Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/Pmv8pM8XqssRTrBIwYfMIrBu2co.roa
File: Pmv8pM8XqssRTrBIwYfMIrBu2co.roa (raw, json)
Hash identifier: v4JQsWfqUQF/aizb6/kkH5lzSW7tzkWIy4FJVzppxAI=
Subject key identifier: 3E:6B:FC:A4:CF:17:AA:CB:11:4E:B0:48:C1:87:CC:22:B0:6E:D9:CA
Certificate issuer: /CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Certificate serial: 01941F8C541A302C476285BD044FFE58133F
Authority key identifier: 70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/Pmv8pM8XqssRTrBIwYfMIrBu2co.roa
Signing time: Wed 01 Jan 2025 01:47:57 +0000
ROA not before: Wed 01 Jan 2025 01:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204807
IP address blocks: 185.189.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:54:1a:30:2c:47:62:85:bd:04:4f:fe:58:13:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Validity
Not Before: Jan 1 01:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e6bfca4cf17aacb114eb048c187cc22b06ed9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:94:41:04:82:65:f1:97:fe:44:29:bf:37:cb:
3e:47:77:73:8a:c4:8e:09:b7:6b:c2:7f:54:65:57:
fa:43:28:a2:79:b0:82:2a:14:96:c7:39:7d:ba:fc:
e5:d2:53:1b:e9:f0:d5:95:73:24:07:80:0b:44:07:
26:ea:f9:b5:16:d5:b0:f6:d8:8e:80:c6:73:f4:b1:
6a:c7:66:44:71:e4:38:ab:8e:a2:75:09:1b:51:b3:
f7:df:05:79:9d:cb:d1:d9:93:76:61:63:ad:64:f3:
71:ed:fe:d4:c8:2c:b5:cb:05:8d:ef:49:df:99:ab:
b3:6a:b3:ca:3e:a5:49:f8:ea:18:1b:ad:9d:e7:93:
ee:f6:91:9e:03:de:75:b0:5f:37:d9:8a:ed:72:e8:
a4:f2:d4:f8:eb:f0:f8:8d:05:ad:b6:da:5b:c5:b5:
f7:4f:8d:59:03:4e:b0:b6:f9:d0:70:b9:99:15:52:
24:24:93:fd:a0:21:7a:b9:04:b6:41:69:a0:9e:1b:
0b:2a:ca:21:99:17:4b:84:a7:93:23:73:63:18:d9:
e4:a7:43:6a:7f:e2:8e:92:68:6e:9c:11:81:f6:5c:
4c:20:79:b2:48:4a:31:e6:13:f8:47:4a:6f:c6:54:
b1:0c:ca:a2:41:3a:7a:d9:25:68:cb:59:3d:56:c7:
ae:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6B:FC:A4:CF:17:AA:CB:11:4E:B0:48:C1:87:CC:22:B0:6E:D9:CA
X509v3 Authority Key Identifier:
keyid:70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/Pmv8pM8XqssRTrBIwYfMIrBu2co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.109.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:e8:e1:8e:3a:44:02:26:1e:89:5f:e8:e8:e1:aa:fd:13:d3:
e5:a6:56:4b:5f:06:55:59:74:5f:e0:2e:52:f4:06:3d:de:22:
8b:f0:9f:4b:67:da:7a:60:25:b2:2e:53:3e:60:57:e7:49:24:
2c:48:6f:51:e7:a6:95:7f:59:fe:9e:34:17:c5:84:73:38:55:
ec:37:c0:91:69:d7:00:f4:13:88:7f:aa:35:5e:ee:6f:13:c7:
18:64:27:96:ff:16:0b:b8:31:33:9c:79:03:fe:b0:af:a4:56:
3d:6c:ce:de:50:ed:7e:9e:4a:19:e2:4f:37:c2:dc:5b:c5:25:
ef:82:f8:f0:b5:6b:20:18:f0:9e:a7:b2:e0:6c:0b:06:64:f8:
77:57:ab:ae:88:cd:d0:5e:fd:4b:16:57:08:11:b2:99:b0:6d:
cf:68:73:87:b4:29:f1:c0:93:58:73:4c:48:3d:fd:af:e9:c5:
4c:03:a8:14:ff:81:7e:95:e8:04:65:84:66:7e:5e:bb:5c:a5:
f7:2e:95:28:fd:95:9c:d7:c4:d3:b4:ce:0f:d5:bb:73:b6:a3:
f7:8a:db:00:0d:0d:95:43:04:fe:36:35:83:86:94:19:63:57:
33:88:2f:b4:60:74:cb:a5:6f:13:6f:82:0d:78:ea:42:52:bc:
02:c2:5a:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjFQaMCxHYoW9BE/+WBM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjE5MGQ2Zjg5YTQzNGNjZTVjYjhjMGQ0YjM4YTE2Njlk
ZWZiNTkwHhcNMjUwMTAxMDE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZiZmNhNGNmMTdhYWNiMTE0ZWIwNDhjMTg3Y2MyMmIwNmVkOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpRBBIJl8Zf+RCm/N8s+R3dzisSO
Cbdrwn9UZVf6QyiiebCCKhSWxzl9uvzl0lMb6fDVlXMkB4ALRAcm6vm1FtWw9tiO
gMZz9LFqx2ZEceQ4q46idQkbUbP33wV5ncvR2ZN2YWOtZPNx7f7UyCy1ywWN70nf
mauzarPKPqVJ+OoYG62d55Pu9pGeA951sF832Yrtcuik8tT46/D4jQWtttpbxbX3
T41ZA06wtvnQcLmZFVIkJJP9oCF6uQS2QWmgnhsLKsohmRdLhKeTI3NjGNnkp0Nq
f+KOkmhunBGB9lxMIHmySEox5hP4R0pvxlSxDMqiQTp62SVoy1k9VseuKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5r/KTPF6rLEU6wSMGHzCKwbtnKMB8GA1UdIwQY
MBaAFHCxkNb4mkNMzly4wNSzihZp3vtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYt
NDZiZDdkNzk0ZmI2LzEvUG12OHBNOFhxc3NSVHJCSXdZZk1JckJ1MmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYtNDZiZDdkNzk0ZmI2
LzEvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub1tMA0G
CSqGSIb3DQEBCwUAA4IBAQC56OGOOkQCJh6JX+jo4ar9E9PlplZLXwZVWXRf4C5S
9AY93iKL8J9LZ9p6YCWyLlM+YFfnSSQsSG9R56aVf1n+njQXxYRzOFXsN8CRadcA
9BOIf6o1Xu5vE8cYZCeW/xYLuDEznHkD/rCvpFY9bM7eUO1+nkoZ4k83wtxbxSXv
gvjwtWsgGPCep7LgbAsGZPh3V6uuiM3QXv1LFlcIEbKZsG3PaHOHtCnxwJNYc0xI
Pf2v6cVMA6gU/4F+legEZYRmfl67XKX3LpUo/ZWc18TTtM4P1btztqP3itsADQ2V
QwT+NjWDhpQZY1cziC+0YHTLpW8Tb4INeOpCUrwCwlpp
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:27:51 2025 by rpki-client