Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/pJOGzrT_mgxPYsaglIaSM0kIw4Y.roa
File: pJOGzrT_mgxPYsaglIaSM0kIw4Y.roa (raw, json)
Hash identifier: Ut0Tk0l/Yu9pyhP6CIl9TJN11JVJBhwd7Wz1zOCHBnA=
Subject key identifier: A4:93:86:CE:B4:FF:9A:0C:4F:62:C6:A0:94:86:92:33:49:08:C3:86
Certificate issuer: /CN=e08e17a781b64119a3a6357000254f5b795b0da8
Certificate serial: 0194206879824BE66C773DA976907A6B617E
Authority key identifier: E0:8E:17:A7:81:B6:41:19:A3:A6:35:70:00:25:4F:5B:79:5B:0D:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/pJOGzrT_mgxPYsaglIaSM0kIw4Y.roa
Signing time: Wed 01 Jan 2025 05:48:25 +0000
ROA not before: Wed 01 Jan 2025 05:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61343
IP address blocks: 185.10.36.0/22 maxlen: 22
185.27.84.0/22 maxlen: 22
192.76.166.0/24 maxlen: 24
192.76.167.0/24 maxlen: 24
192.76.168.0/24 maxlen: 24
192.76.169.0/24 maxlen: 24
2a03:5540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/4I4Xp4G2QRmjpjVwACVPW3lbDag.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/4I4Xp4G2QRmjpjVwACVPW3lbDag.mft
rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:79:82:4b:e6:6c:77:3d:a9:76:90:7a:6b:61:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08e17a781b64119a3a6357000254f5b795b0da8
Validity
Not Before: Jan 1 05:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a49386ceb4ff9a0c4f62c6a0948692334908c386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0d:07:34:9e:34:e8:6a:36:f0:6f:81:ca:ae:
64:93:4b:ee:0b:2c:09:08:73:56:4b:8a:92:67:d1:
3c:25:70:27:29:01:54:59:ed:c8:61:a5:8d:79:16:
2b:0b:b6:68:ee:f4:a3:c6:1d:85:d6:23:d2:da:eb:
ee:bc:79:3f:c8:26:5c:66:b6:03:b7:1e:3e:6c:a2:
4a:49:14:d9:07:f1:e7:26:0c:9b:e5:37:d1:cc:4f:
97:3f:98:1b:07:24:30:71:54:e3:54:55:49:ed:ce:
45:bb:8f:2a:1b:69:b9:c1:60:cc:55:ae:0f:14:0d:
da:0a:dd:3d:66:e3:82:a0:81:08:5c:46:7b:69:7e:
13:c1:f4:87:e0:d0:e7:80:a8:22:8a:78:ba:04:cf:
3c:62:7a:69:ef:56:bd:f7:c9:a6:4b:51:a2:97:01:
c8:c9:32:84:d6:cc:53:ca:e8:f0:05:dc:4a:bc:5b:
e1:f3:67:2d:e3:ad:46:66:07:b9:38:be:79:d0:93:
e4:7f:f0:3b:4e:dd:21:a8:c9:33:96:38:a5:37:2a:
19:05:17:ae:43:91:a2:bf:10:5c:04:f3:b2:19:09:
d1:bf:c5:6d:a3:bc:d0:de:ab:26:03:8c:b6:e6:79:
02:ea:0a:eb:e8:82:9f:12:31:51:40:02:f7:bb:93:
55:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:93:86:CE:B4:FF:9A:0C:4F:62:C6:A0:94:86:92:33:49:08:C3:86
X509v3 Authority Key Identifier:
keyid:E0:8E:17:A7:81:B6:41:19:A3:A6:35:70:00:25:4F:5B:79:5B:0D:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/pJOGzrT_mgxPYsaglIaSM0kIw4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/4I4Xp4G2QRmjpjVwACVPW3lbDag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.36.0/22
185.27.84.0/22
192.76.166.0-192.76.169.255
IPv6:
2a03:5540::/32
Signature Algorithm: sha256WithRSAEncryption
88:25:12:5f:a6:59:48:08:47:95:58:6c:ca:ab:09:8d:60:b9:
4c:73:b0:a5:ec:23:66:27:61:02:0b:84:26:0e:b2:23:dd:79:
87:5f:70:44:44:72:f1:15:c6:f8:fe:61:54:59:13:dc:90:ef:
a8:c4:88:38:82:49:0d:9a:15:af:c8:99:46:f0:6e:5f:bb:15:
1e:01:8f:3a:af:be:8b:ff:99:9d:05:91:11:1d:c1:b2:26:62:
2d:da:a4:c1:22:fc:87:c7:c2:f0:34:55:7f:c5:59:13:3a:29:
13:f8:db:3a:c6:7f:7b:5d:d0:b6:00:1d:d7:d5:df:8a:2c:63:
29:dc:56:c9:66:75:76:99:11:8e:33:94:c4:ee:76:03:85:d4:
a6:cb:ee:b6:d4:07:30:ba:f7:24:28:91:6e:f0:10:d7:7c:09:
3b:10:ee:a8:15:9c:97:57:4b:92:62:d6:74:73:dd:fc:98:3a:
51:05:bd:36:cd:68:bc:d3:2b:9c:69:39:4e:fe:66:f9:ae:1b:
51:71:9b:74:a0:1a:84:fe:b4:0f:e1:b1:fb:7a:ba:d0:80:70:
e0:95:10:12:7d:f0:36:09:ef:74:1c:27:5c:f3:6b:c1:fc:99:
62:f3:bc:bc:b1:59:d9:97:f3:fb:db:20:e8:af:c7:68:0f:e7:
15:39:f5:a2
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQgaHmCS+Zsdz2pdpB6a2F+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOGUxN2E3ODFiNjQxMTlhM2E2MzU3MDAwMjU0ZjViNzk1
YjBkYTgwHhcNMjUwMTAxMDU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDkzODZjZWI0ZmY5YTBjNGY2MmM2YTA5NDg2OTIzMzQ5MDhjMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA0HNJ406Go28G+Byq5kk0vuCywJ
CHNWS4qSZ9E8JXAnKQFUWe3IYaWNeRYrC7Zo7vSjxh2F1iPS2uvuvHk/yCZcZrYD
tx4+bKJKSRTZB/HnJgyb5TfRzE+XP5gbByQwcVTjVFVJ7c5Fu48qG2m5wWDMVa4P
FA3aCt09ZuOCoIEIXEZ7aX4TwfSH4NDngKgiini6BM88Ynpp71a998mmS1GilwHI
yTKE1sxTyujwBdxKvFvh82ct461GZge5OL550JPkf/A7Tt0hqMkzljilNyoZBReu
Q5GivxBcBPOyGQnRv8Vto7zQ3qsmA4y25nkC6grr6IKfEjFRQAL3u5NVzQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKSThs60/5oMT2LGoJSGkjNJCMOGMB8GA1UdIwQY
MBaAFOCOF6eBtkEZo6Y1cAAlT1t5Ww2oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEk0WHA0RzJRUm1qcGpWd0FDVlBXM2xiRGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMTQwMjAtMWJmYi00MTMzLWFmY2Ut
ZDVlNDVmMmNhODc5LzEvcEpPR3pyVF9tZ3hQWXNhZ2xJYVNNMGtJdzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMTQwMjAtMWJmYi00MTMzLWFmY2UtZDVlNDVmMmNhODc5
LzEvNEk0WHA0RzJRUm1qcGpWd0FDVlBXM2xiRGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuQokAwQC
uRtUMAwDBAHATKYDBAHATKgwDQQCAAIwBwMFACoDVUAwDQYJKoZIhvcNAQELBQAD
ggEBAIglEl+mWUgIR5VYbMqrCY1guUxzsKXsI2YnYQILhCYOsiPdeYdfcEREcvEV
xvj+YVRZE9yQ76jEiDiCSQ2aFa/ImUbwbl+7FR4Bjzqvvov/mZ0FkREdwbImYi3a
pMEi/IfHwvA0VX/FWRM6KRP42zrGf3td0LYAHdfV34osYyncVslmdXaZEY4zlMTu
dgOF1KbL7rbUBzC69yQokW7wENd8CTsQ7qgVnJdXS5Ji1nRz3fyYOlEFvTbNaLzT
K5xpOU7+ZvmuG1Fxm3SgGoT+tA/hsft6utCAcOCVEBJ98DYJ73QcJ1zza8H8mWLz
vLyxWdmX8/vbIOivx2gP5xU59aI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:39 2025 by rpki-client