Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/3qpur1zwBPkajyupQYlxerl-sX8.roa
File: 3qpur1zwBPkajyupQYlxerl-sX8.roa (raw, json)
Hash identifier: P/ij/bhS3D5UPNfyBQsnXDUHMAdZt5V8V+OvOjXddRE=
Subject key identifier: DE:AA:6E:AF:5C:F0:04:F9:1A:8F:2B:A9:41:89:71:7A:B9:7E:B1:7F
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 019427472A6538909A3B24DEFF2A027E195F
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/3qpur1zwBPkajyupQYlxerl-sX8.roa
Signing time: Thu 02 Jan 2025 13:49:22 +0000
ROA not before: Thu 02 Jan 2025 13:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31435
IP address blocks: 82.146.20.0/23 maxlen: 23
82.146.22.0/24 maxlen: 24
82.146.26.0/23 maxlen: 23
84.238.208.0/21 maxlen: 21
84.238.220.0/22 maxlen: 22
84.238.220.0/23 maxlen: 23
84.238.222.0/24 maxlen: 24
84.238.224.0/22 maxlen: 22
185.240.152.0/23 maxlen: 23
185.240.154.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:2a:65:38:90:9a:3b:24:de:ff:2a:02:7e:19:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Jan 2 13:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deaa6eaf5cf004f91a8f2ba94189717ab97eb17f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:48:a8:35:64:97:25:32:a0:2a:fe:96:58:4d:
ba:d6:a0:32:77:62:2d:2b:4a:b6:0d:eb:8f:d2:60:
a4:2e:73:28:37:1b:77:03:0a:b4:8c:27:88:77:e0:
78:a5:e4:f5:22:ab:06:68:91:e6:74:85:83:d9:a9:
4e:7d:6b:bd:36:15:84:d6:f4:d5:51:e1:2c:25:5c:
97:b5:83:8a:b0:d0:83:91:f0:d5:ae:25:1c:6f:32:
2f:76:f1:40:17:f1:12:77:a0:cc:c9:dd:de:09:e7:
ae:48:f8:16:a2:9e:32:0d:77:e7:b1:6a:2f:a1:29:
e5:e7:71:4e:b3:a9:39:5b:1d:42:42:6f:da:b9:48:
e3:c2:28:2d:b3:9f:8a:d3:aa:b6:0e:ac:93:60:51:
01:80:b5:2a:d9:6a:12:83:5f:f2:51:6e:85:18:94:
b6:e9:e8:0e:c5:4a:b4:63:8b:83:33:b2:96:f5:9c:
f6:ff:8b:cc:a5:ed:c5:ef:85:05:bd:49:45:cb:9d:
cd:48:b9:9d:79:5f:39:52:7a:1b:5c:cc:c4:c4:5f:
d8:9f:bd:56:d4:51:c3:90:b3:2e:b2:de:b3:dc:83:
f8:89:32:84:e5:13:92:7e:d7:69:b9:1f:ab:4c:27:
89:8f:5b:5c:d7:fb:f4:55:ac:4f:5b:3e:6a:21:76:
a7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:AA:6E:AF:5C:F0:04:F9:1A:8F:2B:A9:41:89:71:7A:B9:7E:B1:7F
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/3qpur1zwBPkajyupQYlxerl-sX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.20.0-82.146.22.255
82.146.26.0/23
84.238.208.0/21
84.238.220.0-84.238.227.255
185.240.152.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:52:89:00:78:40:15:d1:5b:30:49:c7:f6:ba:fc:30:35:03:
eb:12:e9:c9:a3:d5:9e:94:ac:6e:22:73:e8:09:e4:b2:98:64:
32:17:1a:4c:2d:27:98:bf:cf:e1:b8:18:63:dc:9d:b2:f2:40:
64:96:69:4a:cb:77:9c:65:f7:af:3a:71:bd:72:e2:9d:bb:22:
93:70:aa:59:de:0b:9a:b7:4a:27:9d:6c:3d:b2:c0:f4:5b:ff:
3c:12:d3:99:61:26:ad:a0:3f:44:4d:9b:b6:be:2e:62:56:ed:
e0:a9:1a:c1:5d:f6:b7:db:0d:3c:0e:c2:2c:fb:c6:0f:28:fc:
d1:b0:43:85:96:aa:e1:a4:a0:6a:5e:54:d8:25:b3:57:cf:cb:
62:8e:3d:d7:97:a7:4b:6f:f5:e5:7d:af:f6:65:ea:e0:6a:fd:
b5:ca:a4:41:2e:b1:1e:d7:b0:4a:39:4c:50:61:80:e2:f3:10:
01:d2:6e:1d:c5:cc:e3:1c:5f:00:32:2e:f4:e4:09:be:ed:06:
b5:f7:9e:37:6d:f9:6f:e4:e1:77:ff:fc:59:e2:a2:0e:b3:c9:
ff:b2:e2:5f:bf:f7:f9:1f:12:de:78:39:44:f3:58:73:32:aa:
23:da:df:92:57:02:06:23:b6:dc:7f:ad:50:e6:d4:34:8d:53:
24:53:8e:a4
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQnRyplOJCaOyTe/yoCfhlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZGMzY2IxZTA3ZDcxNGI3MjVmNTFhNjZkMWRjZmQ4N2Fl
MWM1MWEwHhcNMjUwMTAyMTM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWFhNmVhZjVjZjAwNGY5MWE4ZjJiYTk0MTg5NzE3YWI5N2ViMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskioNWSXJTKgKv6WWE261qAyd2It
K0q2DeuP0mCkLnMoNxt3Awq0jCeId+B4peT1IqsGaJHmdIWD2alOfWu9NhWE1vTV
UeEsJVyXtYOKsNCDkfDVriUcbzIvdvFAF/ESd6DMyd3eCeeuSPgWop4yDXfnsWov
oSnl53FOs6k5Wx1CQm/auUjjwigts5+K06q2DqyTYFEBgLUq2WoSg1/yUW6FGJS2
6egOxUq0Y4uDM7KW9Zz2/4vMpe3F74UFvUlFy53NSLmdeV85UnobXMzExF/Yn71W
1FHDkLMust6z3IP4iTKE5ROSftdpuR+rTCeJj1tc1/v0VaxPWz5qIXanCQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFN6qbq9c8AT5Go8rqUGJcXq5frF/MB8GA1UdIwQY
MBaAFBXcPLHgfXFLcl9Rpm0dz9h64cUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQt
ZmUyY2I0MzFjZjJmLzEvM3FwdXIxendCUGthanl1cFFZbHhlcmwtc1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQtZmUyY2I0MzFjZjJm
LzEvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAJSkhQD
BABSkhYDBAFSkhoDBANU7tAwDAMEAlTu3AMEAlTu4AMEArnwmDANBgkqhkiG9w0B
AQsFAAOCAQEAHlKJAHhAFdFbMEnH9rr8MDUD6xLpyaPVnpSsbiJz6AnksphkMhca
TC0nmL/P4bgYY9ydsvJAZJZpSst3nGX3rzpxvXLinbsik3CqWd4LmrdKJ51sPbLA
9Fv/PBLTmWEmraA/RE2btr4uYlbt4KkawV32t9sNPA7CLPvGDyj80bBDhZaq4aSg
al5U2CWzV8/LYo4915enS2/15X2v9mXq4Gr9tcqkQS6xHtewSjlMUGGA4vMQAdJu
HcXM4xxfADIu9OQJvu0GtfeeN235b+Thd//8WeKiDrPJ/7LiX7/3+R8S3ng5RPNY
czKqI9rfklcCBiO23H+tUObUNI1TJFOOpA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:26:14 2025 by rpki-client