Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3m0gDbs6cmOjjGzRZI7jrLWuhM4.roa
File: 3m0gDbs6cmOjjGzRZI7jrLWuhM4.roa (raw, json)
Hash identifier: MTeTh4AV5qtx2BhtYmMq6+meHpi4lO1auvgK9sR3nmE=
Subject key identifier: DE:6D:20:0D:BB:3A:72:63:A3:8C:6C:D1:64:8E:E3:AC:B5:AE:84:CE
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01953F5223EABBA54C5B5B9AE975167FB22D
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3m0gDbs6cmOjjGzRZI7jrLWuhM4.roa
Signing time: Tue 25 Feb 2025 22:55:02 +0000
ROA not before: Tue 25 Feb 2025 22:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212868
IP address blocks: 2a03:5840:123::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Apr 2025 07:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3f:52:23:ea:bb:a5:4c:5b:5b:9a:e9:75:16:7f:b2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Feb 25 22:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de6d200dbb3a7263a38c6cd1648ee3acb5ae84ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:c2:90:3d:a3:c0:95:99:ff:aa:fe:23:1e:
9a:64:33:c7:ad:5c:20:0f:b2:6f:61:05:ce:e0:9c:
4d:fc:fe:e9:aa:b1:b9:bb:2b:b5:53:78:07:59:24:
2c:35:0d:d0:83:2e:13:9a:50:e5:fd:df:35:2b:a1:
95:92:70:b8:90:92:9b:ed:ce:9f:16:e1:97:8d:91:
f7:ab:22:f2:3e:d5:b8:0b:93:f5:2d:6e:a7:2f:08:
35:cc:4c:33:f9:f7:ac:12:0b:b7:d5:bf:14:a9:bf:
38:ce:a3:2b:82:e6:e8:9f:df:03:aa:82:3e:d9:ff:
b6:45:8c:7a:10:3f:5b:8b:2f:a7:62:71:14:6a:9e:
bb:ee:0e:62:39:f9:4b:7d:39:df:33:fb:eb:4c:a9:
87:00:0c:ca:8b:b0:84:0c:7d:69:1d:0b:56:f3:c1:
3d:2a:85:33:17:b8:b7:78:2b:93:f9:ff:f8:d9:33:
ed:4b:82:38:44:68:7c:64:57:cb:ac:8d:41:76:08:
9e:ae:d4:2e:7b:35:0e:16:5e:cb:dd:f1:d1:49:a3:
54:9b:4e:11:62:97:5d:9e:2e:cc:f3:fe:41:95:87:
39:73:6b:aa:1f:e0:09:d5:fc:b2:d6:eb:2d:9c:18:
8b:5f:2f:ae:8d:c0:b7:b4:30:a1:ff:76:cd:10:76:
7f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6D:20:0D:BB:3A:72:63:A3:8C:6C:D1:64:8E:E3:AC:B5:AE:84:CE
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/3m0gDbs6cmOjjGzRZI7jrLWuhM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:123::/48
Signature Algorithm: sha256WithRSAEncryption
19:ab:47:e1:d7:7a:dc:7e:e9:c5:64:10:84:6a:8e:6d:1e:c2:
db:11:c9:f1:b8:55:6c:0f:7d:bc:d1:13:6d:98:37:42:60:77:
56:3e:cd:a7:cc:25:8b:ff:3e:eb:27:ef:3c:93:df:7b:81:0b:
cc:dd:f5:cd:57:e7:69:5e:b8:aa:e2:ea:f2:ee:2d:d6:a3:58:
bb:dc:ab:a2:61:f1:20:5d:1a:03:57:2f:30:73:8e:90:2f:88:
10:8d:f8:70:54:29:ae:f8:91:fa:a0:8b:11:92:24:e1:6f:7c:
a5:61:5b:aa:5c:5b:4a:08:d0:05:8d:32:62:d7:e5:86:b9:47:
b8:22:58:59:38:d5:a9:50:b7:02:cc:02:cf:bb:60:c8:20:e5:
20:3f:d4:fa:c7:6d:04:b5:15:b8:c5:1c:dc:a7:31:c4:11:53:
1a:60:70:77:11:d9:32:e1:29:8a:6f:b8:37:b2:7f:66:4f:c3:
e7:3b:1f:3f:16:4a:d1:3d:d2:2e:2e:92:52:36:8d:71:b7:de:
4f:56:90:1f:df:3e:b5:89:b0:24:b6:85:d6:82:62:c4:ef:27:
60:d3:06:1e:60:ca:83:6a:a7:da:57:cb:17:4e:68:7d:c6:08:
6c:37:93:74:b4:58:47:70:09:9f:06:2b:97:a6:f0:39:19:ed:
af:ae:5b:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZU/UiPqu6VMW1ua6XUWf7ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMjI1MjI1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTZkMjAwZGJiM2E3MjYzYTM4YzZjZDE2NDhlZTNhY2I1YWU4NGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1bCkD2jwJWZ/6r+Ix6aZDPHrVwg
D7JvYQXO4JxN/P7pqrG5uyu1U3gHWSQsNQ3Qgy4TmlDl/d81K6GVknC4kJKb7c6f
FuGXjZH3qyLyPtW4C5P1LW6nLwg1zEwz+fesEgu31b8Uqb84zqMrgubon98DqoI+
2f+2RYx6ED9biy+nYnEUap677g5iOflLfTnfM/vrTKmHAAzKi7CEDH1pHQtW88E9
KoUzF7i3eCuT+f/42TPtS4I4RGh8ZFfLrI1BdgiertQuezUOFl7L3fHRSaNUm04R
Ypddni7M8/5BlYc5c2uqH+AJ1fyy1ustnBiLXy+ujcC3tDCh/3bNEHZ/bwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN5tIA27OnJjo4xs0WSO46y1roTOMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvM20wZ0RiczZjbU9qakd6UlpJN2pyTFd1aE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAEj
MA0GCSqGSIb3DQEBCwUAA4IBAQAZq0fh13rcfunFZBCEao5tHsLbEcnxuFVsD328
0RNtmDdCYHdWPs2nzCWL/z7rJ+88k997gQvM3fXNV+dpXriq4ury7i3Wo1i73Kui
YfEgXRoDVy8wc46QL4gQjfhwVCmu+JH6oIsRkiThb3ylYVuqXFtKCNAFjTJi1+WG
uUe4IlhZONWpULcCzALPu2DIIOUgP9T6x20EtRW4xRzcpzHEEVMaYHB3Edky4SmK
b7g3sn9mT8PnOx8/FkrRPdIuLpJSNo1xt95PVpAf3z61ibAktoXWgmLE7ydg0wYe
YMqDaqfaV8sXTmh9xghsN5N0tFhHcAmfBiuXpvA5Ge2vrlu5
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:17:53 2025 by rpki-client