Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/3JkSKP7jBeNBJpMBSaOABWLwqrY.roa
File: 3JkSKP7jBeNBJpMBSaOABWLwqrY.roa (raw, json)
Hash identifier: qvkM6RHQW3kH5F1/K52m/X+zUOs3qQZCWijPjerK2kc=
Subject key identifier: DC:99:12:28:FE:E3:05:E3:41:26:93:01:49:A3:80:05:62:F0:AA:B6
Certificate issuer: /CN=441d4b92dd150364c65b7d21299028678b0a5296
Certificate serial: 0195189BC95A68755B8599DAEE34D1282835
Authority key identifier: 44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/3JkSKP7jBeNBJpMBSaOABWLwqrY.roa
Signing time: Tue 18 Feb 2025 10:30:17 +0000
ROA not before: Tue 18 Feb 2025 10:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57370
IP address blocks: 144.2.64.0/18 maxlen: 24
178.238.160.0/20 maxlen: 24
185.119.176.0/22 maxlen: 24
2a02:21b0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:18:9b:c9:5a:68:75:5b:85:99:da:ee:34:d1:28:28:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=441d4b92dd150364c65b7d21299028678b0a5296
Validity
Not Before: Feb 18 10:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc991228fee305e34126930149a3800562f0aab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ed:fb:36:bb:85:60:1e:48:fe:12:72:5a:db:
36:fc:a9:81:29:dd:98:f0:da:24:bb:f6:68:36:ee:
a2:8b:73:d3:c2:b4:25:88:7f:f5:9c:c4:92:d1:1c:
e3:6a:e4:58:96:86:4e:d2:82:dd:b1:ce:bd:f9:44:
72:b7:ed:09:7b:f6:01:a6:9f:b5:55:b2:d1:cf:d2:
79:66:62:a0:a7:c4:32:7f:e2:dd:ed:71:32:df:c5:
88:a7:d6:ff:ce:b8:fe:c9:ef:0a:07:35:8f:de:aa:
1d:d8:24:5e:92:97:3c:38:be:c8:d0:43:70:ea:0a:
cd:6e:17:47:5f:91:c3:ff:a0:a0:4b:39:cb:46:9f:
60:e6:29:08:c3:ff:4e:9a:d4:5b:af:e7:d2:1c:41:
73:43:2d:5c:9e:70:b5:93:eb:9c:89:e4:ad:e5:ee:
1a:17:3d:94:38:87:49:e3:cb:83:ec:9b:87:3c:5d:
0b:ba:94:25:b0:c7:5e:85:44:bc:69:19:f7:bc:cb:
47:4b:cb:68:c3:c4:87:e9:34:32:6d:0b:0d:a7:86:
34:00:a2:fc:8f:d7:09:2d:c8:d8:c1:0f:ba:9d:b5:
16:dc:0c:04:46:19:15:5f:5b:6e:6c:d3:f3:63:a0:
08:3c:ad:d1:39:44:5f:fe:9a:01:77:0d:c5:e5:d5:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:99:12:28:FE:E3:05:E3:41:26:93:01:49:A3:80:05:62:F0:AA:B6
X509v3 Authority Key Identifier:
keyid:44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/3JkSKP7jBeNBJpMBSaOABWLwqrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.64.0/18
178.238.160.0/20
185.119.176.0/22
IPv6:
2a02:21b0::/29
Signature Algorithm: sha256WithRSAEncryption
6b:61:59:ba:18:97:8a:e8:fd:71:af:05:db:09:5b:61:79:1d:
c6:48:69:f8:24:02:a2:ab:db:26:55:74:b2:13:94:4f:3a:f3:
5a:0f:e7:dd:72:7e:97:0a:6b:a7:af:f6:a4:c6:93:da:d4:01:
45:4b:9d:0e:64:39:36:cf:0d:4c:86:d6:0e:2c:94:b1:bc:64:
c0:72:05:5e:d9:55:e9:1b:8c:1b:80:bb:5e:8a:cd:40:1a:bc:
23:9c:b1:ac:3c:5e:d8:bb:03:48:8d:ae:1d:0b:d4:03:d1:2e:
49:d9:4d:62:c0:ea:13:5f:4d:51:e9:06:06:9a:bc:86:db:b2:
43:94:46:b9:ae:b7:04:50:13:e6:08:bf:97:57:06:f5:8e:7c:
40:ab:84:03:69:52:92:94:d8:83:44:2a:13:ad:db:fc:27:63:
38:66:75:27:6d:8d:c1:e7:bd:f7:0a:90:69:2e:97:fb:6d:e1:
79:73:7c:12:8c:f1:7c:4b:28:b4:44:a1:04:5d:45:5b:ea:22:
2e:65:d6:ae:89:1f:70:4d:d7:da:71:6d:bf:a0:21:40:6e:a6:
5a:0c:56:9e:34:9f:07:9d:80:eb:b6:85:d6:f8:aa:de:fc:80:
88:ea:c3:3f:65:3f:22:12:13:b9:b0:9b:cc:64:d1:72:18:c5:
53:40:be:3d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZUYm8laaHVbhZna7jTRKCg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MWQ0YjkyZGQxNTAzNjRjNjViN2QyMTI5OTAyODY3OGIw
YTUyOTYwHhcNMjUwMjE4MTAzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk5MTIyOGZlZTMwNWUzNDEyNjkzMDE0OWEzODAwNTYyZjBhYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO37NruFYB5I/hJyWts2/KmBKd2Y
8Noku/ZoNu6ii3PTwrQliH/1nMSS0RzjauRYloZO0oLdsc69+URyt+0Je/YBpp+1
VbLRz9J5ZmKgp8Qyf+Ld7XEy38WIp9b/zrj+ye8KBzWP3qod2CRekpc8OL7I0ENw
6grNbhdHX5HD/6CgSznLRp9g5ikIw/9OmtRbr+fSHEFzQy1cnnC1k+ucieSt5e4a
Fz2UOIdJ48uD7JuHPF0LupQlsMdehUS8aRn3vMtHS8tow8SH6TQybQsNp4Y0AKL8
j9cJLcjYwQ+6nbUW3AwERhkVX1tubNPzY6AIPK3ROURf/poBdw3F5dXJGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNyZEij+4wXjQSaTAUmjgAVi8Kq2MB8GA1UdIwQY
MBaAFEQdS5LdFQNkxlt9ISmQKGeLClKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMt
N2Y1ZjRkNjA0NzMxLzEvM0prU0tQN2pCZU5CSnBNQlNhT0FCV0x3cXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMtN2Y1ZjRkNjA0NzMx
LzEvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGkAJAAwQE
su6gAwQCuXewMA0EAgACMAcDBQMqAiGwMA0GCSqGSIb3DQEBCwUAA4IBAQBrYVm6
GJeK6P1xrwXbCVtheR3GSGn4JAKiq9smVXSyE5RPOvNaD+fdcn6XCmunr/akxpPa
1AFFS50OZDk2zw1MhtYOLJSxvGTAcgVe2VXpG4wbgLteis1AGrwjnLGsPF7YuwNI
ja4dC9QD0S5J2U1iwOoTX01R6QYGmryG27JDlEa5rrcEUBPmCL+XVwb1jnxAq4QD
aVKSlNiDRCoTrdv8J2M4ZnUnbY3B5733CpBpLpf7beF5c3wSjPF8Syi0RKEEXUVb
6iIuZdauiR9wTdfacW2/oCFAbqZaDFaeNJ8HnYDrtoXW+Kre/ICI6sM/ZT8iEhO5
sJvMZNFyGMVTQL49
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:23:46 2025 by rpki-client