Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/3p0j32cYUOCnf_3ix5oMK3cKjZU.roa
File: 3p0j32cYUOCnf_3ix5oMK3cKjZU.roa (raw, json)
Hash identifier: B5xTeALfTdQDGuz03rj872RqicG0ddnazQY9+v5kIg4=
Subject key identifier: DE:9D:23:DF:67:18:50:E0:A7:7F:FD:E2:C7:9A:0C:2B:77:0A:8D:95
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E4AFB2C43D77BCFAEDD1B17D86920
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/3p0j32cYUOCnf_3ix5oMK3cKjZU.roa
Signing time: Wed 01 Jan 2025 15:48:58 +0000
ROA not before: Wed 01 Jan 2025 15:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400909
IP address blocks: 213.145.72.0/23 maxlen: 23
213.145.76.0/23 maxlen: 23
213.145.78.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:4a:fb:2c:43:d7:7b:cf:ae:dd:1b:17:d8:69:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de9d23df671850e0a77ffde2c79a0c2b770a8d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:be:94:f4:ea:73:6e:9d:30:2a:b0:ef:11:4e:
4d:8c:d9:7f:f2:b6:1c:81:30:70:1e:8f:02:10:1d:
48:6c:f0:92:88:f8:5e:67:bf:98:fd:3b:11:ae:d3:
ae:5e:6c:02:87:f0:8e:86:2d:c5:97:53:d8:e6:41:
e6:b8:82:c1:47:42:3c:a4:22:8e:26:a2:11:4a:34:
80:a4:ef:47:18:9f:50:78:0f:f1:15:57:8e:e0:7e:
2a:09:b2:17:1b:31:a7:f6:ea:f3:dd:0b:14:3c:f1:
11:25:ff:e9:b8:1d:06:a7:45:d9:ce:9e:a9:dd:0b:
72:c4:e9:20:16:dc:ba:38:7e:4d:86:ca:c1:5c:2c:
6a:d9:64:25:d2:42:57:38:64:83:e4:76:af:24:45:
d2:e8:a2:67:6e:0e:cd:73:42:d4:cb:91:eb:50:27:
6d:fb:52:9b:2a:f9:3a:13:b4:e1:38:27:81:a4:82:
b6:0f:f9:2d:37:f4:e5:38:d0:f0:d9:49:cf:b6:cb:
bf:d0:24:8f:92:c4:18:5b:62:93:ac:32:3e:ea:ae:
cf:e5:4a:92:32:69:8b:9b:b8:c3:eb:52:d9:50:ff:
bc:c4:d1:2f:18:d7:43:a2:2c:87:b7:d3:f1:e9:e6:
57:41:5b:ee:74:ac:04:38:ce:1a:da:e5:69:cc:8b:
ec:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9D:23:DF:67:18:50:E0:A7:7F:FD:E2:C7:9A:0C:2B:77:0A:8D:95
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/3p0j32cYUOCnf_3ix5oMK3cKjZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.72.0/23
213.145.76.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:80:17:2b:b9:3a:e7:1b:90:96:84:33:44:48:b2:5e:30:01:
19:22:95:5e:47:ae:86:65:db:f9:57:b6:2a:7b:99:58:75:04:
d2:3d:63:15:f8:11:c6:b6:57:49:d8:3f:c8:08:97:68:6e:d7:
69:f5:57:fe:b8:a2:4a:19:7c:96:55:2d:4d:a1:90:7a:e1:88:
21:09:e4:85:bd:90:ed:b9:ee:6f:d6:f8:71:33:e5:a6:ad:45:
95:4a:10:42:98:c3:ee:a1:61:5d:ed:0a:b7:71:e8:6c:6c:3f:
fb:31:a3:d5:bf:38:21:a3:25:0d:3b:36:7f:c4:f4:d8:f9:f1:
03:e0:d4:b6:f5:f9:b3:6a:ce:28:09:ad:99:20:6f:d0:a4:d2:
ad:32:b3:77:ca:49:5d:37:5f:a2:9c:54:aa:b8:48:3e:85:a0:
de:cb:fb:b2:f0:df:37:37:9a:82:04:1a:19:e3:ff:cb:7b:a4:
ff:70:5e:2b:0a:cd:ca:49:cc:2c:ec:99:a2:30:8e:be:f6:68:
13:fc:25:cb:42:f5:55:3d:65:08:a3:26:a9:2b:f1:90:cb:cb:
f7:10:a3:34:cd:1b:86:26:25:a1:82:39:31:fd:c5:fd:3c:e9:
d8:5c:09:f0:94:ff:87:62:82:a4:cc:19:3e:c8:98:41:05:fd:
8b:ba:c0:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijkr7LEPXe8+u3RsX2GkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTlkMjNkZjY3MTg1MGUwYTc3ZmZkZTJjNzlhMGMyYjc3MGE4ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt76U9Opzbp0wKrDvEU5NjNl/8rYc
gTBwHo8CEB1IbPCSiPheZ7+Y/TsRrtOuXmwCh/COhi3Fl1PY5kHmuILBR0I8pCKO
JqIRSjSApO9HGJ9QeA/xFVeO4H4qCbIXGzGn9urz3QsUPPERJf/puB0Gp0XZzp6p
3QtyxOkgFty6OH5NhsrBXCxq2WQl0kJXOGSD5HavJEXS6KJnbg7Nc0LUy5HrUCdt
+1KbKvk6E7ThOCeBpIK2D/ktN/TlONDw2UnPtsu/0CSPksQYW2KTrDI+6q7P5UqS
MmmLm7jD61LZUP+8xNEvGNdDoiyHt9Px6eZXQVvudKwEOM4a2uVpzIvsNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN6dI99nGFDgp3/94seaDCt3Co2VMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvM3AwajMyY1lVT0NuZl8zaXg1b01LM2NLalpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1ZFIAwQC
1ZFMMA0GCSqGSIb3DQEBCwUAA4IBAQBPgBcruTrnG5CWhDNESLJeMAEZIpVeR66G
Zdv5V7Yqe5lYdQTSPWMV+BHGtldJ2D/ICJdobtdp9Vf+uKJKGXyWVS1NoZB64Ygh
CeSFvZDtue5v1vhxM+WmrUWVShBCmMPuoWFd7Qq3cehsbD/7MaPVvzghoyUNOzZ/
xPTY+fED4NS29fmzas4oCa2ZIG/QpNKtMrN3ykldN1+inFSquEg+haDey/uy8N83
N5qCBBoZ4//Le6T/cF4rCs3KScws7JmiMI6+9mgT/CXLQvVVPWUIoyapK/GQy8v3
EKM0zRuGJiWhgjkx/cX9POnYXAnwlP+HYoKkzBk+yJhBBf2LusD2
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:39:28 2025 by rpki-client