Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/a1c9d9-fb1b-4cfa-a6c0-298838556d09/1/pi3_amo42v-V9gBkLtFw7VXHyt8.roa
File: pi3_amo42v-V9gBkLtFw7VXHyt8.roa (raw, json)
Hash identifier: ptd1oveMAvBnjDaa3RzGQR3dUT03hcO6XNO/IHbTQeM=
Subject key identifier: A6:2D:FF:6A:6A:38:DA:FF:95:F6:00:64:2E:D1:70:ED:55:C7:CA:DF
Certificate issuer: /CN=261c8e2b00a3d5957d4112daf35b66e429375505
Certificate serial: 0194258EE18B7B349E2F49895961265F009E
Authority key identifier: 26:1C:8E:2B:00:A3:D5:95:7D:41:12:DA:F3:5B:66:E4:29:37:55:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JhyOKwCj1ZV9QRLa81tm5Ck3VQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/a1c9d9-fb1b-4cfa-a6c0-298838556d09/1/pi3_amo42v-V9gBkLtFw7VXHyt8.roa
Signing time: Thu 02 Jan 2025 05:48:28 +0000
ROA not before: Thu 02 Jan 2025 05:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62290
IP address blocks: 91.193.54.0/24 maxlen: 24
185.24.116.0/22 maxlen: 22
185.24.116.0/23 maxlen: 23
185.173.212.0/22 maxlen: 22
212.102.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/a1c9d9-fb1b-4cfa-a6c0-298838556d09/1/JhyOKwCj1ZV9QRLa81tm5Ck3VQU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/a1c9d9-fb1b-4cfa-a6c0-298838556d09/1/JhyOKwCj1ZV9QRLa81tm5Ck3VQU.mft
rsync://rpki.ripe.net/repository/DEFAULT/JhyOKwCj1ZV9QRLa81tm5Ck3VQU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:e1:8b:7b:34:9e:2f:49:89:59:61:26:5f:00:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=261c8e2b00a3d5957d4112daf35b66e429375505
Validity
Not Before: Jan 2 05:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a62dff6a6a38daff95f600642ed170ed55c7cadf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:cc:c8:52:49:b7:c7:c8:0b:d5:ab:50:68:
df:a1:b1:db:3a:75:19:4e:d4:39:f2:ce:73:30:bf:
84:39:09:dd:4b:71:07:bc:46:79:73:11:f7:d0:ee:
88:7d:ba:c4:40:1a:0f:72:24:b8:99:d1:ef:68:2d:
e8:a4:89:83:90:5c:e9:d7:b2:a3:0f:c5:0a:75:5d:
ba:bf:14:58:67:f5:1c:41:2d:89:4a:3b:21:97:e8:
db:67:1d:10:de:4d:a6:77:1d:b3:0b:6c:26:98:c1:
cd:2e:ed:db:da:53:71:0e:da:d1:d3:07:07:39:99:
39:55:b2:8c:0e:cc:1c:b5:fa:51:c9:2f:6a:66:5e:
79:2b:db:cb:39:dd:3e:60:09:bb:7f:7c:97:5a:96:
99:f4:bd:69:98:4b:92:c8:f1:a6:2b:d6:a4:7a:27:
5f:be:f2:83:25:f7:ef:a8:48:3c:be:19:c9:7b:b1:
94:62:66:3b:e5:83:dd:07:a3:27:72:9d:79:19:7e:
1e:c5:ed:6f:c9:ea:4f:da:26:15:36:ed:14:a3:c0:
af:ed:2a:7f:00:3a:3f:a7:c5:67:07:a3:1d:c8:d4:
12:98:1d:37:b6:6d:f1:dd:b7:0e:77:59:0e:09:39:
db:c9:5a:57:65:e0:05:76:3d:c3:93:ff:41:e6:7c:
67:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:2D:FF:6A:6A:38:DA:FF:95:F6:00:64:2E:D1:70:ED:55:C7:CA:DF
X509v3 Authority Key Identifier:
keyid:26:1C:8E:2B:00:A3:D5:95:7D:41:12:DA:F3:5B:66:E4:29:37:55:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JhyOKwCj1ZV9QRLa81tm5Ck3VQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a1c9d9-fb1b-4cfa-a6c0-298838556d09/1/pi3_amo42v-V9gBkLtFw7VXHyt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a1c9d9-fb1b-4cfa-a6c0-298838556d09/1/JhyOKwCj1ZV9QRLa81tm5Ck3VQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.54.0/24
185.24.116.0/22
185.173.212.0/22
212.102.109.0/24
Signature Algorithm: sha256WithRSAEncryption
28:9e:c6:85:10:fb:3f:6e:40:74:1c:4c:ca:53:77:0b:d1:05:
de:4d:2b:e8:85:19:b4:e3:a3:cc:31:c6:c2:2e:0e:c4:b6:a0:
93:f9:f1:e8:1d:29:40:d1:ca:6a:60:a5:6b:06:4a:16:b3:05:
9b:a3:2a:ef:23:90:92:04:4f:7a:d8:a5:76:f6:a1:74:ad:45:
ef:a3:95:be:5c:a1:35:59:dd:53:a6:19:fa:5c:1f:8c:d9:e2:
f1:85:f3:5b:35:bb:c1:ad:ac:74:a1:d1:0a:34:e4:21:ea:f9:
41:ba:e4:7f:74:15:b7:3b:e3:f8:6b:65:37:b7:a6:82:69:1f:
84:0c:f2:e6:2f:fd:06:da:79:87:2c:d7:2c:13:82:03:7a:91:
40:c4:00:f4:22:0d:50:96:8c:c3:d7:b9:3d:06:69:47:a2:75:
7d:77:d5:51:97:b8:b4:c3:3b:8f:18:07:4f:d6:69:42:b0:e5:
3d:52:2a:e6:68:84:f1:0c:d4:29:ca:91:49:62:a7:bc:4d:cc:
71:96:27:59:29:2f:62:21:3b:be:23:a0:f0:bb:73:a8:0f:c2:
01:05:52:b9:a3:aa:70:2c:75:f7:45:1b:b8:d1:4b:7f:ad:f5:
c1:d4:15:89:50:0f:13:66:ec:38:5f:da:28:dc:30:a3:b5:53:
ee:a3:d1:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQljuGLezSeL0mJWWEmXwCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MWM4ZTJiMDBhM2Q1OTU3ZDQxMTJkYWYzNWI2NmU0Mjkz
NzU1MDUwHhcNMjUwMTAyMDU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjJkZmY2YTZhMzhkYWZmOTVmNjAwNjQyZWQxNzBlZDU1YzdjYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMrMyFJJt8fIC9WrUGjfobHbOnUZ
TtQ58s5zML+EOQndS3EHvEZ5cxH30O6IfbrEQBoPciS4mdHvaC3opImDkFzp17Kj
D8UKdV26vxRYZ/UcQS2JSjshl+jbZx0Q3k2mdx2zC2wmmMHNLu3b2lNxDtrR0wcH
OZk5VbKMDswctfpRyS9qZl55K9vLOd0+YAm7f3yXWpaZ9L1pmEuSyPGmK9akeidf
vvKDJffvqEg8vhnJe7GUYmY75YPdB6Mncp15GX4exe1vyepP2iYVNu0Uo8Cv7Sp/
ADo/p8VnB6MdyNQSmB03tm3x3bcOd1kOCTnbyVpXZeAFdj3Dk/9B5nxn5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKYt/2pqONr/lfYAZC7RcO1Vx8rfMB8GA1UdIwQY
MBaAFCYcjisAo9WVfUES2vNbZuQpN1UFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmh5T0t3Q2oxWlY5UVJMYTgxdG01Q2szVlFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hMWM5ZDktZmIxYi00Y2ZhLWE2YzAt
Mjk4ODM4NTU2ZDA5LzEvcGkzX2FtbzQydi1WOWdCa0x0Rnc3VlhIeXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hMWM5ZDktZmIxYi00Y2ZhLWE2YzAtMjk4ODM4NTU2ZDA5
LzEvSmh5T0t3Q2oxWlY5UVJMYTgxdG01Q2szVlFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8E2AwQC
uRh0AwQCua3UAwQA1GZtMA0GCSqGSIb3DQEBCwUAA4IBAQAonsaFEPs/bkB0HEzK
U3cL0QXeTSvohRm046PMMcbCLg7EtqCT+fHoHSlA0cpqYKVrBkoWswWboyrvI5CS
BE962KV29qF0rUXvo5W+XKE1Wd1Tphn6XB+M2eLxhfNbNbvBrax0odEKNOQh6vlB
uuR/dBW3O+P4a2U3t6aCaR+EDPLmL/0G2nmHLNcsE4IDepFAxAD0Ig1QlozD17k9
BmlHonV9d9VRl7i0wzuPGAdP1mlCsOU9UirmaITxDNQpypFJYqe8TcxxlidZKS9i
ITu+I6Dwu3OoD8IBBVK5o6pwLHX3RRu40Ut/rfXB1BWJUA8TZuw4X9oo3DCjtVPu
o9HF
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:27:08 2025 by rpki-client