Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/pifimVDv85PglaCrpv2aovKKBOw.roa
File: pifimVDv85PglaCrpv2aovKKBOw.roa (raw, json)
Hash identifier: 4burZ4msm3NFIAmTTb3XGkpBVR6gJT/l7KX/I56Rfyw=
Subject key identifier: A6:27:E2:99:50:EF:F3:93:E0:95:A0:AB:A6:FD:9A:A2:F2:8A:04:EC
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 01956093E433A399C9D0B6EFDFF6937157E0
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/pifimVDv85PglaCrpv2aovKKBOw.roa
Signing time: Tue 04 Mar 2025 09:54:19 +0000
ROA not before: Tue 04 Mar 2025 09:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197071
IP address blocks: 31.214.149.0/24 maxlen: 32
31.214.240.0/21 maxlen: 32
46.251.225.0/24 maxlen: 32
46.251.227.0/24 maxlen: 32
91.217.251.0/24 maxlen: 32
95.156.225.0/24 maxlen: 32
95.156.226.0/23 maxlen: 32
95.156.228.0/22 maxlen: 32
95.156.232.0/24 maxlen: 32
109.230.195.0/24 maxlen: 32
109.230.224.0/20 maxlen: 32
109.230.252.0/22 maxlen: 32
134.255.220.0/22 maxlen: 32
134.255.224.0/22 maxlen: 32
134.255.228.0/23 maxlen: 32
134.255.230.0/24 maxlen: 32
134.255.235.0/24 maxlen: 32
134.255.236.0/22 maxlen: 32
134.255.252.0/22 maxlen: 32
185.87.20.0/22 maxlen: 32
185.122.4.0/22 maxlen: 32
193.25.201.0/24 maxlen: 32
2a05:bec0::/29 maxlen: 128
2a05:bec0:53::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:60:93:e4:33:a3:99:c9:d0:b6:ef:df:f6:93:71:57:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Mar 4 09:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a627e29950eff393e095a0aba6fd9aa2f28a04ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:8d:59:24:88:4f:8e:63:82:62:8c:7d:19:
3b:9d:63:97:15:4d:a7:33:a4:ce:69:9e:a1:d7:8a:
e7:2d:ee:7a:b6:f6:90:b4:42:be:3a:7d:b7:fb:18:
d8:98:3d:75:c1:e2:76:44:9a:79:7b:5b:20:79:0d:
d3:43:dd:f4:b4:43:29:44:e7:3b:63:6e:9d:20:5c:
5f:e3:3a:02:e7:8a:1f:dc:cd:51:00:2b:c0:69:ac:
4e:d9:fc:29:50:86:f9:a6:6f:b0:a8:9b:c6:6f:48:
e0:65:43:6c:e5:10:df:e9:8a:c2:d5:11:48:c1:96:
da:72:aa:0e:0d:e8:5b:56:53:ae:7f:3f:41:79:99:
04:2f:82:63:01:de:a8:9b:c2:43:40:e1:c8:24:e1:
42:92:7a:72:96:ee:56:d5:4b:3e:6f:9a:e2:13:3f:
16:2e:1e:37:33:ea:b7:39:d4:d0:b2:f0:0f:62:5d:
53:7f:55:c8:77:58:0a:78:5c:a5:ae:a9:61:76:43:
8e:42:47:73:ad:bd:08:cf:61:8c:a0:fa:ef:91:30:
77:8e:4a:bf:61:d1:a6:b4:07:bd:d1:8d:11:d2:40:
40:1a:70:52:75:f1:7f:5b:82:57:a6:5d:ed:02:f1:
3e:fa:ed:d6:5e:d2:bb:54:23:14:7b:52:e5:4c:d0:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:27:E2:99:50:EF:F3:93:E0:95:A0:AB:A6:FD:9A:A2:F2:8A:04:EC
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/pifimVDv85PglaCrpv2aovKKBOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.149.0/24
31.214.240.0/21
46.251.225.0/24
46.251.227.0/24
91.217.251.0/24
95.156.225.0-95.156.232.255
109.230.195.0/24
109.230.224.0/20
109.230.252.0/22
134.255.220.0-134.255.230.255
134.255.235.0-134.255.239.255
134.255.252.0/22
185.87.20.0/22
185.122.4.0/22
193.25.201.0/24
IPv6:
2a05:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
57:a7:f7:06:03:cc:7b:15:56:5a:fc:f1:63:7e:18:fc:90:f3:
af:08:68:2f:e4:f2:57:9a:1e:35:d5:93:40:df:89:99:8f:06:
fc:8d:28:5f:54:b1:f0:58:77:cb:b5:97:21:71:34:a9:8c:88:
98:4c:8a:2d:3d:b8:9a:e3:66:0c:9d:dd:74:5e:37:c7:6d:a3:
1f:39:c9:88:62:30:0f:62:0d:73:d0:1e:54:0f:3a:95:1d:24:
4b:ff:e2:5e:e1:56:47:b7:21:33:8e:5e:83:53:bf:78:4c:00:
04:d7:6d:df:52:89:e7:70:30:8b:a7:eb:1d:8d:93:a2:b9:f7:
53:11:29:e0:e3:d7:96:ea:30:1b:92:61:67:b3:26:ad:dd:a5:
88:e6:a7:b0:86:3e:15:70:46:93:09:6e:6a:8c:82:21:09:d1:
33:9b:d5:ff:ab:86:24:b1:a1:04:ff:42:05:5a:57:17:39:d6:
ea:cd:64:ca:0c:1c:1e:1f:ff:e7:c1:92:77:7b:94:71:9d:8a:
91:32:30:62:c7:8a:29:77:7c:3f:8f:4b:e8:75:d7:8a:63:87:
02:ef:fb:28:db:a5:c1:31:b1:06:01:bc:d6:32:00:55:e7:67:
a6:58:96:28:1a:97:be:a5:71:0a:95:9f:74:6d:d2:13:08:dd:
38:75:0b:a2
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZVgk+Qzo5nJ0Lbv3/aTcVfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjUwMzA0MDk1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI3ZTI5OTUwZWZmMzkzZTA5NWEwYWJhNmZkOWFhMmYyOGEwNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyqNWSSIT45jgmKMfRk7nWOXFU2n
M6TOaZ6h14rnLe56tvaQtEK+On23+xjYmD11weJ2RJp5e1sgeQ3TQ930tEMpROc7
Y26dIFxf4zoC54of3M1RACvAaaxO2fwpUIb5pm+wqJvGb0jgZUNs5RDf6YrC1RFI
wZbacqoODehbVlOufz9BeZkEL4JjAd6om8JDQOHIJOFCknpylu5W1Us+b5riEz8W
Lh43M+q3OdTQsvAPYl1Tf1XId1gKeFylrqlhdkOOQkdzrb0Iz2GMoPrvkTB3jkq/
YdGmtAe90Y0R0kBAGnBSdfF/W4JXpl3tAvE++u3WXtK7VCMUe1LlTNCrOQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFKYn4plQ7/OT4JWgq6b9mqLyigTsMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvcGlmaW1WRHY4NVBnbGFDcnB2MmFvdktLQk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQAH9aV
AwQDH9bwAwQALvvhAwQALvvjAwQAW9n7MAwDBABfnOEDBABfnOgDBABt5sMDBARt
5uADBAJt5vwwDAMEAob/3AMEAIb/5jAMAwQAhv/rAwQEhv/gAwQChv/8AwQCuVcU
AwQCuXoEAwQAwRnJMA0EAgACMAcDBQMqBb7AMA0GCSqGSIb3DQEBCwUAA4IBAQBX
p/cGA8x7FVZa/PFjfhj8kPOvCGgv5PJXmh411ZNA34mZjwb8jShfVLHwWHfLtZch
cTSpjIiYTIotPbia42YMnd10XjfHbaMfOcmIYjAPYg1z0B5UDzqVHSRL/+Je4VZH
tyEzjl6DU794TAAE123fUonncDCLp+sdjZOiufdTESng49eW6jAbkmFnsyat3aWI
5qewhj4VcEaTCW5qjIIhCdEzm9X/q4YksaEE/0IFWlcXOdbqzWTKDBweH//nwZJ3
e5RxnYqRMjBix4opd3w/j0voddeKY4cC7/so26XBMbEGAbzWMgBV52emWJYoGpe+
pXEKlZ90bdITCN04dQui
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:24:01 2025 by rpki-client