Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/PICG-s3Q4YZkop6Z75tQ1uqUjjc.roa
File: PICG-s3Q4YZkop6Z75tQ1uqUjjc.roa (raw, json)
Hash identifier: RYwj25TTRgCRFd7rjmY1yuMhB2tlpTJT7SA0DAX0bR8=
Subject key identifier: 3C:80:86:FA:CD:D0:E1:86:64:A2:9E:99:EF:9B:50:D6:EA:94:8E:37
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019422202B2C5D5E430BA9466ACE1175AFD2
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/PICG-s3Q4YZkop6Z75tQ1uqUjjc.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 45.159.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2b:2c:5d:5e:43:0b:a9:46:6a:ce:11:75:af:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c8086facdd0e18664a29e99ef9b50d6ea948e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9f:e2:69:09:40:5f:53:0e:8b:f5:42:bd:0a:
92:09:14:b8:9b:cc:b4:5c:b3:3e:07:77:66:52:1b:
1a:8a:dd:60:61:8c:a4:0f:8e:76:8d:8d:b9:55:17:
7d:28:f9:32:aa:0f:d5:af:30:80:b7:9b:e3:89:0b:
7f:12:d8:02:86:86:8b:57:53:0a:d4:09:02:54:02:
6a:68:f5:ab:15:34:25:49:28:7c:96:06:25:11:f6:
b4:ab:0c:04:d2:da:e5:09:fc:12:a0:d8:27:fc:ca:
0c:0b:2a:ad:be:4e:59:b7:0d:85:e4:bd:a2:83:c8:
4b:6a:83:b1:cf:11:e5:48:17:d1:0f:3a:af:48:75:
a9:f4:0e:6f:ab:37:ff:d7:d6:d0:be:0f:52:d5:e9:
b5:af:64:d7:b6:63:03:8d:46:27:af:0e:4d:0c:da:
7a:0f:06:e1:3f:93:f5:37:fd:1a:73:05:04:85:36:
e0:6b:cf:c8:e0:51:69:7c:a8:4b:ca:0b:aa:2c:81:
4b:68:30:d1:b1:b6:6a:2d:8a:24:db:ed:a7:97:14:
8c:1e:30:6f:a6:aa:01:eb:d3:9c:74:f7:60:70:4f:
2f:71:4d:e1:4b:52:1e:38:30:92:e9:7c:a9:84:84:
f4:55:bd:b9:8f:9e:12:86:a9:53:b5:eb:6f:4f:1d:
3a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:80:86:FA:CD:D0:E1:86:64:A2:9E:99:EF:9B:50:D6:EA:94:8E:37
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/PICG-s3Q4YZkop6Z75tQ1uqUjjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.248.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:1c:1e:21:87:18:45:df:63:14:f4:13:c2:c1:18:07:42:1e:
35:01:9a:51:a7:cc:ec:4f:09:45:c6:01:0e:5d:19:1b:fa:5f:
27:59:b0:11:a2:11:4d:a7:eb:ea:00:e6:6c:50:28:8e:83:a7:
c6:1d:ab:53:65:f4:d7:5f:d1:6e:e0:04:be:2e:ab:99:fc:5d:
1f:9e:cc:d0:ab:a9:9e:e0:3d:3d:70:41:4a:dc:a2:25:8f:9b:
b6:9b:01:9f:52:e9:26:f7:75:ae:14:5a:b4:13:f9:e8:d9:d6:
50:84:c4:86:4d:99:bb:b1:db:5a:fd:06:1a:11:11:5c:70:0d:
48:e7:88:2f:38:43:aa:94:23:50:7f:ed:a5:37:cf:ae:c6:7d:
15:4d:92:8a:00:fd:00:8b:20:4e:71:c2:4a:02:f9:cd:1b:7f:
d1:ad:7a:18:de:70:8a:9b:a7:92:39:36:c1:16:28:ee:22:60:
e7:04:5e:40:f5:7c:bc:71:36:a9:ff:ed:74:b9:22:a0:1b:8c:
89:f6:0f:8f:e4:33:44:1d:d7:03:27:66:79:e6:09:12:d9:91:
69:96:d8:ef:85:2b:18:71:0e:f0:17:3b:7c:49:04:51:6c:78:
c1:b6:e4:80:c3:0b:7a:85:59:74:b0:8c:09:c9:c0:96:9e:1d:
e3:fa:e4:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiICssXV5DC6lGas4Rda/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzgwODZmYWNkZDBlMTg2NjRhMjllOTllZjliNTBkNmVhOTQ4ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ/iaQlAX1MOi/VCvQqSCRS4m8y0
XLM+B3dmUhsait1gYYykD452jY25VRd9KPkyqg/VrzCAt5vjiQt/EtgChoaLV1MK
1AkCVAJqaPWrFTQlSSh8lgYlEfa0qwwE0trlCfwSoNgn/MoMCyqtvk5Ztw2F5L2i
g8hLaoOxzxHlSBfRDzqvSHWp9A5vqzf/19bQvg9S1em1r2TXtmMDjUYnrw5NDNp6
DwbhP5P1N/0acwUEhTbga8/I4FFpfKhLyguqLIFLaDDRsbZqLYok2+2nlxSMHjBv
pqoB69OcdPdgcE8vcU3hS1IeODCS6XyphIT0Vb25j54ShqlTtetvTx06GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyAhvrN0OGGZKKeme+bUNbqlI43MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvUElDRy1zM1E0WVprb3A2Wjc1dFExdXFVampjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ/4MA0G
CSqGSIb3DQEBCwUAA4IBAQCqHB4hhxhF32MU9BPCwRgHQh41AZpRp8zsTwlFxgEO
XRkb+l8nWbARohFNp+vqAOZsUCiOg6fGHatTZfTXX9Fu4AS+LquZ/F0fnszQq6me
4D09cEFK3KIlj5u2mwGfUukm93WuFFq0E/no2dZQhMSGTZm7sdta/QYaERFccA1I
54gvOEOqlCNQf+2lN8+uxn0VTZKKAP0AiyBOccJKAvnNG3/RrXoY3nCKm6eSOTbB
FijuImDnBF5A9Xy8cTap/+10uSKgG4yJ9g+P5DNEHdcDJ2Z55gkS2ZFpltjvhSsY
cQ7wFzt8SQRRbHjBtuSAwwt6hVl0sIwJycCWnh3j+uTL
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:19:18 2025 by rpki-client