Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/pNxIm0SmH7kBUMbare2mFQXDHOk.roa
File: pNxIm0SmH7kBUMbare2mFQXDHOk.roa (raw, json)
Hash identifier: FL47b2q1GAJAcT+EDiWHDQ+iV/Lo12DMIiUY1wrMTeU=
Subject key identifier: A4:DC:48:9B:44:A6:1F:B9:01:50:C6:DA:AD:ED:A6:15:05:C3:1C:E9
Certificate issuer: /CN=922e330b5879590abae81bf40a91a5101bc18fa0
Certificate serial: 01942369B68C6BB493544B019DBC0BB3813E
Authority key identifier: 92:2E:33:0B:58:79:59:0A:BA:E8:1B:F4:0A:91:A5:10:1B:C1:8F:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/pNxIm0SmH7kBUMbare2mFQXDHOk.roa
Signing time: Wed 01 Jan 2025 19:48:37 +0000
ROA not before: Wed 01 Jan 2025 19:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8966
IP address blocks: 185.120.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/ki4zC1h5WQq66Bv0CpGlEBvBj6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/ki4zC1h5WQq66Bv0CpGlEBvBj6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b6:8c:6b:b4:93:54:4b:01:9d:bc:0b:b3:81:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922e330b5879590abae81bf40a91a5101bc18fa0
Validity
Not Before: Jan 1 19:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4dc489b44a61fb90150c6daadeda61505c31ce9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:43:4c:39:6c:05:56:6f:55:97:73:1a:16:
29:dd:69:01:00:05:35:58:4e:a2:ee:0f:91:41:27:
91:6e:d2:f6:28:44:47:97:a8:a5:62:a8:d8:80:40:
0f:ff:36:eb:eb:62:cd:7d:04:93:ab:28:cc:18:6c:
28:95:92:3b:47:23:3e:c6:2f:2e:38:b7:a6:f4:7c:
e6:ed:c3:27:1b:35:e1:03:ae:15:23:96:28:e3:e3:
6d:5a:7b:d3:71:3b:8e:7c:03:6b:a9:c8:77:1a:39:
65:bf:cf:45:90:f9:fd:74:01:d0:32:90:8f:1c:d0:
dd:c3:65:a0:a3:98:ad:46:fc:52:76:8d:16:32:b2:
72:a5:65:f7:a8:13:f2:ec:72:00:d9:e3:87:a4:dc:
ad:b5:ec:ee:d5:a8:d8:2a:2b:a2:af:ca:59:51:96:
2d:24:81:67:7f:35:22:a6:bd:93:4c:55:aa:5f:63:
78:99:39:1c:4b:68:1f:41:af:98:51:ad:df:91:0b:
19:51:3c:ea:85:ac:59:2c:dc:60:44:68:80:26:97:
e8:08:02:d2:fe:54:a6:14:f6:37:ea:34:04:d4:c1:
27:ef:48:62:b3:6c:64:c8:8c:29:09:3c:f3:cf:56:
fa:ff:74:17:f9:11:1a:ac:ff:4f:8b:0c:ea:24:2b:
b2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DC:48:9B:44:A6:1F:B9:01:50:C6:DA:AD:ED:A6:15:05:C3:1C:E9
X509v3 Authority Key Identifier:
keyid:92:2E:33:0B:58:79:59:0A:BA:E8:1B:F4:0A:91:A5:10:1B:C1:8F:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/pNxIm0SmH7kBUMbare2mFQXDHOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/ki4zC1h5WQq66Bv0CpGlEBvBj6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.31.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c6:63:2d:3e:c5:2a:8d:ae:66:f3:51:4a:00:d9:dd:68:e2:
9a:be:11:f6:6c:dd:3c:37:e8:71:b7:31:d1:cc:9b:97:d7:ca:
f2:65:0c:36:40:c5:2c:1e:0c:98:78:db:e1:7a:52:2b:90:78:
c6:a5:8f:a4:e0:ce:81:d3:46:de:76:9e:dd:78:9d:a8:5a:5d:
c6:89:52:23:ad:c7:fe:12:eb:fb:08:6f:4b:a3:4e:cb:37:cb:
a9:d2:88:78:c7:6c:34:88:85:80:4a:be:f4:f7:54:fe:da:e3:
d0:bd:fa:27:cb:01:ea:bc:e5:e7:a3:2b:e0:96:63:c5:9a:fd:
e4:0b:54:9d:a9:78:1c:10:65:2a:05:43:a5:a0:91:88:9f:7e:
7c:96:9a:ca:31:12:85:ee:97:a4:a2:c4:89:e9:72:ea:85:ff:
2a:0a:46:0b:f9:84:5b:cc:06:25:70:b6:05:8b:92:31:b4:6c:
af:f3:e9:0f:08:91:e0:6f:96:f8:34:9e:bd:87:dc:5c:36:3c:
a2:49:d2:85:d6:89:88:68:4d:77:6d:87:a3:fa:8f:7e:17:cf:
8a:ee:17:8f:94:b5:86:cf:65:ae:63:b7:9c:98:a6:fc:11:bd:
5d:5e:5e:1d:b2:5c:3d:12:d5:8d:6a:08:62:fb:6c:13:25:da:
5e:01:44:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjabaMa7STVEsBnbwLs4E+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMmUzMzBiNTg3OTU5MGFiYWU4MWJmNDBhOTFhNTEwMWJj
MThmYTAwHhcNMjUwMTAxMTk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRjNDg5YjQ0YTYxZmI5MDE1MGM2ZGFhZGVkYTYxNTA1YzMxY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZBDTDlsBVZvVZdzGhYp3WkBAAU1
WE6i7g+RQSeRbtL2KERHl6ilYqjYgEAP/zbr62LNfQSTqyjMGGwolZI7RyM+xi8u
OLem9Hzm7cMnGzXhA64VI5Yo4+NtWnvTcTuOfANrqch3Gjllv89FkPn9dAHQMpCP
HNDdw2Wgo5itRvxSdo0WMrJypWX3qBPy7HIA2eOHpNyttezu1ajYKiuir8pZUZYt
JIFnfzUipr2TTFWqX2N4mTkcS2gfQa+YUa3fkQsZUTzqhaxZLNxgRGiAJpfoCALS
/lSmFPY36jQE1MEn70his2xkyIwpCTzzz1b6/3QX+REarP9PiwzqJCuycwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKTcSJtEph+5AVDG2q3tphUFwxzpMB8GA1UdIwQY
MBaAFJIuMwtYeVkKuugb9AqRpRAbwY+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2k0ekMxaDVXUXE2NkJ2MENwR2xFQnZCajZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mMTgwZmYtMzM2Yy00YjQ1LTkzNzgt
NTY4NjcyYzI1Y2E4LzEvcE54SW0wU21IN2tCVU1iYXJlMm1GUVhESE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mMTgwZmYtMzM2Yy00YjQ1LTkzNzgtNTY4NjcyYzI1Y2E4
LzEva2k0ekMxaDVXUXE2NkJ2MENwR2xFQnZCajZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXgfMA0G
CSqGSIb3DQEBCwUAA4IBAQBdxmMtPsUqja5m81FKANndaOKavhH2bN08N+hxtzHR
zJuX18ryZQw2QMUsHgyYeNvhelIrkHjGpY+k4M6B00bedp7deJ2oWl3GiVIjrcf+
Euv7CG9Lo07LN8up0oh4x2w0iIWASr7091T+2uPQvfonywHqvOXnoyvglmPFmv3k
C1SdqXgcEGUqBUOloJGIn358lprKMRKF7pekosSJ6XLqhf8qCkYL+YRbzAYlcLYF
i5IxtGyv8+kPCJHgb5b4NJ69h9xcNjyiSdKF1omIaE13bYej+o9+F8+K7hePlLWG
z2WuY7ecmKb8Eb1dXl4dslw9EtWNaghi+2wTJdpeAUTI
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:16 2025 by rpki-client