Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n_pPg6mWnpFcAyFzRIfyeSA6N18.roa
File: n_pPg6mWnpFcAyFzRIfyeSA6N18.roa (raw, json)
Hash identifier: kXRhNgtns15BrPWJdXPIac6JFDxNdCctvp+JFizxrSM=
Subject key identifier: 9F:FA:4F:83:A9:96:9E:91:5C:03:21:73:44:87:F2:79:20:3A:37:5F
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685719AF201E6FA7AD05DC7C89735A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n_pPg6mWnpFcAyFzRIfyeSA6N18.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211849
IP address blocks: 147.45.124.0/24 maxlen: 24
147.45.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:57:19:af:20:1e:6f:a7:ad:05:dc:7c:89:73:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ffa4f83a9969e915c0321734487f279203a375f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:55:2f:79:6f:39:33:3c:c4:fb:b1:5f:09:03:
9c:47:ef:63:52:32:ed:f1:a6:7c:96:17:98:0a:dc:
98:1b:26:5b:3a:07:75:b2:51:89:12:9a:9d:31:3f:
70:79:40:35:0d:1d:c6:0c:8c:c5:72:39:ef:ab:43:
fa:4f:9a:fd:cd:0a:a7:dc:43:a5:b6:e6:a2:4c:0c:
55:4f:db:c5:f8:95:3d:b5:63:e4:af:a1:af:84:1f:
99:2e:24:a7:5c:ca:d1:39:cc:3b:20:28:f9:a5:ef:
2a:d8:b7:f8:4c:ba:40:30:b3:3d:e4:7a:26:70:36:
df:4b:5d:7c:e7:93:03:f9:bb:32:9c:90:1b:18:0c:
b7:b6:4c:9d:16:a9:d4:76:32:ce:b3:f8:c9:85:55:
00:af:a5:a8:90:02:51:7b:12:9f:c8:2f:1e:04:ac:
b0:2f:a4:14:b8:ed:55:4d:d8:b0:0f:57:a1:a1:cf:
3b:42:dd:a6:44:01:3f:dc:24:f5:e5:40:57:53:7e:
56:d0:60:84:48:ad:62:c5:88:22:3a:33:15:f1:47:
5b:7f:c5:6a:a6:5e:cc:49:69:12:4b:5f:0c:e7:ba:
71:24:70:c5:a6:6f:a0:df:88:ee:4b:4e:ba:fd:de:
d9:f7:72:2d:ff:51:25:97:de:c0:33:6e:35:85:5f:
45:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FA:4F:83:A9:96:9E:91:5C:03:21:73:44:87:F2:79:20:3A:37:5F
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n_pPg6mWnpFcAyFzRIfyeSA6N18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.124.0/23
Signature Algorithm: sha256WithRSAEncryption
81:ce:2d:4b:8e:a0:f7:6d:0b:26:35:3c:18:36:74:c4:1b:ff:
2c:d3:e1:6f:45:0b:ab:98:f3:64:1e:7e:d4:b1:2d:e7:ec:28:
09:1b:23:51:68:d5:cc:f1:14:fd:ac:17:31:a4:73:03:a2:49:
d3:cd:2b:d6:1b:88:20:ec:fd:79:db:46:1f:53:ce:40:9c:00:
db:21:07:57:33:77:48:cb:8f:fd:4a:9d:23:37:4b:85:d1:6a:
63:37:b9:cf:a2:6c:8a:63:92:e6:c9:93:4c:bd:62:5a:ab:6a:
a7:c8:2e:24:77:80:aa:5c:8c:53:89:db:41:f7:fc:eb:c5:48:
49:dc:15:c4:80:91:7c:ff:be:41:05:f1:0e:03:e5:67:6a:ef:
0a:c7:8b:73:53:8d:f6:49:b8:33:f5:dd:02:8c:7b:d6:64:48:
e6:3d:12:2e:de:5f:d5:39:d7:77:17:45:dd:9d:bb:13:f1:79:
f0:56:1a:94:54:71:5c:74:87:b2:f5:a6:7e:c5:19:ee:ce:d6:
08:e0:ff:ea:49:55:f6:d6:0d:df:79:82:44:3c:49:e7:ce:db:
2e:17:8c:56:26:fb:7a:fa:cc:d9:98:b7:b9:ac:ac:6b:86:0e:
03:cc:aa:f9:0b:3b:ae:9f:9d:7d:72:d7:bb:33:8d:cb:b9:df:
64:70:c1:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaFcZryAeb6etBdx8iXNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmZhNGY4M2E5OTY5ZTkxNWMwMzIxNzM0NDg3ZjI3OTIwM2EzNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VUveW85MzzE+7FfCQOcR+9jUjLt
8aZ8lheYCtyYGyZbOgd1slGJEpqdMT9weUA1DR3GDIzFcjnvq0P6T5r9zQqn3EOl
tuaiTAxVT9vF+JU9tWPkr6GvhB+ZLiSnXMrROcw7ICj5pe8q2Lf4TLpAMLM95Hom
cDbfS11855MD+bsynJAbGAy3tkydFqnUdjLOs/jJhVUAr6WokAJRexKfyC8eBKyw
L6QUuO1VTdiwD1ehoc87Qt2mRAE/3CT15UBXU35W0GCESK1ixYgiOjMV8Udbf8Vq
pl7MSWkSS18M57pxJHDFpm+g34juS066/d7Z93It/1Ell97AM241hV9FFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ/6T4Oplp6RXAMhc0SH8nkgOjdfMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbl9wUGc2bVducEZjQXlGelJJZnllU0E2TjE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBky18MA0G
CSqGSIb3DQEBCwUAA4IBAQCBzi1LjqD3bQsmNTwYNnTEG/8s0+FvRQurmPNkHn7U
sS3n7CgJGyNRaNXM8RT9rBcxpHMDoknTzSvWG4gg7P1520YfU85AnADbIQdXM3dI
y4/9Sp0jN0uF0WpjN7nPomyKY5LmyZNMvWJaq2qnyC4kd4CqXIxTidtB9/zrxUhJ
3BXEgJF8/75BBfEOA+Vnau8Kx4tzU432Sbgz9d0CjHvWZEjmPRIu3l/VOdd3F0Xd
nbsT8XnwVhqUVHFcdIey9aZ+xRnuztYI4P/qSVX21g3feYJEPEnnztsuF4xWJvt6
+szZmLe5rKxrhg4DzKr5Czuun519cte7M43Lud9kcMGj
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:39:58 2025 by rpki-client