Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PEoZfoYdNr1qVIgnLZ4amvEUrag.roa
File: PEoZfoYdNr1qVIgnLZ4amvEUrag.roa (raw, json)
Hash identifier: SNEfapYhHSmO6/Ur6ok6ZNa7NyfMTjRxDXRwCic4N6c=
Subject key identifier: 3C:4A:19:7E:86:1D:36:BD:6A:54:88:27:2D:9E:1A:9A:F1:14:AD:A8
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F9497050AC2D2C409E72B7B431483
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PEoZfoYdNr1qVIgnLZ4amvEUrag.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 91.229.18.0/24 maxlen: 24
91.229.19.0/24 maxlen: 24
93.120.24.0/23 maxlen: 24
109.207.129.0/24 maxlen: 24
192.162.184.0/24 maxlen: 24
192.162.185.0/24 maxlen: 24
193.36.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:94:97:05:0a:c2:d2:c4:09:e7:2b:7b:43:14:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c4a197e861d36bd6a5488272d9e1a9af114ada8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:f8:f7:c7:dd:84:e4:0d:d4:49:d8:95:75:
de:c5:77:e3:c1:71:e7:69:0f:a0:7b:aa:3a:3f:16:
f6:e7:b8:33:48:4d:e0:80:36:61:5f:51:20:60:d9:
3c:30:02:eb:cf:1f:18:d9:2f:13:79:f6:f4:bc:14:
a8:f3:df:9b:1a:ec:f5:98:f0:b9:39:41:72:39:6f:
c7:2e:0d:eb:cc:83:b8:48:3a:ea:e0:c8:fb:11:45:
de:e4:68:51:37:0c:3b:98:91:2f:24:e1:83:bf:05:
46:bd:e1:ce:bf:6c:95:23:12:cd:83:d9:1d:20:02:
46:d2:c0:ee:e2:b0:92:7d:4b:f4:cc:12:46:e1:31:
5e:80:f9:31:97:64:2f:e9:b5:31:76:9b:b4:76:a7:
32:76:a4:55:56:36:98:6e:f4:f2:5b:07:9d:36:35:
ce:84:96:37:5c:55:71:96:30:2a:72:84:4c:f4:52:
52:a5:9e:05:a8:a0:cd:1b:85:91:dc:08:57:18:ac:
39:87:3c:25:86:e0:80:63:5f:7c:1d:b0:be:f2:c7:
a4:b4:c0:d8:e6:fb:43:30:ba:96:f8:aa:c2:a2:f2:
dd:14:be:c1:ca:a8:21:3a:4a:e2:0d:17:a6:28:8a:
a0:01:5c:52:9b:84:44:3f:da:0c:65:01:3a:53:2a:
bf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4A:19:7E:86:1D:36:BD:6A:54:88:27:2D:9E:1A:9A:F1:14:AD:A8
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PEoZfoYdNr1qVIgnLZ4amvEUrag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.18.0/23
93.120.24.0/23
109.207.129.0/24
192.162.184.0/23
193.36.203.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:f1:f4:ae:2d:83:8a:50:45:b8:4e:f3:36:ca:eb:fc:86:f1:
ac:b4:69:19:4b:ac:bf:24:37:48:f3:64:49:3b:29:b9:1f:dc:
ec:a7:b3:70:05:eb:70:10:5b:df:a3:32:29:34:f5:70:fd:1f:
b5:41:05:67:93:1f:e0:f3:5f:38:d4:1d:de:96:91:b6:3b:bd:
55:49:f1:62:85:89:a2:15:d5:57:25:17:d5:9d:9d:3a:4e:c9:
6e:6d:13:ec:07:3f:bf:b3:96:40:bf:71:bc:3e:57:25:a2:0c:
88:4a:fe:94:29:1e:58:f3:10:9e:ba:f9:17:6a:3b:c6:0d:3c:
ea:21:44:bb:41:73:2e:17:4b:aa:1f:8f:cd:58:2b:d4:dc:f9:
df:d2:e5:d2:1e:b3:14:93:16:c0:21:f5:37:43:23:60:31:76:
08:03:d8:49:1b:30:9a:4b:12:80:1c:6e:54:c7:43:d1:3c:ec:
c8:99:8e:a0:94:2c:11:95:48:bd:95:7e:f1:08:c8:32:aa:aa:
68:25:63:f9:b4:28:70:92:cd:f0:cd:8d:ae:20:1f:1a:30:0e:
9b:f6:f7:b3:db:46:34:fb:9e:47:20:08:a3:99:45:fe:28:dd:
72:84:13:30:ce:bb:45:b8:5e:d7:bf:e4:5e:7d:75:cd:62:54:
f1:d6:56:20
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlj5SXBQrC0sQJ5yt7QxSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzRhMTk3ZTg2MWQzNmJkNmE1NDg4MjcyZDllMWE5YWYxMTRhZGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozD498fdhOQN1EnYlXXexXfjwXHn
aQ+ge6o6Pxb257gzSE3ggDZhX1EgYNk8MALrzx8Y2S8Tefb0vBSo89+bGuz1mPC5
OUFyOW/HLg3rzIO4SDrq4Mj7EUXe5GhRNww7mJEvJOGDvwVGveHOv2yVIxLNg9kd
IAJG0sDu4rCSfUv0zBJG4TFegPkxl2Qv6bUxdpu0dqcydqRVVjaYbvTyWwedNjXO
hJY3XFVxljAqcoRM9FJSpZ4FqKDNG4WR3AhXGKw5hzwlhuCAY198HbC+8sektMDY
5vtDMLqW+KrCovLdFL7ByqghOkriDRemKIqgAVxSm4REP9oMZQE6Uyq/SQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDxKGX6GHTa9alSIJy2eGprxFK2oMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUEVvWmZvWWROcjFxVklnbkxaNGFtdkVVcmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW+USAwQB
XXgYAwQAbc+BAwQBwKK4AwQAwSTLMA0GCSqGSIb3DQEBCwUAA4IBAQA+8fSuLYOK
UEW4TvM2yuv8hvGstGkZS6y/JDdI82RJOym5H9zsp7NwBetwEFvfozIpNPVw/R+1
QQVnkx/g81841B3elpG2O71VSfFihYmiFdVXJRfVnZ06TslubRPsBz+/s5ZAv3G8
PlclogyISv6UKR5Y8xCeuvkXajvGDTzqIUS7QXMuF0uqH4/NWCvU3Pnf0uXSHrMU
kxbAIfU3QyNgMXYIA9hJGzCaSxKAHG5Ux0PRPOzImY6glCwRlUi9lX7xCMgyqqpo
JWP5tChwks3wzY2uIB8aMA6b9vez20Y0+55HIAijmUX+KN1yhBMwzrtFuF7Xv+Re
fXXNYlTx1lYg
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:34:01 2025 by rpki-client