Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PLc2ST00dBnkrqUHckmHr6u6Czg.roa
File: PLc2ST00dBnkrqUHckmHr6u6Czg.roa (raw, json)
Hash identifier: ZcKtEwG5NtIQ8Mxm23ePhOO+1CK7e6BTqN/noZfrg4I=
Subject key identifier: 3C:B7:36:49:3D:34:74:19:E4:AE:A5:07:72:49:87:AF:AB:BA:0B:38
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194ACE5C6FD960BE3706D58083AD23A02DF
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PLc2ST00dBnkrqUHckmHr6u6Czg.roa
Signing time: Tue 28 Jan 2025 12:32:07 +0000
ROA not before: Tue 28 Jan 2025 12:32:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215433
IP address blocks: 77.81.101.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.44.76.0/24 maxlen: 24
93.119.195.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:e5:c6:fd:96:0b:e3:70:6d:58:08:3a:d2:3a:02:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 28 12:32:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cb736493d347419e4aea507724987afabba0b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d6:40:17:55:8c:d4:e1:a6:f3:e9:37:23:2e:
7b:75:9b:2a:21:ef:c5:77:6f:53:31:67:bc:38:d2:
f4:c7:99:f1:b5:90:ab:3c:df:83:a3:54:4f:0a:68:
88:2e:4d:fc:46:8f:49:e6:7b:f4:6c:ff:53:65:f2:
64:13:a8:53:1e:f1:71:c3:a7:4a:a7:4a:a1:1e:3a:
9e:dd:03:c0:8d:b1:3a:b4:d4:e3:27:65:91:dd:7b:
2f:93:b6:ab:f0:40:eb:b1:5f:fd:eb:ca:19:e2:bc:
ed:31:b9:7b:21:60:8f:83:6e:d7:26:aa:e0:15:8d:
d2:c1:c5:0f:ce:2e:0e:e6:1c:e6:3e:9b:f5:27:b3:
b3:7c:65:de:3d:ab:51:8b:f7:25:ea:22:d0:86:e4:
fc:fe:b2:79:92:d7:fc:4b:53:6d:a7:f9:6f:40:f6:
c3:6b:3f:d5:03:d2:f0:a9:1c:22:bc:7b:02:58:de:
1c:e4:1f:6b:07:b6:a2:ff:90:c8:93:bd:b9:51:4d:
0e:29:f3:42:26:9d:4e:74:45:b7:bb:8a:f0:36:4f:
00:05:da:36:b8:d3:f8:a7:66:a5:41:2c:df:56:b1:
90:78:c9:0c:f0:41:54:b4:cb:8b:2a:46:5b:f3:29:
6e:2b:64:80:58:4d:42:0c:c3:c7:1b:6c:5f:0a:99:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:B7:36:49:3D:34:74:19:E4:AE:A5:07:72:49:87:AF:AB:BA:0B:38
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/PLc2ST00dBnkrqUHckmHr6u6Czg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.101.0/24
89.37.185.0/24
89.44.76.0/24
93.119.195.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
49:be:63:74:fc:b6:2b:f7:1d:70:23:33:bb:83:23:78:9b:94:
e8:46:18:63:01:39:24:10:ed:27:db:cc:f4:e9:d7:ca:b0:d8:
e1:cf:ff:37:15:60:e6:50:05:60:17:e3:d0:9e:ed:a5:7c:4d:
d8:03:f3:d1:4d:38:68:0b:48:b3:ed:5e:90:c3:39:ed:65:7c:
9e:37:6a:47:7c:7d:f5:8e:4f:9a:e5:43:ac:17:b6:cf:67:a9:
d1:ed:68:1d:eb:b4:95:63:e9:f2:2e:2d:be:c3:2e:51:33:43:
9f:28:d6:f2:b6:78:57:f2:f6:a1:e7:f2:60:b6:89:4c:40:e1:
7c:ff:89:a5:33:40:0a:ab:3f:ac:85:7d:a2:1b:61:72:9e:43:
c5:39:c8:c5:e4:20:65:06:c6:6d:c7:92:c5:4b:19:65:a1:e0:
f6:c3:95:72:6a:b7:1f:c8:36:4f:7d:e8:75:5a:89:26:d3:94:
52:38:1c:8c:64:34:79:52:14:99:15:02:8e:cb:3f:6b:c7:3a:
b6:34:d6:9b:80:f6:47:da:32:06:e2:64:e1:65:86:aa:f9:0b:
ac:31:a2:16:3d:2a:0d:88:68:f2:fb:3d:57:7c:71:db:67:b4:
95:02:fe:32:43:82:52:d3:eb:9d:7c:0e:a3:51:b1:91:e6:de:
51:35:5d:26
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSs5cb9lgvjcG1YCDrSOgLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTI4MTIzMjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2I3MzY0OTNkMzQ3NDE5ZTRhZWE1MDc3MjQ5ODdhZmFiYmEwYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49ZAF1WM1OGm8+k3Iy57dZsqIe/F
d29TMWe8ONL0x5nxtZCrPN+Do1RPCmiILk38Ro9J5nv0bP9TZfJkE6hTHvFxw6dK
p0qhHjqe3QPAjbE6tNTjJ2WR3Xsvk7ar8EDrsV/968oZ4rztMbl7IWCPg27XJqrg
FY3SwcUPzi4O5hzmPpv1J7OzfGXePatRi/cl6iLQhuT8/rJ5ktf8S1Ntp/lvQPbD
az/VA9LwqRwivHsCWN4c5B9rB7ai/5DIk725UU0OKfNCJp1OdEW3u4rwNk8ABdo2
uNP4p2alQSzfVrGQeMkM8EFUtMuLKkZb8yluK2SAWE1CDMPHG2xfCpnP3QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDy3Nkk9NHQZ5K6lB3JJh6+rugs4MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUExjMlNUMDBkQm5rcnFVSGNrbUhyNnU2Q3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVFlAwQA
WSW5AwQAWSxMAwQAXXfDAwQA1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQBJvmN0/LYr
9x1wIzO7gyN4m5ToRhhjATkkEO0n28z06dfKsNjhz/83FWDmUAVgF+PQnu2lfE3Y
A/PRTThoC0iz7V6QwzntZXyeN2pHfH31jk+a5UOsF7bPZ6nR7Wgd67SVY+nyLi2+
wy5RM0OfKNbytnhX8vah5/JgtolMQOF8/4mlM0AKqz+shX2iG2FynkPFOcjF5CBl
BsZtx5LFSxlloeD2w5VyarcfyDZPfeh1Wokm05RSOByMZDR5UhSZFQKOyz9rxzq2
NNabgPZH2jIG4mThZYaq+QusMaIWPSoNiGjy+z1XfHHbZ7SVAv4yQ4JS0+udfA6j
UbGR5t5RNV0m
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:42:45 2025 by rpki-client