Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/9d960f-a59a-435c-ae92-1ca739bb00cc/1/39GioKK3WEGVHUJnnBWLgIR7aNY.roa
File: 39GioKK3WEGVHUJnnBWLgIR7aNY.roa (raw, json)
Hash identifier: 3gqoQOG5P9GOvXCGTNdrghx/0+bSTD9OjFYFlfXtSYU=
Subject key identifier: DF:D1:A2:A0:A2:B7:58:41:95:1D:42:67:9C:15:8B:80:84:7B:68:D6
Certificate issuer: /CN=e208ecb9f34c1fbc3f3589710ab3e349fc6295cc
Certificate serial: 019424457468D7BD7B6B0274C8751FF75D97
Authority key identifier: E2:08:EC:B9:F3:4C:1F:BC:3F:35:89:71:0A:B3:E3:49:FC:62:95:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gjsufNMH7w_NYlxCrPjSfxilcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/9d960f-a59a-435c-ae92-1ca739bb00cc/1/39GioKK3WEGVHUJnnBWLgIR7aNY.roa
Signing time: Wed 01 Jan 2025 23:48:39 +0000
ROA not before: Wed 01 Jan 2025 23:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 146.70.181.0/24 maxlen: 24
146.70.182.0/24 maxlen: 24
185.45.15.0/24 maxlen: 24
2a0d:5600:75::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/9d960f-a59a-435c-ae92-1ca739bb00cc/1/4gjsufNMH7w_NYlxCrPjSfxilcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/9d960f-a59a-435c-ae92-1ca739bb00cc/1/4gjsufNMH7w_NYlxCrPjSfxilcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/4gjsufNMH7w_NYlxCrPjSfxilcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:74:68:d7:bd:7b:6b:02:74:c8:75:1f:f7:5d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e208ecb9f34c1fbc3f3589710ab3e349fc6295cc
Validity
Not Before: Jan 1 23:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfd1a2a0a2b75841951d42679c158b80847b68d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5d:7f:80:d2:a0:03:ee:6e:01:85:94:00:4f:
b3:a9:d8:8f:83:dd:6f:f1:85:59:f8:98:ee:9f:e4:
a7:2b:3d:a7:3b:69:ae:b4:2e:ef:54:51:ae:e3:3b:
82:4a:81:7b:5e:82:f7:d3:ec:5d:93:cb:5d:d5:88:
5d:49:1a:ae:66:cd:25:42:cc:85:e0:25:48:2d:79:
d9:1a:f3:59:d6:31:24:1f:cf:be:5c:9f:1a:c3:aa:
92:a0:fe:ad:c4:9b:ee:42:30:09:fb:43:d0:5d:b4:
45:6a:9a:70:a9:9a:26:4c:e2:72:2f:95:bd:d9:6c:
7a:56:fe:ad:b4:c3:eb:88:48:3f:1f:18:09:85:77:
71:f5:02:d5:bd:fb:c8:67:1c:95:b2:e5:c9:82:19:
e3:7a:95:72:83:86:d3:11:17:30:36:e1:87:ae:60:
58:4b:d0:95:50:c5:99:12:52:1f:8d:52:e3:73:4e:
c1:c6:e6:27:bd:df:f1:4b:f9:1e:70:3a:23:3a:34:
ad:ee:21:2b:ad:e9:75:3b:16:4a:a0:56:2d:f6:1b:
27:7b:c7:04:24:38:f6:d2:69:e3:ad:99:0f:60:1f:
10:a2:1c:6f:36:86:3c:af:bd:7d:68:fb:4a:f6:94:
f8:90:c6:06:49:1d:62:7d:d2:15:27:bb:79:5e:8a:
5e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D1:A2:A0:A2:B7:58:41:95:1D:42:67:9C:15:8B:80:84:7B:68:D6
X509v3 Authority Key Identifier:
keyid:E2:08:EC:B9:F3:4C:1F:BC:3F:35:89:71:0A:B3:E3:49:FC:62:95:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gjsufNMH7w_NYlxCrPjSfxilcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9d960f-a59a-435c-ae92-1ca739bb00cc/1/39GioKK3WEGVHUJnnBWLgIR7aNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/9d960f-a59a-435c-ae92-1ca739bb00cc/1/4gjsufNMH7w_NYlxCrPjSfxilcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.70.181.0-146.70.182.255
185.45.15.0/24
IPv6:
2a0d:5600:75::/48
Signature Algorithm: sha256WithRSAEncryption
a0:b3:09:58:b9:6a:97:cc:60:72:de:48:68:cf:1c:40:b0:2b:
bc:b2:de:8e:50:11:f9:82:0f:c2:38:97:8e:12:45:c3:cd:0c:
e9:6d:1c:c9:01:9d:43:c2:c9:b6:23:ed:33:ce:4c:78:1b:de:
22:7a:0b:22:f0:cf:14:86:a4:56:5d:35:38:da:c4:6e:ea:60:
c2:8b:6e:25:2c:78:28:fd:28:2f:06:00:0b:86:62:5d:5a:5a:
fc:2b:e0:ee:7c:ff:a3:83:7e:a1:75:11:f3:34:6d:c8:a7:6b:
e3:0a:15:ec:35:dd:11:95:c7:3b:5b:54:bb:dd:53:2a:f3:ad:
be:3c:95:60:d7:3b:96:59:0d:ef:73:6a:40:e0:d0:f1:3a:ac:
77:7a:62:6d:66:44:fd:c7:0b:ba:a0:39:c5:5f:ab:44:34:00:
b4:cc:fa:f9:a0:40:61:7d:3a:64:94:06:65:3a:ca:ad:b5:64:
bb:9f:35:5c:43:41:3b:8b:6d:87:a3:7d:8a:86:ab:1f:4b:24:
99:0e:9e:ed:37:0d:42:42:88:9e:9c:e2:da:a0:bc:76:16:df:
ad:31:29:27:d8:97:88:f0:f8:20:5a:4c:51:fe:83:d4:76:e6:
d9:7c:2a:65:8f:7a:76:43:20:c2:b6:ec:06:c0:8e:31:d6:9e:
5e:f8:84:c8
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQkRXRo1717awJ0yHUf912XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMDhlY2I5ZjM0YzFmYmMzZjM1ODk3MTBhYjNlMzQ5ZmM2
Mjk1Y2MwHhcNMjUwMTAxMjM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQxYTJhMGEyYjc1ODQxOTUxZDQyNjc5YzE1OGI4MDg0N2I2OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2l1/gNKgA+5uAYWUAE+zqdiPg91v
8YVZ+Jjun+SnKz2nO2mutC7vVFGu4zuCSoF7XoL30+xdk8td1YhdSRquZs0lQsyF
4CVILXnZGvNZ1jEkH8++XJ8aw6qSoP6txJvuQjAJ+0PQXbRFappwqZomTOJyL5W9
2Wx6Vv6ttMPriEg/HxgJhXdx9QLVvfvIZxyVsuXJghnjepVyg4bTERcwNuGHrmBY
S9CVUMWZElIfjVLjc07BxuYnvd/xS/kecDojOjSt7iErrel1OxZKoFYt9hsne8cE
JDj20mnjrZkPYB8QohxvNoY8r719aPtK9pT4kMYGSR1ifdIVJ7t5XopeGwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFN/RoqCit1hBlR1CZ5wVi4CEe2jWMB8GA1UdIwQY
MBaAFOII7LnzTB+8PzWJcQqz40n8YpXMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGdqc3VmTk1IN3dfTllseENyUGpTZnhpbGN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85ZDk2MGYtYTU5YS00MzVjLWFlOTIt
MWNhNzM5YmIwMGNjLzEvMzlHaW9LSzNXRUdWSFVKbm5CV0xnSVI3YU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85ZDk2MGYtYTU5YS00MzVjLWFlOTItMWNhNzM5YmIwMGNj
LzEvNGdqc3VmTk1IN3dfTllseENyUGpTZnhpbGN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBACSRrUD
BACSRrYDBAC5LQ8wDwQCAAIwCQMHACoNVgAAdTANBgkqhkiG9w0BAQsFAAOCAQEA
oLMJWLlql8xgct5IaM8cQLArvLLejlAR+YIPwjiXjhJFw80M6W0cyQGdQ8LJtiPt
M85MeBveInoLIvDPFIakVl01ONrEbupgwotuJSx4KP0oLwYAC4ZiXVpa/Cvg7nz/
o4N+oXUR8zRtyKdr4woV7DXdEZXHO1tUu91TKvOtvjyVYNc7llkN73NqQODQ8Tqs
d3pibWZE/ccLuqA5xV+rRDQAtMz6+aBAYX06ZJQGZTrKrbVku581XENBO4tth6N9
ioarH0skmQ6e7TcNQkKInpzi2qC8dhbfrTEpJ9iXiPD4IFpMUf6D1Hbm2XwqZY96
dkMgwrbsBsCOMdaeXviEyA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:10:08 2025 by rpki-client