Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/nTupOLnysHIU3jc5GcaguEHrGzQ.roa
File: nTupOLnysHIU3jc5GcaguEHrGzQ.roa (raw, json)
Hash identifier: 7rA+K1p/TVuAVfQm4S6Vm6UJX0egR9dZCIKwnWvWs6k=
Subject key identifier: 9D:3B:A9:38:B9:F2:B0:72:14:DE:37:39:19:C6:A0:B8:41:EB:1B:34
Certificate issuer: /CN=6832c32d2259013991260d530d9120031aaefcd0
Certificate serial: 0194258FC06708FACE06E69ED744C654EE29
Authority key identifier: 68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/nTupOLnysHIU3jc5GcaguEHrGzQ.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2830
IP address blocks: 145.46.128.0/20 maxlen: 20
145.46.144.0/20 maxlen: 20
145.46.192.0/19 maxlen: 19
145.46.224.0/20 maxlen: 20
2a10:3000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c0:67:08:fa:ce:06:e6:9e:d7:44:c6:54:ee:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6832c32d2259013991260d530d9120031aaefcd0
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d3ba938b9f2b07214de373919c6a0b841eb1b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:26:59:f9:4c:e8:d6:5d:74:f0:6f:4d:bb:6f:
a4:90:bb:15:ba:c7:5b:1e:fd:72:fe:09:7c:2c:3a:
49:9d:00:9e:03:eb:0a:95:1d:bd:73:5c:0d:09:ff:
d5:14:ae:5e:09:a7:44:b0:5d:3f:50:1c:f9:38:cc:
a5:3b:72:98:4b:bf:9a:21:d5:02:74:3e:70:05:17:
53:99:38:76:95:a3:b6:69:24:cb:b5:5c:5b:59:71:
e3:63:b6:e6:03:aa:1d:88:14:85:d9:a6:3c:44:ed:
8e:08:7b:84:df:26:c3:0c:e8:e5:b5:bb:12:c6:b1:
8e:3b:b3:c9:f0:f2:42:e2:09:3e:19:55:1c:5f:74:
80:b4:87:01:50:d9:d3:c3:55:7c:24:3d:b3:cc:35:
18:57:f8:a4:c1:d5:78:30:0a:ff:62:f2:68:59:ad:
39:a1:f6:81:9d:a3:ba:90:ad:ab:79:78:e7:98:64:
b9:b2:c7:5b:52:e0:5b:be:d8:6d:4b:cf:bd:c9:0d:
75:69:67:cf:c0:29:f7:9d:a6:66:60:af:2c:a5:55:
f0:33:a4:15:29:d4:96:24:80:02:8b:06:ef:e7:8b:
29:81:32:d2:20:4c:35:b4:d0:e9:96:8d:9a:9f:94:
f0:62:94:71:32:e5:f8:ca:24:99:46:3f:0f:30:4b:
50:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3B:A9:38:B9:F2:B0:72:14:DE:37:39:19:C6:A0:B8:41:EB:1B:34
X509v3 Authority Key Identifier:
keyid:68:32:C3:2D:22:59:01:39:91:26:0D:53:0D:91:20:03:1A:AE:FC:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDLDLSJZATmRJg1TDZEgAxqu_NA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/nTupOLnysHIU3jc5GcaguEHrGzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/94b66e-3e0d-4332-ab4f-770f8eab2ae7/1/aDLDLSJZATmRJg1TDZEgAxqu_NA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.46.128.0/19
145.46.192.0-145.46.239.255
IPv6:
2a10:3000::/29
Signature Algorithm: sha256WithRSAEncryption
3c:63:8e:45:f4:41:bf:98:4f:f8:ab:29:a6:b3:a8:b5:e9:af:
f7:50:aa:c2:84:d9:f8:b9:82:56:32:06:94:3e:0b:e0:42:9f:
f8:6d:5f:70:02:bb:0f:9c:81:1e:d1:38:e8:ab:62:aa:51:30:
67:24:c1:24:ac:0e:bf:f3:7b:75:d6:cf:b0:33:b5:3c:b1:95:
51:95:5d:14:e7:8d:53:71:b4:bb:c5:91:b8:e6:58:a7:25:7e:
0f:4e:54:1b:ee:12:47:59:f6:1c:9a:f8:f9:88:20:a2:bb:27:
9e:f3:4f:85:dc:33:b7:c0:e7:d1:a2:f3:6b:b9:6e:10:4a:a3:
f9:8c:70:e8:c1:6e:16:3e:1d:bf:d0:7c:5e:fc:bf:28:90:e2:
fd:19:3f:06:6e:16:fe:cd:34:bf:a0:0a:fa:2b:8f:74:c4:05:
60:e2:51:47:96:ea:2c:eb:e8:1a:e9:98:f0:9b:94:b2:40:a8:
ae:89:75:e5:1a:af:87:0f:a5:d1:38:48:27:67:e9:4f:ed:ca:
5e:fb:22:05:28:6e:b6:90:36:8c:fd:d8:d4:83:88:ba:e3:12:
d7:12:34:15:30:62:1c:89:4a:62:b7:d2:0b:f0:5c:b6:38:f5:
75:6f:57:01:12:d5:0e:7c:4f:95:00:e0:71:e6:55:d1:14:0a:
e2:57:1c:72
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQlj8BnCPrOBuae10TGVO4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzJjMzJkMjI1OTAxMzk5MTI2MGQ1MzBkOTEyMDAzMWFh
ZWZjZDAwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNiYTkzOGI5ZjJiMDcyMTRkZTM3MzkxOWM2YTBiODQxZWIxYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCZZ+Uzo1l108G9Nu2+kkLsVusdb
Hv1y/gl8LDpJnQCeA+sKlR29c1wNCf/VFK5eCadEsF0/UBz5OMylO3KYS7+aIdUC
dD5wBRdTmTh2laO2aSTLtVxbWXHjY7bmA6odiBSF2aY8RO2OCHuE3ybDDOjltbsS
xrGOO7PJ8PJC4gk+GVUcX3SAtIcBUNnTw1V8JD2zzDUYV/ikwdV4MAr/YvJoWa05
ofaBnaO6kK2reXjnmGS5ssdbUuBbvthtS8+9yQ11aWfPwCn3naZmYK8spVXwM6QV
KdSWJIACiwbv54spgTLSIEw1tNDplo2an5TwYpRxMuX4yiSZRj8PMEtQ+wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ07qTi58rByFN43ORnGoLhB6xs0MB8GA1UdIwQY
MBaAFGgywy0iWQE5kSYNUw2RIAMarvzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYt
NzcwZjhlYWIyYWU3LzEvblR1cE9MbnlzSElVM2pjNUdjYWd1RUhyR3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NGI2NmUtM2UwZC00MzMyLWFiNGYtNzcwZjhlYWIyYWU3
LzEvYURMRExTSlpBVG1SSmcxVERaRWdBeHF1X05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFkS6AMAwD
BAaRLsADBASRLuAwDQQCAAIwBwMFAyoQMAAwDQYJKoZIhvcNAQELBQADggEBADxj
jkX0Qb+YT/irKaazqLXpr/dQqsKE2fi5glYyBpQ+C+BCn/htX3ACuw+cgR7ROOir
YqpRMGckwSSsDr/ze3XWz7AztTyxlVGVXRTnjVNxtLvFkbjmWKclfg9OVBvuEkdZ
9hya+PmIIKK7J57zT4XcM7fA59Gi82u5bhBKo/mMcOjBbhY+Hb/QfF78vyiQ4v0Z
PwZuFv7NNL+gCvorj3TEBWDiUUeW6izr6BrpmPCblLJAqK6JdeUar4cPpdE4SCdn
6U/tyl77IgUobraQNoz92NSDiLrjEtcSNBUwYhyJSmK30gvwXLY49XVvVwES1Q58
T5UA4HHmVdEUCuJXHHI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:48 2025 by rpki-client