Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/PDG-xmyMt-cYcwLirS_UlHIvtjw.roa
File: PDG-xmyMt-cYcwLirS_UlHIvtjw.roa (raw, json)
Hash identifier: Dr6Lk50/7pX/Vs9J3n8JzHGotGI5Mo8sBqBiyo/xdj0=
Subject key identifier: 3C:31:BE:C6:6C:8C:B7:E7:18:73:02:E2:AD:2F:D4:94:72:2F:B6:3C
Certificate issuer: /CN=9576dbb76995b4950a86c5f07ca8db3eb49678f6
Certificate serial: 01920633756AD6B75F5B47EBC9FDDF1DEE6E
Authority key identifier: 95:76:DB:B7:69:95:B4:95:0A:86:C5:F0:7C:A8:DB:3E:B4:96:78:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lXbbt2mVtJUKhsXwfKjbPrSWePY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/PDG-xmyMt-cYcwLirS_UlHIvtjw.roa
Signing time: Wed 18 Sep 2024 17:34:48 +0000
ROA not before: Wed 18 Sep 2024 17:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24889
IP address blocks: 46.253.176.0/20 maxlen: 20
80.254.64.0/20 maxlen: 20
93.94.240.0/21 maxlen: 21
109.205.168.0/21 maxlen: 21
185.196.120.0/22 maxlen: 22
2a02:200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lXbbt2mVtJUKhsXwfKjbPrSWePY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:06:33:75:6a:d6:b7:5f:5b:47:eb:c9:fd:df:1d:ee:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9576dbb76995b4950a86c5f07ca8db3eb49678f6
Validity
Not Before: Sep 18 17:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c31bec66c8cb7e7187302e2ad2fd494722fb63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1c:98:7a:b4:f2:21:34:bc:fa:99:4f:f3:73:
7f:cc:3a:79:aa:e7:6f:ff:1b:b4:3e:d4:f1:57:be:
7e:5d:98:8d:25:61:c4:8c:09:8f:60:e9:77:8a:05:
44:c9:98:63:fc:63:10:3e:ad:6f:30:5f:45:3a:d9:
94:e8:ae:bb:72:16:9b:ca:d6:4c:54:ba:bf:36:cc:
fd:07:b1:c9:26:cd:01:6f:b6:72:e3:4b:16:4b:3b:
6e:87:60:15:f4:81:94:82:32:ff:7b:79:ab:85:65:
fd:f4:12:ca:39:9a:44:a5:02:9c:68:41:d8:69:0e:
44:df:e6:08:64:da:3a:4c:84:93:e6:31:78:99:02:
ce:b5:be:a2:b2:55:9e:e3:0f:b3:0f:8d:fd:94:21:
b0:61:0e:37:da:22:0f:dc:a5:dc:fb:31:34:49:d1:
f0:01:47:a6:ca:cb:ab:36:43:0f:04:f9:85:6b:16:
22:90:40:e8:0b:f2:dd:6d:0f:92:b2:54:6b:3f:82:
2b:91:24:88:21:26:d5:2b:4e:23:e9:71:f4:b4:a0:
63:8f:da:ea:46:fa:6d:e2:70:d0:d3:27:19:fb:f2:
55:5d:ce:ef:9c:bd:18:c8:35:b4:9f:ef:48:76:f4:
cf:82:27:b1:7b:91:c4:ce:a6:61:5e:46:8f:93:ed:
fa:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:31:BE:C6:6C:8C:B7:E7:18:73:02:E2:AD:2F:D4:94:72:2F:B6:3C
X509v3 Authority Key Identifier:
keyid:95:76:DB:B7:69:95:B4:95:0A:86:C5:F0:7C:A8:DB:3E:B4:96:78:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lXbbt2mVtJUKhsXwfKjbPrSWePY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/PDG-xmyMt-cYcwLirS_UlHIvtjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/09263c-a5cc-44d6-91c4-61802d9c9344/1/lXbbt2mVtJUKhsXwfKjbPrSWePY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.176.0/20
80.254.64.0/20
93.94.240.0/21
109.205.168.0/21
185.196.120.0/22
IPv6:
2a02:200::/32
Signature Algorithm: sha256WithRSAEncryption
78:b3:8a:53:59:91:77:9a:3c:e7:3f:35:e8:b7:e2:2d:a1:c4:
72:ee:ad:e1:4d:c5:42:1c:9c:c9:18:df:f2:6d:22:09:e0:f0:
83:1b:c5:fb:50:7c:14:ec:9b:90:42:99:89:a6:1a:f3:24:6a:
cd:72:47:ca:8d:43:7b:4a:73:f4:1c:c5:09:d5:fa:c4:dd:bc:
72:fa:04:03:6a:0c:bb:21:3a:7d:4e:8e:01:20:84:e9:17:4a:
7c:69:cd:0e:2c:3f:47:f4:a2:15:2e:eb:cd:b2:8a:b7:ba:d2:
e4:a9:82:0a:64:b8:e7:a4:b3:f5:da:c1:51:9d:88:12:42:2b:
91:da:76:55:ec:60:40:e2:6d:6e:3d:f9:20:4b:79:ed:25:23:
ff:39:32:3f:48:4d:02:65:d1:9f:3d:7c:82:02:bd:e5:0d:a9:
f2:4c:dd:da:82:de:23:1c:36:0a:7e:53:99:86:69:3b:fc:23:
f4:f9:d9:61:72:13:f0:66:ec:9d:61:12:6c:e2:de:b2:1a:4b:
d6:94:ed:f6:89:80:0f:b9:81:b4:b3:a1:cd:9f:7b:ff:e8:e1:
f9:f7:ae:59:1d:0c:02:b9:59:05:d3:1d:b5:b9:ff:c4:2c:c4:
ea:f9:4b:f1:57:3a:c3:98:69:75:b8:4b:bd:f8:90:14:1b:c4:
52:16:18:4e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZIGM3Vq1rdfW0fryf3fHe5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NzZkYmI3Njk5NWI0OTUwYTg2YzVmMDdjYThkYjNlYjQ5
Njc4ZjYwHhcNMjQwOTE4MTczNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMxYmVjNjZjOGNiN2U3MTg3MzAyZTJhZDJmZDQ5NDcyMmZiNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohyYerTyITS8+plP83N/zDp5qudv
/xu0PtTxV75+XZiNJWHEjAmPYOl3igVEyZhj/GMQPq1vMF9FOtmU6K67chabytZM
VLq/Nsz9B7HJJs0Bb7Zy40sWSztuh2AV9IGUgjL/e3mrhWX99BLKOZpEpQKcaEHY
aQ5E3+YIZNo6TIST5jF4mQLOtb6islWe4w+zD439lCGwYQ432iIP3KXc+zE0SdHw
AUemysurNkMPBPmFaxYikEDoC/LdbQ+SslRrP4IrkSSIISbVK04j6XH0tKBjj9rq
Rvpt4nDQ0ycZ+/JVXc7vnL0YyDW0n+9IdvTPgiexe5HEzqZhXkaPk+36QwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDwxvsZsjLfnGHMC4q0v1JRyL7Y8MB8GA1UdIwQY
MBaAFJV227dplbSVCobF8Hyo2z60lnj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFhiYnQybVZ0SlVLaHNYd2ZLamJQclNXZVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wOTI2M2MtYTVjYy00NGQ2LTkxYzQt
NjE4MDJkOWM5MzQ0LzEvUERHLXhteU10LWNZY3dMaXJTX1VsSEl2dGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wOTI2M2MtYTVjYy00NGQ2LTkxYzQtNjE4MDJkOWM5MzQ0
LzEvbFhiYnQybVZ0SlVLaHNYd2ZLamJQclNXZVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQELv2wAwQE
UP5AAwQDXV7wAwQDbc2oAwQCucR4MA0EAgACMAcDBQAqAgIAMA0GCSqGSIb3DQEB
CwUAA4IBAQB4s4pTWZF3mjznPzXot+ItocRy7q3hTcVCHJzJGN/ybSIJ4PCDG8X7
UHwU7JuQQpmJphrzJGrNckfKjUN7SnP0HMUJ1frE3bxy+gQDagy7ITp9To4BIITp
F0p8ac0OLD9H9KIVLuvNsoq3utLkqYIKZLjnpLP12sFRnYgSQiuR2nZV7GBA4m1u
PfkgS3ntJSP/OTI/SE0CZdGfPXyCAr3lDanyTN3agt4jHDYKflOZhmk7/CP0+dlh
chPwZuydYRJs4t6yGkvWlO32iYAPuYG0s6HNn3v/6OH5965ZHQwCuVkF0x21uf/E
LMTq+UvxVzrDmGl1uEu9+JAUG8RSFhhO
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:45 2024 by rpki-client on console-fra.rpki-client.org