Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3WNl-m7gCvquDzEDrkwIQEg6pro.roa
File: 3WNl-m7gCvquDzEDrkwIQEg6pro.roa (raw, json)
Hash identifier: FxKNwejyJuuX0RG0vdRP0TUvJlDOzXxsIbbdxEYJvWM=
Subject key identifier: DD:63:65:FA:6E:E0:0A:FA:AE:0F:31:03:AE:4C:08:40:48:3A:A6:BA
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019424456301DA8D602AA323A7DA47FD3707
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3WNl-m7gCvquDzEDrkwIQEg6pro.roa
Signing time: Wed 01 Jan 2025 23:48:34 +0000
ROA not before: Wed 01 Jan 2025 23:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43697
IP address blocks: 194.179.36.0/24 maxlen: 24
195.57.128.0/24 maxlen: 24
195.57.169.0/24 maxlen: 24
195.235.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:63:01:da:8d:60:2a:a3:23:a7:da:47:fd:37:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Jan 1 23:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd6365fa6ee00afaae0f3103ae4c0840483aa6ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:72:9e:61:46:3c:84:5c:7b:84:d6:3e:9d:aa:
5b:96:49:71:d6:a6:b9:ea:30:15:fe:81:bf:80:db:
46:79:6f:0c:99:bb:3d:43:9c:93:7c:97:2b:e6:72:
2f:2a:b0:e3:75:ee:f7:89:7d:00:00:43:61:74:bf:
4f:9b:44:e7:1a:a8:0e:ac:90:08:e9:51:df:a9:50:
f9:28:30:58:af:fb:4c:05:83:58:50:e7:a6:ca:66:
24:df:8f:6a:49:f1:ca:b2:00:50:9f:cf:c6:47:9c:
3a:0c:a5:c6:9f:22:37:23:d2:ea:07:82:73:9c:65:
cf:6d:ca:74:ea:61:88:09:55:38:5f:a7:13:58:11:
74:18:47:8e:94:15:d3:f4:ac:77:9e:0c:c0:ec:81:
77:e8:75:77:64:42:fb:4b:44:1c:bc:a1:f9:30:17:
7b:ab:41:e0:70:aa:a4:dd:6c:e1:39:56:83:a2:e2:
8a:4d:4c:a5:d9:2f:d8:65:5f:5b:87:a9:5c:01:a3:
3d:bf:88:15:ef:3f:c7:04:fb:0c:87:67:9a:07:74:
24:3a:db:da:fb:5b:21:03:09:5c:33:e1:9d:a2:2f:
5a:16:4d:ae:11:6e:05:58:2c:2f:f6:e1:47:49:2c:
6d:4b:d0:2b:84:77:3e:0d:65:4f:fd:8f:29:a3:b5:
a2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:63:65:FA:6E:E0:0A:FA:AE:0F:31:03:AE:4C:08:40:48:3A:A6:BA
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/3WNl-m7gCvquDzEDrkwIQEg6pro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.179.36.0/24
195.57.128.0/24
195.57.169.0/24
195.235.199.0/24
Signature Algorithm: sha256WithRSAEncryption
da:54:0a:e1:67:16:11:40:01:d3:ae:a2:17:61:56:43:4b:de:
ff:ac:3c:3a:d3:4f:b9:e3:06:1b:91:20:5a:54:fd:79:f7:93:
02:c1:c4:39:de:85:bf:4b:2b:d6:5b:e0:e9:c1:c5:80:ba:fe:
e5:c6:c4:86:b0:6d:91:cc:09:76:1f:64:90:48:2e:ee:71:78:
ce:c0:ec:38:61:a7:c3:ac:07:44:49:c3:b2:67:b5:ff:bb:5c:
fb:ec:71:2e:13:b7:0d:cb:86:5b:72:26:1f:1e:71:15:a2:59:
f4:5f:f2:d2:e5:dd:2e:c6:e5:ad:71:2c:7c:9c:dd:18:80:ce:
6a:f4:89:b1:cc:dd:9d:60:d1:ea:8a:c4:2e:f4:b5:2e:8d:d3:
1d:0b:d9:59:d4:33:c2:9d:2d:f2:91:2f:4f:11:1f:ba:70:24:
5f:fe:1d:b6:af:80:36:90:8b:95:89:ff:be:f7:a4:cf:da:73:
74:a4:c5:0e:84:33:c8:a2:fe:f2:03:a5:f6:64:01:23:b1:99:
e9:33:6c:cf:2f:7c:d3:ee:6d:e9:ac:a6:2e:09:c3:4b:76:97:
25:25:08:61:34:d0:5d:84:00:52:4b:9e:85:42:8b:71:59:18:
59:65:28:89:9f:31:2b:62:cc:85:3f:a4:69:88:c6:59:be:8d:
ad:53:de:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQkRWMB2o1gKqMjp9pH/TcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwMTAxMjM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDYzNjVmYTZlZTAwYWZhYWUwZjMxMDNhZTRjMDg0MDQ4M2FhNmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3KeYUY8hFx7hNY+napblklx1qa5
6jAV/oG/gNtGeW8Mmbs9Q5yTfJcr5nIvKrDjde73iX0AAENhdL9Pm0TnGqgOrJAI
6VHfqVD5KDBYr/tMBYNYUOemymYk349qSfHKsgBQn8/GR5w6DKXGnyI3I9LqB4Jz
nGXPbcp06mGICVU4X6cTWBF0GEeOlBXT9Kx3ngzA7IF36HV3ZEL7S0QcvKH5MBd7
q0HgcKqk3WzhOVaDouKKTUyl2S/YZV9bh6lcAaM9v4gV7z/HBPsMh2eaB3QkOtva
+1shAwlcM+Gdoi9aFk2uEW4FWCwv9uFHSSxtS9ArhHc+DWVP/Y8po7Wi5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN1jZfpu4Ar6rg8xA65MCEBIOqa6MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvM1dObC1tN2dDdnF1RHpFRHJrd0lRRWc2cHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwrMkAwQA
wzmAAwQAwzmpAwQAw+vHMA0GCSqGSIb3DQEBCwUAA4IBAQDaVArhZxYRQAHTrqIX
YVZDS97/rDw600+54wYbkSBaVP1595MCwcQ53oW/SyvWW+DpwcWAuv7lxsSGsG2R
zAl2H2SQSC7ucXjOwOw4YafDrAdEScOyZ7X/u1z77HEuE7cNy4ZbciYfHnEVoln0
X/LS5d0uxuWtcSx8nN0YgM5q9ImxzN2dYNHqisQu9LUujdMdC9lZ1DPCnS3ykS9P
ER+6cCRf/h22r4A2kIuVif++96TP2nN0pMUOhDPIov7yA6X2ZAEjsZnpM2zPL3zT
7m3prKYuCcNLdpclJQhhNNBdhABSS56FQotxWRhZZSiJnzErYsyFP6RpiMZZvo2t
U94K
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:15:28 2025 by rpki-client