Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/PGTEyuyHfVxWRtCLWSM0Bggjqk8.roa
File: PGTEyuyHfVxWRtCLWSM0Bggjqk8.roa (raw, json)
Hash identifier: LpN4nDf3nPAGvaIylopZoGcsyeFo20wtey+AbU/Sxvw=
Subject key identifier: 3C:64:C4:CA:EC:87:7D:5C:56:46:D0:8B:59:23:34:06:08:23:AA:4F
Certificate issuer: /CN=ed4cd386ab33787fcd4002622b83876406fff190
Certificate serial: 01941FFA14FE7CD7BEFC4F598A3AE2B43BB3
Authority key identifier: ED:4C:D3:86:AB:33:78:7F:CD:40:02:62:2B:83:87:64:06:FF:F1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7UzThqszeH_NQAJiK4OHZAb_8ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/PGTEyuyHfVxWRtCLWSM0Bggjqk8.roa
Signing time: Wed 01 Jan 2025 03:47:50 +0000
ROA not before: Wed 01 Jan 2025 03:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35048
IP address blocks: 45.89.16.0/22 maxlen: 22
2a0a:5680::/32 maxlen: 32
2a0a:5686::/32 maxlen: 32
2a0a:5687::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/7UzThqszeH_NQAJiK4OHZAb_8ZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/7UzThqszeH_NQAJiK4OHZAb_8ZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7UzThqszeH_NQAJiK4OHZAb_8ZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:14:fe:7c:d7:be:fc:4f:59:8a:3a:e2:b4:3b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed4cd386ab33787fcd4002622b83876406fff190
Validity
Not Before: Jan 1 03:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c64c4caec877d5c5646d08b592334060823aa4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:28:90:31:e6:74:1a:bd:26:84:b2:a0:aa:e1:
5a:33:8d:1a:3c:a1:16:9a:ce:cd:dc:e4:aa:a3:33:
12:ba:7f:00:0d:a3:97:d0:a7:b5:05:91:ba:48:c3:
36:da:18:04:86:5a:e0:54:31:d1:63:4b:d9:df:b2:
38:05:e0:97:2f:a8:07:a4:d7:ca:09:5e:15:8a:39:
ee:a7:7b:96:0f:c6:31:3b:71:dc:ea:c6:4d:40:89:
b3:5f:e2:26:77:2e:b8:43:fd:a2:03:0e:3c:08:18:
18:71:14:51:dd:db:9d:05:8a:71:1c:84:6c:36:5c:
c0:77:67:df:61:72:bb:61:3d:ed:d2:e6:5e:a6:20:
5c:39:55:f8:c1:68:fc:cd:e5:ab:31:42:91:b4:42:
a0:a2:f2:ae:b2:97:12:64:2d:9d:a6:8f:44:f4:0f:
18:c1:9b:01:78:b2:cd:2c:f3:df:a3:2b:0c:f4:29:
42:81:a2:b6:74:8c:27:74:6c:f3:2b:3b:7a:0f:c9:
a1:c4:bf:12:bf:23:87:3a:df:e5:74:7e:08:26:63:
7f:51:5f:ec:46:63:f7:e2:82:45:cb:7f:5d:6e:28:
39:1d:26:f8:df:a5:14:f9:8d:63:b3:a9:3d:16:ec:
6e:51:0b:d9:87:35:d6:a9:8c:ee:73:6b:b9:c1:41:
27:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:64:C4:CA:EC:87:7D:5C:56:46:D0:8B:59:23:34:06:08:23:AA:4F
X509v3 Authority Key Identifier:
keyid:ED:4C:D3:86:AB:33:78:7F:CD:40:02:62:2B:83:87:64:06:FF:F1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7UzThqszeH_NQAJiK4OHZAb_8ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/PGTEyuyHfVxWRtCLWSM0Bggjqk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/891fb6-7d26-4744-b5f9-51ff7daba4d5/1/7UzThqszeH_NQAJiK4OHZAb_8ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.16.0/22
IPv6:
2a0a:5680::/32
2a0a:5686::/31
Signature Algorithm: sha256WithRSAEncryption
21:7e:ec:b5:c2:ba:24:56:63:cb:f1:d9:b8:bb:62:9f:b6:48:
37:b8:42:44:57:ca:6c:6a:a8:17:3e:79:64:34:aa:93:39:e9:
25:50:29:86:f8:f1:35:26:da:2d:80:97:d1:0e:2f:59:ce:86:
61:86:93:26:23:a6:9f:7e:af:17:4c:c8:19:7b:b1:ae:40:8b:
71:14:bb:6f:af:4f:11:d1:43:9d:4e:fd:f9:73:d2:4e:9b:7a:
75:16:ce:57:09:49:6f:0d:3f:42:6c:34:00:15:a5:b7:3e:00:
2b:c5:df:b4:38:35:f2:cc:c9:60:f4:16:3c:2c:84:ec:48:de:
b8:45:88:1a:4a:ce:92:77:c9:db:20:dd:c2:05:82:f6:97:cf:
e3:a8:01:3b:77:08:7b:d6:6a:9e:e0:39:9a:61:86:da:33:52:
6b:15:25:e3:ac:98:e3:c2:ad:e3:0d:6a:b7:db:87:09:6d:91:
bf:22:74:a5:34:1f:fc:16:e8:7c:52:cf:a4:fe:db:c0:2b:ea:
ee:99:c8:7e:93:83:45:ba:13:fe:62:57:27:94:82:d6:e9:c4:
79:33:72:d9:e9:68:b0:55:fd:a3:7c:69:7c:fa:d0:58:3d:c5:
4f:e7:3a:54:20:8d:46:89:96:a3:a5:9a:bb:98:f2:1f:75:84:
0a:8d:9f:4b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQf+hT+fNe+/E9ZijritDuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNGNkMzg2YWIzMzc4N2ZjZDQwMDI2MjJiODM4NzY0MDZm
ZmYxOTAwHhcNMjUwMTAxMDM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY0YzRjYWVjODc3ZDVjNTY0NmQwOGI1OTIzMzQwNjA4MjNhYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCiQMeZ0Gr0mhLKgquFaM40aPKEW
ms7N3OSqozMSun8ADaOX0Ke1BZG6SMM22hgEhlrgVDHRY0vZ37I4BeCXL6gHpNfK
CV4Vijnup3uWD8YxO3Hc6sZNQImzX+Imdy64Q/2iAw48CBgYcRRR3dudBYpxHIRs
NlzAd2ffYXK7YT3t0uZepiBcOVX4wWj8zeWrMUKRtEKgovKuspcSZC2dpo9E9A8Y
wZsBeLLNLPPfoysM9ClCgaK2dIwndGzzKzt6D8mhxL8SvyOHOt/ldH4IJmN/UV/s
RmP34oJFy39dbig5HSb436UU+Y1js6k9FuxuUQvZhzXWqYzuc2u5wUEntwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDxkxMrsh31cVkbQi1kjNAYII6pPMB8GA1UdIwQY
MBaAFO1M04arM3h/zUACYiuDh2QG//GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1V6VGhxc3plSF9OUUFKaUs0T0haQWJfOFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84OTFmYjYtN2QyNi00NzQ0LWI1Zjkt
NTFmZjdkYWJhNGQ1LzEvUEdURXl1eUhmVnhXUnRDTFdTTTBCZ2dqcWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84OTFmYjYtN2QyNi00NzQ0LWI1ZjktNTFmZjdkYWJhNGQ1
LzEvN1V6VGhxc3plSF9OUUFKaUs0T0haQWJfOFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCLVkQMBQE
AgACMA4DBQAqClaAAwUBKgpWhjANBgkqhkiG9w0BAQsFAAOCAQEAIX7stcK6JFZj
y/HZuLtin7ZIN7hCRFfKbGqoFz55ZDSqkznpJVAphvjxNSbaLYCX0Q4vWc6GYYaT
JiOmn36vF0zIGXuxrkCLcRS7b69PEdFDnU79+XPSTpt6dRbOVwlJbw0/Qmw0ABWl
tz4AK8XftDg18szJYPQWPCyE7EjeuEWIGkrOknfJ2yDdwgWC9pfP46gBO3cIe9Zq
nuA5mmGG2jNSaxUl46yY48Kt4w1qt9uHCW2RvyJ0pTQf/BbofFLPpP7bwCvq7pnI
fpODRboT/mJXJ5SC1unEeTNy2elosFX9o3xpfPrQWD3FT+c6VCCNRomWo6Wau5jy
H3WECo2fSw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:46:17 2025 by rpki-client