Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PE7M_PNES4VfYrOezPHtsiJVIgw.roa
File: PE7M_PNES4VfYrOezPHtsiJVIgw.roa (raw, json)
Hash identifier: cIU86lSCql3IPuDO8lVSwh1Ibw7DhdUEMPDGwtFRQDw=
Subject key identifier: 3C:4E:CC:FC:F3:44:4B:85:5F:62:B3:9E:CC:F1:ED:B2:22:55:22:0C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0195F6B2879A961E86D8EAA2BD13F3C18209
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PE7M_PNES4VfYrOezPHtsiJVIgw.roa
Signing time: Wed 02 Apr 2025 13:30:49 +0000
ROA not before: Wed 02 Apr 2025 13:30:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204229
IP address blocks: 64.43.73.0/24 maxlen: 24
91.245.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:b2:87:9a:96:1e:86:d8:ea:a2:bd:13:f3:c1:82:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 2 13:30:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c4eccfcf3444b855f62b39eccf1edb22255220c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:da:f7:5e:ec:22:8f:3c:cf:2d:2b:43:8f:e6:
a4:92:f5:63:0b:6f:3f:a0:d1:bc:fc:be:4f:6b:38:
52:c0:0e:6b:79:94:4e:b7:9a:94:c9:4f:20:1d:0e:
52:c9:67:42:3b:a3:a2:0d:c5:ab:43:d7:2b:7f:d7:
89:91:a4:56:d4:43:54:a2:da:44:1a:0c:40:dc:41:
b2:20:3a:dc:6a:63:6c:f0:cc:60:5d:fc:ff:e1:f6:
d2:b7:0e:cf:60:9e:dd:c6:91:97:5d:a3:e0:4f:67:
06:7c:7b:23:d1:a0:55:ed:e1:b6:f7:7c:9d:77:1d:
f9:89:7b:e3:e0:d3:65:82:76:ca:41:fb:14:55:b2:
c6:d9:60:ad:c4:52:e9:02:31:81:ae:ea:d4:62:c3:
b3:60:05:8d:80:28:41:75:07:2f:cb:bd:de:24:cb:
e4:54:e7:9e:dd:9e:ca:85:30:70:66:b9:6b:76:e3:
5d:81:83:78:37:7c:49:14:70:62:aa:13:05:de:da:
a9:8a:89:e2:6d:2a:c3:0e:5c:42:ea:1e:ff:61:f4:
70:85:d2:08:f6:6a:0f:93:f6:40:68:a2:66:fa:47:
9d:52:25:2d:c4:d2:22:5e:c2:74:9e:79:e3:18:dd:
09:a0:50:38:a2:22:ed:c5:65:db:f8:f5:92:ae:10:
2e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4E:CC:FC:F3:44:4B:85:5F:62:B3:9E:CC:F1:ED:B2:22:55:22:0C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PE7M_PNES4VfYrOezPHtsiJVIgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.73.0/24
91.245.188.0/22
Signature Algorithm: sha256WithRSAEncryption
49:7a:2b:47:8d:bd:e6:a0:5f:51:cf:cf:51:4a:07:ea:2a:7c:
5a:19:84:12:69:4f:e2:8a:6f:75:3f:fe:1a:61:f6:dd:9a:7c:
88:dc:2f:9b:8c:26:a3:3a:29:4b:69:9b:9a:77:ac:7f:de:41:
51:db:39:ec:55:70:72:d2:bb:10:b0:c7:75:40:37:21:c1:3c:
7f:8e:a4:93:5f:a6:5a:02:3a:aa:04:86:5a:c9:d3:03:73:0a:
19:9c:5e:da:24:78:33:00:1c:3c:f9:73:99:d0:7e:3d:76:44:
00:f7:38:59:be:6d:5a:af:96:71:db:2f:4d:9d:a8:cc:84:62:
f2:b4:19:61:3e:c1:86:ca:bc:e6:f5:73:f6:9b:57:b7:5f:55:
ed:58:ce:90:0e:4b:26:b3:92:db:10:9d:f6:70:7f:30:3f:84:
d8:e6:22:b9:2e:07:07:77:e3:b7:16:29:37:75:7d:d5:0a:69:
e9:1f:7e:72:f1:28:98:35:dd:c7:92:17:73:26:a3:3f:7d:6d:
2f:55:12:c0:34:08:a3:1a:46:89:9a:af:d0:bc:13:2a:e0:14:
bd:58:99:52:fa:a6:19:59:27:84:ea:af:d8:40:ed:fc:db:5d:
bd:c6:e3:1b:3b:db:89:ea:d1:c5:ec:c0:5e:67:08:5e:52:b5:
45:06:cc:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZX2soealh6G2OqivRPzwYIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNDAyMTMzMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzRlY2NmY2YzNDQ0Yjg1NWY2MmIzOWVjY2YxZWRiMjIyNTUyMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dr3XuwijzzPLStDj+akkvVjC28/
oNG8/L5PazhSwA5reZROt5qUyU8gHQ5SyWdCO6OiDcWrQ9crf9eJkaRW1ENUotpE
GgxA3EGyIDrcamNs8MxgXfz/4fbStw7PYJ7dxpGXXaPgT2cGfHsj0aBV7eG293yd
dx35iXvj4NNlgnbKQfsUVbLG2WCtxFLpAjGBrurUYsOzYAWNgChBdQcvy73eJMvk
VOee3Z7KhTBwZrlrduNdgYN4N3xJFHBiqhMF3tqpionibSrDDlxC6h7/YfRwhdII
9moPk/ZAaKJm+kedUiUtxNIiXsJ0nnnjGN0JoFA4oiLtxWXb+PWSrhAuZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDxOzPzzREuFX2Kznszx7bIiVSIMMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUEU3TV9QTkVTNFZmWXJPZXpQSHRzaUpWSWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAQCtJAwQC
W/W8MA0GCSqGSIb3DQEBCwUAA4IBAQBJeitHjb3moF9Rz89RSgfqKnxaGYQSaU/i
im91P/4aYfbdmnyI3C+bjCajOilLaZuad6x/3kFR2znsVXBy0rsQsMd1QDchwTx/
jqSTX6ZaAjqqBIZaydMDcwoZnF7aJHgzABw8+XOZ0H49dkQA9zhZvm1ar5Zx2y9N
najMhGLytBlhPsGGyrzm9XP2m1e3X1XtWM6QDksms5LbEJ32cH8wP4TY5iK5LgcH
d+O3Fik3dX3VCmnpH35y8SiYNd3HkhdzJqM/fW0vVRLANAijGkaJmq/QvBMq4BS9
WJlS+qYZWSeE6q/YQO382129xuMbO9uJ6tHF7MBeZwheUrVFBsyF
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:49:23 2025 by rpki-client