Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/3yv-zmmgfXirN5akYyOZ225Erpo.roa
File: 3yv-zmmgfXirN5akYyOZ225Erpo.roa (raw, json)
Hash identifier: K+9VHB7ShEik6QpuUx3J66d/K6RXrAo5ZliJg0jvNJw=
Subject key identifier: DF:2B:FE:CE:69:A0:7D:78:AB:37:96:A4:63:23:99:DB:6E:44:AE:9A
Certificate issuer: /CN=0d44da5c1904095860e868180573ee3c895a7b45
Certificate serial: 019425FC0EB336005A02A9DD3ECE9E54C3CD
Authority key identifier: 0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/3yv-zmmgfXirN5akYyOZ225Erpo.roa
Signing time: Thu 02 Jan 2025 07:47:43 +0000
ROA not before: Thu 02 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8455
IP address blocks: 109.71.48.0/24 maxlen: 24
109.71.49.0/24 maxlen: 24
109.71.50.0/24 maxlen: 24
109.71.51.0/24 maxlen: 24
109.71.52.0/24 maxlen: 24
109.71.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:0e:b3:36:00:5a:02:a9:dd:3e:ce:9e:54:c3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d44da5c1904095860e868180573ee3c895a7b45
Validity
Not Before: Jan 2 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df2bfece69a07d78ab3796a4632399db6e44ae9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:5b:6b:2c:f4:4c:6a:6d:83:f2:7b:6d:a0:ba:
b5:4b:4a:0c:1b:25:7e:a9:01:83:2a:d4:5c:ca:05:
00:f6:a7:db:0e:9d:e0:19:ea:87:32:a7:0e:82:62:
e5:b5:2c:00:87:27:9d:49:19:d5:be:19:41:d4:d2:
4c:37:ab:fc:87:a4:63:18:9f:a2:6f:3f:3d:d2:34:
a9:75:76:2a:3b:a2:8b:4a:e0:1f:82:be:4a:87:b8:
4b:99:62:1f:f6:7a:41:b8:47:5b:03:99:0a:d9:1e:
a1:6e:97:29:22:d7:76:c8:05:30:a3:0b:f8:c6:c1:
2d:28:d4:7d:81:cf:e2:5e:32:a5:08:fa:6f:f7:e8:
b1:ff:43:6b:9f:19:0a:1a:7c:d6:8e:ac:bd:b7:cd:
a1:ae:5b:8d:fd:59:88:a3:e6:83:f6:eb:77:a1:9c:
b3:53:a0:be:fb:75:06:e6:07:3b:6e:70:22:38:b9:
7b:aa:25:a5:21:98:4d:dc:d3:e8:6f:85:f6:fd:f4:
a0:b8:f0:be:9c:ef:37:5c:2c:3e:0f:8f:ac:60:66:
56:ef:73:d9:69:9d:d8:d7:de:f1:3b:2f:69:71:13:
02:aa:94:5a:48:36:08:2a:82:b5:18:c1:7f:88:14:
18:e5:e7:38:02:b9:9d:1f:b1:12:c0:81:9c:3d:af:
6c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2B:FE:CE:69:A0:7D:78:AB:37:96:A4:63:23:99:DB:6E:44:AE:9A
X509v3 Authority Key Identifier:
keyid:0D:44:DA:5C:19:04:09:58:60:E8:68:18:05:73:EE:3C:89:5A:7B:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUTaXBkECVhg6GgYBXPuPIlae0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/3yv-zmmgfXirN5akYyOZ225Erpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/bce53d-d39d-4e23-aa17-27fb5822b32d/1/DUTaXBkECVhg6GgYBXPuPIlae0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.48.0-109.71.53.255
Signature Algorithm: sha256WithRSAEncryption
af:1b:d4:25:32:dc:fc:66:92:9e:3e:c8:a4:8a:ef:4f:61:00:
bb:b1:86:70:90:ab:68:e9:61:a0:16:05:a0:15:f1:23:d3:ae:
f1:2a:35:7b:8c:57:76:f1:53:16:8e:af:7c:1b:d0:ea:18:93:
3a:89:d3:3b:e8:7b:01:63:80:3d:40:01:ef:25:ba:fb:ee:7a:
cb:51:03:97:1a:ac:ca:6a:32:58:0f:38:21:20:db:09:06:f8:
bd:01:ae:10:12:90:a9:89:f4:ea:d1:96:88:21:cf:15:d7:66:
83:03:28:a6:04:e9:4c:58:79:1f:91:af:b6:72:62:c3:09:11:
2a:e8:4e:f9:16:ea:78:90:ba:aa:49:e3:bf:8d:63:27:51:6b:
76:2c:98:c5:8e:3d:4f:3f:ac:ce:2f:75:aa:a8:2c:20:6d:eb:
e2:45:9c:b4:6b:c7:52:4c:e8:b4:c4:de:7d:55:90:3a:25:4c:
8f:e4:85:de:a2:f0:cc:9d:58:63:e1:2d:cf:e3:17:50:eb:ec:
7e:3c:1d:f1:31:8b:62:8b:42:14:1c:bd:90:f1:0d:8f:21:4c:
b3:87:79:16:94:7d:55:08:e8:90:1d:70:6b:f4:3a:ca:eb:48:
ba:b6:28:57:7d:0b:b1:eb:ba:ef:71:44:9b:5c:38:72:f6:ce:
66:a7:21:85
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/A6zNgBaAqndPs6eVMPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDRkYTVjMTkwNDA5NTg2MGU4NjgxODA1NzNlZTNjODk1
YTdiNDUwHhcNMjUwMTAyMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJiZmVjZTY5YTA3ZDc4YWIzNzk2YTQ2MzIzOTlkYjZlNDRhZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8FtrLPRMam2D8nttoLq1S0oMGyV+
qQGDKtRcygUA9qfbDp3gGeqHMqcOgmLltSwAhyedSRnVvhlB1NJMN6v8h6RjGJ+i
bz890jSpdXYqO6KLSuAfgr5Kh7hLmWIf9npBuEdbA5kK2R6hbpcpItd2yAUwowv4
xsEtKNR9gc/iXjKlCPpv9+ix/0NrnxkKGnzWjqy9t82hrluN/VmIo+aD9ut3oZyz
U6C++3UG5gc7bnAiOLl7qiWlIZhN3NPob4X2/fSguPC+nO83XCw+D4+sYGZW73PZ
aZ3Y197xOy9pcRMCqpRaSDYIKoK1GMF/iBQY5ec4ArmdH7ESwIGcPa9spwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN8r/s5poH14qzeWpGMjmdtuRK6aMB8GA1UdIwQY
MBaAFA1E2lwZBAlYYOhoGAVz7jyJWntFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTct
MjdmYjU4MjJiMzJkLzEvM3l2LXptbWdmWGlyTjVha1l5T1oyMjVFcnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9iY2U1M2QtZDM5ZC00ZTIzLWFhMTctMjdmYjU4MjJiMzJk
LzEvRFVUYVhCa0VDVmhnNkdnWUJYUHVQSWxhZTBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARtRzAD
BAFtRzQwDQYJKoZIhvcNAQELBQADggEBAK8b1CUy3Pxmkp4+yKSK709hALuxhnCQ
q2jpYaAWBaAV8SPTrvEqNXuMV3bxUxaOr3wb0OoYkzqJ0zvoewFjgD1AAe8luvvu
estRA5carMpqMlgPOCEg2wkG+L0BrhASkKmJ9OrRloghzxXXZoMDKKYE6UxYeR+R
r7ZyYsMJESroTvkW6niQuqpJ47+NYydRa3YsmMWOPU8/rM4vdaqoLCBt6+JFnLRr
x1JM6LTE3n1VkDolTI/khd6i8MydWGPhLc/jF1Dr7H48HfExi2KLQhQcvZDxDY8h
TLOHeRaUfVUI6JAdcGv0OsrrSLq2KFd9C7Hruu9xRJtcOHL2zmanIYU=
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:01:42 2025 by rpki-client