Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/PVS_MhqNr91aFcYgQKxvC3XzSEQ.roa
File: PVS_MhqNr91aFcYgQKxvC3XzSEQ.roa (raw, json)
Hash identifier: gJyDy4mp6TNMJd8wz54abqPs/pTVx1pb5y8/hgiw04I=
Subject key identifier: 3D:54:BF:32:1A:8D:AF:DD:5A:15:C6:20:40:AC:6F:0B:75:F3:48:44
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F95337FA084E3CB999F16B5D22C29
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/PVS_MhqNr91aFcYgQKxvC3XzSEQ.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41129
IP address blocks: 146.120.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:95:33:7f:a0:84:e3:cb:99:9f:16:b5:d2:2c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d54bf321a8dafdd5a15c62040ac6f0b75f34844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bc:a7:60:69:28:2a:36:2d:ce:f4:72:52:80:
5f:93:83:e5:44:22:d7:f2:94:40:ba:ba:75:fa:e3:
dc:18:e4:1f:25:b0:3d:2f:00:d0:50:8a:9d:18:da:
bf:c2:17:39:56:65:49:f0:86:f6:23:48:47:28:d0:
ad:14:c4:10:0c:cb:92:7a:4b:c1:0a:9f:96:44:c8:
cb:3f:40:11:20:d6:e4:67:50:50:7b:c0:61:ab:0f:
e8:d7:43:1c:12:40:01:ec:04:91:0e:d4:70:e5:14:
a4:ae:56:46:ac:18:e8:27:57:db:f3:a5:4b:83:59:
8c:9b:24:a3:47:57:45:98:dc:f5:5a:2b:cc:28:8a:
8f:dd:86:77:75:45:0f:16:0e:db:9f:c2:4c:5e:6c:
f3:5e:5b:a8:66:9d:53:3e:57:a7:b9:30:fc:14:f4:
1c:e7:70:2b:7e:7c:2e:da:e3:a2:84:60:6f:72:72:
e7:95:8f:9b:61:87:11:f9:de:fd:81:3d:e2:0a:09:
65:91:0d:73:25:05:9e:02:ba:e9:9d:2f:bb:d6:a1:
c9:a7:fb:23:d2:dc:ec:89:26:89:bb:a0:29:b2:9d:
4b:e8:53:2e:88:93:df:98:b2:d4:01:c5:00:97:16:
c2:b6:a8:2c:12:bb:96:57:24:2f:32:2a:20:2e:a6:
10:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:54:BF:32:1A:8D:AF:DD:5A:15:C6:20:40:AC:6F:0B:75:F3:48:44
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/PVS_MhqNr91aFcYgQKxvC3XzSEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.100.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a3:94:8b:b1:3b:9a:01:97:e9:b3:ce:67:9d:0e:40:12:d3:
c1:3b:38:8e:13:22:53:9b:c2:62:04:17:86:18:d6:af:04:e5:
e3:55:85:52:80:f2:90:d6:34:5f:05:e7:fb:20:3d:cb:da:c9:
6b:6d:2b:8a:4f:a5:2e:be:34:52:a4:17:61:48:98:eb:20:94:
6b:d6:0d:e1:de:c4:c0:e2:90:44:9e:80:5c:9b:41:d7:12:ed:
2c:c7:7d:a8:8c:93:a2:b6:01:10:7a:0d:67:49:54:2b:43:f4:
7d:50:9e:37:d4:29:e9:30:ad:ba:ff:3a:03:d1:b2:6a:a5:94:
02:be:cf:67:da:2a:97:5a:fc:a8:2b:db:e8:a9:a9:2d:8b:2d:
0b:7a:e9:f9:e4:e4:dd:52:c7:e2:ec:3e:a4:0d:39:f5:56:e7:
52:4e:cf:9e:d2:b1:36:a0:39:97:5b:22:75:f4:ab:76:91:89:
fe:e9:2d:c3:d8:0a:32:72:80:5b:40:95:78:dd:2c:48:da:dc:
8e:4e:06:2f:4b:3e:38:80:52:e3:4a:b1:d7:ee:d4:6b:3e:7a:
01:08:3e:02:8d:dc:3a:3f:0a:82:f5:f6:77:24:f9:f1:9f:3e:
fc:c3:cc:e3:09:54:c7:b5:20:d5:b2:ad:7f:b5:a4:d2:12:c6:
cc:20:dc:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5Uzf6CE48uZnxa10iwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDU0YmYzMjFhOGRhZmRkNWExNWM2MjA0MGFjNmYwYjc1ZjM0ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7ynYGkoKjYtzvRyUoBfk4PlRCLX
8pRAurp1+uPcGOQfJbA9LwDQUIqdGNq/whc5VmVJ8Ib2I0hHKNCtFMQQDMuSekvB
Cp+WRMjLP0ARINbkZ1BQe8Bhqw/o10McEkAB7ASRDtRw5RSkrlZGrBjoJ1fb86VL
g1mMmySjR1dFmNz1WivMKIqP3YZ3dUUPFg7bn8JMXmzzXluoZp1TPlenuTD8FPQc
53Arfnwu2uOihGBvcnLnlY+bYYcR+d79gT3iCgllkQ1zJQWeArrpnS+71qHJp/sj
0tzsiSaJu6Apsp1L6FMuiJPfmLLUAcUAlxbCtqgsEruWVyQvMiogLqYQCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1UvzIaja/dWhXGIECsbwt180hEMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUFZTX01ocU5yOTFhRmNZZ1FLeHZDM1h6U0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhkMA0G
CSqGSIb3DQEBCwUAA4IBAQBKo5SLsTuaAZfps85nnQ5AEtPBOziOEyJTm8JiBBeG
GNavBOXjVYVSgPKQ1jRfBef7ID3L2slrbSuKT6UuvjRSpBdhSJjrIJRr1g3h3sTA
4pBEnoBcm0HXEu0sx32ojJOitgEQeg1nSVQrQ/R9UJ431CnpMK26/zoD0bJqpZQC
vs9n2iqXWvyoK9voqaktiy0Leun55OTdUsfi7D6kDTn1VudSTs+e0rE2oDmXWyJ1
9Kt2kYn+6S3D2AoycoBbQJV43SxI2tyOTgYvSz44gFLjSrHX7tRrPnoBCD4Cjdw6
PwqC9fZ3JPnxnz78w8zjCVTHtSDVsq1/taTSEsbMINyK
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:55 2025 by rpki-client