Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/iB3qHj6jc-vYvyyZv2bCeRVUFSQ.roa
File: iB3qHj6jc-vYvyyZv2bCeRVUFSQ.roa (raw, json)
Hash identifier: GN+JMGlNiyjaBMnzgzzZxTHdUtxnuMF8sNkbCRGW38U=
Subject key identifier: 88:1D:EA:1E:3E:A3:73:EB:D8:BF:2C:99:BF:66:C2:79:15:54:15:24
Certificate issuer: /CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Certificate serial: 019424B290524CAD1F3DF1FA7EEC3D04B0F8
Authority key identifier: 1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/iB3qHj6jc-vYvyyZv2bCeRVUFSQ.roa
Signing time: Thu 02 Jan 2025 01:47:49 +0000
ROA not before: Thu 02 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41495
IP address blocks: 46.227.200.0/21 maxlen: 24
185.134.196.0/22 maxlen: 24
2a01:9e00::/29 maxlen: 32
2a01:9e00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/H-AtvuYsmPAfIPR3DRakf3mr4yw.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/H-AtvuYsmPAfIPR3DRakf3mr4yw.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:90:52:4c:ad:1f:3d:f1:fa:7e:ec:3d:04:b0:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe02dbee62c98f01f20f4770d16a47f79abe32c
Validity
Not Before: Jan 2 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=881dea1e3ea373ebd8bf2c99bf66c27915541524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:be:e5:f0:58:40:da:88:e2:25:6f:44:b5:b9:
77:89:69:bb:a5:b8:ad:47:0a:13:53:97:4a:69:bd:
c1:9f:e4:31:0e:fa:69:b1:99:c9:b9:c2:9b:80:89:
2e:7c:61:d2:08:8c:6d:c1:ee:88:37:79:bf:fc:07:
ae:6e:22:52:9d:75:f6:d1:6d:26:40:05:ec:39:36:
4f:6a:e3:16:c3:10:74:4b:50:a0:85:8b:64:fd:2e:
a4:52:a2:59:69:c1:a9:10:c3:c0:1a:16:ee:13:b9:
b4:31:47:a6:b4:1a:00:97:cc:10:f1:47:f1:0a:4d:
ad:dc:8b:47:e3:17:00:8b:5b:e3:e2:28:d9:51:a8:
2a:14:7e:da:ce:91:03:ad:39:ff:ab:99:1f:d9:33:
70:1a:c8:61:2c:4d:44:b1:12:3a:29:f1:25:c7:e0:
c1:76:90:42:c1:d9:f2:fd:f5:65:70:a9:28:6b:6d:
85:92:ec:e3:9b:89:38:30:a8:77:1a:d2:fb:45:28:
e1:4f:70:20:f3:45:ca:d3:5d:65:48:5e:98:1a:08:
a2:94:b9:26:18:c8:83:a4:40:af:08:0d:35:8e:a0:
f2:8b:bc:53:12:ec:78:44:f0:c0:ec:94:73:62:d0:
dc:28:49:0b:e2:c4:b6:9d:73:f3:24:c6:23:11:0d:
a2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:1D:EA:1E:3E:A3:73:EB:D8:BF:2C:99:BF:66:C2:79:15:54:15:24
X509v3 Authority Key Identifier:
keyid:1F:E0:2D:BE:E6:2C:98:F0:1F:20:F4:77:0D:16:A4:7F:79:AB:E3:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-AtvuYsmPAfIPR3DRakf3mr4yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/iB3qHj6jc-vYvyyZv2bCeRVUFSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/a12a30-d60f-4032-8863-21253ea9f3a4/1/H-AtvuYsmPAfIPR3DRakf3mr4yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.200.0/21
185.134.196.0/22
IPv6:
2a01:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:7c:a7:ba:be:b8:f2:ba:20:cd:4a:34:36:0d:55:a5:cf:96:
da:ba:e6:62:fc:ad:4b:48:f4:49:ff:13:1c:b1:6f:fb:db:95:
86:f0:e0:a4:9a:71:41:6a:98:8a:66:1e:0e:f0:cd:b0:d1:49:
d9:a3:61:7a:a4:c8:05:ab:f0:e5:6a:03:82:bf:f5:fb:fb:06:
88:68:16:44:29:35:fb:30:6f:1a:00:f0:66:48:85:57:56:a2:
9e:65:7e:49:f7:91:bd:84:60:14:4d:51:be:a2:3a:7a:56:28:
d4:0b:aa:05:03:9d:52:03:46:14:2f:3d:a4:0a:46:05:ee:88:
bc:f4:68:f8:71:2b:2b:ad:e8:95:5b:b4:fd:d0:2e:eb:c2:15:
f4:ae:2e:1c:fb:e7:11:2a:16:82:99:20:8e:16:a5:f4:9c:34:
41:e3:9e:8b:8d:aa:88:28:5b:a0:99:0f:4f:97:eb:6b:ad:fe:
7b:6e:a2:47:e4:dd:69:fb:23:1c:ac:7a:55:4c:c1:25:68:77:
35:f8:c0:f6:fb:d5:37:78:15:18:3a:8c:da:18:22:73:0b:f1:
4d:29:9c:e9:3e:0e:5e:d1:42:31:ad:ae:6f:66:fe:a2:0a:6b:
c2:4c:3e:cb:cf:23:78:0e:21:9a:38:73:1b:2d:69:d0:d9:d1:
21:5c:29:cb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkspBSTK0fPfH6fuw9BLD4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTAyZGJlZTYyYzk4ZjAxZjIwZjQ3NzBkMTZhNDdmNzlh
YmUzMmMwHhcNMjUwMTAyMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODFkZWExZTNlYTM3M2ViZDhiZjJjOTliZjY2YzI3OTE1NTQxNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb7l8FhA2ojiJW9Etbl3iWm7pbit
RwoTU5dKab3Bn+QxDvppsZnJucKbgIkufGHSCIxtwe6IN3m//AeubiJSnXX20W0m
QAXsOTZPauMWwxB0S1CghYtk/S6kUqJZacGpEMPAGhbuE7m0MUemtBoAl8wQ8Ufx
Ck2t3ItH4xcAi1vj4ijZUagqFH7azpEDrTn/q5kf2TNwGshhLE1EsRI6KfElx+DB
dpBCwdny/fVlcKkoa22Fkuzjm4k4MKh3GtL7RSjhT3Ag80XK011lSF6YGgiilLkm
GMiDpECvCA01jqDyi7xTEux4RPDA7JRzYtDcKEkL4sS2nXPzJMYjEQ2ijwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIgd6h4+o3Pr2L8smb9mwnkVVBUkMB8GA1UdIwQY
MBaAFB/gLb7mLJjwHyD0dw0WpH95q+MsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMt
MjEyNTNlYTlmM2E0LzEvaUIzcUhqNmpjLXZZdnl5WnYyYkNlUlZVRlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9hMTJhMzAtZDYwZi00MDMyLTg4NjMtMjEyNTNlYTlmM2E0
LzEvSC1BdHZ1WXNtUEFmSVBSM0RSYWtmM21yNHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLuPIAwQC
uYbEMA0EAgACMAcDBQMqAZ4AMA0GCSqGSIb3DQEBCwUAA4IBAQBbfKe6vrjyuiDN
SjQ2DVWlz5bauuZi/K1LSPRJ/xMcsW/725WG8OCkmnFBapiKZh4O8M2w0UnZo2F6
pMgFq/DlagOCv/X7+waIaBZEKTX7MG8aAPBmSIVXVqKeZX5J95G9hGAUTVG+ojp6
VijUC6oFA51SA0YULz2kCkYF7oi89Gj4cSsrreiVW7T90C7rwhX0ri4c++cRKhaC
mSCOFqX0nDRB456LjaqIKFugmQ9Pl+trrf57bqJH5N1p+yMcrHpVTMElaHc1+MD2
+9U3eBUYOozaGCJzC/FNKZzpPg5e0UIxra5vZv6iCmvCTD7LzyN4DiGaOHMbLWnQ
2dEhXCnL
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:38:27 2025 by rpki-client