Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/M3T_3bTR-slpB_dLq22bO_tXhX0.roa
File: M3T_3bTR-slpB_dLq22bO_tXhX0.roa (raw, json)
Hash identifier: GCw+7PhSiy0lJ8ZSm0Y+zAQQ+wQx/zDvhCfwRRuFF98=
Subject key identifier: 33:74:FF:DD:B4:D1:FA:C9:69:07:F7:4B:AB:6D:9B:3B:FB:57:85:7D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D724F5D5A6E312C1CB8B27BEC9B16E
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/M3T_3bTR-slpB_dLq22bO_tXhX0.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208392
IP address blocks: 45.132.253.0/24 maxlen: 24
82.115.222.0/24 maxlen: 24
185.17.1.0/24 maxlen: 24
185.112.80.0/24 maxlen: 24
185.112.100.0/24 maxlen: 24
185.114.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:24:f5:d5:a6:e3:12:c1:cb:8b:27:be:c9:b1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3374ffddb4d1fac96907f74bab6d9b3bfb57857d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:5a:3e:fd:d4:28:65:b3:72:e6:8f:44:0e:
75:db:37:2c:dd:61:15:58:80:cd:dc:8a:dd:17:ab:
a8:4d:38:c2:0f:fa:35:a4:1b:92:53:1b:e6:7e:5e:
33:94:df:86:c6:b8:44:d7:2d:a5:1e:c9:e3:a3:39:
18:15:12:14:b7:3c:ce:f6:2c:e2:48:20:87:a6:0c:
67:eb:6d:ad:5f:cf:b1:b6:db:46:d5:c4:f1:74:6e:
f3:3c:e0:15:05:a9:5b:00:fe:f6:b2:bd:51:04:b5:
e2:7e:eb:35:b0:36:a0:5b:63:83:fd:68:02:e8:51:
6a:ec:dd:16:89:80:b5:df:83:59:c9:00:b4:3f:4d:
5a:2b:23:5c:0b:8f:e0:09:37:ad:09:73:6f:a2:22:
26:16:0d:15:f7:92:d6:fd:fb:2e:dc:d2:4b:ed:52:
98:f6:4e:b7:f5:8d:4d:16:2e:fc:a2:f7:5a:34:20:
82:14:55:5c:62:64:51:18:82:b3:11:71:47:8a:ae:
02:d3:c8:0f:24:65:60:b5:73:6e:13:a4:60:c4:5a:
fb:3a:27:6e:6c:14:0b:ec:81:71:90:8a:d9:21:e1:
17:94:52:0d:5d:c6:90:7c:0d:94:e3:91:aa:0c:33:
76:5b:01:ba:ca:11:04:ad:5c:81:8e:0a:a8:7d:c1:
6c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:74:FF:DD:B4:D1:FA:C9:69:07:F7:4B:AB:6D:9B:3B:FB:57:85:7D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/M3T_3bTR-slpB_dLq22bO_tXhX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.253.0/24
82.115.222.0/24
185.17.1.0/24
185.112.80.0/24
185.112.100.0/24
185.114.74.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:94:bd:67:ea:4c:7f:49:32:df:a3:41:48:81:75:6d:58:5c:
54:c0:f6:2b:4f:bf:f5:93:9c:af:a3:76:40:f3:ae:52:fc:ed:
6e:73:dc:8f:c7:10:06:ab:9a:d6:97:94:1a:75:18:b6:cb:19:
0e:c2:92:17:23:c9:65:17:40:57:34:15:bc:0d:4c:57:99:43:
29:0c:30:a5:a0:ed:0c:d3:a7:0d:0a:d4:b8:d2:cf:13:b7:1f:
f1:a4:b9:e2:fb:d6:6c:3d:1b:82:64:44:fa:94:ba:fb:75:15:
7f:20:17:9d:4f:6b:85:f8:bd:a2:57:61:67:31:71:9a:05:0a:
4c:91:7e:16:09:9b:34:6b:10:5a:25:de:cc:16:a9:d5:03:70:
eb:bd:86:3a:80:e8:f4:5c:cb:c0:af:31:8b:e9:21:85:72:f6:
3e:a5:d1:32:d7:f4:b6:f6:6d:6b:08:02:d1:ee:00:a9:23:b3:
f1:45:69:90:f0:c9:88:3c:34:4f:a0:96:be:78:8c:2d:17:fc:
91:4b:a9:b2:c2:f4:04:b2:03:38:13:e0:d3:5e:20:28:4b:89:
0b:52:41:b8:19:9b:83:63:7a:a5:16:db:1d:89:cb:6b:2a:eb:
64:fc:8a:ad:79:95:d9:2c:2b:2f:d2:c6:c1:c6:b6:c7:d3:f2:
d1:41:04:9f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQj1yT11abjEsHLiye+ybFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc0ZmZkZGI0ZDFmYWM5NjkwN2Y3NGJhYjZkOWIzYmZiNTc4NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAlaPv3UKGWzcuaPRA512zcs3WEV
WIDN3IrdF6uoTTjCD/o1pBuSUxvmfl4zlN+GxrhE1y2lHsnjozkYFRIUtzzO9izi
SCCHpgxn622tX8+xtttG1cTxdG7zPOAVBalbAP72sr1RBLXifus1sDagW2OD/WgC
6FFq7N0WiYC134NZyQC0P01aKyNcC4/gCTetCXNvoiImFg0V95LW/fsu3NJL7VKY
9k639Y1NFi78ovdaNCCCFFVcYmRRGIKzEXFHiq4C08gPJGVgtXNuE6RgxFr7Oidu
bBQL7IFxkIrZIeEXlFINXcaQfA2U45GqDDN2WwG6yhEErVyBjgqofcFs5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDN0/9200frJaQf3S6ttmzv7V4V9MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvTTNUXzNiVFItc2xwQl9kTHEyMmJPX3RYaFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYT9AwQA
UnPeAwQAuREBAwQAuXBQAwQAuXBkAwQAuXJKMA0GCSqGSIb3DQEBCwUAA4IBAQCl
lL1n6kx/STLfo0FIgXVtWFxUwPYrT7/1k5yvo3ZA865S/O1uc9yPxxAGq5rWl5Qa
dRi2yxkOwpIXI8llF0BXNBW8DUxXmUMpDDCloO0M06cNCtS40s8Ttx/xpLni+9Zs
PRuCZET6lLr7dRV/IBedT2uF+L2iV2FnMXGaBQpMkX4WCZs0axBaJd7MFqnVA3Dr
vYY6gOj0XMvArzGL6SGFcvY+pdEy1/S29m1rCALR7gCpI7PxRWmQ8MmIPDRPoJa+
eIwtF/yRS6mywvQEsgM4E+DTXiAoS4kLUkG4GZuDY3qlFtsdictrKutk/IqteZXZ
LCsv0sbBxrbH0/LRQQSf
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:44:16 2025 by rpki-client