Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/rtM3C_Rb7MChD47Ga1U2cViLrVM.roa
File: rtM3C_Rb7MChD47Ga1U2cViLrVM.roa (raw, json)
Hash identifier: Bbt4WsyZlaNBYxegxcNZsDU9+mHNhqHf+fOapqUBZAw=
Subject key identifier: AE:D3:37:0B:F4:5B:EC:C0:A1:0F:8E:C6:6B:55:36:71:58:8B:AD:53
Certificate issuer: /CN=441d4b92dd150364c65b7d21299028678b0a5296
Certificate serial: 01941F8C262DC949422FE4AD5492CA069C15
Authority key identifier: 44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/rtM3C_Rb7MChD47Ga1U2cViLrVM.roa
Signing time: Wed 01 Jan 2025 01:47:46 +0000
ROA not before: Wed 01 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 144.2.64.0/18 maxlen: 20
178.238.160.0/20 maxlen: 22
185.119.176.0/22 maxlen: 24
2a02:21b0::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:26:2d:c9:49:42:2f:e4:ad:54:92:ca:06:9c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=441d4b92dd150364c65b7d21299028678b0a5296
Validity
Not Before: Jan 1 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aed3370bf45becc0a10f8ec66b553671588bad53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:16:ab:0f:89:87:bb:2d:10:ea:bb:fc:01:2b:
05:40:fe:88:aa:a1:cb:81:a2:74:71:93:7d:2d:ec:
31:a3:58:22:c1:ad:8c:e8:fa:92:8d:18:c8:93:62:
3d:c6:bc:4d:be:be:d9:87:d4:d4:11:9c:48:a5:cb:
ff:c3:61:97:7b:0f:5b:6d:57:96:cd:56:af:93:0c:
78:00:f4:ec:7f:9e:6b:ee:f3:8b:62:66:2f:fa:33:
67:a4:db:17:94:fa:9a:a4:82:54:99:66:e9:ad:ff:
26:07:47:7b:05:30:1a:ae:d4:2e:99:13:1f:42:fa:
05:d5:8e:ca:ab:bf:29:ca:ee:60:af:76:c5:4b:7a:
86:fd:5b:52:31:18:4c:1d:f4:a4:29:05:b5:f5:f4:
b1:75:56:f7:93:d1:fd:50:34:9c:9e:28:75:39:30:
e9:61:a6:cf:e7:f8:2c:8e:f4:4f:48:cd:7b:70:e3:
bd:08:95:20:a6:80:53:d6:6b:ec:60:1e:b2:96:23:
43:da:17:a0:53:f1:17:0c:b5:18:a2:0c:de:6d:1f:
4d:c7:d1:f7:f1:b1:88:76:6c:40:c6:9f:65:8a:36:
72:2d:01:42:c8:08:9e:f0:2d:15:b4:16:58:4f:e2:
e3:f1:f9:23:77:e1:a6:1b:c3:3f:22:44:e7:82:1d:
a5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D3:37:0B:F4:5B:EC:C0:A1:0F:8E:C6:6B:55:36:71:58:8B:AD:53
X509v3 Authority Key Identifier:
keyid:44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/rtM3C_Rb7MChD47Ga1U2cViLrVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.64.0/18
178.238.160.0/20
185.119.176.0/22
IPv6:
2a02:21b0::/29
Signature Algorithm: sha256WithRSAEncryption
b9:bf:e1:72:75:8c:d8:5b:2e:cd:2e:4e:66:e9:3c:62:a2:eb:
ec:04:cb:2d:aa:8e:0f:bb:65:e1:7b:72:09:8c:be:7d:27:7b:
74:5b:f2:48:4f:8e:41:77:e3:26:2e:eb:1c:f9:e3:3e:76:1f:
b5:db:b1:44:05:55:cf:d9:61:17:fc:34:da:3e:c8:24:00:a5:
ee:a3:7d:7f:24:36:7c:da:5c:d2:0b:66:36:94:da:bd:18:e4:
b9:e8:4e:65:f8:76:72:76:d2:1c:34:85:1b:cf:fd:65:1d:29:
05:11:a1:0b:cb:59:1e:d0:b5:49:6a:cb:f3:d2:97:8e:41:95:
77:0a:e9:d6:5d:4d:6a:8e:3f:28:ef:26:a0:3c:01:d7:ad:d5:
b9:87:62:72:00:a3:47:11:d8:9f:d2:1a:c7:a0:ac:b8:a2:a4:
29:46:ea:3f:5c:b2:21:6f:61:f3:de:eb:f3:c2:6a:58:99:e4:
82:c2:56:f7:82:af:20:76:8e:dc:3b:76:c1:fb:2c:c6:46:e7:
0e:d0:a2:e0:fc:ec:d1:c4:51:44:82:b3:a2:ad:3e:ad:d3:26:
c8:40:a8:7f:e2:59:36:8f:c7:75:2a:99:12:ee:06:c0:ff:48:
1e:97:e0:6b:62:71:6f:8e:74:8d:c7:88:88:34:36:bf:23:24:
9b:a7:90:b7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjCYtyUlCL+StVJLKBpwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MWQ0YjkyZGQxNTAzNjRjNjViN2QyMTI5OTAyODY3OGIw
YTUyOTYwHhcNMjUwMTAxMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQzMzcwYmY0NWJlY2MwYTEwZjhlYzY2YjU1MzY3MTU4OGJhZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRarD4mHuy0Q6rv8ASsFQP6IqqHL
gaJ0cZN9Lewxo1giwa2M6PqSjRjIk2I9xrxNvr7Zh9TUEZxIpcv/w2GXew9bbVeW
zVavkwx4APTsf55r7vOLYmYv+jNnpNsXlPqapIJUmWbprf8mB0d7BTAartQumRMf
QvoF1Y7Kq78pyu5gr3bFS3qG/VtSMRhMHfSkKQW19fSxdVb3k9H9UDScnih1OTDp
YabP5/gsjvRPSM17cOO9CJUgpoBT1mvsYB6yliND2hegU/EXDLUYogzebR9Nx9H3
8bGIdmxAxp9lijZyLQFCyAie8C0VtBZYT+Lj8fkjd+GmG8M/IkTngh2lwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK7TNwv0W+zAoQ+OxmtVNnFYi61TMB8GA1UdIwQY
MBaAFEQdS5LdFQNkxlt9ISmQKGeLClKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMt
N2Y1ZjRkNjA0NzMxLzEvcnRNM0NfUmI3TUNoRDQ3R2ExVTJjVmlMclZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMtN2Y1ZjRkNjA0NzMx
LzEvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGkAJAAwQE
su6gAwQCuXewMA0EAgACMAcDBQMqAiGwMA0GCSqGSIb3DQEBCwUAA4IBAQC5v+Fy
dYzYWy7NLk5m6TxiouvsBMstqo4Pu2Xhe3IJjL59J3t0W/JIT45Bd+MmLusc+eM+
dh+127FEBVXP2WEX/DTaPsgkAKXuo31/JDZ82lzSC2Y2lNq9GOS56E5l+HZydtIc
NIUbz/1lHSkFEaELy1ke0LVJasvz0peOQZV3CunWXU1qjj8o7yagPAHXrdW5h2Jy
AKNHEdif0hrHoKy4oqQpRuo/XLIhb2Hz3uvzwmpYmeSCwlb3gq8gdo7cO3bB+yzG
RucO0KLg/OzRxFFEgrOirT6t0ybIQKh/4lk2j8d1KpkS7gbA/0gel+BrYnFvjnSN
x4iINDa/IySbp5C3
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:33:57 2025 by rpki-client