Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/ibMRX0UskUZ1fKV63OderSyFGp4.roa
File: ibMRX0UskUZ1fKV63OderSyFGp4.roa (raw, json)
Hash identifier: eA4MV5O6XQVzVYEe9jvmxnmU146aKwd4Gt1iGOJqAdY=
Subject key identifier: 89:B3:11:5F:45:2C:91:46:75:7C:A5:7A:DC:E7:5E:AD:2C:85:1A:9E
Certificate issuer: /CN=3c2c854011140a10947da7b53bbb350f3c54b33e
Certificate serial: 019425220F35CDEA670F6C6B95C4B7FD8479
Authority key identifier: 3C:2C:85:40:11:14:0A:10:94:7D:A7:B5:3B:BB:35:0F:3C:54:B3:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/ibMRX0UskUZ1fKV63OderSyFGp4.roa
Signing time: Thu 02 Jan 2025 03:49:36 +0000
ROA not before: Thu 02 Jan 2025 03:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51426
IP address blocks: 46.175.112.0/21 maxlen: 21
85.209.38.0/23 maxlen: 23
91.217.18.0/23 maxlen: 23
185.225.108.0/22 maxlen: 22
2a0d:bc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0f:35:cd:ea:67:0f:6c:6b:95:c4:b7:fd:84:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c2c854011140a10947da7b53bbb350f3c54b33e
Validity
Not Before: Jan 2 03:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89b3115f452c9146757ca57adce75ead2c851a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f7:66:f3:9b:14:0b:f1:f9:32:3f:35:62:19:
b5:4c:69:c4:91:98:1e:f8:99:b6:43:a7:fc:49:9a:
33:74:3b:da:dc:19:46:5d:0e:3d:c9:c4:94:2c:b7:
ce:39:fd:7d:7c:68:d1:fe:61:f5:cc:f5:29:c3:11:
2f:bd:03:eb:af:ff:f8:16:0c:16:c1:4e:a7:e6:55:
fc:47:49:1b:d6:b9:6f:2a:cd:c7:34:e9:58:73:67:
b4:0c:23:71:78:97:c6:4f:a4:de:62:13:08:76:c7:
0c:a8:64:3f:c5:0f:62:fa:dd:74:5e:f2:f0:13:cf:
73:45:87:e6:ce:86:f2:e2:4f:28:86:de:90:62:56:
39:9e:d8:02:e8:f2:4e:2d:64:53:23:e1:8c:fb:2d:
d7:b7:bc:30:0f:67:92:38:21:1e:2f:0e:de:cf:20:
9c:fb:70:8a:6f:65:67:9d:f2:57:6e:4b:44:3a:b5:
8b:9c:1a:74:42:e2:25:4f:b2:83:2e:03:c9:78:b0:
83:92:34:f2:4b:25:e3:b6:71:ee:bc:04:1d:1f:5d:
27:b4:9d:83:e1:3b:64:4b:38:24:e8:5e:ba:ca:b4:
6f:0c:ee:20:57:ea:50:06:83:90:32:7f:54:76:e8:
72:9c:77:d0:f0:22:2d:80:be:5e:39:d9:79:38:a7:
72:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B3:11:5F:45:2C:91:46:75:7C:A5:7A:DC:E7:5E:AD:2C:85:1A:9E
X509v3 Authority Key Identifier:
keyid:3C:2C:85:40:11:14:0A:10:94:7D:A7:B5:3B:BB:35:0F:3C:54:B3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/ibMRX0UskUZ1fKV63OderSyFGp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.112.0/21
85.209.38.0/23
91.217.18.0/23
185.225.108.0/22
IPv6:
2a0d:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
5d:55:3b:30:ca:21:22:8c:3b:fb:95:3e:ac:e7:08:ba:2d:b4:
98:d8:29:4f:19:6a:4d:6e:23:11:19:f5:75:e1:39:ba:cd:da:
c5:0d:82:2b:24:cd:3a:8d:35:6e:b8:47:98:77:ad:4a:e1:78:
03:b4:fe:8d:7a:63:3f:f4:7a:8a:f0:fd:51:26:f3:4e:d5:d0:
98:4c:d8:32:1d:ba:40:cd:7e:97:cc:a3:1c:ee:a6:fc:58:c2:
f9:1f:b0:5d:db:a2:b9:b9:ce:d6:a2:5c:16:ec:fa:f4:34:a3:
b9:ee:6a:1d:d3:4a:6d:4b:3e:81:6e:60:3d:93:9e:d7:fa:f8:
94:ed:22:b8:f4:22:f1:2b:ae:95:fe:a4:12:1a:df:de:a2:d7:
44:04:37:d3:15:2c:ea:07:75:26:72:54:b9:12:31:d0:76:11:
62:34:13:78:0d:2e:1b:95:93:b8:62:c7:93:da:a5:35:26:5a:
ca:e0:d3:82:3d:fd:44:a0:aa:bf:b9:bd:b9:dc:31:09:61:37:
5d:be:c7:96:f8:b3:73:7e:48:cd:df:47:47:5f:49:b4:b7:0b:
8d:c9:a1:82:3c:63:41:63:00:57:14:9e:4c:0e:4d:34:54:94:
75:e9:0a:e6:2e:ef:dd:2a:4f:83:1c:4f:22:d9:cd:ff:07:5a:
e9:d3:b7:34
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQlIg81zepnD2xrlcS3/YR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMmM4NTQwMTExNDBhMTA5NDdkYTdiNTNiYmIzNTBmM2M1
NGIzM2UwHhcNMjUwMTAyMDM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWIzMTE1ZjQ1MmM5MTQ2NzU3Y2E1N2FkY2U3NWVhZDJjODUxYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/dm85sUC/H5Mj81Yhm1TGnEkZge
+Jm2Q6f8SZozdDva3BlGXQ49ycSULLfOOf19fGjR/mH1zPUpwxEvvQPrr//4FgwW
wU6n5lX8R0kb1rlvKs3HNOlYc2e0DCNxeJfGT6TeYhMIdscMqGQ/xQ9i+t10XvLw
E89zRYfmzoby4k8oht6QYlY5ntgC6PJOLWRTI+GM+y3Xt7wwD2eSOCEeLw7ezyCc
+3CKb2VnnfJXbktEOrWLnBp0QuIlT7KDLgPJeLCDkjTySyXjtnHuvAQdH10ntJ2D
4TtkSzgk6F66yrRvDO4gV+pQBoOQMn9UduhynHfQ8CItgL5eOdl5OKdyLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFImzEV9FLJFGdXyletznXq0shRqeMB8GA1UdIwQY
MBaAFDwshUARFAoQlH2ntTu7NQ88VLM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEN5RlFCRVVDaENVZmFlMU83czFEenhVc3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMDU4MGQtMDQ4YS00ZTZkLWJlYzYt
YjViYmQwYjVlMGFhLzEvaWJNUlgwVXNrVVoxZktWNjNPZGVyU3lGR3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lMDU4MGQtMDQ4YS00ZTZkLWJlYzYtYjViYmQwYjVlMGFh
LzEvUEN5RlFCRVVDaENVZmFlMU83czFEenhVc3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLq9wAwQB
VdEmAwQBW9kSAwQCueFsMA0EAgACMAcDBQMqDbwAMA0GCSqGSIb3DQEBCwUAA4IB
AQBdVTswyiEijDv7lT6s5wi6LbSY2ClPGWpNbiMRGfV14Tm6zdrFDYIrJM06jTVu
uEeYd61K4XgDtP6NemM/9HqK8P1RJvNO1dCYTNgyHbpAzX6XzKMc7qb8WML5H7Bd
26K5uc7WolwW7Pr0NKO57mod00ptSz6BbmA9k57X+viU7SK49CLxK66V/qQSGt/e
otdEBDfTFSzqB3UmclS5EjHQdhFiNBN4DS4blZO4YseT2qU1JlrK4NOCPf1EoKq/
ub253DEJYTddvseW+LNzfkjN30dHX0m0twuNyaGCPGNBYwBXFJ5MDk00VJR16Qrm
Lu/dKk+DHE8i2c3/B1rp07c0
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:27 2025 by rpki-client