Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/3jlhu43nFTAqKx4et3eHcMKKL3Y.roa
File: 3jlhu43nFTAqKx4et3eHcMKKL3Y.roa (raw, json)
Hash identifier: BH64yszlx12crGfEJXHUgBhMmAPFBIBZrSlJaldUjes=
Subject key identifier: DE:39:61:BB:8D:E7:15:30:2A:2B:1E:1E:B7:77:87:70:C2:8A:2F:76
Certificate issuer: /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial: 019425FDD90303059CBF40ABAA714AB8DC45
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/3jlhu43nFTAqKx4et3eHcMKKL3Y.roa
Signing time: Thu 02 Jan 2025 07:49:40 +0000
ROA not before: Thu 02 Jan 2025 07:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197444
IP address blocks: 91.217.52.0/23 maxlen: 23
91.221.148.0/23 maxlen: 23
217.26.221.0/24 maxlen: 24
2001:67c:2038::/48 maxlen: 48
2a13:50c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.mft
rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d9:03:03:05:9c:bf:40:ab:aa:71:4a:b8:dc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Validity
Not Before: Jan 2 07:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de3961bb8de715302a2b1e1eb7778770c28a2f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:db:f6:19:e2:75:56:29:d4:fe:0b:75:7f:be:
3d:3f:d8:8d:b9:0a:06:34:17:1d:2e:a8:e8:dc:ca:
d6:24:73:0b:eb:50:44:81:71:ad:c3:42:f2:24:96:
a6:4c:3c:ed:07:73:13:f1:ba:14:8e:23:6a:56:0f:
a5:8e:3f:e9:c6:7b:11:8c:7a:fd:ef:c4:4e:a8:e9:
38:8a:0d:49:55:57:09:ea:59:1d:21:ad:e3:6d:4f:
71:e2:dc:cb:68:49:1b:37:fb:d8:0a:60:12:20:f6:
a7:fd:58:98:a9:72:5f:a6:df:87:be:a6:de:d7:0e:
ee:0b:66:56:ff:63:a5:2e:84:16:1f:3a:0f:85:7c:
6f:a2:c5:80:9d:b2:73:2d:4b:3b:60:0c:37:fe:fe:
e7:64:e4:12:73:3d:90:25:9c:19:62:38:bb:26:20:
3a:91:5e:bf:94:ec:0f:0a:ef:42:ac:28:71:78:10:
60:53:2b:af:e0:11:5f:2e:88:85:5f:75:16:ee:c6:
3a:54:5d:d6:39:44:2c:1e:f7:df:89:17:28:40:fe:
48:6b:90:da:ed:e5:0a:54:62:ad:02:60:93:67:98:
47:c4:f6:c2:02:eb:58:0d:22:c6:ff:c6:7f:38:2a:
66:45:e8:e1:3f:07:10:c3:87:10:d6:4c:38:3b:d1:
08:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:61:BB:8D:E7:15:30:2A:2B:1E:1E:B7:77:87:70:C2:8A:2F:76
X509v3 Authority Key Identifier:
keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/3jlhu43nFTAqKx4et3eHcMKKL3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.52.0/23
91.221.148.0/23
217.26.221.0/24
IPv6:
2001:67c:2038::/48
2a13:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:a4:e6:cf:50:5a:fc:02:ca:39:80:a8:36:1b:bf:b8:23:72:
0f:44:8d:06:37:c0:be:c4:9f:0c:3a:54:61:f6:d0:f8:27:52:
66:7b:55:a7:6e:cb:36:bf:d1:bf:05:4d:c4:cc:01:a6:4a:36:
7a:67:98:91:cd:e1:52:77:54:f6:d4:f5:b5:86:fa:3e:31:27:
35:19:f6:a3:da:88:09:d8:ef:de:3e:96:da:74:63:d4:12:d2:
76:1e:9f:20:7c:db:d8:c9:9a:00:a7:49:c2:b6:07:99:dd:92:
49:e8:6d:e3:b8:6d:83:af:0b:32:48:e0:4b:06:d9:3d:cf:ee:
e6:88:e5:03:9b:36:82:fb:ac:b9:fb:59:3e:bd:26:7e:95:9e:
27:27:7d:55:94:0a:20:93:40:90:6a:f7:27:25:30:c2:30:ef:
13:77:9e:5c:85:1f:25:a6:7f:52:38:9c:e7:ae:7a:8e:71:24:
3a:f9:04:80:69:8b:94:fe:79:b0:94:ea:46:3b:9b:34:33:5d:
eb:90:88:15:b5:ed:4a:f0:24:4c:37:a7:98:6a:ad:12:24:f1:
c5:61:43:5d:09:7c:15:dd:db:f4:5a:09:9a:ee:e1:db:b2:6d:
d8:a6:a0:31:15:31:36:a7:95:fa:4d:d7:66:dd:1f:64:cf:31:
ab:13:c8:07
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQl/dkDAwWcv0CrqnFKuNxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjUwMTAyMDc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM5NjFiYjhkZTcxNTMwMmEyYjFlMWViNzc3ODc3MGMyOGEyZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNv2GeJ1VinU/gt1f749P9iNuQoG
NBcdLqjo3MrWJHML61BEgXGtw0LyJJamTDztB3MT8boUjiNqVg+ljj/pxnsRjHr9
78ROqOk4ig1JVVcJ6lkdIa3jbU9x4tzLaEkbN/vYCmASIPan/ViYqXJfpt+Hvqbe
1w7uC2ZW/2OlLoQWHzoPhXxvosWAnbJzLUs7YAw3/v7nZOQScz2QJZwZYji7JiA6
kV6/lOwPCu9CrChxeBBgUyuv4BFfLoiFX3UW7sY6VF3WOUQsHvffiRcoQP5Ia5Da
7eUKVGKtAmCTZ5hHxPbCAutYDSLG/8Z/OCpmRejhPwcQw4cQ1kw4O9EIKwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFN45YbuN5xUwKiseHrd3h3DCii92MB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvM2psaHU0M25GVEFxS3g0ZXQzZUhjTUtLTDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQBW9k0AwQB
W92UAwQA2RrdMBYEAgACMBADBwAgAQZ8IDgDBQMqE1DAMA0GCSqGSIb3DQEBCwUA
A4IBAQAypObPUFr8Aso5gKg2G7+4I3IPRI0GN8C+xJ8MOlRh9tD4J1Jme1Wnbss2
v9G/BU3EzAGmSjZ6Z5iRzeFSd1T21PW1hvo+MSc1Gfaj2ogJ2O/ePpbadGPUEtJ2
Hp8gfNvYyZoAp0nCtgeZ3ZJJ6G3juG2DrwsySOBLBtk9z+7miOUDmzaC+6y5+1k+
vSZ+lZ4nJ31VlAogk0CQavcnJTDCMO8Td55chR8lpn9SOJznrnqOcSQ6+QSAaYuU
/nmwlOpGO5s0M13rkIgVte1K8CRMN6eYaq0SJPHFYUNdCXwV3dv0Wgma7uHbsm3Y
pqAxFTE2p5X6Tddm3R9kzzGrE8gH
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:53:41 2025 by rpki-client