Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/Dg3_0N_QJLl_z9oMjas8amvsSl4.roa
File: Dg3_0N_QJLl_z9oMjas8amvsSl4.roa (raw, json)
Hash identifier: i//fT7WOmOH7LBZUXbS89Zg6KyN/Hg+cEJQRzh4C3DQ=
Subject key identifier: 0E:0D:FF:D0:DF:D0:24:B9:7F:CF:DA:0C:8D:AB:3C:6A:6B:EC:4A:5E
Certificate issuer: /CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e
Certificate serial: 01941F8C22D413334222545EAD6A13B2D83E
Authority key identifier: 70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/Dg3_0N_QJLl_z9oMjas8amvsSl4.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52115
IP address blocks: 46.252.224.0/20 maxlen: 20
185.168.140.0/24 maxlen: 24
2a05:e780::/29 maxlen: 29
2a0d:cf00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 10:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:22:d4:13:33:42:22:54:5e:ad:6a:13:b2:d8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=707af45346f06b622a0ebbb4ff9ba33be6f42f1e
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e0dffd0dfd024b97fcfda0c8dab3c6a6bec4a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:78:a5:e7:5a:87:e3:ae:43:e7:49:7c:c3:2f:
e9:6e:04:95:ac:66:4a:14:62:71:a6:3f:0c:d8:77:
f9:46:ef:2c:9b:78:e5:14:e3:61:4b:01:01:b8:f2:
f8:0e:2f:b2:c2:cc:6d:98:ef:1e:9a:0e:f2:13:bf:
95:4f:a2:1a:43:86:ec:7f:5c:9b:89:99:8d:3e:39:
dd:9a:ab:99:ef:be:69:11:a0:2d:33:9c:fd:73:36:
16:86:43:ba:83:93:d6:fa:a3:a7:7e:ab:62:5e:58:
83:a1:e7:c5:e8:5e:19:77:bf:7f:b7:eb:a3:2e:f9:
39:d1:ea:a2:6c:8c:55:a6:95:59:d9:5e:d2:0b:15:
16:7b:65:cf:7f:b3:90:c9:fe:cd:61:2b:81:82:c1:
60:f1:a0:b8:16:4f:82:79:98:57:e5:31:de:86:27:
e3:95:4d:79:d6:02:41:92:d6:5f:36:a5:7c:94:5a:
b2:30:d7:7d:da:c1:ef:c6:73:90:32:21:49:e9:cf:
42:ae:eb:a0:c8:9f:b1:a0:34:fc:3a:71:7d:e8:d4:
86:6b:78:73:e1:44:2d:ba:9d:aa:33:63:72:42:88:
26:32:d7:a9:d4:94:07:51:68:78:9d:86:d1:66:fd:
c7:80:2e:75:0a:28:3a:90:14:47:c2:52:49:19:28:
b0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0D:FF:D0:DF:D0:24:B9:7F:CF:DA:0C:8D:AB:3C:6A:6B:EC:4A:5E
X509v3 Authority Key Identifier:
keyid:70:7A:F4:53:46:F0:6B:62:2A:0E:BB:B4:FF:9B:A3:3B:E6:F4:2F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHr0U0bwa2IqDru0_5ujO-b0Lx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/Dg3_0N_QJLl_z9oMjas8amvsSl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7920d0-f956-4439-9cd2-4b7808d98664/1/cHr0U0bwa2IqDru0_5ujO-b0Lx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.224.0/20
185.168.140.0/24
IPv6:
2a05:e780::/29
2a0d:cf00::/29
Signature Algorithm: sha256WithRSAEncryption
32:3c:20:01:ab:b0:e0:db:e1:60:03:1c:bb:6b:55:81:ed:2b:
1d:1f:bb:d8:1c:f6:a0:ba:68:81:64:f4:63:91:06:b9:ba:70:
3f:80:dd:a3:bd:75:b6:a5:de:4b:03:2f:b5:87:c5:b1:6c:20:
a0:92:21:5e:f8:b1:21:a7:ed:2e:a7:93:bc:1e:03:51:ff:b2:
cf:12:6f:7c:3e:b2:e5:82:9d:ed:2c:2a:44:0c:d9:a0:a4:c1:
56:dc:4f:bf:66:73:a5:60:42:d5:95:86:96:a6:da:e0:4e:aa:
2a:79:03:08:59:dd:39:f4:9f:cc:a3:8f:fd:54:23:4e:80:bb:
ac:19:e7:14:8b:a4:50:1e:5a:f5:02:21:68:da:b7:ba:6e:62:
40:31:de:8e:7a:da:0c:e9:bc:15:d8:80:f5:8f:9d:b1:a6:2d:
20:d6:51:9d:0c:58:65:65:9c:b0:16:2d:86:ee:41:96:d2:dd:
7d:23:17:e2:92:f2:9f:f6:ed:f9:49:46:e7:9d:1d:1c:b1:53:
8e:fe:b2:55:e9:53:c8:db:43:45:3e:cc:85:ed:36:90:b4:32:
bc:7b:5c:c9:a3:af:89:71:63:3c:28:8a:5c:e2:da:87:b8:bf:
bd:9e:50:15:35:12:68:9c:d2:6c:b2:7f:a9:21:39:61:aa:cb:
ea:fc:22:f4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQfjCLUEzNCIlRerWoTstg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwN2FmNDUzNDZmMDZiNjIyYTBlYmJiNGZmOWJhMzNiZTZm
NDJmMWUwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTBkZmZkMGRmZDAyNGI5N2ZjZmRhMGM4ZGFiM2M2YTZiZWM0YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8nil51qH465D50l8wy/pbgSVrGZK
FGJxpj8M2Hf5Ru8sm3jlFONhSwEBuPL4Di+ywsxtmO8emg7yE7+VT6IaQ4bsf1yb
iZmNPjndmquZ775pEaAtM5z9czYWhkO6g5PW+qOnfqtiXliDoefF6F4Zd79/t+uj
Lvk50eqibIxVppVZ2V7SCxUWe2XPf7OQyf7NYSuBgsFg8aC4Fk+CeZhX5THehifj
lU151gJBktZfNqV8lFqyMNd92sHvxnOQMiFJ6c9CruugyJ+xoDT8OnF96NSGa3hz
4UQtup2qM2NyQogmMtep1JQHUWh4nYbRZv3HgC51Cig6kBRHwlJJGSiwkwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA4N/9Df0CS5f8/aDI2rPGpr7EpeMB8GA1UdIwQY
MBaAFHB69FNG8GtiKg67tP+bozvm9C8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDIt
NGI3ODA4ZDk4NjY0LzEvRGczXzBOX1FKTGxfejlvTWphczhhbXZzU2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83OTIwZDAtZjk1Ni00NDM5LTljZDItNGI3ODA4ZDk4NjY0
LzEvY0hyMFUwYndhMklxRHJ1MF81dWpPLWIwTHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQELvzgAwQA
uaiMMBQEAgACMA4DBQMqBeeAAwUDKg3PADANBgkqhkiG9w0BAQsFAAOCAQEAMjwg
Aauw4NvhYAMcu2tVge0rHR+72Bz2oLpogWT0Y5EGubpwP4Ddo711tqXeSwMvtYfF
sWwgoJIhXvixIaftLqeTvB4DUf+yzxJvfD6y5YKd7SwqRAzZoKTBVtxPv2ZzpWBC
1ZWGlqba4E6qKnkDCFndOfSfzKOP/VQjToC7rBnnFIukUB5a9QIhaNq3um5iQDHe
jnraDOm8FdiA9Y+dsaYtINZRnQxYZWWcsBYthu5BltLdfSMX4pLyn/bt+UlG550d
HLFTjv6yVelTyNtDRT7Mhe02kLQyvHtcyaOviXFjPCiKXOLah7i/vZ5QFTUSaJzS
bLJ/qSE5YarL6vwi9A==
-----END CERTIFICATE-----
Generated at Wed Apr 16 18:53:08 2025 by rpki-client