Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/PvnYj70vWIEtSZ4-TLAUROqH-mQ.roa
File: PvnYj70vWIEtSZ4-TLAUROqH-mQ.roa (raw, json)
Hash identifier: C32arwbPmPblT8QjzIktSbeBph+9mftQGk8FxNUGy80=
Subject key identifier: 3E:F9:D8:8F:BD:2F:58:81:2D:49:9E:3E:4C:B0:14:44:EA:87:FA:64
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019424B39FAED2D53E772BC03FB55FCB478F
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/PvnYj70vWIEtSZ4-TLAUROqH-mQ.roa
Signing time: Thu 02 Jan 2025 01:48:59 +0000
ROA not before: Thu 02 Jan 2025 01:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133929
IP address blocks: 185.243.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 12:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9f:ae:d2:d5:3e:77:2b:c0:3f:b5:5f:cb:47:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 01:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ef9d88fbd2f58812d499e3e4cb01444ea87fa64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fa:7c:0e:7e:07:3a:b7:45:2d:95:4c:57:c4:
a6:84:7c:19:f1:f6:ea:c2:49:1d:09:9e:16:be:35:
8f:86:9b:72:fc:8e:ab:2b:7a:b0:2d:fa:76:18:1e:
78:5e:20:eb:6b:0e:b2:d2:54:c7:9b:e2:83:f1:25:
18:1a:6a:72:a4:c0:54:0a:3f:85:03:de:0b:bf:cd:
d1:fd:70:eb:41:f9:bc:04:ff:19:5b:b4:18:79:6e:
f8:ac:d9:40:da:be:05:86:af:90:e8:f0:14:1e:af:
24:b1:45:7f:d3:31:47:4a:5e:a8:d9:1b:34:80:23:
4e:c1:7e:59:50:48:12:1b:2f:53:3b:32:33:72:51:
13:21:f5:c3:fa:1d:15:f8:28:dd:25:eb:38:f1:96:
dd:91:1b:3a:66:60:3a:8b:58:9d:28:11:05:63:eb:
ad:ed:23:94:a6:85:18:be:15:b0:6e:c9:38:bb:1f:
e6:7e:5b:1d:24:d5:68:e2:2f:94:40:b7:1c:58:56:
44:c1:5d:b3:cd:71:bd:f4:c6:eb:be:b1:0a:bf:8f:
3f:da:93:86:e4:0c:d6:87:03:e1:ca:84:ec:ba:59:
cb:f0:9b:b1:61:c7:96:1c:15:85:05:88:73:f2:1f:
b3:d2:50:e8:bb:41:f1:9e:fa:15:2c:fd:2a:53:15:
ac:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F9:D8:8F:BD:2F:58:81:2D:49:9E:3E:4C:B0:14:44:EA:87:FA:64
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/PvnYj70vWIEtSZ4-TLAUROqH-mQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.6.0/24
Signature Algorithm: sha256WithRSAEncryption
68:e0:94:36:aa:06:d0:69:c8:e4:84:57:51:fa:04:b1:af:1b:
17:37:72:3c:29:a7:3a:23:64:c4:a6:98:18:94:ed:a8:a2:76:
ba:70:3d:0d:67:dc:25:75:03:10:52:6e:d7:ea:ff:35:1a:5f:
e7:01:85:c2:20:43:ae:37:d8:6a:22:b8:08:ef:d4:81:40:1f:
1a:3a:dc:c1:02:9b:a5:87:80:02:85:fc:fd:a7:da:e0:62:13:
bd:fe:b0:fe:b6:f6:18:d6:99:35:05:1f:6b:bc:60:23:90:ae:
aa:c0:5f:45:a9:54:73:da:fc:70:e4:50:cd:fd:38:4e:a0:0c:
43:7d:93:e8:ca:0e:5c:f1:c6:4f:ba:9d:46:0c:88:bb:33:a0:
bc:e8:96:c4:b8:ce:10:be:9c:d8:90:e1:be:12:d2:2d:8c:c1:
1a:4e:74:27:2b:b5:c1:8e:a8:48:d7:38:0f:91:a5:4a:83:f1:
ab:56:82:66:12:68:39:e3:60:48:87:1d:70:0e:6b:73:89:17:
65:3d:28:c3:0e:75:cb:22:01:48:78:82:3c:67:aa:b6:48:71:
dc:d1:be:b8:bd:64:db:7f:b0:9d:9f:52:30:ea:9c:80:6e:09:
67:3f:5b:94:be:b4:fe:73:8f:96:42:41:f9:68:ca:c8:34:5d:
9d:c8:1e:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks5+u0tU+dyvAP7Vfy0ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjUwMTAyMDE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWY5ZDg4ZmJkMmY1ODgxMmQ0OTllM2U0Y2IwMTQ0NGVhODdmYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovp8Dn4HOrdFLZVMV8SmhHwZ8fbq
wkkdCZ4WvjWPhpty/I6rK3qwLfp2GB54XiDraw6y0lTHm+KD8SUYGmpypMBUCj+F
A94Lv83R/XDrQfm8BP8ZW7QYeW74rNlA2r4Fhq+Q6PAUHq8ksUV/0zFHSl6o2Rs0
gCNOwX5ZUEgSGy9TOzIzclETIfXD+h0V+CjdJes48ZbdkRs6ZmA6i1idKBEFY+ut
7SOUpoUYvhWwbsk4ux/mflsdJNVo4i+UQLccWFZEwV2zzXG99MbrvrEKv48/2pOG
5AzWhwPhyoTsulnL8JuxYceWHBWFBYhz8h+z0lDou0HxnvoVLP0qUxWsxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD752I+9L1iBLUmePkywFETqh/pkMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvUHZuWWo3MHZXSUV0U1o0LVRMQVVST3FILW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufMGMA0G
CSqGSIb3DQEBCwUAA4IBAQBo4JQ2qgbQacjkhFdR+gSxrxsXN3I8Kac6I2TEppgY
lO2oona6cD0NZ9wldQMQUm7X6v81Gl/nAYXCIEOuN9hqIrgI79SBQB8aOtzBApul
h4AChfz9p9rgYhO9/rD+tvYY1pk1BR9rvGAjkK6qwF9FqVRz2vxw5FDN/ThOoAxD
fZPoyg5c8cZPup1GDIi7M6C86JbEuM4QvpzYkOG+EtItjMEaTnQnK7XBjqhI1zgP
kaVKg/GrVoJmEmg542BIhx1wDmtziRdlPSjDDnXLIgFIeII8Z6q2SHHc0b64vWTb
f7Cdn1Iw6pyAbglnP1uUvrT+c4+WQkH5aMrINF2dyB7s
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:20:05 2025 by rpki-client