Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/3PndXA_D3bqqZU_dt1ni4TJe5dE.roa
File: 3PndXA_D3bqqZU_dt1ni4TJe5dE.roa (raw, json)
Hash identifier: 8PMPMDfbPsDxl+/GYrluB6AWIrxvnE1yub5S0xoxeqw=
Subject key identifier: DC:F9:DD:5C:0F:C3:DD:BA:AA:65:4F:DD:B7:59:E2:E1:32:5E:E5:D1
Certificate issuer: /CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Certificate serial: 019422FC3CD8A04275973BF9B5A43A3F9E47
Authority key identifier: 0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/3PndXA_D3bqqZU_dt1ni4TJe5dE.roa
Signing time: Wed 01 Jan 2025 17:49:03 +0000
ROA not before: Wed 01 Jan 2025 17:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47279
IP address blocks: 157.97.72.0/24 maxlen: 24
185.97.179.0/24 maxlen: 24
2a03:4340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:3c:d8:a0:42:75:97:3b:f9:b5:a4:3a:3f:9e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Validity
Not Before: Jan 1 17:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcf9dd5c0fc3ddbaaa654fddb759e2e1325ee5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:80:68:8a:d9:a6:a9:30:bc:f2:2e:f9:d7:47:
47:19:f3:04:be:e3:d0:e0:0d:0f:5d:30:73:6c:a1:
27:5c:6f:e8:52:7c:b2:47:75:64:48:d6:19:e0:10:
85:6c:2c:7d:59:c3:a4:75:15:6f:f8:3c:c4:8b:10:
2f:bd:53:73:c6:a8:3c:41:51:67:4e:45:e0:a3:be:
7c:3b:89:9d:8c:70:50:f8:9d:51:9e:a1:5f:2e:8e:
aa:e2:9c:7a:bf:43:1d:7e:a4:26:2d:24:78:8e:93:
4e:cd:6f:d6:57:ae:93:1f:a6:29:26:07:3c:0a:43:
0d:19:73:37:bd:d7:c8:2a:6f:d4:c9:4b:b2:49:39:
76:19:79:28:5f:fe:98:12:3a:48:32:0b:29:5c:ba:
b6:cd:75:ea:d3:68:25:4b:81:15:63:95:1f:33:d1:
d8:f2:37:d5:57:c2:d7:ad:4d:77:af:95:d9:15:d9:
70:24:39:1f:31:8d:0f:5e:53:a8:2a:c3:3f:fe:01:
37:c1:a7:48:ba:34:8e:fa:e9:eb:ce:9a:e3:c2:fe:
5a:6f:7b:1a:f6:a6:09:a4:b9:d7:37:92:17:73:bc:
9d:75:fd:c5:da:30:43:51:33:d3:d4:b7:1b:16:7d:
05:55:93:8e:8a:42:72:b3:58:cb:8e:b0:07:4b:bf:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F9:DD:5C:0F:C3:DD:BA:AA:65:4F:DD:B7:59:E2:E1:32:5E:E5:D1
X509v3 Authority Key Identifier:
keyid:0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/3PndXA_D3bqqZU_dt1ni4TJe5dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.72.0/24
185.97.179.0/24
IPv6:
2a03:4340::/32
Signature Algorithm: sha256WithRSAEncryption
83:35:b3:48:99:3b:6e:d5:38:4a:66:8d:c2:49:7a:fc:4d:67:
b6:1a:54:28:03:7d:78:3a:e0:6f:e1:f6:8a:06:7f:5e:88:d8:
6e:0a:19:fb:66:c7:84:96:f6:bd:db:35:1e:21:08:44:8c:0f:
69:cd:60:7f:91:6e:bf:18:d6:81:5a:d1:fa:ef:8b:de:aa:24:
4e:2b:cf:99:51:e8:88:63:ec:8a:8d:8e:18:ea:36:43:32:cc:
ae:d8:a7:b8:f0:38:6a:5e:bf:7c:9a:94:0d:63:b9:2f:02:e4:
3c:94:93:64:60:9f:53:77:d8:de:38:3a:70:be:4e:d9:71:b3:
70:e4:61:7a:12:0c:3c:6e:3d:f4:25:8e:25:5c:fd:5a:ec:82:
e3:b2:db:16:6a:e1:dd:36:aa:26:30:bf:14:99:d9:f6:06:52:
35:ad:46:2d:d4:06:26:65:83:3c:54:50:3f:de:56:43:74:c5:
fe:51:19:ca:55:6e:a2:b1:e9:7a:d2:39:45:5b:5d:54:30:e7:
7c:52:3a:e7:3e:f0:25:6a:c8:2d:26:11:c9:57:f1:1e:8d:35:
00:4b:8f:8d:ae:e6:3f:e1:0d:83:3b:96:67:b0:89:8f:7d:fa:
e0:66:f3:08:39:99:d6:ec:19:c3:32:9c:ef:bc:2a:c8:f1:b9:
80:2e:ac:3b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi/DzYoEJ1lzv5taQ6P55HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGNiZWU1MTk5MGYxZTA1YTlkMWRjMGMyZjJmM2E4YTM0
NzBjMTMwHhcNMjUwMTAxMTc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2Y5ZGQ1YzBmYzNkZGJhYWE2NTRmZGRiNzU5ZTJlMTMyNWVlNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4BoitmmqTC88i7510dHGfMEvuPQ
4A0PXTBzbKEnXG/oUnyyR3VkSNYZ4BCFbCx9WcOkdRVv+DzEixAvvVNzxqg8QVFn
TkXgo758O4mdjHBQ+J1RnqFfLo6q4px6v0MdfqQmLSR4jpNOzW/WV66TH6YpJgc8
CkMNGXM3vdfIKm/UyUuySTl2GXkoX/6YEjpIMgspXLq2zXXq02glS4EVY5UfM9HY
8jfVV8LXrU13r5XZFdlwJDkfMY0PXlOoKsM//gE3wadIujSO+unrzprjwv5ab3sa
9qYJpLnXN5IXc7yddf3F2jBDUTPT1LcbFn0FVZOOikJys1jLjrAHS78wowIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNz53VwPw926qmVP3bdZ4uEyXuXRMB8GA1UdIwQY
MBaAFA2MvuUZkPHgWp0dwMLy86ijRwwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWIt
MWIxZTc4Y2JiYjA5LzEvM1BuZFhBX0QzYnFxWlVfZHQxbmk0VEplNWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWItMWIxZTc4Y2JiYjA5
LzEvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAnWFIAwQA
uWGzMA0EAgACMAcDBQAqA0NAMA0GCSqGSIb3DQEBCwUAA4IBAQCDNbNImTtu1ThK
Zo3CSXr8TWe2GlQoA314OuBv4faKBn9eiNhuChn7ZseElva92zUeIQhEjA9pzWB/
kW6/GNaBWtH674veqiROK8+ZUeiIY+yKjY4Y6jZDMsyu2Ke48DhqXr98mpQNY7kv
AuQ8lJNkYJ9Td9jeODpwvk7ZcbNw5GF6Egw8bj30JY4lXP1a7ILjstsWauHdNqom
ML8Umdn2BlI1rUYt1AYmZYM8VFA/3lZDdMX+URnKVW6isel60jlFW11UMOd8Ujrn
PvAlasgtJhHJV/EejTUAS4+NruY/4Q2DO5ZnsImPffrgZvMIOZnW7BnDMpzvvCrI
8bmALqw7
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:37:31 2025 by rpki-client