Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/e08355-cbd0-4012-bcf0-531266df32c0/1/r3BNRU8ZFPvkT4gYLKmsnOzA0wU.roa
File: r3BNRU8ZFPvkT4gYLKmsnOzA0wU.roa (raw, json)
Hash identifier: usVLkCiOqF/SXLxD35rH8tk7OQPGu7iMv/2X+vigyVk=
Subject key identifier: AF:70:4D:45:4F:19:14:FB:E4:4F:88:18:2C:A9:AC:9C:EC:C0:D3:05
Certificate issuer: /CN=fe6dbb2c3f982328e0749514791cebc2e0ea9f88
Certificate serial: 01942067F1390BB14A30F6B52C6FC60AE0CA
Authority key identifier: FE:6D:BB:2C:3F:98:23:28:E0:74:95:14:79:1C:EB:C2:E0:EA:9F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_m27LD-YIyjgdJUUeRzrwuDqn4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/e08355-cbd0-4012-bcf0-531266df32c0/1/r3BNRU8ZFPvkT4gYLKmsnOzA0wU.roa
Signing time: Wed 01 Jan 2025 05:47:50 +0000
ROA not before: Wed 01 Jan 2025 05:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204890
IP address blocks: 92.119.45.0/24 maxlen: 24
92.119.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/e08355-cbd0-4012-bcf0-531266df32c0/1/_m27LD-YIyjgdJUUeRzrwuDqn4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/e08355-cbd0-4012-bcf0-531266df32c0/1/_m27LD-YIyjgdJUUeRzrwuDqn4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/_m27LD-YIyjgdJUUeRzrwuDqn4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:f1:39:0b:b1:4a:30:f6:b5:2c:6f:c6:0a:e0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe6dbb2c3f982328e0749514791cebc2e0ea9f88
Validity
Not Before: Jan 1 05:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af704d454f1914fbe44f88182ca9ac9cecc0d305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:3a:17:ff:18:26:c6:c0:47:5d:33:4a:c9:
80:ff:39:48:91:fc:ce:45:ea:5b:94:6c:b5:61:5d:
8b:a6:d6:8e:c2:dc:73:9f:c8:aa:87:95:29:08:ca:
44:a9:46:8f:89:d8:1a:92:70:e2:28:d5:4b:a8:81:
5a:95:dc:15:90:bb:ab:74:3f:98:05:71:5a:40:f2:
36:c4:7d:4b:5c:8c:0b:d2:d2:f5:a4:bd:3c:a3:14:
26:15:74:a3:1d:d8:b6:d3:af:33:b7:1f:70:76:f0:
d0:e7:46:7e:4b:8c:07:74:c8:2d:ba:1b:50:24:1e:
c7:cf:b5:25:f5:e1:fd:80:fb:47:3f:09:3a:e0:ee:
4f:79:e7:f0:ce:87:24:3a:3d:b1:f6:21:07:d4:a5:
52:a9:c1:50:c4:51:fa:62:25:1a:e9:56:25:81:37:
28:9b:20:b2:fe:ad:1e:63:52:de:27:33:1e:41:ae:
c7:32:2d:6f:57:43:c1:74:a1:0e:79:13:8f:c1:fe:
21:df:0c:b6:7c:eb:13:96:ee:eb:9e:67:b2:ea:89:
b5:08:40:42:35:8c:93:5e:78:65:2f:95:40:b7:ae:
09:a7:80:07:7d:bb:48:ad:70:c4:0a:20:b6:a4:16:
3b:e8:31:49:a7:3b:6f:27:1f:cf:c5:ba:aa:87:41:
44:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:70:4D:45:4F:19:14:FB:E4:4F:88:18:2C:A9:AC:9C:EC:C0:D3:05
X509v3 Authority Key Identifier:
keyid:FE:6D:BB:2C:3F:98:23:28:E0:74:95:14:79:1C:EB:C2:E0:EA:9F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_m27LD-YIyjgdJUUeRzrwuDqn4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e08355-cbd0-4012-bcf0-531266df32c0/1/r3BNRU8ZFPvkT4gYLKmsnOzA0wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e08355-cbd0-4012-bcf0-531266df32c0/1/_m27LD-YIyjgdJUUeRzrwuDqn4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.45.0-92.119.46.255
Signature Algorithm: sha256WithRSAEncryption
2a:77:ef:18:32:ac:8d:b1:6b:77:3b:79:91:9e:e6:45:20:8e:
f3:93:5a:68:fe:4a:8c:ac:e2:1f:be:75:12:3c:59:a1:01:89:
9a:35:41:48:2c:56:3d:74:60:14:4a:76:82:b2:30:d9:0f:12:
69:53:04:4d:b4:1c:c7:2d:7c:ce:4f:43:8e:49:23:22:38:7c:
b3:ac:c6:e0:2e:d3:24:c4:97:bf:87:8a:d5:c1:1c:f9:fb:c6:
8c:92:37:59:af:3a:0c:c7:cc:0d:0e:59:09:66:55:b5:cb:94:
d7:3d:ff:ec:b4:d6:bc:1e:18:0f:f2:8f:48:77:0d:4b:24:7b:
7a:ba:9e:b5:1c:c3:59:3d:94:7f:e8:42:79:40:29:28:48:87:
4a:4d:3e:25:ff:a1:9c:56:73:d0:b9:15:0a:94:1c:ec:3e:f3:
09:7f:7f:1b:63:43:42:0a:88:31:70:f4:6b:49:3e:48:dc:f5:
24:c1:89:92:65:e7:74:b4:20:99:3a:c6:55:93:a5:91:99:ba:
de:92:7a:73:03:6b:68:ea:d3:53:de:02:77:ab:8d:b2:d4:69:
7b:2c:41:76:b3:b2:ac:17:c9:c9:0e:e2:1c:8d:ff:e9:52:99:
6d:b3:4a:90:67:32:ab:34:55:2f:54:6d:ef:c8:a4:0b:0a:9f:
90:00:29:f6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQgZ/E5C7FKMPa1LG/GCuDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNmRiYjJjM2Y5ODIzMjhlMDc0OTUxNDc5MWNlYmMyZTBl
YTlmODgwHhcNMjUwMTAxMDU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjcwNGQ0NTRmMTkxNGZiZTQ0Zjg4MTgyY2E5YWM5Y2VjYzBkMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMw6F/8YJsbAR10zSsmA/zlIkfzO
RepblGy1YV2LptaOwtxzn8iqh5UpCMpEqUaPidgaknDiKNVLqIFaldwVkLurdD+Y
BXFaQPI2xH1LXIwL0tL1pL08oxQmFXSjHdi2068ztx9wdvDQ50Z+S4wHdMgtuhtQ
JB7Hz7Ul9eH9gPtHPwk64O5PeefwzockOj2x9iEH1KVSqcFQxFH6YiUa6VYlgTco
myCy/q0eY1LeJzMeQa7HMi1vV0PBdKEOeROPwf4h3wy2fOsTlu7rnmey6om1CEBC
NYyTXnhlL5VAt64Jp4AHfbtIrXDECiC2pBY76DFJpztvJx/Pxbqqh0FEuwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK9wTUVPGRT75E+IGCyprJzswNMFMB8GA1UdIwQY
MBaAFP5tuyw/mCMo4HSVFHkc68Lg6p+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX20yN0xELVlJeWpnZEpVVWVSenJ3dURxbjRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9lMDgzNTUtY2JkMC00MDEyLWJjZjAt
NTMxMjY2ZGYzMmMwLzEvcjNCTlJVOFpGUHZrVDRnWUxLbXNuT3pBMHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9lMDgzNTUtY2JkMC00MDEyLWJjZjAtNTMxMjY2ZGYzMmMw
LzEvX20yN0xELVlJeWpnZEpVVWVSenJ3dURxbjRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABcdy0D
BABcdy4wDQYJKoZIhvcNAQELBQADggEBACp37xgyrI2xa3c7eZGe5kUgjvOTWmj+
Soys4h++dRI8WaEBiZo1QUgsVj10YBRKdoKyMNkPEmlTBE20HMctfM5PQ45JIyI4
fLOsxuAu0yTEl7+HitXBHPn7xoySN1mvOgzHzA0OWQlmVbXLlNc9/+y01rweGA/y
j0h3DUske3q6nrUcw1k9lH/oQnlAKShIh0pNPiX/oZxWc9C5FQqUHOw+8wl/fxtj
Q0IKiDFw9GtJPkjc9STBiZJl53S0IJk6xlWTpZGZut6SenMDa2jq01PeAnerjbLU
aXssQXazsqwXyckO4hyN/+lSmW2zSpBnMqs0VS9Ube/IpAsKn5AAKfY=
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:12:24 2025 by rpki-client