Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/PSwPdvpJ8F0S-rG7_N9WITcEKDI.roa
File: PSwPdvpJ8F0S-rG7_N9WITcEKDI.roa (raw, json)
Hash identifier: /jo3ttsndkopDRSIl+Ye5A4QZZMm+sbwX25b3bVaXnY=
Subject key identifier: 3D:2C:0F:76:FA:49:F0:5D:12:FA:B1:BB:FC:DF:56:21:37:04:28:32
Certificate issuer: /CN=1a946f4a826d622a338ed83e0afcdf78c87604f8
Certificate serial: 019420D641FD4C72D8FAB647E22C475AC373
Authority key identifier: 1A:94:6F:4A:82:6D:62:2A:33:8E:D8:3E:0A:FC:DF:78:C8:76:04:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpRvSoJtYiozjtg-CvzfeMh2BPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/PSwPdvpJ8F0S-rG7_N9WITcEKDI.roa
Signing time: Wed 01 Jan 2025 07:48:19 +0000
ROA not before: Wed 01 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208116
IP address blocks: 91.204.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/GpRvSoJtYiozjtg-CvzfeMh2BPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/GpRvSoJtYiozjtg-CvzfeMh2BPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GpRvSoJtYiozjtg-CvzfeMh2BPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:41:fd:4c:72:d8:fa:b6:47:e2:2c:47:5a:c3:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a946f4a826d622a338ed83e0afcdf78c87604f8
Validity
Not Before: Jan 1 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d2c0f76fa49f05d12fab1bbfcdf562137042832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:40:b1:13:37:c3:d8:cd:c3:9c:0a:3e:07:21:
71:d6:31:cb:02:ef:1f:66:6c:47:ad:25:85:cf:ac:
9b:27:3b:c0:98:a8:aa:81:11:6d:8a:f6:63:1d:28:
f5:e4:02:a3:cc:98:7e:a4:02:3e:fa:c5:a2:0d:c7:
c2:07:fd:25:f6:da:8f:1c:bb:e7:38:6f:df:c5:56:
2e:d7:2c:e7:3f:6d:1d:30:2a:25:c2:7a:6e:33:d1:
f6:f3:a1:d1:69:82:8d:20:d8:b0:d3:c4:d3:96:52:
26:83:ba:b4:87:a7:12:f5:f3:19:ce:ad:e5:62:59:
f3:88:7e:d7:bc:3e:2a:fb:80:ce:03:4a:de:86:5b:
26:de:0f:1b:1f:2c:dc:c5:34:e5:2d:ee:01:4f:20:
97:6c:6a:bb:13:f0:52:a1:70:cc:6f:64:0f:2a:9d:
3b:b2:e9:f8:6b:59:97:69:fe:e0:99:f9:8a:9f:da:
7f:e9:66:1e:2e:37:ae:98:0d:e4:a2:58:4c:2b:21:
b4:9e:24:63:c8:28:e3:71:c7:45:30:a0:df:ce:a5:
0f:86:bf:ca:25:62:5d:d4:d5:78:8c:e7:34:9a:50:
b9:2f:ee:1b:66:0e:51:18:2d:21:fa:e1:5d:e1:a6:
2f:00:a4:66:35:93:79:20:8b:cc:a3:8f:fb:42:9c:
d6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2C:0F:76:FA:49:F0:5D:12:FA:B1:BB:FC:DF:56:21:37:04:28:32
X509v3 Authority Key Identifier:
keyid:1A:94:6F:4A:82:6D:62:2A:33:8E:D8:3E:0A:FC:DF:78:C8:76:04:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpRvSoJtYiozjtg-CvzfeMh2BPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/PSwPdvpJ8F0S-rG7_N9WITcEKDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6ba6a3-25e0-499a-a7a9-98398fdbc9fb/1/GpRvSoJtYiozjtg-CvzfeMh2BPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.82.0/24
Signature Algorithm: sha256WithRSAEncryption
35:00:ca:6a:3d:03:51:96:58:85:6e:44:ef:a7:62:28:96:83:
62:89:9f:81:21:a3:6c:68:fe:0e:fc:21:7b:9a:dd:b0:c4:fd:
0d:ec:d9:c3:2a:64:24:f4:2f:7c:4e:27:fa:4b:85:76:63:2d:
1d:6b:f4:22:7e:c4:8b:2b:ba:bb:50:1f:ce:cf:c5:60:76:b4:
e0:01:bb:09:a5:ec:45:54:e0:01:5c:11:83:6c:4f:d0:5d:7e:
17:65:cd:30:51:cd:24:fa:f8:1f:9e:b9:e3:fb:e3:6f:1a:52:
4d:73:bb:ee:a2:d3:59:87:ea:8e:7a:1b:e3:ad:5c:ac:c1:47:
88:0f:a0:73:fe:60:c2:03:25:42:bf:0f:53:c1:f1:fa:e5:f5:
a2:95:df:c1:43:fa:a8:27:d5:6f:34:4a:6d:83:46:37:17:3e:
68:73:f2:d7:bc:12:9f:3b:49:15:36:5c:95:1e:c3:69:68:dc:
b6:e3:d7:9e:f4:34:89:b5:5a:5b:4f:59:dc:73:33:2e:89:71:
b0:30:42:c5:6f:3d:ab:ea:4a:ca:c5:7d:d5:4c:2a:ce:67:d7:
72:5d:bb:b2:42:01:eb:27:93:b7:62:ef:53:40:b5:cb:ec:ba:
10:9c:89:c3:da:1e:85:69:02:05:c6:73:4e:56:b2:b6:43:8c:
d3:47:66:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1kH9THLY+rZH4ixHWsNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTQ2ZjRhODI2ZDYyMmEzMzhlZDgzZTBhZmNkZjc4Yzg3
NjA0ZjgwHhcNMjUwMTAxMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJjMGY3NmZhNDlmMDVkMTJmYWIxYmJmY2RmNTYyMTM3MDQyODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkCxEzfD2M3DnAo+ByFx1jHLAu8f
ZmxHrSWFz6ybJzvAmKiqgRFtivZjHSj15AKjzJh+pAI++sWiDcfCB/0l9tqPHLvn
OG/fxVYu1yznP20dMColwnpuM9H286HRaYKNINiw08TTllImg7q0h6cS9fMZzq3l
YlnziH7XvD4q+4DOA0rehlsm3g8bHyzcxTTlLe4BTyCXbGq7E/BSoXDMb2QPKp07
sun4a1mXaf7gmfmKn9p/6WYeLjeumA3kolhMKyG0niRjyCjjccdFMKDfzqUPhr/K
JWJd1NV4jOc0mlC5L+4bZg5RGC0h+uFd4aYvAKRmNZN5IIvMo4/7QpzWXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0sD3b6SfBdEvqxu/zfViE3BCgyMB8GA1UdIwQY
MBaAFBqUb0qCbWIqM47YPgr833jIdgT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BSdlNvSnRZaW96anRnLUN2emZlTWgyQlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82YmE2YTMtMjVlMC00OTlhLWE3YTkt
OTgzOThmZGJjOWZiLzEvUFN3UGR2cEo4RjBTLXJHN19OOVdJVGNFS0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82YmE2YTMtMjVlMC00OTlhLWE3YTktOTgzOThmZGJjOWZi
LzEvR3BSdlNvSnRZaW96anRnLUN2emZlTWgyQlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8xSMA0G
CSqGSIb3DQEBCwUAA4IBAQA1AMpqPQNRlliFbkTvp2IoloNiiZ+BIaNsaP4O/CF7
mt2wxP0N7NnDKmQk9C98Tif6S4V2Yy0da/QifsSLK7q7UB/Oz8VgdrTgAbsJpexF
VOABXBGDbE/QXX4XZc0wUc0k+vgfnrnj++NvGlJNc7vuotNZh+qOehvjrVyswUeI
D6Bz/mDCAyVCvw9TwfH65fWild/BQ/qoJ9VvNEptg0Y3Fz5oc/LXvBKfO0kVNlyV
HsNpaNy249ee9DSJtVpbT1ncczMuiXGwMELFbz2r6krKxX3VTCrOZ9dyXbuyQgHr
J5O3Yu9TQLXL7LoQnInD2h6FaQIFxnNOVrK2Q4zTR2a/
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:18 2025 by rpki-client