Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/PKJMCBFHp3GoME3zaOw3K8O4f8g.roa
File: PKJMCBFHp3GoME3zaOw3K8O4f8g.roa (raw, json)
Hash identifier: VdafeTRYhwONwWw7fBt7vi6QA2+aLrk8KggdCEObnJ0=
Subject key identifier: 3C:A2:4C:08:11:47:A7:71:A8:30:4D:F3:68:EC:37:2B:C3:B8:7F:C8
Certificate issuer: /CN=5002a33f5ec6680591c097fdb4aba0e028f40845
Certificate serial: 01941FFA57B189B75178E36667C59593C3B2
Authority key identifier: 50:02:A3:3F:5E:C6:68:05:91:C0:97:FD:B4:AB:A0:E0:28:F4:08:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UAKjP17GaAWRwJf9tKug4Cj0CEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/PKJMCBFHp3GoME3zaOw3K8O4f8g.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58127
IP address blocks: 185.185.112.0/22 maxlen: 22
185.185.112.0/24 maxlen: 24
185.185.113.0/24 maxlen: 24
185.185.114.0/24 maxlen: 24
185.185.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/UAKjP17GaAWRwJf9tKug4Cj0CEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/UAKjP17GaAWRwJf9tKug4Cj0CEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/UAKjP17GaAWRwJf9tKug4Cj0CEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:57:b1:89:b7:51:78:e3:66:67:c5:95:93:c3:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5002a33f5ec6680591c097fdb4aba0e028f40845
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca24c081147a771a8304df368ec372bc3b87fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:89:65:76:64:42:f0:9d:a2:64:3b:4e:49:63:
c9:84:2a:35:67:b4:73:bd:d8:89:cd:a1:aa:c3:e9:
8b:e3:6b:2d:00:93:b7:93:5d:fe:69:63:dd:18:6e:
8d:68:03:e1:93:4a:cb:32:a7:11:41:fa:22:27:a4:
a0:5f:d6:1f:40:83:60:35:b3:a7:97:d8:ed:06:cf:
3d:ea:63:45:fd:d7:22:12:46:d9:1a:28:8b:70:69:
b1:1e:a3:5c:5d:31:1a:ba:37:c8:43:e3:3a:41:da:
ed:54:d8:de:d7:76:1d:4b:6b:bb:75:7d:b7:a3:40:
72:c1:e7:5b:b5:e4:5d:f9:47:59:94:4f:2c:bb:71:
f7:5a:99:cf:ef:a9:fd:0f:8f:60:b8:68:d4:97:e2:
14:86:c0:eb:79:2b:64:8a:90:cc:58:7d:1b:7f:cf:
9f:fb:6c:98:b5:c0:af:20:e9:16:d9:28:56:d6:f0:
02:6f:14:32:28:01:9f:80:06:fe:4a:01:2f:97:f7:
d8:7e:d0:75:04:ae:42:2a:7a:2d:42:8f:46:6f:22:
96:f7:71:e9:ba:08:47:b9:c0:d0:9b:e1:b9:3a:eb:
b1:d2:62:3c:34:90:c9:0b:4e:77:20:fb:01:5c:5e:
d5:95:f0:14:e2:29:08:ab:ac:c4:8d:f5:55:41:68:
c0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A2:4C:08:11:47:A7:71:A8:30:4D:F3:68:EC:37:2B:C3:B8:7F:C8
X509v3 Authority Key Identifier:
keyid:50:02:A3:3F:5E:C6:68:05:91:C0:97:FD:B4:AB:A0:E0:28:F4:08:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UAKjP17GaAWRwJf9tKug4Cj0CEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/PKJMCBFHp3GoME3zaOw3K8O4f8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/67b1ec-208f-4d62-9cbc-ede1e4bb611e/1/UAKjP17GaAWRwJf9tKug4Cj0CEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.112.0/22
Signature Algorithm: sha256WithRSAEncryption
44:8f:95:05:84:de:79:46:d5:da:13:03:4c:ce:2a:8a:86:55:
cb:9f:b9:72:c6:cb:fd:95:46:8b:f0:ad:25:18:aa:ed:70:f7:
65:2f:34:8a:44:89:e1:df:5e:ee:6f:7c:ba:92:82:3c:f6:75:
6e:b2:6a:a6:95:38:65:2d:71:77:02:6a:90:17:b1:98:89:38:
cc:8b:23:c3:06:9c:f3:cd:55:a1:df:27:c0:67:e1:b9:2e:33:
a6:1e:86:50:6d:b4:a8:48:0b:62:27:96:de:9d:8e:00:e4:69:
c0:7b:56:6d:cb:b7:e0:8f:c6:ed:1f:07:58:1b:8d:73:f1:ad:
7a:a6:ba:79:45:39:49:d4:16:b0:2e:80:3b:c9:2c:94:75:c5:
df:87:d8:ad:20:a9:e7:1f:51:1c:55:a2:50:e0:41:aa:d5:45:
d7:d5:75:f4:8f:5d:13:2c:06:4b:4d:ab:08:49:d0:58:5b:ad:
31:cb:e0:32:29:22:1a:54:e2:15:c4:1e:41:58:07:4f:db:45:
56:01:bf:3d:0d:7f:6a:89:6b:a3:11:12:10:bc:3c:ab:e0:ac:
d5:e9:a8:18:86:b8:4e:45:94:b1:c3:4d:5a:e8:30:8b:40:18:
89:f5:f6:52:7f:d8:1a:2d:bc:9b:8b:d8:b6:13:99:d4:77:f0:
b9:66:43:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lexibdReONmZ8WVk8OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMDJhMzNmNWVjNjY4MDU5MWMwOTdmZGI0YWJhMGUwMjhm
NDA4NDUwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2EyNGMwODExNDdhNzcxYTgzMDRkZjM2OGVjMzcyYmMzYjg3ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIlldmRC8J2iZDtOSWPJhCo1Z7Rz
vdiJzaGqw+mL42stAJO3k13+aWPdGG6NaAPhk0rLMqcRQfoiJ6SgX9YfQINgNbOn
l9jtBs896mNF/dciEkbZGiiLcGmxHqNcXTEaujfIQ+M6QdrtVNje13YdS2u7dX23
o0BywedbteRd+UdZlE8su3H3WpnP76n9D49guGjUl+IUhsDreStkipDMWH0bf8+f
+2yYtcCvIOkW2ShW1vACbxQyKAGfgAb+SgEvl/fYftB1BK5CKnotQo9GbyKW93Hp
ughHucDQm+G5Ouux0mI8NJDJC053IPsBXF7VlfAU4ikIq6zEjfVVQWjAewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyiTAgRR6dxqDBN82jsNyvDuH/IMB8GA1UdIwQY
MBaAFFACoz9exmgFkcCX/bSroOAo9AhFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUFLalAxN0dhQVdSd0pmOXRLdWc0Q2owQ0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi82N2IxZWMtMjA4Zi00ZDYyLTljYmMt
ZWRlMWU0YmI2MTFlLzEvUEtKTUNCRkhwM0dvTUUzemFPdzNLOE80ZjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi82N2IxZWMtMjA4Zi00ZDYyLTljYmMtZWRlMWU0YmI2MTFl
LzEvVUFLalAxN0dhQVdSd0pmOXRLdWc0Q2owQ0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCublwMA0G
CSqGSIb3DQEBCwUAA4IBAQBEj5UFhN55RtXaEwNMziqKhlXLn7lyxsv9lUaL8K0l
GKrtcPdlLzSKRInh317ub3y6koI89nVusmqmlThlLXF3AmqQF7GYiTjMiyPDBpzz
zVWh3yfAZ+G5LjOmHoZQbbSoSAtiJ5benY4A5GnAe1Zty7fgj8btHwdYG41z8a16
prp5RTlJ1BawLoA7ySyUdcXfh9itIKnnH1EcVaJQ4EGq1UXX1XX0j10TLAZLTasI
SdBYW60xy+AyKSIaVOIVxB5BWAdP20VWAb89DX9qiWujERIQvDyr4KzV6agYhrhO
RZSxw01a6DCLQBiJ9fZSf9gaLbybi9i2E5nUd/C5ZkOO
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:23 2025 by rpki-client