Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/3aqcaFvnX3K7WdJarseDjVUiXLA.roa
File: 3aqcaFvnX3K7WdJarseDjVUiXLA.roa (raw, json)
Hash identifier: oYUYigd9Vtvfrvv9o0boJiIVHaAtMoZ5zO4oUtqPXO4=
Subject key identifier: DD:AA:9C:68:5B:E7:5F:72:BB:59:D2:5A:AE:C7:83:8D:55:22:5C:B0
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 01966CAFEB0F30866C33A9A31DC61C605768
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/3aqcaFvnX3K7WdJarseDjVUiXLA.roa
Signing time: Fri 25 Apr 2025 11:23:10 +0000
ROA not before: Fri 25 Apr 2025 11:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 91.218.176.0/22 maxlen: 24
91.232.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:af:eb:0f:30:86:6c:33:a9:a3:1d:c6:1c:60:57:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Apr 25 11:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddaa9c685be75f72bb59d25aaec7838d55225cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bc:dc:88:4f:cd:37:32:f2:2d:16:84:77:f9:
06:9e:1a:61:58:e7:e3:10:3c:ea:c0:c2:7d:01:ef:
01:c2:57:d4:ff:99:89:ec:6b:a8:c9:bd:7e:82:3b:
2c:10:ae:62:74:d4:0c:37:e5:5f:8e:d2:24:60:6a:
5a:be:b7:47:c6:e7:a3:6c:af:5b:a1:87:b3:d8:b5:
84:c8:70:07:22:22:58:0a:13:7d:d2:35:59:5e:d7:
22:b0:d9:8d:a5:67:e1:9d:30:3c:9a:93:d9:81:3e:
27:ea:81:d1:0d:5b:e3:58:65:d1:a4:f0:e3:72:0f:
87:89:d1:84:0a:6b:31:ed:3c:d6:bc:c8:d5:e2:f7:
eb:60:96:c6:b2:25:2e:d7:06:3b:66:e5:df:cd:1b:
e3:51:23:51:f2:83:11:85:3c:84:00:9d:44:50:fa:
29:6c:8f:62:86:4d:46:8e:09:ae:5a:1b:04:c7:d3:
c1:54:66:bc:97:58:4c:19:a3:8a:6e:ca:c3:6c:4e:
7b:d1:94:ef:84:80:4c:dd:ae:2a:fa:53:b0:3b:6f:
fe:f6:99:b4:c8:0b:3e:d4:e8:50:1f:63:6b:8d:8e:
a1:aa:28:a3:b5:e1:86:e4:05:ce:38:40:b2:50:63:
9f:4d:e9:b1:78:da:5d:bc:1d:7c:7d:dd:d6:63:df:
53:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AA:9C:68:5B:E7:5F:72:BB:59:D2:5A:AE:C7:83:8D:55:22:5C:B0
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/3aqcaFvnX3K7WdJarseDjVUiXLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.176.0/22
91.232.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:bb:2c:de:c6:06:de:39:1c:0f:6b:2c:28:5b:45:07:db:33:
7c:3b:d5:c0:79:06:c5:5e:b5:f3:85:a0:67:63:49:8e:ae:48:
27:6c:74:d2:e7:77:1d:61:46:a0:79:39:ef:eb:13:42:86:8f:
9b:e1:f0:21:13:40:2a:9b:af:57:90:da:ca:97:46:92:4b:12:
09:48:3f:fe:76:26:cd:82:9b:4e:d1:8d:e7:c0:3f:a7:ed:fd:
db:f9:99:a2:3f:34:6a:db:25:e4:70:7f:eb:a3:5a:34:46:14:
8d:dc:3a:83:48:7c:a9:7e:03:3e:ac:b9:00:aa:7e:70:8d:c0:
95:3b:16:54:b4:66:4b:86:5b:0c:61:db:08:9f:43:a2:33:38:
71:85:61:18:e6:9d:de:8d:58:de:90:95:a0:bf:50:ac:ed:75:
a8:3b:5e:ee:3f:50:0c:b1:10:9a:da:7f:d8:47:13:c8:0c:ac:
dc:bf:53:48:35:9c:43:12:c4:cd:11:99:1e:7e:ed:7b:86:e6:
3e:35:b5:21:a2:71:6b:c3:0f:3f:51:84:72:29:38:0e:a8:4f:
64:5d:76:58:a2:ab:fc:e8:ab:b6:66:34:04:a8:f9:8e:64:14:
2e:49:4f:36:74:76:0b:bc:fd:2b:b6:7c:9c:c6:aa:71:c8:da:
98:7c:f9:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZsr+sPMIZsM6mjHcYcYFdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjUwNDI1MTEyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFhOWM2ODViZTc1ZjcyYmI1OWQyNWFhZWM3ODM4ZDU1MjI1Y2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLzciE/NNzLyLRaEd/kGnhphWOfj
EDzqwMJ9Ae8BwlfU/5mJ7Guoyb1+gjssEK5idNQMN+VfjtIkYGpavrdHxuejbK9b
oYez2LWEyHAHIiJYChN90jVZXtcisNmNpWfhnTA8mpPZgT4n6oHRDVvjWGXRpPDj
cg+HidGECmsx7TzWvMjV4vfrYJbGsiUu1wY7ZuXfzRvjUSNR8oMRhTyEAJ1EUPop
bI9ihk1GjgmuWhsEx9PBVGa8l1hMGaOKbsrDbE570ZTvhIBM3a4q+lOwO2/+9pm0
yAs+1OhQH2NrjY6hqiijteGG5AXOOECyUGOfTemxeNpdvB18fd3WY99THwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2qnGhb519yu1nSWq7Hg41VIlywMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvM2FxY2FGdm5YM0s3V2RKYXJzZURqVlVpWExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9qwAwQC
W+gIMA0GCSqGSIb3DQEBCwUAA4IBAQBLuyzexgbeORwPaywoW0UH2zN8O9XAeQbF
XrXzhaBnY0mOrkgnbHTS53cdYUageTnv6xNCho+b4fAhE0Aqm69XkNrKl0aSSxIJ
SD/+dibNgptO0Y3nwD+n7f3b+ZmiPzRq2yXkcH/ro1o0RhSN3DqDSHypfgM+rLkA
qn5wjcCVOxZUtGZLhlsMYdsIn0OiMzhxhWEY5p3ejVjekJWgv1Cs7XWoO17uP1AM
sRCa2n/YRxPIDKzcv1NINZxDEsTNEZkefu17huY+NbUhonFrww8/UYRyKTgOqE9k
XXZYoqv86Ku2ZjQEqPmOZBQuSU82dHYLvP0rtnycxqpxyNqYfPn2
-----END CERTIFICATE-----
Generated at Fri May 9 02:44:56 2025 by rpki-client