Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/fb5abe-6a3a-4d37-bf61-63e75e953a93/1/3vU9lDg123BQs9bja01AubVJ0Og.roa
File: 3vU9lDg123BQs9bja01AubVJ0Og.roa (raw, json)
Hash identifier: yP+f81+TFRbJ5t0yOxIDgQtB0tKvBjQ2pf/wHd/Zu40=
Subject key identifier: DE:F5:3D:94:38:35:DB:70:50:B3:D6:E3:6B:4D:40:B9:B5:49:D0:E8
Certificate issuer: /CN=701624ffc5721c158e4cc9bb071eb4fb87d88c24
Certificate serial: 019423D6D78F246A0D0F6ADBE1D46C9B087C
Authority key identifier: 70:16:24:FF:C5:72:1C:15:8E:4C:C9:BB:07:1E:B4:FB:87:D8:8C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBYk_8VyHBWOTMm7Bx60-4fYjCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/fb5abe-6a3a-4d37-bf61-63e75e953a93/1/3vU9lDg123BQs9bja01AubVJ0Og.roa
Signing time: Wed 01 Jan 2025 21:47:49 +0000
ROA not before: Wed 01 Jan 2025 21:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47329
IP address blocks: 79.139.48.0/22 maxlen: 22
79.139.112.0/22 maxlen: 22
185.39.160.0/22 maxlen: 22
185.39.161.0/24 maxlen: 24
185.39.163.0/24 maxlen: 24
185.63.108.0/22 maxlen: 22
185.63.200.0/22 maxlen: 22
185.67.8.0/22 maxlen: 22
185.67.68.0/22 maxlen: 22
185.116.252.0/24 maxlen: 24
185.116.253.0/24 maxlen: 24
185.116.254.0/24 maxlen: 24
185.116.255.0/24 maxlen: 24
195.62.64.0/23 maxlen: 23
195.62.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/fb5abe-6a3a-4d37-bf61-63e75e953a93/1/cBYk_8VyHBWOTMm7Bx60-4fYjCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/fb5abe-6a3a-4d37-bf61-63e75e953a93/1/cBYk_8VyHBWOTMm7Bx60-4fYjCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/cBYk_8VyHBWOTMm7Bx60-4fYjCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d7:8f:24:6a:0d:0f:6a:db:e1:d4:6c:9b:08:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=701624ffc5721c158e4cc9bb071eb4fb87d88c24
Validity
Not Before: Jan 1 21:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=def53d943835db7050b3d6e36b4d40b9b549d0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:23:01:a2:0d:bb:33:bb:b1:9b:48:0b:e5:34:
1f:ca:39:b4:23:eb:09:d1:f6:e4:cc:12:b3:fc:4b:
68:85:c6:9e:36:86:b9:ac:96:6e:d6:98:91:a0:03:
aa:c5:e6:c3:bb:c0:65:04:a9:a1:d0:27:80:db:b1:
41:22:81:b6:53:28:a7:fb:69:80:7b:39:a2:01:ce:
4d:64:95:1e:44:73:ed:68:52:d2:68:4b:f7:9e:ec:
92:8f:d4:65:c2:8f:f6:78:df:d7:bb:ed:94:8f:bf:
6b:43:fe:8f:53:91:b3:8f:cd:d7:5a:95:91:b3:2f:
12:b5:3a:77:fb:b4:eb:ed:f0:16:00:70:25:ba:34:
6b:13:74:17:49:e3:1b:2d:d4:cb:4f:ac:cf:d2:2e:
bd:f6:18:84:93:5c:45:8b:b0:56:63:c0:5b:b1:50:
20:ea:bc:7f:60:9d:38:84:3a:6e:a9:ea:64:d9:b8:
9d:f6:7b:1a:4b:3d:af:c8:a9:c7:6d:c1:bf:b7:d4:
cd:27:4f:fe:5a:b4:33:6a:77:f9:fa:f4:77:26:3e:
2a:ff:26:65:93:b7:09:83:15:cc:92:e8:f2:f6:db:
51:56:3d:90:c9:e9:20:dc:74:47:5d:ec:32:8f:a9:
e3:78:e1:79:76:79:66:b5:fe:94:59:1f:bd:ee:3a:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F5:3D:94:38:35:DB:70:50:B3:D6:E3:6B:4D:40:B9:B5:49:D0:E8
X509v3 Authority Key Identifier:
keyid:70:16:24:FF:C5:72:1C:15:8E:4C:C9:BB:07:1E:B4:FB:87:D8:8C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBYk_8VyHBWOTMm7Bx60-4fYjCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/fb5abe-6a3a-4d37-bf61-63e75e953a93/1/3vU9lDg123BQs9bja01AubVJ0Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/fb5abe-6a3a-4d37-bf61-63e75e953a93/1/cBYk_8VyHBWOTMm7Bx60-4fYjCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.48.0/22
79.139.112.0/22
185.39.160.0/22
185.63.108.0/22
185.63.200.0/22
185.67.8.0/22
185.67.68.0/22
185.116.252.0/22
195.62.64.0/23
Signature Algorithm: sha256WithRSAEncryption
33:1e:51:ff:84:c8:ec:7e:bb:0c:0b:7a:38:9d:83:d3:9d:98:
95:bb:42:87:86:19:7e:5e:e7:39:2a:9b:ed:e7:ac:e1:4e:b6:
5c:4c:88:2c:5d:41:08:70:5a:c9:cf:ac:78:4d:c1:e8:67:40:
13:2b:a2:00:e6:11:e5:e3:e4:08:39:89:73:23:c8:48:f9:40:
ff:40:9a:39:b0:06:a2:66:81:0b:e2:45:00:1e:b5:05:00:b3:
6f:e7:9c:52:2c:6e:0e:b3:7c:64:04:bf:9c:2d:c9:16:e5:b4:
3c:28:65:14:ea:8c:42:1c:fd:73:eb:da:6d:85:8d:bb:21:db:
74:6b:3a:d0:a7:8b:49:90:22:3d:c5:89:56:e8:64:a9:bf:a9:
93:50:68:65:84:a8:6b:67:66:fe:a3:90:7d:59:db:40:ae:67:
86:3f:b5:8f:4c:59:30:b8:b4:f9:3a:ee:d9:2c:29:8f:5c:b2:
8f:c6:c0:81:73:f7:fb:d0:00:c9:97:a6:a2:36:d4:16:46:2a:
57:70:f2:ba:5b:15:72:78:24:1c:de:bb:7f:11:55:4a:bc:20:
a5:d0:a1:ba:f5:03:45:9c:b5:3d:cc:ae:10:4e:95:1d:f3:5a:
22:cb:42:66:47:41:4e:e2:01:07:8c:ec:b0:be:83:4e:29:be:
d4:6f:31:5d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQj1tePJGoND2rb4dRsmwh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTYyNGZmYzU3MjFjMTU4ZTRjYzliYjA3MWViNGZiODdk
ODhjMjQwHhcNMjUwMTAxMjE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY1M2Q5NDM4MzVkYjcwNTBiM2Q2ZTM2YjRkNDBiOWI1NDlkMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yMBog27M7uxm0gL5TQfyjm0I+sJ
0fbkzBKz/EtohcaeNoa5rJZu1piRoAOqxebDu8BlBKmh0CeA27FBIoG2Uyin+2mA
ezmiAc5NZJUeRHPtaFLSaEv3nuySj9Rlwo/2eN/Xu+2Uj79rQ/6PU5Gzj83XWpWR
sy8StTp3+7Tr7fAWAHAlujRrE3QXSeMbLdTLT6zP0i699hiEk1xFi7BWY8BbsVAg
6rx/YJ04hDpuqepk2bid9nsaSz2vyKnHbcG/t9TNJ0/+WrQzanf5+vR3Jj4q/yZl
k7cJgxXMkujy9ttRVj2Qyekg3HRHXewyj6njeOF5dnlmtf6UWR+97jr/qQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN71PZQ4NdtwULPW42tNQLm1SdDoMB8GA1UdIwQY
MBaAFHAWJP/FchwVjkzJuwcetPuH2IwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JZa184VnlIQldPVE1tN0J4NjAtNGZZakNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mYjVhYmUtNmEzYS00ZDM3LWJmNjEt
NjNlNzVlOTUzYTkzLzEvM3ZVOWxEZzEyM0JRczliamEwMUF1YlZKME9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mYjVhYmUtNmEzYS00ZDM3LWJmNjEtNjNlNzVlOTUzYTkz
LzEvY0JZa184VnlIQldPVE1tN0J4NjAtNGZZakNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCT4swAwQC
T4twAwQCuSegAwQCuT9sAwQCuT/IAwQCuUMIAwQCuUNEAwQCuXT8AwQBwz5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAzHlH/hMjsfrsMC3o4nYPTnZiVu0KHhhl+Xuc5Kpvt
56zhTrZcTIgsXUEIcFrJz6x4TcHoZ0ATK6IA5hHl4+QIOYlzI8hI+UD/QJo5sAai
ZoEL4kUAHrUFALNv55xSLG4Os3xkBL+cLckW5bQ8KGUU6oxCHP1z69pthY27Idt0
azrQp4tJkCI9xYlW6GSpv6mTUGhlhKhrZ2b+o5B9WdtArmeGP7WPTFkwuLT5Ou7Z
LCmPXLKPxsCBc/f70ADJl6aiNtQWRipXcPK6WxVyeCQc3rt/EVVKvCCl0KG69QNF
nLU9zK4QTpUd81oiy0JmR0FO4gEHjOywvoNOKb7UbzFd
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:26:37 2025 by rpki-client