Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/OU3J6iptbGQ_gdipE6OyGU9Kop4.roa
File: OU3J6iptbGQ_gdipE6OyGU9Kop4.roa (raw, json)
Hash identifier: kBHmuWTQgaYcOY+DDVBDklUXQLTof5AschE6k3rUlAU=
Subject key identifier: 39:4D:C9:EA:2A:6D:6C:64:3F:81:D8:A9:13:A3:B2:19:4F:4A:A2:9E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0196B19A211348D4A801813ABB7D3C9F53A2
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/OU3J6iptbGQ_gdipE6OyGU9Kop4.roa
Signing time: Thu 08 May 2025 20:33:10 +0000
ROA not before: Thu 08 May 2025 20:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133944
IP address blocks: 160.19.92.0/23 maxlen: 23
2a10:b46::/32 maxlen: 32
2a13:b4c2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b1:9a:21:13:48:d4:a8:01:81:3a:bb:7d:3c:9f:53:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 8 20:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=394dc9ea2a6d6c643f81d8a913a3b2194f4aa29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:01:5d:be:6b:0f:c9:f9:68:a6:d2:51:e6:a7:
92:d8:d4:1c:24:ce:5e:6e:c9:d9:45:48:a0:6a:b1:
89:e4:90:92:47:b3:8b:d7:51:eb:fb:a8:24:fe:5f:
3b:36:6f:27:df:ee:a4:02:b9:76:56:b4:24:54:35:
b3:64:f2:49:8b:61:80:a1:34:f8:97:69:f3:0f:81:
a8:0e:7c:be:41:c8:3a:95:f5:06:6c:c3:69:cc:89:
f4:f1:6c:25:85:ba:7a:9a:2d:2d:3b:43:08:f3:c4:
c0:37:be:8c:94:d6:6d:b8:d1:b0:47:9e:61:68:51:
e0:47:80:11:2b:bf:9a:d1:8a:f0:33:f9:01:6e:8b:
8f:cd:94:de:96:fd:e8:10:8d:fc:9a:aa:b0:4c:74:
41:82:99:3f:60:93:b5:fd:e1:97:84:4a:78:38:4a:
96:f9:c7:88:9b:60:a0:e8:d5:f2:f9:b1:2f:81:17:
64:b5:50:83:46:a1:09:5a:e8:ca:d1:fd:d4:6f:2a:
0a:c6:33:91:29:73:67:fe:b0:93:84:8e:50:5f:84:
a6:fe:15:b5:c1:cf:57:0d:38:e0:98:cf:51:54:f4:
f1:99:ea:48:48:98:2b:95:cd:c8:fa:dc:4e:36:f5:
20:b9:51:30:c0:fb:ed:c4:91:0f:2e:c0:95:a8:fa:
7c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4D:C9:EA:2A:6D:6C:64:3F:81:D8:A9:13:A3:B2:19:4F:4A:A2:9E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/OU3J6iptbGQ_gdipE6OyGU9Kop4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.19.92.0/23
IPv6:
2a10:b46::/32
2a13:b4c2::/32
Signature Algorithm: sha256WithRSAEncryption
99:93:8f:34:9b:a0:35:75:5e:96:5a:14:82:d9:98:f5:43:27:
4e:2c:5a:df:a7:ab:a7:38:87:40:a5:bc:f7:fb:24:31:bd:e0:
3d:b5:9c:0a:29:3b:bd:11:86:7b:3b:47:24:1b:d3:cd:3e:33:
45:52:0d:47:a2:9c:08:c0:68:47:e2:82:e7:3e:3f:00:d9:00:
27:47:41:4d:bf:60:78:7a:14:2e:6f:8b:ff:3c:c4:fe:34:6c:
e6:d7:f8:47:88:96:4d:88:81:4c:1f:91:c5:40:9f:6d:ad:84:
35:a7:c4:c0:0c:79:b8:60:5e:ec:af:f7:ad:94:f4:0e:a8:69:
f7:13:25:08:a7:8a:d4:5a:19:73:d0:76:91:49:e0:7e:7a:81:
44:97:24:a4:b8:0c:7c:a9:37:ee:01:f2:a8:93:c9:88:9f:3d:
a2:eb:22:b2:0c:65:06:b3:50:0c:f7:c0:8a:1b:ea:85:4e:32:
94:e8:74:bf:08:3e:c1:25:67:d4:57:a4:07:15:21:30:81:8c:
e8:ba:cf:b0:fa:c9:41:0a:48:00:ce:94:a4:a2:68:f5:9f:e1:
36:41:24:33:93:4d:c8:85:ca:54:ea:e3:71:0a:13:d0:64:8a:
ad:25:db:66:e6:88:b3:55:88:94:46:92:cd:18:6a:8a:68:24:
5c:71:79:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZaxmiETSNSoAYE6u308n1OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwNTA4MjAzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRkYzllYTJhNmQ2YzY0M2Y4MWQ4YTkxM2EzYjIxOTRmNGFhMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAFdvmsPyfloptJR5qeS2NQcJM5e
bsnZRUigarGJ5JCSR7OL11Hr+6gk/l87Nm8n3+6kArl2VrQkVDWzZPJJi2GAoTT4
l2nzD4GoDny+Qcg6lfUGbMNpzIn08Wwlhbp6mi0tO0MI88TAN76MlNZtuNGwR55h
aFHgR4ARK7+a0YrwM/kBbouPzZTelv3oEI38mqqwTHRBgpk/YJO1/eGXhEp4OEqW
+ceIm2Cg6NXy+bEvgRdktVCDRqEJWujK0f3UbyoKxjORKXNn/rCThI5QX4Sm/hW1
wc9XDTjgmM9RVPTxmepISJgrlc3I+txONvUguVEwwPvtxJEPLsCVqPp8gwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDlNyeoqbWxkP4HYqROjshlPSqKeMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvT1UzSjZpcHRiR1FfZ2RpcEU2T3lHVTlLb3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQBoBNcMBQE
AgACMA4DBQAqEAtGAwUAKhO0wjANBgkqhkiG9w0BAQsFAAOCAQEAmZOPNJugNXVe
lloUgtmY9UMnTixa36erpziHQKW89/skMb3gPbWcCik7vRGGeztHJBvTzT4zRVIN
R6KcCMBoR+KC5z4/ANkAJ0dBTb9geHoULm+L/zzE/jRs5tf4R4iWTYiBTB+RxUCf
ba2ENafEwAx5uGBe7K/3rZT0Dqhp9xMlCKeK1FoZc9B2kUngfnqBRJckpLgMfKk3
7gHyqJPJiJ89ousisgxlBrNQDPfAihvqhU4ylOh0vwg+wSVn1FekBxUhMIGM6LrP
sPrJQQpIAM6UpKJo9Z/hNkEkM5NNyIXKVOrjcQoT0GSKrSXbZuaIs1WIlEaSzRhq
imgkXHF5MA==
-----END CERTIFICATE-----
Generated at Sun May 11 05:10:47 2025 by rpki-client