Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/03mz0LQjzt1ORtulSs8-RgKcMnM.roa
File: 03mz0LQjzt1ORtulSs8-RgKcMnM.roa (raw, json)
Hash identifier: o7HH4upfGHhmSB89uCr8oSYNHbC8ZdA+S7MeD1sbYe4=
Subject key identifier: D3:79:B3:D0:B4:23:CE:DD:4E:46:DB:A5:4A:CF:3E:46:02:9C:32:73
Certificate issuer: /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial: 019420D62EE892FDB86237765AC41CF4CF0F
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/03mz0LQjzt1ORtulSs8-RgKcMnM.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33309
IP address blocks: 185.241.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 01:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2e:e8:92:fd:b8:62:37:76:5a:c4:1c:f4:cf:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d379b3d0b423cedd4e46dba54acf3e46029c3273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:21:2b:43:6d:a0:05:f7:1a:ee:1c:c0:ff:a3:
63:73:7d:da:ca:58:3c:44:f6:c5:45:ae:c8:0e:96:
3b:ed:0d:a5:b6:57:07:9e:06:c8:bd:3e:87:3f:9a:
d9:c1:fb:9a:e4:c8:a2:69:22:c9:0f:d3:73:fc:0a:
19:da:35:11:07:93:84:5b:c4:36:22:4c:1f:11:f6:
3b:ea:dc:72:ac:59:f0:61:96:1a:d4:dc:33:cd:cd:
0c:ca:d4:d6:55:e9:90:d5:38:db:e9:37:e2:c4:f6:
24:fd:9d:8f:97:48:d8:44:fa:31:c2:34:88:86:5c:
87:ee:bc:ad:36:96:12:a9:00:36:24:33:15:22:aa:
d5:93:48:1c:8d:41:ae:49:04:c6:38:87:01:72:27:
ce:4e:df:c7:9d:e8:e3:a7:24:41:04:05:46:90:58:
93:eb:f6:3f:f3:d3:de:ab:01:87:af:5c:e9:3a:cd:
3e:37:9a:1c:40:81:8e:25:9f:68:56:e0:f3:8a:7d:
82:1f:88:b2:7b:6c:61:a0:f8:6f:54:0f:32:48:d2:
3b:4b:1b:6d:e4:06:b6:b8:2a:10:b3:67:d2:2b:c5:
fe:1c:06:dd:c6:eb:88:c5:2b:fc:f4:49:34:ca:13:
da:83:36:b1:c6:5e:3a:a6:35:a0:0b:5e:65:50:ac:
73:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:B3:D0:B4:23:CE:DD:4E:46:DB:A5:4A:CF:3E:46:02:9C:32:73
X509v3 Authority Key Identifier:
keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/03mz0LQjzt1ORtulSs8-RgKcMnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.46.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:88:2f:bc:f2:83:fb:78:15:d7:c0:06:41:3d:c8:49:83:3d:
47:32:dd:39:ca:92:5d:86:b2:f6:49:3f:63:17:ef:8c:b6:29:
66:ff:6e:d9:3d:fc:e4:9c:67:60:c7:58:11:c0:1c:0d:f0:28:
fb:f6:94:50:5b:c7:17:c0:b2:17:6c:d7:01:d4:ad:a2:93:34:
16:1e:a3:56:7e:77:11:ca:97:fa:af:df:02:b1:ac:93:20:93:
44:26:1d:34:35:a6:2b:ca:50:74:23:79:b3:a6:20:1e:5b:74:
20:20:25:7d:17:be:b4:71:24:fc:06:f0:28:87:74:c2:1c:2c:
e1:33:19:93:38:95:7d:0b:71:74:bf:b5:c2:58:fb:28:36:b9:
f0:6f:14:a0:1d:b4:0b:7c:32:3d:11:b2:57:00:cd:a2:f4:fd:
7e:ff:84:3d:5d:2c:96:08:6f:21:e3:1c:1f:f6:85:5d:2e:db:
03:37:15:29:3c:dd:07:03:1d:21:f9:2c:0f:a6:49:b0:96:80:
dc:6e:c7:37:fb:d8:de:3c:60:17:a1:85:98:df:65:84:3c:64:
22:15:12:25:78:09:bf:17:ec:7e:f9:2a:a5:77:fc:8b:d7:c9:
74:f5:2a:f3:b8:c6:f7:76:4a:8a:b0:eb:75:aa:7a:8a:a4:3e:
6b:5c:19:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1i7okv24Yjd2WsQc9M8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTFmZTlhNGMwM2QwMTVhZWM5NzRlMmQyOTcwOWE5Nzll
YjgyZjEwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc5YjNkMGI0MjNjZWRkNGU0NmRiYTU0YWNmM2U0NjAyOWMzMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziErQ22gBfca7hzA/6Njc33aylg8
RPbFRa7IDpY77Q2ltlcHngbIvT6HP5rZwfua5MiiaSLJD9Nz/AoZ2jURB5OEW8Q2
IkwfEfY76txyrFnwYZYa1Nwzzc0MytTWVemQ1Tjb6TfixPYk/Z2Pl0jYRPoxwjSI
hlyH7rytNpYSqQA2JDMVIqrVk0gcjUGuSQTGOIcBcifOTt/HnejjpyRBBAVGkFiT
6/Y/89PeqwGHr1zpOs0+N5ocQIGOJZ9oVuDzin2CH4iye2xhoPhvVA8ySNI7Sxtt
5Aa2uCoQs2fSK8X+HAbdxuuIxSv89Ek0yhPagzaxxl46pjWgC15lUKxzQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNN5s9C0I87dTkbbpUrPPkYCnDJzMB8GA1UdIwQY
MBaAFIqh/ppMA9AVrsl04tKXCal564LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYt
MWY5YWUwNTU2NDZmLzEvMDNtejBMUWp6dDFPUnR1bFNzOC1SZ0tjTW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZm
LzEvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufEuMA0G
CSqGSIb3DQEBCwUAA4IBAQCwiC+88oP7eBXXwAZBPchJgz1HMt05ypJdhrL2ST9j
F++Mtilm/27ZPfzknGdgx1gRwBwN8Cj79pRQW8cXwLIXbNcB1K2ikzQWHqNWfncR
ypf6r98CsayTIJNEJh00NaYrylB0I3mzpiAeW3QgICV9F760cST8BvAoh3TCHCzh
MxmTOJV9C3F0v7XCWPsoNrnwbxSgHbQLfDI9EbJXAM2i9P1+/4Q9XSyWCG8h4xwf
9oVdLtsDNxUpPN0HAx0h+SwPpkmwloDcbsc3+9jePGAXoYWY32WEPGQiFRIleAm/
F+x++Sqld/yL18l09SrzuMb3dkqKsOt1qnqKpD5rXBlr
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:54:27 2025 by rpki-client