Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3HEQhcEOqnMp9TI9xIKL4PSt8W0.roa
File: 3HEQhcEOqnMp9TI9xIKL4PSt8W0.roa (raw, json)
Hash identifier: iiGEol1UAzOhPwjCBYaXalraGFMujqIBu0vrH6mF0zc=
Subject key identifier: DC:71:10:85:C1:0E:AA:73:29:F5:32:3D:C4:82:8B:E0:F4:AD:F1:6D
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 019423D6D35A8EC6505E2AB434493AB7D378
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3HEQhcEOqnMp9TI9xIKL4PSt8W0.roa
Signing time: Wed 01 Jan 2025 21:47:48 +0000
ROA not before: Wed 01 Jan 2025 21:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39616
IP address blocks: 194.242.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d3:5a:8e:c6:50:5e:2a:b4:34:49:3a:b7:d3:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc711085c10eaa7329f5323dc4828be0f4adf16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:0f:cb:03:b2:08:99:68:51:d0:24:af:ae:
7e:b8:0b:40:ed:6e:51:b4:e8:c2:5c:fd:9c:73:37:
83:90:3a:93:93:8b:f9:22:0b:75:ec:5a:9f:f9:43:
bd:c3:8a:22:5c:52:0f:8e:72:9a:81:e3:7c:84:05:
b1:53:d4:3a:18:b1:31:09:13:e8:4b:a4:a1:81:0f:
01:bf:8d:2a:d8:54:1d:0d:c8:a5:d1:b0:32:10:60:
0e:36:26:c8:87:71:7f:aa:80:93:42:37:c5:83:0e:
90:aa:0d:24:49:58:8b:2a:26:39:c4:55:18:ae:e6:
12:3c:96:1f:6f:43:f4:3a:d8:31:55:72:04:cb:1b:
1a:9c:4b:36:b9:01:98:3c:bc:84:56:c1:94:6d:7e:
a3:04:c4:92:93:0c:ce:00:00:68:0a:31:6e:16:e0:
18:9c:78:71:d9:ef:67:70:93:dc:f7:56:93:bd:0f:
1d:3d:ff:06:33:ed:54:1e:d5:ed:a3:96:28:9e:ff:
3b:8a:30:31:86:3e:e2:27:cd:6d:8c:76:d4:83:e5:
d7:fd:9c:0b:9c:63:d5:09:dc:78:9e:5c:38:2c:21:
a5:7d:1e:a3:67:18:59:3a:c3:b1:28:4a:9f:86:7e:
76:25:4d:71:39:1b:6c:7d:90:57:34:28:1e:97:75:
a3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:71:10:85:C1:0E:AA:73:29:F5:32:3D:C4:82:8B:E0:F4:AD:F1:6D
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/3HEQhcEOqnMp9TI9xIKL4PSt8W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.63.0/24
Signature Algorithm: sha256WithRSAEncryption
21:25:62:f0:dc:85:15:51:52:5c:9d:79:36:83:15:26:6a:8c:
1e:f8:73:ba:a6:11:a8:5f:e3:bb:f9:3b:fc:ec:d1:3e:9d:99:
f7:9d:4e:73:8d:c4:df:fe:86:60:0e:20:64:87:91:a4:a4:27:
91:bc:11:e1:d9:7b:e9:ff:53:9e:96:2f:ba:b3:4b:fd:86:44:
de:47:71:e4:99:ac:07:a5:7f:54:a7:a7:98:b8:19:8f:10:ab:
8d:34:9d:26:ce:e6:4d:e3:8b:04:34:32:ef:68:87:53:e0:4e:
4b:b2:ad:b1:69:07:83:50:82:bb:81:4c:41:d8:9a:99:aa:e0:
22:76:c7:23:dd:c2:df:e0:a9:8d:3b:ae:5c:76:a3:36:08:49:
91:1a:0c:1a:83:31:4b:ef:91:22:f1:47:56:be:95:32:94:b3:
27:cc:38:bd:8c:dd:3f:f6:a2:c5:09:2d:bb:5c:7d:5b:f5:c8:
d1:af:a0:03:a0:a6:75:f2:1b:ce:c8:c0:03:d9:52:f3:2f:3e:
86:1b:e3:c5:c3:66:2b:f6:b7:da:0e:2e:a6:74:b8:0d:25:9d:
ad:39:4d:2f:5a:14:dc:e1:11:70:6b:42:e5:92:79:bd:32:2d:
dc:17:d8:a1:9a:56:40:94:eb:70:89:94:b6:a4:47:3c:1a:dd:
b7:f7:69:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1tNajsZQXiq0NEk6t9N4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMTAxMjE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzcxMTA4NWMxMGVhYTczMjlmNTMyM2RjNDgyOGJlMGY0YWRmMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseIPywOyCJloUdAkr65+uAtA7W5R
tOjCXP2cczeDkDqTk4v5Igt17Fqf+UO9w4oiXFIPjnKageN8hAWxU9Q6GLExCRPo
S6ShgQ8Bv40q2FQdDcil0bAyEGAONibIh3F/qoCTQjfFgw6Qqg0kSViLKiY5xFUY
ruYSPJYfb0P0OtgxVXIEyxsanEs2uQGYPLyEVsGUbX6jBMSSkwzOAABoCjFuFuAY
nHhx2e9ncJPc91aTvQ8dPf8GM+1UHtXto5Yonv87ijAxhj7iJ81tjHbUg+XX/ZwL
nGPVCdx4nlw4LCGlfR6jZxhZOsOxKEqfhn52JU1xORtsfZBXNCgel3Wj7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxxEIXBDqpzKfUyPcSCi+D0rfFtMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvM0hFUWhjRU9xbk1wOVRJOXhJS0w0UFN0OFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvI/MA0G
CSqGSIb3DQEBCwUAA4IBAQAhJWLw3IUVUVJcnXk2gxUmaowe+HO6phGoX+O7+Tv8
7NE+nZn3nU5zjcTf/oZgDiBkh5GkpCeRvBHh2Xvp/1Oeli+6s0v9hkTeR3HkmawH
pX9Up6eYuBmPEKuNNJ0mzuZN44sENDLvaIdT4E5Lsq2xaQeDUIK7gUxB2JqZquAi
dscj3cLf4KmNO65cdqM2CEmRGgwagzFL75Ei8UdWvpUylLMnzDi9jN0/9qLFCS27
XH1b9cjRr6ADoKZ18hvOyMAD2VLzLz6GG+PFw2Yr9rfaDi6mdLgNJZ2tOU0vWhTc
4RFwa0Llknm9Mi3cF9ihmlZAlOtwiZS2pEc8Gt2392k3
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:34:41 2025 by rpki-client