Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PgQro5gCoQds21hxJU1o7rLOXVQ.roa
File: PgQro5gCoQds21hxJU1o7rLOXVQ.roa (raw, json)
Hash identifier: xFwZ3GjK/KWnoZ9NmQWhoUULV9b06YRg4Dxlj/lFz8U=
Subject key identifier: 3E:04:2B:A3:98:02:A1:07:6C:DB:58:71:25:4D:68:EE:B2:CE:5D:54
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC425770BB724A9415ECF2C56AC047DAF
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PgQro5gCoQds21hxJU1o7rLOXVQ.roa
Signing time: Mon 01 Jan 2024 08:30:38 +0000
ROA not before: Mon 01 Jan 2024 08:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213250
IP address blocks: 78.108.216.0/24 maxlen: 24
193.31.28.0/24 maxlen: 24
193.34.77.0/24 maxlen: 24
185.234.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:77:0b:b7:24:a9:41:5e:cf:2c:56:ac:04:7d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e042ba39802a1076cdb5871254d68eeb2ce5d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a1:cf:b4:43:dc:94:93:c7:e0:bc:7b:20:f7:
44:1a:b7:b4:b0:27:9b:ed:1d:57:19:0c:6c:e3:68:
d7:39:5f:83:b6:b1:86:88:8e:a3:d1:01:a8:29:4c:
4b:25:09:e3:8e:2d:c9:3a:3e:89:b5:f2:c5:93:14:
b6:c1:c0:b1:18:a4:35:5c:91:d1:e6:13:ec:d2:8b:
e0:26:99:99:c5:c5:4b:ea:cd:de:50:2e:04:2e:aa:
a6:3f:a4:11:6d:02:75:be:44:31:e1:8c:2c:e8:ba:
50:b4:bf:4f:24:f8:55:cf:bf:bd:33:75:de:60:04:
f4:fb:70:54:10:67:55:fd:00:69:18:18:81:48:61:
94:32:4e:02:f8:2d:52:a7:c1:83:e2:c5:94:8e:5d:
47:8b:65:e8:c5:e4:a7:65:42:6b:b9:df:a6:e6:42:
5f:a5:4d:d1:3e:0d:5a:83:3c:5b:57:ec:c8:0d:0e:
86:9e:37:97:a1:00:1f:07:ff:fe:be:bc:c7:6c:a5:
63:1c:2c:1c:2d:cb:7e:66:61:cd:d4:d0:c8:f1:8d:
59:36:58:59:a6:7c:51:9b:c5:cf:78:18:4b:d7:3b:
12:d1:eb:a2:c6:53:33:f5:5b:d2:44:9c:4b:79:a4:
0b:d3:b4:35:41:64:82:48:d4:33:d9:32:97:5f:14:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:04:2B:A3:98:02:A1:07:6C:DB:58:71:25:4D:68:EE:B2:CE:5D:54
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PgQro5gCoQds21hxJU1o7rLOXVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.216.0/24
185.234.72.0/24
193.31.28.0/24
193.34.77.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:b2:1c:3c:9d:a8:4d:9d:62:9c:56:2e:4f:a3:24:33:cc:eb:
35:4a:01:bb:2d:75:38:55:ca:62:2f:09:6e:9e:aa:97:87:7b:
09:34:1a:9f:10:e3:98:4b:d6:67:43:a7:bf:29:9a:48:30:2a:
33:39:a8:49:67:59:58:e6:38:a0:de:0e:98:98:1a:7a:94:2a:
ff:d3:f2:11:ff:9b:97:20:ab:4d:b4:c9:d9:ba:2b:83:48:ca:
46:cc:37:04:c2:86:aa:69:80:67:86:6d:b4:b9:c6:fd:8e:0b:
ab:1f:63:fd:e4:f8:f4:30:51:9a:b7:77:46:32:85:6b:95:7e:
7d:af:dc:00:56:53:8e:e2:3c:15:e2:ac:6b:e6:d5:10:20:11:
7a:bf:3d:19:88:17:5f:4e:6a:f0:fb:30:dc:d8:f0:d1:fe:1a:
67:9f:0a:c3:10:63:89:f1:14:19:07:d6:7a:88:f9:9b:e3:aa:
ae:bb:ea:47:d3:5f:1a:3d:74:41:ed:95:d6:c9:43:a5:b0:aa:
28:85:10:ea:13:a4:c9:82:b2:f2:da:bb:66:6e:ca:52:31:a9:
83:b3:74:06:78:84:24:48:41:13:35:74:81:4d:00:b2:0c:22:
0b:63:00:68:9c:4f:94:fa:94:a0:ac:9c:1d:0d:ef:57:ff:4c:
38:cb:82:b0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJXcLtySpQV7PLFasBH2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTA0MmJhMzk4MDJhMTA3NmNkYjU4NzEyNTRkNjhlZWIyY2U1ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6HPtEPclJPH4Lx7IPdEGre0sCeb
7R1XGQxs42jXOV+DtrGGiI6j0QGoKUxLJQnjji3JOj6JtfLFkxS2wcCxGKQ1XJHR
5hPs0ovgJpmZxcVL6s3eUC4ELqqmP6QRbQJ1vkQx4Yws6LpQtL9PJPhVz7+9M3Xe
YAT0+3BUEGdV/QBpGBiBSGGUMk4C+C1Sp8GD4sWUjl1Hi2XoxeSnZUJrud+m5kJf
pU3RPg1agzxbV+zIDQ6GnjeXoQAfB//+vrzHbKVjHCwcLct+ZmHN1NDI8Y1ZNlhZ
pnxRm8XPeBhL1zsS0euixlMz9VvSRJxLeaQL07Q1QWSCSNQz2TKXXxTQ3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD4EK6OYAqEHbNtYcSVNaO6yzl1UMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUGdRcm81Z0NvUWRzMjFoeEpVMW83ckxPWFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATmzYAwQA
uepIAwQAwR8cAwQAwSJNMA0GCSqGSIb3DQEBCwUAA4IBAQCrshw8nahNnWKcVi5P
oyQzzOs1SgG7LXU4VcpiLwlunqqXh3sJNBqfEOOYS9ZnQ6e/KZpIMCozOahJZ1lY
5jig3g6YmBp6lCr/0/IR/5uXIKtNtMnZuiuDSMpGzDcEwoaqaYBnhm20ucb9jgur
H2P95Pj0MFGat3dGMoVrlX59r9wAVlOO4jwV4qxr5tUQIBF6vz0ZiBdfTmrw+zDc
2PDR/hpnnwrDEGOJ8RQZB9Z6iPmb46quu+pH018aPXRB7ZXWyUOlsKoohRDqE6TJ
grLy2rtmbspSMamDs3QGeIQkSEETNXSBTQCyDCILYwBonE+U+pSgrJwdDe9X/0w4
y4Kw
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:03 2024 by rpki-client on console-ams.rpki-client.org