Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/3inaB-Z8N-03CL2yfe3x_VbDc5s.roa
File: 3inaB-Z8N-03CL2yfe3x_VbDc5s.roa (raw, json)
Hash identifier: iSbmP3vh3ZBuD/tQ+I4W0ABTtwGb3llYxyQ3Q/wGCp8=
Subject key identifier: DE:29:DA:07:E6:7C:37:ED:37:08:BD:B2:7D:ED:F1:FD:56:C3:73:9B
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B6797A21F626DC0CD1B0FCBC6AB5F1
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/3inaB-Z8N-03CL2yfe3x_VbDc5s.roa
Signing time: Thu 02 Jan 2025 15:50:57 +0000
ROA not before: Thu 02 Jan 2025 15:50:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28761
IP address blocks: 91.224.30.0/23 maxlen: 23
91.232.116.0/24 maxlen: 24
91.232.118.0/23 maxlen: 23
185.76.80.0/24 maxlen: 24
188.191.16.0/22 maxlen: 22
188.191.16.0/24 maxlen: 24
188.191.17.0/24 maxlen: 24
188.191.18.0/24 maxlen: 24
188.191.19.0/24 maxlen: 24
188.191.24.0/24 maxlen: 24
188.191.25.0/24 maxlen: 24
188.191.26.0/24 maxlen: 24
188.191.27.0/24 maxlen: 24
193.188.254.0/24 maxlen: 24
194.140.228.0/24 maxlen: 24
195.26.80.0/24 maxlen: 24
195.26.81.0/24 maxlen: 24
195.26.82.0/23 maxlen: 23
195.49.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:79:7a:21:f6:26:dc:0c:d1:b0:fc:bc:6a:b5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:50:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de29da07e67c37ed3708bdb27dedf1fd56c3739b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0c:6b:6e:33:f7:71:5f:23:00:e0:ee:b6:eb:
30:eb:2f:f1:7b:d6:59:c9:0f:15:66:f6:87:8b:57:
46:cd:d7:0f:2c:d2:5f:06:15:f0:3d:34:46:65:b7:
f5:ef:df:ad:a9:8a:88:3f:55:65:eb:2b:57:11:e5:
f2:39:af:4b:65:c2:f2:8c:66:89:83:a3:3f:38:2a:
f4:25:3e:bb:f1:de:21:48:97:53:48:da:25:8e:da:
28:a6:50:81:ee:12:b6:ea:52:db:c7:d7:62:75:f9:
a4:41:22:dd:56:4f:87:d5:ce:e6:07:56:fe:fd:4a:
f9:56:ed:ff:be:e5:71:52:21:74:ff:88:b8:e6:89:
c1:4b:62:40:9c:e4:ca:72:24:9f:5f:5f:93:e3:a8:
15:d7:bb:89:55:d2:07:7c:ea:0c:d4:ec:96:3a:3f:
74:df:f6:16:f7:7b:ee:3a:e3:98:ef:bc:cf:44:f1:
9a:8e:fe:f1:e1:37:f4:7b:83:8b:ce:9d:93:54:e7:
d8:1a:76:88:b2:a8:92:d0:dc:61:c8:18:f5:e9:a4:
a8:51:f9:9b:be:5a:7c:db:5c:08:11:cc:5a:e3:9e:
57:55:1b:bc:a1:56:12:18:f0:02:2e:86:71:38:f2:
45:75:97:4e:0e:5e:80:3e:16:03:29:14:20:02:87:
fb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:29:DA:07:E6:7C:37:ED:37:08:BD:B2:7D:ED:F1:FD:56:C3:73:9B
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/3inaB-Z8N-03CL2yfe3x_VbDc5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.30.0/23
91.232.116.0/24
91.232.118.0/23
185.76.80.0/24
188.191.16.0/22
188.191.24.0/22
193.188.254.0/24
194.140.228.0/24
195.26.80.0/22
195.49.204.0/23
Signature Algorithm: sha256WithRSAEncryption
96:9f:e1:a5:de:20:73:88:ee:66:23:1b:fd:06:04:e5:9d:18:
d7:61:cb:f3:d9:b4:2c:9f:8a:fa:3d:e2:e9:0b:fb:64:34:6a:
76:c8:94:ea:83:b0:a5:43:5d:78:73:5d:12:d6:73:df:5b:1e:
3b:a2:55:87:63:41:b5:b6:fd:da:54:02:22:95:33:32:b0:ad:
6c:90:33:60:4c:26:7c:12:14:8f:f8:20:f3:5f:4c:37:a6:6f:
11:cd:a5:51:9e:ed:fa:90:2b:ca:ba:7b:50:cb:69:af:f0:f2:
1f:aa:ae:cc:5b:9c:30:20:2a:33:14:6d:ef:75:34:b9:fc:1a:
4d:e5:98:d6:5f:5f:0a:aa:39:0e:d5:55:c1:df:55:fb:cd:ee:
4c:0f:f5:e9:0b:a0:8d:62:8d:6d:85:a0:e4:5f:9c:99:d0:41:
bc:b7:36:44:5a:c5:11:d1:b0:cd:60:04:89:cb:71:1d:7a:da:
26:9d:a6:2d:89:fe:09:cc:a1:ae:81:ec:57:c1:e9:77:40:62:
e7:35:52:23:b9:f2:f7:e8:49:5d:ac:09:45:c2:2b:84:23:64:
33:e9:2e:13:ea:a4:c9:ce:cc:44:68:0d:2f:24:d3:68:6b:98:
52:9b:c4:e1:1b:f0:ae:77:65:9a:f9:f2:4c:96:c8:00:45:46:
67:63:04:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQntnl6IfYm3AzRsPy8arXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI5ZGEwN2U2N2MzN2VkMzcwOGJkYjI3ZGVkZjFmZDU2YzM3MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAxrbjP3cV8jAODutusw6y/xe9ZZ
yQ8VZvaHi1dGzdcPLNJfBhXwPTRGZbf179+tqYqIP1Vl6ytXEeXyOa9LZcLyjGaJ
g6M/OCr0JT678d4hSJdTSNoljtooplCB7hK26lLbx9didfmkQSLdVk+H1c7mB1b+
/Ur5Vu3/vuVxUiF0/4i45onBS2JAnOTKciSfX1+T46gV17uJVdIHfOoM1OyWOj90
3/YW93vuOuOY77zPRPGajv7x4Tf0e4OLzp2TVOfYGnaIsqiS0NxhyBj16aSoUfmb
vlp821wIEcxa455XVRu8oVYSGPACLoZxOPJFdZdODl6APhYDKRQgAof7fQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN4p2gfmfDftNwi9sn3t8f1Ww3ObMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvM2luYUItWjhOLTAzQ0wyeWZlM3hfVmJEYzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBW+AeAwQA
W+h0AwQBW+h2AwQAuUxQAwQCvL8QAwQCvL8YAwQAwbz+AwQAwozkAwQCwxpQAwQB
wzHMMA0GCSqGSIb3DQEBCwUAA4IBAQCWn+Gl3iBziO5mIxv9BgTlnRjXYcvz2bQs
n4r6PeLpC/tkNGp2yJTqg7ClQ114c10S1nPfWx47olWHY0G1tv3aVAIilTMysK1s
kDNgTCZ8EhSP+CDzX0w3pm8RzaVRnu36kCvKuntQy2mv8PIfqq7MW5wwICozFG3v
dTS5/BpN5ZjWX18KqjkO1VXB31X7ze5MD/XpC6CNYo1thaDkX5yZ0EG8tzZEWsUR
0bDNYASJy3EdetomnaYtif4JzKGugexXwel3QGLnNVIjufL36EldrAlFwiuEI2Qz
6S4T6qTJzsxEaA0vJNNoa5hSm8ThG/Cud2Wa+fJMlsgARUZnYwS9
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:06:27 2025 by rpki-client