Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/PaAAUO_ixJ6swm7tE4jKyNdYpk0.roa
File: PaAAUO_ixJ6swm7tE4jKyNdYpk0.roa (raw, json)
Hash identifier: TfUDJUozwqa+GvnOHe7awC0XZSqVbUNsIbWR0csLcfM=
Subject key identifier: 3D:A0:00:50:EF:E2:C4:9E:AC:C2:6E:ED:13:88:CA:C8:D7:58:A6:4D
Certificate issuer: /CN=623f344fd4a91bfad138308d527155bbce52af6e
Certificate serial: 01941FFA0FB563DD06FE927113449D4DD1A1
Authority key identifier: 62:3F:34:4F:D4:A9:1B:FA:D1:38:30:8D:52:71:55:BB:CE:52:AF:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yj80T9SpG_rRODCNUnFVu85Sr24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/PaAAUO_ixJ6swm7tE4jKyNdYpk0.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8819
IP address blocks: 46.227.104.0/21 maxlen: 21
83.142.192.0/21 maxlen: 21
91.189.24.0/21 maxlen: 21
185.188.68.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/Yj80T9SpG_rRODCNUnFVu85Sr24.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/Yj80T9SpG_rRODCNUnFVu85Sr24.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yj80T9SpG_rRODCNUnFVu85Sr24.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0f:b5:63:dd:06:fe:92:71:13:44:9d:4d:d1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623f344fd4a91bfad138308d527155bbce52af6e
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3da00050efe2c49eacc26eed1388cac8d758a64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ca:ef:19:d9:26:2f:4a:e5:c9:ac:2a:56:6f:
bf:5c:31:01:63:bd:ff:e3:f3:92:47:44:14:e6:05:
6e:db:fc:2a:f9:13:91:7c:0c:2e:f1:d7:dc:26:16:
14:e3:3e:d6:e0:ac:f5:89:9b:c0:9d:63:b3:13:9c:
7d:95:68:a8:e8:c8:82:ee:67:df:7c:94:5c:95:20:
e7:fe:53:10:0b:d0:9d:19:c2:f3:a8:6b:8f:d3:2b:
22:04:25:2d:a3:b0:e7:0a:23:bd:3d:93:98:19:ef:
79:b3:8a:fa:65:6a:8b:09:49:e8:08:62:9a:4a:55:
74:3b:df:1e:3e:db:02:35:cb:44:f7:11:4a:bc:81:
fc:6e:5e:38:25:83:66:7f:10:4f:0a:3c:e8:c6:3f:
88:85:2c:bf:96:ae:93:7e:95:b1:99:75:3b:d1:44:
bc:e1:9a:97:77:8f:75:4e:69:3d:89:73:9d:94:2c:
22:ed:b1:b6:b8:46:10:b2:df:86:4c:8b:aa:26:4b:
0e:c1:b0:ce:ba:8e:1e:47:22:75:a3:cf:f6:44:55:
d1:e8:95:af:75:a3:b6:ab:1c:76:ac:a9:11:d3:39:
c2:ea:9b:00:69:68:bf:95:2a:5a:e7:4d:eb:63:54:
a5:a5:9d:f6:64:71:e0:5e:e6:b3:a2:40:03:2b:fd:
eb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:00:50:EF:E2:C4:9E:AC:C2:6E:ED:13:88:CA:C8:D7:58:A6:4D
X509v3 Authority Key Identifier:
keyid:62:3F:34:4F:D4:A9:1B:FA:D1:38:30:8D:52:71:55:BB:CE:52:AF:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yj80T9SpG_rRODCNUnFVu85Sr24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/PaAAUO_ixJ6swm7tE4jKyNdYpk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/105da0-0c7d-415d-8d00-a34e8679f374/1/Yj80T9SpG_rRODCNUnFVu85Sr24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.104.0/21
83.142.192.0/21
91.189.24.0/21
185.188.68.0/22
Signature Algorithm: sha256WithRSAEncryption
87:30:6d:ee:18:a9:1d:4f:e6:c1:a8:ec:a9:c7:72:b4:8d:f8:
f3:65:37:41:bf:99:48:da:e4:70:19:5a:e5:5f:97:5c:cf:ec:
7d:8c:8b:b2:a0:c9:71:86:46:94:c0:1d:2d:b8:e5:e3:d9:85:
c6:1b:30:c7:32:ea:89:5e:a4:52:04:d9:60:e6:cb:ba:3c:f9:
53:3a:7b:a2:e8:fd:17:58:98:1c:38:91:46:97:cf:68:a1:62:
25:6e:4d:28:67:f0:16:57:f0:d5:d8:95:5b:9a:a6:95:75:2e:
17:25:76:7b:ec:b8:5d:6a:f0:c7:33:c4:e9:c5:bc:7c:c8:3e:
09:0f:eb:71:00:12:08:f2:df:9a:c5:34:07:22:6d:7e:bc:fa:
3d:41:d4:4f:cc:3f:80:ab:d5:09:26:5e:9e:da:52:85:a1:37:
11:10:58:01:73:8f:a1:0a:c4:b4:3a:1f:8e:1a:52:ce:eb:d8:
15:b0:68:28:59:6f:29:7c:1b:84:4a:61:e9:ed:ab:b2:20:e9:
d2:91:b7:4c:2f:af:39:ab:0a:2c:63:7e:40:2a:0d:4b:03:d6:
a2:bf:fb:a5:63:97:6e:0a:7e:94:d7:f2:3c:41:69:58:55:4b:
78:23:89:36:7c:6c:f3:30:25:3a:1f:b1:86:fb:59:dc:7e:9b:
5f:eb:53:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+g+1Y90G/pJxE0SdTdGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyM2YzNDRmZDRhOTFiZmFkMTM4MzA4ZDUyNzE1NWJiY2U1
MmFmNmUwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEwMDA1MGVmZTJjNDllYWNjMjZlZWQxMzg4Y2FjOGQ3NThhNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsrvGdkmL0rlyawqVm+/XDEBY73/
4/OSR0QU5gVu2/wq+RORfAwu8dfcJhYU4z7W4Kz1iZvAnWOzE5x9lWio6MiC7mff
fJRclSDn/lMQC9CdGcLzqGuP0ysiBCUto7DnCiO9PZOYGe95s4r6ZWqLCUnoCGKa
SlV0O98ePtsCNctE9xFKvIH8bl44JYNmfxBPCjzoxj+IhSy/lq6TfpWxmXU70US8
4ZqXd491Tmk9iXOdlCwi7bG2uEYQst+GTIuqJksOwbDOuo4eRyJ1o8/2RFXR6JWv
daO2qxx2rKkR0znC6psAaWi/lSpa503rY1SlpZ32ZHHgXuazokADK/3r+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD2gAFDv4sSerMJu7ROIysjXWKZNMB8GA1UdIwQY
MBaAFGI/NE/UqRv60TgwjVJxVbvOUq9uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWo4MFQ5U3BHX3JST0RDTlVuRlZ1ODVTcjI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xMDVkYTAtMGM3ZC00MTVkLThkMDAt
YTM0ZTg2NzlmMzc0LzEvUGFBQVVPX2l4SjZzd203dEU0akt5TmRZcGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xMDVkYTAtMGM3ZC00MTVkLThkMDAtYTM0ZTg2NzlmMzc0
LzEvWWo4MFQ5U3BHX3JST0RDTlVuRlZ1ODVTcjI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLuNoAwQD
U47AAwQDW70YAwQCubxEMA0GCSqGSIb3DQEBCwUAA4IBAQCHMG3uGKkdT+bBqOyp
x3K0jfjzZTdBv5lI2uRwGVrlX5dcz+x9jIuyoMlxhkaUwB0tuOXj2YXGGzDHMuqJ
XqRSBNlg5su6PPlTOnui6P0XWJgcOJFGl89ooWIlbk0oZ/AWV/DV2JVbmqaVdS4X
JXZ77LhdavDHM8Tpxbx8yD4JD+txABII8t+axTQHIm1+vPo9QdRPzD+Aq9UJJl6e
2lKFoTcREFgBc4+hCsS0Oh+OGlLO69gVsGgoWW8pfBuESmHp7auyIOnSkbdML685
qwosY35AKg1LA9aiv/ulY5duCn6U1/I8QWlYVUt4I4k2fGzzMCU6H7GG+1ncfptf
61Of
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:49 2025 by rpki-client