Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/3xx60Ja2y2Z0dhxCfa0_RUZYklY.roa
File: 3xx60Ja2y2Z0dhxCfa0_RUZYklY.roa (raw, json)
Hash identifier: /VkahV2n9AkcOOSpRxUPlNaEwYKtDYDmueNwP7ZjX5o=
Subject key identifier: DF:1C:7A:D0:96:B6:CB:66:74:76:1C:42:7D:AD:3F:45:46:58:92:56
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0194258F8EFD5A6A64602CEB2A1682A504E3
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/3xx60Ja2y2Z0dhxCfa0_RUZYklY.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 2.57.150.0/24 maxlen: 24
91.213.29.0/24 maxlen: 24
91.220.223.0/24 maxlen: 24
91.239.238.0/24 maxlen: 24
92.63.182.0/24 maxlen: 24
92.63.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8e:fd:5a:6a:64:60:2c:eb:2a:16:82:a5:04:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df1c7ad096b6cb6674761c427dad3f4546589256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:92:23:53:99:6b:a7:27:b5:b2:3f:6b:9d:7d:
9c:98:18:6a:64:2b:0a:bb:b9:87:e6:f9:9f:4e:b6:
2e:3f:c9:9f:de:30:01:d1:f4:5a:0c:f0:9e:1e:6e:
5e:59:fa:1c:59:ba:d9:54:42:cf:45:43:dd:c3:33:
05:4d:c8:d8:69:a4:4a:69:e0:40:56:a9:b4:95:50:
5d:80:36:5a:3e:8c:b2:76:0d:d7:37:1c:f5:6c:58:
1e:d4:93:04:d0:1b:8a:5f:e4:d7:d1:83:5e:f6:00:
9d:dd:2b:c9:e1:35:ba:8f:b9:47:d6:d6:72:4e:cb:
7e:5d:16:28:57:ba:7e:51:1a:f1:0a:e2:4e:35:4b:
bd:f7:88:fa:b3:16:c6:c5:65:1a:d8:f4:31:89:ae:
17:f8:41:05:07:a3:61:64:4e:ab:e5:38:83:55:13:
1b:f0:9a:81:72:67:0b:dc:ee:f0:c7:c5:5f:ae:43:
b1:0f:8c:86:98:ed:1f:15:fd:c5:21:8e:19:bb:d1:
ec:9a:d0:7b:c2:85:50:18:57:29:09:dc:a0:c8:83:
01:d1:df:9e:f2:09:9f:70:87:dc:b0:f0:0d:73:cd:
74:72:b8:23:bb:c0:ce:a7:da:75:99:5b:4d:ee:b3:
45:e5:61:1d:ab:48:78:1d:39:b7:36:07:bc:8f:e9:
f8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:1C:7A:D0:96:B6:CB:66:74:76:1C:42:7D:AD:3F:45:46:58:92:56
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/3xx60Ja2y2Z0dhxCfa0_RUZYklY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.150.0/24
91.213.29.0/24
91.220.223.0/24
91.239.238.0/24
92.63.182.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:f5:c7:10:b2:a2:54:ff:4e:f4:97:bb:9e:25:38:22:24:3a:
52:51:2f:27:b4:18:e2:1a:7b:dc:97:3d:66:49:99:cc:80:67:
74:6b:da:d6:34:0e:5b:38:d1:b9:19:56:8b:99:eb:09:4b:ea:
34:4f:ad:ce:6f:f8:6d:c5:2e:66:31:79:d5:35:51:a3:14:96:
9c:26:3d:af:97:8a:f2:dc:75:fd:81:77:dc:e6:40:de:80:e6:
c6:2f:a8:78:57:43:1b:3d:1e:8e:ae:d5:73:f8:15:cd:6c:ca:
ed:55:eb:26:6c:7c:56:d6:b3:56:a8:d4:f8:44:19:02:a3:36:
9b:51:62:db:43:dd:dc:c9:7b:e7:6b:59:5e:0d:61:1e:cc:6e:
ad:c9:21:f5:c7:77:09:db:a9:74:fd:ba:bc:02:0f:3d:84:d8:
da:7a:15:26:7b:0d:f6:f6:49:d7:a0:f2:93:c8:54:5e:26:58:
71:38:d5:74:84:f3:9b:18:b3:fa:5d:76:9c:4f:bc:c8:63:6a:
84:a5:a2:c9:3c:52:d6:9d:8f:2b:03:84:fd:a2:00:39:db:10:
05:81:dc:83:05:48:90:b5:7a:cf:a3:9c:8e:75:e2:0b:bb:ae:
b8:be:ef:af:dc:90:53:f1:46:70:63:cb:66:10:dc:10:0d:1f:
e9:af:c5:69
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlj479WmpkYCzrKhaCpQTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjFjN2FkMDk2YjZjYjY2NzQ3NjFjNDI3ZGFkM2Y0NTQ2NTg5MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JIjU5lrpye1sj9rnX2cmBhqZCsK
u7mH5vmfTrYuP8mf3jAB0fRaDPCeHm5eWfocWbrZVELPRUPdwzMFTcjYaaRKaeBA
Vqm0lVBdgDZaPoyydg3XNxz1bFge1JME0BuKX+TX0YNe9gCd3SvJ4TW6j7lH1tZy
Tst+XRYoV7p+URrxCuJONUu994j6sxbGxWUa2PQxia4X+EEFB6NhZE6r5TiDVRMb
8JqBcmcL3O7wx8VfrkOxD4yGmO0fFf3FIY4Zu9HsmtB7woVQGFcpCdygyIMB0d+e
8gmfcIfcsPANc810crgju8DOp9p1mVtN7rNF5WEdq0h4HTm3Nge8j+n4PwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN8cetCWtstmdHYcQn2tP0VGWJJWMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvM3h4NjBKYTJ5MlowZGh4Q2ZhMF9SVVpZa2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjmWAwQA
W9UdAwQAW9zfAwQAW+/uAwQBXD+2MA0GCSqGSIb3DQEBCwUAA4IBAQCP9ccQsqJU
/070l7ueJTgiJDpSUS8ntBjiGnvclz1mSZnMgGd0a9rWNA5bONG5GVaLmesJS+o0
T63Ob/htxS5mMXnVNVGjFJacJj2vl4ry3HX9gXfc5kDegObGL6h4V0MbPR6OrtVz
+BXNbMrtVesmbHxW1rNWqNT4RBkCozabUWLbQ93cyXvna1leDWEezG6tySH1x3cJ
26l0/bq8Ag89hNjaehUmew329knXoPKTyFReJlhxONV0hPObGLP6XXacT7zIY2qE
paLJPFLWnY8rA4T9ogA52xAFgdyDBUiQtXrPo5yOdeILu664vu+v3JBT8UZwY8tm
ENwQDR/pr8Vp
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:43:00 2025 by rpki-client