Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/PuYFjQeAMPYTJknY4a9xdl9WjmI.roa
File: PuYFjQeAMPYTJknY4a9xdl9WjmI.roa (raw, json)
Hash identifier: E2/hGT1MU9NO8befK4BGLovPtwxuEyai1B8Xt8zA7+A=
Subject key identifier: 3E:E6:05:8D:07:80:30:F6:13:26:49:D8:E1:AF:71:76:5F:56:8E:62
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 019420D60AFD0FAEF25FA41D8B6E60CA94C2
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/PuYFjQeAMPYTJknY4a9xdl9WjmI.roa
Signing time: Wed 01 Jan 2025 07:48:05 +0000
ROA not before: Wed 01 Jan 2025 07:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39392
IP address blocks: 213.109.164.0/22 maxlen: 22
2a09:ec00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.mft
rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 05:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:0a:fd:0f:ae:f2:5f:a4:1d:8b:6e:60:ca:94:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 07:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ee6058d078030f6132649d8e1af71765f568e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a5:62:de:d0:21:59:c4:bd:d2:19:97:52:3f:
a4:6e:2d:c4:83:60:89:0d:26:52:19:06:ce:89:3c:
b9:7a:8f:2d:72:1a:cd:16:eb:20:ba:f9:6f:6b:2c:
bd:4e:f9:ae:b5:d5:19:d3:aa:21:92:55:e1:a5:50:
f5:05:a8:c7:3c:29:d5:b7:3b:97:bb:ce:e3:43:28:
0f:49:07:1f:d0:b0:ff:85:b9:b2:55:12:3d:23:93:
9e:e2:7e:98:1a:a6:2c:b2:be:dd:c6:92:84:62:58:
b8:f2:c9:e8:a0:f3:41:ed:01:ef:ad:27:30:1b:9c:
86:4e:9f:a0:df:3e:14:5a:99:5d:aa:2e:41:f8:66:
5c:48:b6:aa:ec:bc:5f:f3:ef:7c:14:6d:db:90:86:
64:8f:0d:31:84:37:23:b3:38:31:f8:84:9e:f6:e7:
c2:70:b1:3b:73:60:60:b5:dd:2f:99:2e:ef:41:8a:
84:c1:01:4c:f7:b8:9a:c1:dd:1d:2e:b5:f8:44:9d:
0f:0f:20:c2:d3:76:cb:99:2d:30:54:fd:99:76:d7:
37:df:24:e6:8c:47:38:5d:a8:0a:d8:9d:72:20:0c:
b8:cd:0e:e8:95:b4:e1:63:c4:34:29:af:58:39:f8:
67:53:a4:b1:fc:8a:da:88:d5:a0:02:0a:db:e0:cd:
41:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E6:05:8D:07:80:30:F6:13:26:49:D8:E1:AF:71:76:5F:56:8E:62
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/PuYFjQeAMPYTJknY4a9xdl9WjmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.164.0/22
IPv6:
2a09:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
9b:69:06:a2:18:b2:72:ec:63:e4:a5:9c:7c:60:70:59:af:fb:
a9:db:a2:15:2a:88:a6:96:2b:1d:9e:d6:8a:73:8c:d4:13:4d:
b9:f6:7f:33:73:15:a1:a7:65:d5:7c:59:f0:71:de:0c:49:62:
19:14:ca:e8:60:29:ef:d9:58:a3:62:eb:2a:33:e6:a6:3d:b4:
08:8c:f8:5d:8b:a7:bb:f3:fe:fa:ca:73:33:aa:bd:0a:96:cb:
82:27:9b:58:24:91:6e:2a:19:54:bf:a2:70:17:56:c3:b8:d2:
f8:c2:01:a7:7d:37:68:48:48:a5:bb:3b:45:aa:c3:16:07:3e:
8b:82:b7:ec:e3:9d:7c:10:d6:43:a8:43:f1:e4:28:4b:7b:49:
87:2e:91:e9:fd:82:fd:d2:07:92:97:8b:3c:4b:be:d3:5c:87:
e0:d3:be:28:f3:17:9f:ec:01:86:0b:d1:9d:e5:d4:59:90:0e:
7e:7b:bb:90:00:13:61:39:a9:46:d5:5e:dd:55:2d:85:c8:43:
8f:e5:50:a3:ad:07:79:49:95:b0:49:08:68:78:dd:aa:25:65:
f9:05:32:31:1b:30:e3:e0:5a:ca:da:71:16:fb:c6:bc:62:75:
71:c0:f5:8c:e9:41:0b:62:50:c6:62:d4:6d:a3:52:74:4d:3d:
08:80:58:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1gr9D67yX6Qdi25gypTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjUwMTAxMDc0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU2MDU4ZDA3ODAzMGY2MTMyNjQ5ZDhlMWFmNzE3NjVmNTY4ZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36Vi3tAhWcS90hmXUj+kbi3Eg2CJ
DSZSGQbOiTy5eo8tchrNFusguvlvayy9TvmutdUZ06ohklXhpVD1BajHPCnVtzuX
u87jQygPSQcf0LD/hbmyVRI9I5Oe4n6YGqYssr7dxpKEYli48snooPNB7QHvrScw
G5yGTp+g3z4UWpldqi5B+GZcSLaq7Lxf8+98FG3bkIZkjw0xhDcjszgx+ISe9ufC
cLE7c2Bgtd0vmS7vQYqEwQFM97iawd0dLrX4RJ0PDyDC03bLmS0wVP2Zdtc33yTm
jEc4XagK2J1yIAy4zQ7olbThY8Q0Ka9YOfhnU6Sx/IraiNWgAgrb4M1BhQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD7mBY0HgDD2EyZJ2OGvcXZfVo5iMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvUHVZRmpRZUFNUFlUSmtuWTRhOXhkbDlXam1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQC1W2kMA0E
AgACMAcDBQMqCewAMA0GCSqGSIb3DQEBCwUAA4IBAQCbaQaiGLJy7GPkpZx8YHBZ
r/up26IVKoimlisdntaKc4zUE0259n8zcxWhp2XVfFnwcd4MSWIZFMroYCnv2Vij
YusqM+amPbQIjPhdi6e78/76ynMzqr0KlsuCJ5tYJJFuKhlUv6JwF1bDuNL4wgGn
fTdoSEiluztFqsMWBz6Lgrfs4518ENZDqEPx5ChLe0mHLpHp/YL90geSl4s8S77T
XIfg074o8xef7AGGC9Gd5dRZkA5+e7uQABNhOalG1V7dVS2FyEOP5VCjrQd5SZWw
SQhoeN2qJWX5BTIxGzDj4FrK2nEW+8a8YnVxwPWM6UELYlDGYtRto1J0TT0IgFjD
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:16:17 2025 by rpki-client