Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/PcXbbPXlIItmJA3JM8MVUc0vXzs.roa
File: PcXbbPXlIItmJA3JM8MVUc0vXzs.roa (raw, json)
Hash identifier: R2PCxNT4m6wYdpbhogq5go76MVBXJtQZ8sywwvkDHG8=
Subject key identifier: 3D:C5:DB:6C:F5:E5:20:8B:66:24:0D:C9:33:C3:15:51:CD:2F:5F:3B
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 018E7647428030555E6C5571484ADBC6338E
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/PcXbbPXlIItmJA3JM8MVUc0vXzs.roa
Signing time: Mon 25 Mar 2024 15:42:45 +0000
ROA not before: Mon 25 Mar 2024 15:42:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207050
IP address blocks: 79.143.132.0/22 maxlen: 22
79.143.132.0/24 maxlen: 24
79.143.135.0/24 maxlen: 24
92.119.20.0/24 maxlen: 24
92.119.21.0/24 maxlen: 24
92.119.22.0/24 maxlen: 24
185.59.48.0/22 maxlen: 22
185.59.50.0/24 maxlen: 24
185.124.104.0/22 maxlen: 22
185.124.104.0/24 maxlen: 24
185.124.105.0/24 maxlen: 24
193.160.84.0/22 maxlen: 22
2a04:e2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:76:47:42:80:30:55:5e:6c:55:71:48:4a:db:c6:33:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Mar 25 15:42:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dc5db6cf5e5208b66240dc933c31551cd2f5f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:31:4a:c0:0d:62:d0:ad:d5:2f:08:f8:49:60:
b0:59:de:32:c4:b4:df:0f:d4:12:84:34:51:8d:64:
9b:08:1d:cc:45:d5:6a:e9:d6:4a:4b:fa:b7:ae:05:
4d:ff:b8:16:e0:75:e0:95:f8:45:4f:53:b9:84:5d:
80:77:80:9f:33:70:76:48:50:e0:78:83:12:61:3c:
44:1e:79:6f:b3:9a:13:4a:26:f0:35:1e:0d:86:e8:
2c:d5:9a:5a:f5:fc:52:c5:99:50:00:7d:82:3a:be:
87:9f:88:69:19:4d:ef:82:d5:90:fb:61:ba:ab:ee:
6f:ce:9b:bc:8f:63:5b:e6:a8:96:30:c9:45:38:87:
e9:a1:68:13:bc:ea:8d:f8:21:a5:9a:ae:17:a3:a6:
62:13:20:62:1d:26:97:3a:cc:a0:9c:3a:5e:2f:f6:
f0:5f:bb:f2:79:65:bc:ed:95:42:b2:03:5f:08:c4:
83:cf:cd:97:a5:c3:5c:97:b2:20:75:e6:25:26:96:
97:0e:82:4c:72:fc:59:40:73:5d:2e:98:97:6b:b1:
61:27:20:ec:7f:28:b8:b9:55:b6:e8:dc:0f:71:a7:
60:de:00:3a:ed:3a:cf:0a:99:37:10:3f:24:3a:77:
b2:90:36:ad:55:ea:cc:b1:9b:03:45:4e:49:5a:ea:
da:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C5:DB:6C:F5:E5:20:8B:66:24:0D:C9:33:C3:15:51:CD:2F:5F:3B
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/PcXbbPXlIItmJA3JM8MVUc0vXzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.132.0/22
92.119.20.0-92.119.22.255
185.59.48.0/22
185.124.104.0/22
193.160.84.0/22
IPv6:
2a04:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:a7:6a:97:b3:9b:a1:15:b6:c3:86:1a:0c:74:54:9f:03:bb:
a6:c8:62:76:69:b5:18:f7:5d:1b:ba:d0:33:50:b1:d0:f0:d6:
98:a6:9e:c1:a6:a3:f0:34:39:55:9e:f8:62:8c:42:f1:a6:c0:
38:ed:4f:54:ce:63:90:dc:68:57:2f:d9:6e:9e:34:fc:e5:f8:
2b:66:61:a6:a4:a1:62:59:b3:29:99:b6:24:4e:f7:96:87:7d:
db:d9:71:ba:64:87:7c:50:31:13:22:1d:18:28:46:a1:3b:30:
10:50:b1:52:e0:1b:f3:8d:9a:69:0c:a8:da:d7:a4:29:1e:6d:
1f:a5:17:40:9c:e5:44:d5:aa:38:2c:69:ea:6c:ee:78:f6:4a:
05:d7:12:c0:0d:af:9c:50:9f:e7:21:d2:2d:7c:6b:17:a3:6a:
01:30:14:28:53:b6:78:d5:d0:7a:4d:18:ce:0d:15:57:e6:51:
89:36:56:87:a3:cf:b1:14:63:37:5e:77:66:b3:46:d6:53:18:
5e:eb:05:e6:0f:e6:99:2a:37:bf:36:75:67:d6:fd:94:6b:58:
d3:3a:e1:e8:d3:8a:78:27:1f:5a:34:63:bf:de:2c:b5:11:f9:
cf:33:24:ef:81:23:c6:d9:48:d2:8c:64:26:05:a4:f1:d6:7a:
5d:2c:5f:f1
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY52R0KAMFVebFVxSErbxjOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjQwMzI1MTU0MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGM1ZGI2Y2Y1ZTUyMDhiNjYyNDBkYzkzM2MzMTU1MWNkMmY1ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzFKwA1i0K3VLwj4SWCwWd4yxLTf
D9QShDRRjWSbCB3MRdVq6dZKS/q3rgVN/7gW4HXglfhFT1O5hF2Ad4CfM3B2SFDg
eIMSYTxEHnlvs5oTSibwNR4Nhugs1Zpa9fxSxZlQAH2COr6Hn4hpGU3vgtWQ+2G6
q+5vzpu8j2Nb5qiWMMlFOIfpoWgTvOqN+CGlmq4Xo6ZiEyBiHSaXOsygnDpeL/bw
X7vyeWW87ZVCsgNfCMSDz82XpcNcl7IgdeYlJpaXDoJMcvxZQHNdLpiXa7FhJyDs
fyi4uVW26NwPcadg3gA67TrPCpk3ED8kOneykDatVerMsZsDRU5JWurajQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFD3F22z15SCLZiQNyTPDFVHNL187MB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvUGNYYmJQWGxJSXRtSkEzSk04TVZVYzB2WHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCT4+EMAwD
BAJcdxQDBABcdxYDBAK5OzADBAK5fGgDBALBoFQwDQQCAAIwBwMFAyoE4sAwDQYJ
KoZIhvcNAQELBQADggEBAEGnapezm6EVtsOGGgx0VJ8Du6bIYnZptRj3XRu60DNQ
sdDw1pimnsGmo/A0OVWe+GKMQvGmwDjtT1TOY5DcaFcv2W6eNPzl+CtmYaakoWJZ
symZtiRO95aHfdvZcbpkh3xQMRMiHRgoRqE7MBBQsVLgG/ONmmkMqNrXpCkebR+l
F0Cc5UTVqjgsaeps7nj2SgXXEsANr5xQn+ch0i18axejagEwFChTtnjV0HpNGM4N
FVfmUYk2Voejz7EUYzded2azRtZTGF7rBeYP5pkqN782dWfW/ZRrWNM64ejTingn
H1o0Y7/eLLUR+c8zJO+BI8bZSNKMZCYFpPHWel0sX/E=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:14:33 2024 by rpki-client on console-ams.rpki-client.org