Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/mp3Ps9Wb-eE83MSoTQrKorxtZTg.roa
File: mp3Ps9Wb-eE83MSoTQrKorxtZTg.roa (raw, json)
Hash identifier: Whr3Evryw6Na+L//5TTMD5LCJqnqbVVaoyp0nqLqIfA=
Subject key identifier: 9A:9D:CF:B3:D5:9B:F9:E1:3C:DC:C4:A8:4D:0A:CA:A2:BC:6D:65:38
Certificate issuer: /CN=7a1ff702726e75b3a68f1182e47ffbcdcae515e5
Certificate serial: 01941F8C2D4A933C14EB781F947CF463B4B3
Authority key identifier: 7A:1F:F7:02:72:6E:75:B3:A6:8F:11:82:E4:7F:FB:CD:CA:E5:15:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/mp3Ps9Wb-eE83MSoTQrKorxtZTg.roa
Signing time: Wed 01 Jan 2025 01:47:47 +0000
ROA not before: Wed 01 Jan 2025 01:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213260
IP address blocks: 46.232.144.0/21 maxlen: 21
80.67.112.0/20 maxlen: 20
80.249.32.0/20 maxlen: 20
87.238.0.0/19 maxlen: 22
89.249.176.0/21 maxlen: 21
2a07:f500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2d:4a:93:3c:14:eb:78:1f:94:7c:f4:63:b4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a1ff702726e75b3a68f1182e47ffbcdcae515e5
Validity
Not Before: Jan 1 01:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a9dcfb3d59bf9e13cdcc4a84d0acaa2bc6d6538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:21:eb:58:f7:ab:81:e6:cc:e0:56:c4:09:d4:
64:fc:89:2c:7f:25:7d:18:a9:74:7e:07:69:74:96:
26:af:0a:19:af:0c:be:2b:59:9c:93:9a:08:5d:f2:
32:68:e6:d6:cb:fc:ba:b7:2c:cf:40:1d:5e:01:79:
96:19:4b:d1:41:4a:60:bb:72:f5:1d:a3:9a:f2:aa:
a2:5f:2c:ca:79:19:e1:a9:eb:f8:62:a4:eb:f4:c8:
a9:92:42:85:05:98:50:12:71:86:cf:62:67:99:42:
85:98:d2:57:1d:1b:62:e9:fa:0b:86:80:89:80:99:
b3:8c:ba:38:04:1b:cb:24:b3:62:43:44:d0:83:5b:
58:c8:c3:57:83:a0:68:34:b1:de:47:2a:c9:20:46:
40:e5:6e:7e:fc:30:8b:d7:cc:ca:7e:79:c9:fe:3e:
30:df:9a:85:ae:30:bb:ae:ff:92:26:bd:f7:86:85:
06:c8:d1:87:0c:81:a9:54:97:4f:7b:58:ce:04:d3:
f7:74:a0:a0:42:da:55:12:76:0d:a2:6e:5c:ca:aa:
2e:e9:74:bd:8f:e2:1c:e4:8c:b2:ce:38:02:67:b5:
bf:5b:b0:0c:f9:8c:e1:07:99:94:5a:5f:04:1a:3d:
57:9a:2d:a4:82:d0:79:c5:c6:3b:8f:3f:35:94:0e:
b9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9D:CF:B3:D5:9B:F9:E1:3C:DC:C4:A8:4D:0A:CA:A2:BC:6D:65:38
X509v3 Authority Key Identifier:
keyid:7A:1F:F7:02:72:6E:75:B3:A6:8F:11:82:E4:7F:FB:CD:CA:E5:15:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eh_3AnJudbOmjxGC5H_7zcrlFeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/mp3Ps9Wb-eE83MSoTQrKorxtZTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6fef03-0670-41ab-a6c9-43adb605f68a/1/eh_3AnJudbOmjxGC5H_7zcrlFeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.144.0/21
80.67.112.0/20
80.249.32.0/20
87.238.0.0/19
89.249.176.0/21
IPv6:
2a07:f500::/29
Signature Algorithm: sha256WithRSAEncryption
a6:35:28:fe:0f:a9:98:03:9d:9a:ec:c8:02:49:d0:37:29:6a:
e7:85:cb:88:e2:c7:ec:cc:5e:f7:73:e7:4b:c2:13:99:e4:3a:
38:db:b7:84:4d:b8:91:fc:86:c8:a5:53:83:98:af:38:fb:7b:
85:52:77:44:4e:95:e9:3a:c6:0b:be:a6:cd:99:b4:81:d4:16:
26:87:ca:2b:6f:5d:05:6e:8e:d0:16:c6:6c:f4:6a:d5:a7:4a:
d1:a4:9c:be:0f:70:3a:a7:9a:ac:c2:bd:f2:5c:cf:dd:dc:c8:
40:bd:25:69:03:d5:d5:84:4d:a8:f5:c5:b8:0b:20:85:2b:a9:
22:62:a4:dc:e3:d3:2c:9c:60:3d:09:92:47:e6:7e:62:12:dc:
5b:bc:26:e0:6a:79:9a:4a:08:b1:8a:b2:1f:db:80:86:bd:ac:
30:78:fe:3f:5f:9c:8a:4a:17:25:27:74:4b:45:ca:c8:ff:13:
ab:e8:98:44:cb:a3:07:9e:a5:8f:ec:a2:2f:fb:07:cb:82:74:
ef:1c:e2:09:fe:9e:1d:91:50:23:e5:1f:08:fc:b0:6b:f6:87:
54:e9:5d:8e:01:88:d3:e1:b4:48:9d:83:f8:2f:ca:11:3c:cb:
0d:e8:6f:7a:de:6a:34:18:79:d7:40:fb:57:94:3c:82:c0:b6:
99:84:78:9a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQfjC1KkzwU63gflHz0Y7SzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMWZmNzAyNzI2ZTc1YjNhNjhmMTE4MmU0N2ZmYmNkY2Fl
NTE1ZTUwHhcNMjUwMTAxMDE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTlkY2ZiM2Q1OWJmOWUxM2NkY2M0YTg0ZDBhY2FhMmJjNmQ2NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CHrWPergebM4FbECdRk/IksfyV9
GKl0fgdpdJYmrwoZrwy+K1mck5oIXfIyaObWy/y6tyzPQB1eAXmWGUvRQUpgu3L1
HaOa8qqiXyzKeRnhqev4YqTr9MipkkKFBZhQEnGGz2JnmUKFmNJXHRti6foLhoCJ
gJmzjLo4BBvLJLNiQ0TQg1tYyMNXg6BoNLHeRyrJIEZA5W5+/DCL18zKfnnJ/j4w
35qFrjC7rv+SJr33hoUGyNGHDIGpVJdPe1jOBNP3dKCgQtpVEnYNom5cyqou6XS9
j+Ic5IyyzjgCZ7W/W7AM+YzhB5mUWl8EGj1Xmi2kgtB5xcY7jz81lA65RwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJqdz7PVm/nhPNzEqE0KyqK8bWU4MB8GA1UdIwQY
MBaAFHof9wJybnWzpo8RguR/+83K5RXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWhfM0FuSnVkYk9tanhHQzVIXzd6Y3JsRmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZmVmMDMtMDY3MC00MWFiLWE2Yzkt
NDNhZGI2MDVmNjhhLzEvbXAzUHM5V2ItZUU4M01Tb1RRcktvcnh0WlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZmVmMDMtMDY3MC00MWFiLWE2YzktNDNhZGI2MDVmNjhh
LzEvZWhfM0FuSnVkYk9tanhHQzVIXzd6Y3JsRmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLuiQAwQE
UENwAwQEUPkgAwQFV+4AAwQDWfmwMA0EAgACMAcDBQMqB/UAMA0GCSqGSIb3DQEB
CwUAA4IBAQCmNSj+D6mYA52a7MgCSdA3KWrnhcuI4sfszF73c+dLwhOZ5Do427eE
TbiR/IbIpVODmK84+3uFUndETpXpOsYLvqbNmbSB1BYmh8orb10Fbo7QFsZs9GrV
p0rRpJy+D3A6p5qswr3yXM/d3MhAvSVpA9XVhE2o9cW4CyCFK6kiYqTc49MsnGA9
CZJH5n5iEtxbvCbganmaSgixirIf24CGvawweP4/X5yKShclJ3RLRcrI/xOr6JhE
y6MHnqWP7KIv+wfLgnTvHOIJ/p4dkVAj5R8I/LBr9odU6V2OAYjT4bRInYP4L8oR
PMsN6G963mo0GHnXQPtXlDyCwLaZhHia
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:28 2025 by rpki-client