Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/PGC2gjbo2htZQJwYOmeelo5Z83Y.roa
File: PGC2gjbo2htZQJwYOmeelo5Z83Y.roa (raw, json)
Hash identifier: JFulXR+ljWTJG0RiuMIfac488bMeOxp9OF6JRC9SK3k=
Subject key identifier: 3C:60:B6:82:36:E8:DA:1B:59:40:9C:18:3A:67:9E:96:8E:59:F3:76
Certificate issuer: /CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Certificate serial: 01942444A6F09A635E80C99488491EFB142E
Authority key identifier: 1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/PGC2gjbo2htZQJwYOmeelo5Z83Y.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49100
IP address blocks: 185.153.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.mft
rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 05:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a6:f0:9a:63:5e:80:c9:94:88:49:1e:fb:14:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c60b68236e8da1b59409c183a679e968e59f376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:08:e3:a1:f2:34:0e:8b:59:db:81:d1:d5:a9:
fd:b2:58:90:ca:af:cc:01:8a:cf:b0:a5:39:77:dd:
3e:5c:c2:bd:63:b6:4f:5d:08:2b:05:83:7b:f9:2b:
4c:b0:3d:87:26:4b:8c:62:9e:12:0b:2d:23:05:2f:
df:2a:8b:42:59:75:64:31:c4:a0:d6:1e:58:4f:83:
5d:24:12:28:a6:51:b4:57:b5:c8:1e:13:eb:58:ea:
7b:2c:17:d8:15:42:02:f9:eb:90:2a:91:d3:a6:f5:
e8:49:18:c6:84:77:28:70:c3:fd:77:92:b8:ac:e4:
c9:54:b2:e8:c0:d6:04:e4:28:86:97:4d:76:5a:06:
9d:ae:5e:b1:93:dd:d7:4f:10:8c:4a:31:bc:ef:71:
d8:c1:eb:8a:ef:7d:70:80:83:dd:26:f6:ce:6c:2f:
2e:1d:b9:e0:41:13:88:ef:ed:82:da:9f:7d:b1:de:
77:0f:5e:47:13:cf:44:74:d0:06:b1:63:b6:17:8a:
98:27:27:c9:03:8a:27:e8:d4:28:06:3e:0b:54:36:
b7:00:fe:ae:65:1b:a6:b7:f4:7f:76:92:b2:ed:02:
2b:f7:cf:fc:26:27:ae:cf:52:b3:82:2d:7c:1e:9d:
ef:f7:79:db:a5:5c:4f:d0:bf:1f:0b:72:a9:74:33:
07:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:60:B6:82:36:E8:DA:1B:59:40:9C:18:3A:67:9E:96:8E:59:F3:76
X509v3 Authority Key Identifier:
keyid:1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/PGC2gjbo2htZQJwYOmeelo5Z83Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.208.0/22
Signature Algorithm: sha256WithRSAEncryption
60:92:bf:95:f3:5a:e3:2a:cb:a5:90:24:37:da:2f:98:64:24:
37:a4:48:f3:86:9f:8d:0d:eb:5a:9c:35:d3:0d:b5:8b:33:44:
47:ab:28:7a:2c:e1:2a:db:07:2f:fb:a0:64:06:07:e9:a6:7d:
38:76:c0:1d:59:f6:30:43:ee:3c:5e:e5:69:8c:3c:24:b6:b3:
ae:cc:67:1d:14:16:da:ca:e7:6a:9e:f2:9c:07:75:4a:f4:db:
bd:c8:e1:bc:4c:7d:b9:b5:92:d8:a0:b8:72:5a:2c:2f:fa:ee:
75:87:7f:7d:e8:32:8b:2d:31:d1:12:a4:e1:4e:cf:9b:cc:a1:
d4:bf:af:93:c8:52:35:d0:67:c4:4d:fe:71:85:66:0b:d0:a5:
ca:c3:15:11:88:24:69:34:34:0c:e7:79:ca:44:40:fc:15:5f:
d4:fc:4e:85:6b:40:69:dc:ee:ce:ee:15:cd:7c:e0:fc:69:a3:
28:e2:06:2a:e8:0d:1e:94:f2:de:28:b4:08:be:74:67:76:ae:
cb:08:01:6f:06:e5:60:ed:7b:cb:f0:f5:43:d0:e8:86:e0:eb:
ca:31:fa:c8:11:9d:57:26:01:1b:4b:31:be:8d:84:f7:87:24:
41:e8:e6:5b:e7:c9:a9:3e:58:14:08:1f:71:e6:d5:c9:51:ed:
22:01:44:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKbwmmNegMmUiEke+xQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmODk2Y2QzZDhkMWEwNjk5ZGE1MjEwNTVkZmI1OGRjMDZk
ZGRmMzUwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzYwYjY4MjM2ZThkYTFiNTk0MDljMTgzYTY3OWU5NjhlNTlmMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswjjofI0DotZ24HR1an9sliQyq/M
AYrPsKU5d90+XMK9Y7ZPXQgrBYN7+StMsD2HJkuMYp4SCy0jBS/fKotCWXVkMcSg
1h5YT4NdJBIoplG0V7XIHhPrWOp7LBfYFUIC+euQKpHTpvXoSRjGhHcocMP9d5K4
rOTJVLLowNYE5CiGl012Wgadrl6xk93XTxCMSjG873HYweuK731wgIPdJvbObC8u
HbngQROI7+2C2p99sd53D15HE89EdNAGsWO2F4qYJyfJA4on6NQoBj4LVDa3AP6u
ZRumt/R/dpKy7QIr98/8Jieuz1Kzgi18Hp3v93nbpVxP0L8fC3KpdDMHTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxgtoI26NobWUCcGDpnnpaOWfN2MB8GA1UdIwQY
MBaAFB+JbNPY0aBpnaUhBV37WNwG3d81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2It
YzMzMjc4MjJhMTM4LzEvUEdDMmdqYm8yaHRaUUp3WU9tZWVsbzVaODNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mYWI0OWEtOTFmNC00NjBjLTgyN2ItYzMzMjc4MjJhMTM4
LzEvSDRsczA5alJvR21kcFNFRlhmdFkzQWJkM3pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZnQMA0G
CSqGSIb3DQEBCwUAA4IBAQBgkr+V81rjKsulkCQ32i+YZCQ3pEjzhp+NDetanDXT
DbWLM0RHqyh6LOEq2wcv+6BkBgfppn04dsAdWfYwQ+48XuVpjDwktrOuzGcdFBba
yudqnvKcB3VK9Nu9yOG8TH25tZLYoLhyWiwv+u51h3996DKLLTHREqThTs+bzKHU
v6+TyFI10GfETf5xhWYL0KXKwxURiCRpNDQM53nKRED8FV/U/E6Fa0Bp3O7O7hXN
fOD8aaMo4gYq6A0elPLeKLQIvnRndq7LCAFvBuVg7XvL8PVD0OiG4OvKMfrIEZ1X
JgEbSzG+jYT3hyRB6OZb58mpPlgUCB9x5tXJUe0iAUS0
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:23:46 2025 by rpki-client