Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/D3MWP3XFiZI7kXDM1xZJ1nmc7j0.roa
File: D3MWP3XFiZI7kXDM1xZJ1nmc7j0.roa (raw, json)
Hash identifier: k8evvsQN0EEQjgIuJEEsV296E+00tw2dzknXYYenNYw=
Subject key identifier: 0F:73:16:3F:75:C5:89:92:3B:91:70:CC:D7:16:49:D6:79:9C:EE:3D
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B39C2313F33521ABFB0945CB529C7F
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/D3MWP3XFiZI7kXDM1xZJ1nmc7j0.roa
Signing time: Thu 02 Jan 2025 15:47:49 +0000
ROA not before: Thu 02 Jan 2025 15:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47377
IP address blocks: 45.93.164.0/23 maxlen: 24
93.185.160.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:9c:23:13:f3:35:21:ab:fb:09:45:cb:52:9c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f73163f75c589923b9170ccd71649d6799cee3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:86:99:f9:92:a8:b3:61:34:4e:4b:6e:94:18:
ae:9c:15:cc:d9:dd:ff:56:92:06:08:81:82:05:57:
46:ea:ed:0e:46:6a:b5:79:47:43:e2:5b:93:9e:0d:
99:12:0a:67:1d:6a:14:6a:c9:77:95:1c:f5:96:bb:
54:07:06:cc:c5:8a:96:7c:24:2d:ca:b9:25:dc:34:
13:84:9b:83:4d:0a:a6:59:e3:9d:a0:61:0d:dc:f4:
03:bc:04:6f:d1:e2:df:60:49:87:c7:67:e6:be:7c:
e7:e2:dc:91:39:c5:2d:d8:81:ad:17:a0:a4:94:02:
3a:ad:1d:bb:7f:fe:fe:14:ea:ba:8b:50:2b:25:a0:
f7:b2:da:22:86:c7:e6:39:9f:2e:57:02:13:8b:c2:
4c:44:2b:b3:bf:37:ee:41:a3:33:28:cb:4b:d4:7b:
a2:66:46:72:20:a5:c8:9b:a9:34:fc:e6:7e:84:58:
dc:bc:d1:96:56:2f:60:f2:0e:62:b8:3f:a2:c8:cd:
57:77:36:47:0b:26:69:39:8f:25:3d:54:60:4e:dc:
28:b3:9f:7c:07:f5:dc:0d:c5:40:ed:1d:da:53:78:
c7:66:30:4f:d5:00:6f:58:fa:cd:60:ed:40:1b:ca:
f6:8a:62:ae:5a:b4:ee:65:ba:3a:a1:ac:b6:f5:3f:
41:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:73:16:3F:75:C5:89:92:3B:91:70:CC:D7:16:49:D6:79:9C:EE:3D
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/D3MWP3XFiZI7kXDM1xZJ1nmc7j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.164.0/23
93.185.160.0/23
Signature Algorithm: sha256WithRSAEncryption
47:84:8c:04:81:37:0a:77:ef:34:35:c4:bd:82:27:e1:e9:1d:
09:20:33:a9:6c:0e:0d:aa:78:44:6d:05:2b:8d:ed:90:56:76:
be:e4:21:d3:95:3d:95:65:03:5e:f9:7a:81:b5:a2:82:67:fc:
64:0e:7a:ae:18:27:22:6b:ce:e0:b9:ac:42:a8:19:fe:cb:11:
04:53:3d:37:80:f6:d8:c6:28:36:20:1f:81:ba:42:3c:2d:de:
1f:b8:55:4f:2c:23:96:00:e7:86:a9:f4:eb:ea:a0:13:dd:17:
56:5c:cb:66:41:d8:8e:74:31:83:84:3b:df:63:12:d3:da:17:
a8:46:95:91:2f:9c:d5:8b:c3:49:cb:8a:76:ac:f8:fa:c8:55:
6c:5f:a6:7a:b8:08:b9:64:f6:30:ef:64:c5:cc:31:e8:6f:bf:
80:15:db:5a:3c:4a:37:61:f1:7d:fc:16:a1:4e:e6:d8:e3:cf:
7f:51:4a:4b:9e:63:b0:39:e5:61:c0:fa:37:04:1f:c7:52:62:
83:f5:71:c0:6f:a3:5d:63:bf:c3:4a:41:d9:92:bd:64:c1:91:
58:82:a5:bf:d7:d0:22:96:c0:23:f7:36:1c:c2:e5:b8:40:ae:
9c:21:07:d2:5c:87:70:78:ea:b4:ca:91:2b:26:96:4d:da:23:
05:f2:2c:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns5wjE/M1Iav7CUXLUpx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjczMTYzZjc1YzU4OTkyM2I5MTcwY2NkNzE2NDlkNjc5OWNlZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YaZ+ZKos2E0TktulBiunBXM2d3/
VpIGCIGCBVdG6u0ORmq1eUdD4luTng2ZEgpnHWoUasl3lRz1lrtUBwbMxYqWfCQt
yrkl3DQThJuDTQqmWeOdoGEN3PQDvARv0eLfYEmHx2fmvnzn4tyROcUt2IGtF6Ck
lAI6rR27f/7+FOq6i1ArJaD3stoihsfmOZ8uVwITi8JMRCuzvzfuQaMzKMtL1Hui
ZkZyIKXIm6k0/OZ+hFjcvNGWVi9g8g5iuD+iyM1XdzZHCyZpOY8lPVRgTtwos598
B/XcDcVA7R3aU3jHZjBP1QBvWPrNYO1AG8r2imKuWrTuZbo6oay29T9BLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA9zFj91xYmSO5FwzNcWSdZ5nO49MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRDNNV1AzWEZpWkk3a1hETTF4Wkoxbm1jN2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLV2kAwQB
XbmgMA0GCSqGSIb3DQEBCwUAA4IBAQBHhIwEgTcKd+80NcS9gifh6R0JIDOpbA4N
qnhEbQUrje2QVna+5CHTlT2VZQNe+XqBtaKCZ/xkDnquGCcia87guaxCqBn+yxEE
Uz03gPbYxig2IB+BukI8Ld4fuFVPLCOWAOeGqfTr6qAT3RdWXMtmQdiOdDGDhDvf
YxLT2heoRpWRL5zVi8NJy4p2rPj6yFVsX6Z6uAi5ZPYw72TFzDHob7+AFdtaPEo3
YfF9/BahTubY489/UUpLnmOwOeVhwPo3BB/HUmKD9XHAb6NdY7/DSkHZkr1kwZFY
gqW/19AilsAj9zYcwuW4QK6cIQfSXIdweOq0ypErJpZN2iMF8iy4
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:32 2025 by rpki-client