Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/L3trElfXoCVLz1PtzkkdBJeOsww.roa
File: L3trElfXoCVLz1PtzkkdBJeOsww.roa (raw, json)
Hash identifier: YCjBwT8TXGDjubr28OCLsTgDEI+YuVxGgn8zV5rTLys=
Subject key identifier: 2F:7B:6B:12:57:D7:A0:25:4B:CF:53:ED:CE:49:1D:04:97:8E:B3:0C
Certificate issuer: /CN=9bc350bc613d05de910a8da26c91c297171078b6
Certificate serial: 019421B25C7AF85CFAD6BE4EB0F12908751F
Authority key identifier: 9B:C3:50:BC:61:3D:05:DE:91:0A:8D:A2:6C:91:C2:97:17:10:78:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8NQvGE9Bd6RCo2ibJHClxcQeLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/L3trElfXoCVLz1PtzkkdBJeOsww.roa
Signing time: Wed 01 Jan 2025 11:48:44 +0000
ROA not before: Wed 01 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44424
IP address blocks: 92.43.56.0/21 maxlen: 24
92.43.56.0/22 maxlen: 22
92.43.60.0/22 maxlen: 22
92.43.62.0/23 maxlen: 23
2a03:76e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/m8NQvGE9Bd6RCo2ibJHClxcQeLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/m8NQvGE9Bd6RCo2ibJHClxcQeLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/m8NQvGE9Bd6RCo2ibJHClxcQeLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:5c:7a:f8:5c:fa:d6:be:4e:b0:f1:29:08:75:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc350bc613d05de910a8da26c91c297171078b6
Validity
Not Before: Jan 1 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f7b6b1257d7a0254bcf53edce491d04978eb30c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:3f:7b:f7:fc:ff:36:24:4e:e5:15:78:1a:
6e:d2:21:17:41:5e:9c:f5:52:56:bd:fe:ab:9d:12:
fe:49:1f:71:8b:ce:d9:7e:47:a6:40:14:e6:46:de:
b8:d3:fd:94:b8:7a:62:5a:b7:68:32:cd:92:3f:9d:
1e:a4:43:0b:fb:82:c8:0e:d2:e7:1a:7a:bb:ce:b3:
ab:9a:4b:20:06:b2:f4:75:2e:1c:5f:8b:4d:53:b8:
6c:93:ce:56:aa:c6:b8:10:e4:b4:56:b0:a2:cc:74:
d1:19:4e:7e:0f:2b:9f:5c:22:32:b5:ba:3d:18:c7:
47:ef:64:d0:05:5d:32:22:0c:c2:a5:b4:0d:07:4c:
1b:84:54:41:fe:d5:80:92:ab:c8:6d:59:4e:6a:1b:
38:73:ea:1a:1c:21:8c:89:6c:c6:07:a3:ef:b0:a2:
6d:c9:69:8a:02:42:f2:dd:9d:f5:4e:5b:66:f8:22:
63:11:ab:0e:62:97:44:64:f0:96:e5:d5:05:2a:36:
32:36:2c:f4:76:e2:af:39:ee:f7:6c:b8:48:98:bd:
fb:33:82:b5:10:ea:25:ab:fb:a7:60:80:04:25:85:
81:9b:b2:96:72:e0:ba:8a:1a:41:3d:f5:9e:77:8f:
20:1d:cc:ee:a4:3a:d1:f1:77:22:f9:7b:25:fb:3a:
6c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7B:6B:12:57:D7:A0:25:4B:CF:53:ED:CE:49:1D:04:97:8E:B3:0C
X509v3 Authority Key Identifier:
keyid:9B:C3:50:BC:61:3D:05:DE:91:0A:8D:A2:6C:91:C2:97:17:10:78:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8NQvGE9Bd6RCo2ibJHClxcQeLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/L3trElfXoCVLz1PtzkkdBJeOsww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/fe5041-d3f4-499c-9853-22d10635f0c4/1/m8NQvGE9Bd6RCo2ibJHClxcQeLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.56.0/21
IPv6:
2a03:76e0::/32
Signature Algorithm: sha256WithRSAEncryption
81:7d:a3:83:6e:87:2d:fe:c3:4a:97:48:15:06:1e:f6:03:79:
75:f7:39:1f:02:47:ea:f3:f4:99:38:42:d0:6a:31:f9:3d:42:
d4:39:67:b4:45:dd:a0:0f:8b:6c:73:34:71:01:fc:24:97:0e:
98:e4:26:fd:da:56:ad:6a:2d:7b:e1:4d:58:58:4e:21:3e:83:
54:4e:2b:70:d8:03:f7:f7:9f:25:5a:e5:85:cb:a7:6f:5d:5c:
d3:6b:39:8c:db:56:df:4a:32:bf:3c:03:75:01:73:18:f2:2d:
02:a8:3f:f9:13:11:05:f6:33:6c:02:89:90:a5:47:3d:68:6c:
34:87:ee:37:90:62:3b:22:13:4d:48:a8:9a:4c:b5:88:2a:ec:
ed:89:67:07:d2:1a:c4:a9:87:fb:8c:6f:e4:ca:41:65:7d:41:
b9:76:4b:1a:2c:43:ff:32:33:8b:3a:ac:61:fd:32:06:5b:7a:
8a:52:0f:95:d0:7d:c0:9c:1e:86:06:6e:ff:c1:56:50:41:f6:
f4:81:50:fa:52:3b:ec:2a:c5:61:d2:74:11:58:98:09:fc:70:
58:f5:48:d4:48:78:d2:d4:fd:cb:8b:d0:b4:e0:e1:37:d8:5e:
b4:b8:21:33:b8:2c:1a:ea:09:dd:68:c0:0c:4d:14:15:9f:73:
ec:9d:7d:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhslx6+Fz61r5OsPEpCHUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzM1MGJjNjEzZDA1ZGU5MTBhOGRhMjZjOTFjMjk3MTcx
MDc4YjYwHhcNMjUwMTAxMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdiNmIxMjU3ZDdhMDI1NGJjZjUzZWRjZTQ5MWQwNDk3OGViMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMI/e/f8/zYkTuUVeBpu0iEXQV6c
9VJWvf6rnRL+SR9xi87ZfkemQBTmRt640/2UuHpiWrdoMs2SP50epEML+4LIDtLn
Gnq7zrOrmksgBrL0dS4cX4tNU7hsk85Wqsa4EOS0VrCizHTRGU5+DyufXCIytbo9
GMdH72TQBV0yIgzCpbQNB0wbhFRB/tWAkqvIbVlOahs4c+oaHCGMiWzGB6PvsKJt
yWmKAkLy3Z31Tltm+CJjEasOYpdEZPCW5dUFKjYyNiz0duKvOe73bLhImL37M4K1
EOolq/unYIAEJYWBm7KWcuC6ihpBPfWed48gHczupDrR8Xci+Xsl+zpsKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC97axJX16AlS89T7c5JHQSXjrMMMB8GA1UdIwQY
MBaAFJvDULxhPQXekQqNomyRwpcXEHi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThOUXZHRTlCZDZSQ28yaWJKSENseGNRZUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mZTUwNDEtZDNmNC00OTljLTk4NTMt
MjJkMTA2MzVmMGM0LzEvTDN0ckVsZlhvQ1ZMejFQdHpra2RCSmVPc3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mZTUwNDEtZDNmNC00OTljLTk4NTMtMjJkMTA2MzVmMGM0
LzEvbThOUXZHRTlCZDZSQ28yaWJKSENseGNRZUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCs4MA0E
AgACMAcDBQAqA3bgMA0GCSqGSIb3DQEBCwUAA4IBAQCBfaODboct/sNKl0gVBh72
A3l19zkfAkfq8/SZOELQajH5PULUOWe0Rd2gD4tsczRxAfwklw6Y5Cb92latai17
4U1YWE4hPoNUTitw2AP3958lWuWFy6dvXVzTazmM21bfSjK/PAN1AXMY8i0CqD/5
ExEF9jNsAomQpUc9aGw0h+43kGI7IhNNSKiaTLWIKuztiWcH0hrEqYf7jG/kykFl
fUG5dksaLEP/MjOLOqxh/TIGW3qKUg+V0H3AnB6GBm7/wVZQQfb0gVD6UjvsKsVh
0nQRWJgJ/HBY9UjUSHjS1P3Li9C04OE32F60uCEzuCwa6gndaMAMTRQVn3PsnX3i
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:50 2025 by rpki-client