Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/P3rY7Cmn84Ni11FziReIJTvis6Q.roa
File: P3rY7Cmn84Ni11FziReIJTvis6Q.roa (raw, json)
Hash identifier: SHFkgztCNHhWPjHt5nCk5Bgx6ribEhAmnRifNZCrpkc=
Subject key identifier: 3F:7A:D8:EC:29:A7:F3:83:62:D7:51:73:89:17:88:25:3B:E2:B3:A4
Certificate issuer: /CN=d476b006351a2f9cf2a91386de50ce27f1550595
Certificate serial: 0194228E244704840561248302985F2FF6E9
Authority key identifier: D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/P3rY7Cmn84Ni11FziReIJTvis6Q.roa
Signing time: Wed 01 Jan 2025 15:48:48 +0000
ROA not before: Wed 01 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 5.102.80.0/20 maxlen: 24
37.152.32.0/20 maxlen: 24
62.8.96.0/19 maxlen: 24
84.252.192.0/18 maxlen: 24
94.250.224.0/20 maxlen: 24
146.255.0.0/20 maxlen: 24
164.40.208.0/20 maxlen: 24
178.239.96.0/20 maxlen: 24
185.13.140.0/22 maxlen: 24
195.12.0.0/19 maxlen: 24
195.74.128.0/19 maxlen: 24
212.58.32.0/19 maxlen: 24
213.83.64.0/18 maxlen: 24
213.246.128.0/18 maxlen: 24
2001:4160::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:24:47:04:84:05:61:24:83:02:98:5f:2f:f6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d476b006351a2f9cf2a91386de50ce27f1550595
Validity
Not Before: Jan 1 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f7ad8ec29a7f38362d75173891788253be2b3a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1b:38:d8:2f:79:ef:8f:50:e1:4c:02:a1:12:
ee:5c:d8:48:64:91:56:99:eb:73:6f:cb:b9:88:8f:
6f:1d:7e:bf:fa:3c:25:87:99:e4:7d:75:b1:44:bf:
80:84:f6:0d:a3:7b:56:18:c3:7d:2d:7e:5f:d0:76:
5e:f0:a4:af:a8:4a:27:af:22:ef:b7:7b:ac:84:49:
03:3f:18:d4:0c:38:17:ac:af:56:4f:04:63:8c:8f:
89:f6:19:24:02:4e:c5:04:f9:a4:03:70:2c:10:fc:
c5:5f:9f:02:0e:bc:7a:3e:6f:4f:03:e5:da:88:3f:
e4:ea:6b:37:cc:c4:a8:1e:4a:12:9c:0f:41:c1:31:
85:19:f4:fb:09:db:5e:cd:ff:46:78:6e:b6:62:d0:
a1:7c:9b:88:4c:6f:61:9c:c8:b8:6c:69:2d:e6:c7:
81:75:e3:2c:67:e9:55:5a:14:83:0e:8a:3a:54:3c:
ec:d0:41:df:55:86:b9:c9:c7:49:82:d6:dd:28:2e:
e3:c0:cf:31:b1:0a:20:49:89:03:ed:a4:6a:bf:bc:
9b:9b:38:23:fe:de:16:33:a5:9c:a4:d2:34:1d:76:
f7:46:aa:0b:7e:01:fc:e8:25:44:69:45:c2:c7:2d:
4c:8e:6f:ae:27:a1:1b:b5:a7:30:cd:dd:24:ca:4b:
d7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7A:D8:EC:29:A7:F3:83:62:D7:51:73:89:17:88:25:3B:E2:B3:A4
X509v3 Authority Key Identifier:
keyid:D4:76:B0:06:35:1A:2F:9C:F2:A9:13:86:DE:50:CE:27:F1:55:05:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HawBjUaL5zyqROG3lDOJ_FVBZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/P3rY7Cmn84Ni11FziReIJTvis6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/46207f-7e34-4292-b14a-44c07f314904/1/1HawBjUaL5zyqROG3lDOJ_FVBZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.80.0/20
37.152.32.0/20
62.8.96.0/19
84.252.192.0/18
94.250.224.0/20
146.255.0.0/20
164.40.208.0/20
178.239.96.0/20
185.13.140.0/22
195.12.0.0/19
195.74.128.0/19
212.58.32.0/19
213.83.64.0/18
213.246.128.0/18
IPv6:
2001:4160::/32
Signature Algorithm: sha256WithRSAEncryption
39:60:46:77:c3:f3:6b:48:9d:a5:9b:e4:e9:7c:6d:6b:2b:79:
83:4d:e2:57:d4:e2:e9:37:03:4c:2d:ba:1e:f8:02:b0:da:90:
f6:8a:38:27:eb:91:cc:41:93:b6:4a:61:cd:11:de:bb:7d:40:
e0:12:c3:a4:a5:e6:d2:8e:c1:17:a7:aa:70:3c:cb:8d:db:3a:
0b:f8:f5:c3:7d:b5:ce:a6:e7:e8:61:c7:e3:84:0e:38:84:6f:
18:3e:d6:c4:26:07:3e:69:61:b1:d8:e7:16:23:4b:29:21:d8:
3f:55:69:93:1f:2d:5b:37:45:e0:e6:d6:61:bb:23:8b:c7:0d:
6c:ed:0a:54:dc:15:20:cd:ae:39:74:cb:4a:de:56:0f:b4:e0:
9c:40:2f:6e:bb:57:c1:59:81:38:8f:20:ff:b8:6f:f8:29:4a:
81:c7:a1:c6:59:d6:e9:2f:7a:2a:e6:f5:9e:28:22:4b:b9:58:
71:c2:0e:37:71:09:5b:a3:f3:93:b8:8f:ea:1e:63:3e:49:46:
bc:dd:d9:08:09:b9:97:b8:e1:38:79:eb:14:30:07:7d:57:fe:
bb:34:d5:2d:d5:77:94:da:59:d4:a0:40:0d:2d:4e:96:06:9a:
b5:bf:fc:fb:cb:61:7a:0b:3a:54:d8:d6:5b:ed:6f:98:2b:c6:
44:54:a7:37
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQijiRHBIQFYSSDAphfL/bpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzZiMDA2MzUxYTJmOWNmMmE5MTM4NmRlNTBjZTI3ZjE1
NTA1OTUwHhcNMjUwMTAxMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjdhZDhlYzI5YTdmMzgzNjJkNzUxNzM4OTE3ODgyNTNiZTJiM2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBs42C95749Q4UwCoRLuXNhIZJFW
metzb8u5iI9vHX6/+jwlh5nkfXWxRL+AhPYNo3tWGMN9LX5f0HZe8KSvqEonryLv
t3ushEkDPxjUDDgXrK9WTwRjjI+J9hkkAk7FBPmkA3AsEPzFX58CDrx6Pm9PA+Xa
iD/k6ms3zMSoHkoSnA9BwTGFGfT7Cdtezf9GeG62YtChfJuITG9hnMi4bGkt5seB
deMsZ+lVWhSDDoo6VDzs0EHfVYa5ycdJgtbdKC7jwM8xsQogSYkD7aRqv7ybmzgj
/t4WM6WcpNI0HXb3RqoLfgH86CVEaUXCxy1Mjm+uJ6Ebtacwzd0kykvXwwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFD962Owpp/ODYtdRc4kXiCU74rOkMB8GA1UdIwQY
MBaAFNR2sAY1Gi+c8qkTht5QzifxVQWVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhhd0JqVWFMNXp5cVJPRzNsRE9KX0ZWQlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjIwN2YtN2UzNC00MjkyLWIxNGEt
NDRjMDdmMzE0OTA0LzEvUDNyWTdDbW44NE5pMTFGemlSZUlKVHZpczZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjIwN2YtN2UzNC00MjkyLWIxNGEtNDRjMDdmMzE0OTA0
LzEvMUhhd0JqVWFMNXp5cVJPRzNsRE9KX0ZWQlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEBWZQAwQE
JZggAwQFPghgAwQGVPzAAwQEXvrgAwQEkv8AAwQEpCjQAwQEsu9gAwQCuQ2MAwQF
wwwAAwQFw0qAAwQF1DogAwQG1VNAAwQG1faAMA0EAgACMAcDBQAgAUFgMA0GCSqG
SIb3DQEBCwUAA4IBAQA5YEZ3w/NrSJ2lm+TpfG1rK3mDTeJX1OLpNwNMLboe+AKw
2pD2ijgn65HMQZO2SmHNEd67fUDgEsOkpebSjsEXp6pwPMuN2zoL+PXDfbXOpufo
YcfjhA44hG8YPtbEJgc+aWGx2OcWI0spIdg/VWmTHy1bN0Xg5tZhuyOLxw1s7QpU
3BUgza45dMtK3lYPtOCcQC9uu1fBWYE4jyD/uG/4KUqBx6HGWdbpL3oq5vWeKCJL
uVhxwg43cQlbo/OTuI/qHmM+SUa83dkICbmXuOE4eesUMAd9V/67NNUt1XeU2lnU
oEANLU6WBpq1v/z7y2F6CzpU2NZb7W+YK8ZEVKc3
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:44:28 2025 by rpki-client