37:e6:5a:26:87:45:97:eb:3c:a6:da:b7:bd:fd:aa:dc:4e:
4e:d8:4f:b4:b4:bb:d9:45:24:9e:28:36:e4:ec:f9:f6:95:f8:
a2:1a:61:4e:e0:af:b7:df:27:c1:1d:4b:47:6d:32:c2:97:49:
95:9f:d6:70:e6:fe:c0:0e:0d:75:e5:e5:be:4a:c0:d7:7e:2c:
36:73:e5:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnth5/5lFRSycNDrAq76+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDNhMjQ1OTFlMTgwZmM2ZDI2NDQxMjEwN2JjNDBiMzc0MjI0ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeZxUf0gJwCc5ucJAylUVkbBKONS
eOKkYE08QjDyTjkkXWkBlezZlPhMitHjCuIxB+FnSEa6vRM40D4ptnP5PLBJX9/k
mxOyXofZLyXg7OqRMXoFQCmN9obbsaU/WhgPNadNVqvy9q3dQ2Whs3u7n19T52H8
XqRfl9DyVdC1DZX6u2lpNYkcDNjGk4FQdQQ/Ir90HS4ZpJXz8DBf5Cvo9lM1wtPY
Ryx8YoDoahyhsD3eli104lGRF5GDt+EK839sKl7PgtH/Gw+9GqRIW4ctxfGE1lKD
qKDk+F4rOlrCPl1rrKIKy8Jx/NcD7AwEORnBYfPK0iCSPSDHX+gbx/9H8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN06JFkeGA/G0mRBIQe8QLN0Ik7RMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvM1Rva1dSNFlEOGJTWkVFaEI3eEFzM1FpVHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+odMA0G
CSqGSIb3DQEBCwUAA4IBAQAGhclW9xc4zWG+GRTvDoYn8V972DVNjmV4ySxuheIx
kwc0c/wlVkKALGGBD2xLK7gD6ig7QjKta9cXBbMq9xFYfgqv8Rxp/0xDIUhxogvI
SqvPYFyxvpE7YGtcPtAmqDsCKZO8noP/OCTtUglhDDwdHfcOoylBs4e8ofZ+9+oS
QdoiJvdN1VqgPXOcaPvysn4hIWEXhK81gi+BB58jQQyM4hVaW+bWh7IjABcqh35a
96YEjL+4N+ZaJodFl+s8ptq3vf2q3E5O2E+0tLvZRSSeKDbk7Pn2lfiiGmFO4K+3
3yfBHUtHbTLCl0mVn9Zw5v7ADg115eW+SsDXfiw2c+WJ
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:27:12 2025 by rpki-client