Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PkJhyt9pT1uGvNEkXULDRnIoKM8.roa
File: PkJhyt9pT1uGvNEkXULDRnIoKM8.roa (raw, json)
Hash identifier: GnXTwsBZIxIhJPycvbpoXf49+cV9ppIdazG5Z3GlNBg=
Subject key identifier: 3E:42:61:CA:DF:69:4F:5B:86:BC:D1:24:5D:42:C3:46:72:28:28:CF
Certificate issuer: /CN=3c931f265a8471d32ce8449d9e186f0dc7114a7a
Certificate serial: 019425FCFA813F9690F99D5274C7283D6D8E
Authority key identifier: 3C:93:1F:26:5A:84:71:D3:2C:E8:44:9D:9E:18:6F:0D:C7:11:4A:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PkJhyt9pT1uGvNEkXULDRnIoKM8.roa
Signing time: Thu 02 Jan 2025 07:48:43 +0000
ROA not before: Thu 02 Jan 2025 07:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41865
IP address blocks: 94.158.128.0/20 maxlen: 20
94.158.128.0/21 maxlen: 21
94.158.136.0/21 maxlen: 21
193.34.0.0/22 maxlen: 22
193.34.0.0/23 maxlen: 23
193.34.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.mft
rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:fa:81:3f:96:90:f9:9d:52:74:c7:28:3d:6d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c931f265a8471d32ce8449d9e186f0dc7114a7a
Validity
Not Before: Jan 2 07:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e4261cadf694f5b86bcd1245d42c346722828cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:ac:8c:b8:cb:78:17:37:97:0c:7f:17:a8:
af:2c:8e:a4:7c:9b:36:de:30:75:2b:b7:f3:d5:92:
c4:60:84:cf:e9:30:04:ea:ee:ea:8b:f1:8f:73:09:
74:80:b3:a4:cc:4a:3b:12:f0:99:b5:db:1a:06:b1:
6f:b7:42:bc:54:0c:9a:9d:1d:dd:49:b0:97:e8:d0:
9c:49:22:a4:76:a6:d9:bb:c0:b9:5a:c6:29:5a:5d:
7c:ce:7b:83:b6:19:c7:6c:03:f7:dd:9f:e7:c5:a5:
4a:c5:7b:51:d5:82:12:51:0b:e5:72:f6:fc:e3:2d:
d9:f3:a0:ee:b8:25:2a:00:4c:8c:3c:2f:0b:91:a4:
a8:4e:bc:bb:a0:84:2b:f1:fd:ca:09:60:3c:13:4e:
27:3a:2e:3f:21:6a:5c:fd:ae:87:53:d8:ac:4d:3b:
54:a9:4f:34:28:e7:7b:e2:af:64:c9:2a:34:8f:c0:
2b:27:a0:82:01:64:ec:14:03:a4:19:d2:6e:2c:65:
48:bd:47:2d:40:03:3f:58:cd:2f:1d:84:64:29:4e:
3c:88:12:fe:72:7a:f3:48:04:93:47:62:0c:94:de:
5c:58:6a:ed:d2:fb:99:7a:99:57:ef:9f:27:71:db:
43:69:a0:66:cd:e2:23:36:48:f0:92:c6:fa:9d:28:
cd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:42:61:CA:DF:69:4F:5B:86:BC:D1:24:5D:42:C3:46:72:28:28:CF
X509v3 Authority Key Identifier:
keyid:3C:93:1F:26:5A:84:71:D3:2C:E8:44:9D:9E:18:6F:0D:C7:11:4A:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PJMfJlqEcdMs6ESdnhhvDccRSno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PkJhyt9pT1uGvNEkXULDRnIoKM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/b50bda-6899-4eef-a231-5e0026303629/1/PJMfJlqEcdMs6ESdnhhvDccRSno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.128.0/20
193.34.0.0/22
Signature Algorithm: sha256WithRSAEncryption
52:00:1b:6e:56:b4:b3:8e:00:77:22:af:fc:d1:69:87:7d:0c:
a2:8b:5e:7b:1a:20:c7:b9:b7:b0:79:00:5f:96:66:00:3b:4d:
77:c8:1f:22:1d:b3:23:04:28:aa:47:ba:5b:0f:90:cb:01:a9:
b0:c2:b2:99:04:b6:6f:97:e0:d4:46:cf:8c:b0:ca:6e:68:3c:
41:0a:e4:17:74:a9:34:bd:16:1d:90:93:ce:30:84:24:86:75:
3b:8f:e3:8e:95:13:0a:5b:88:ee:c0:76:a5:d4:c0:86:4b:10:
ea:cb:bd:c1:3a:74:bd:44:85:48:36:9e:71:c7:d5:ba:c4:f5:
eb:5c:dd:7e:4d:1e:d9:2a:43:fb:c5:d5:40:dc:da:e0:4c:62:
f0:87:71:4c:73:92:60:16:09:7d:f4:5f:70:a6:26:61:80:d7:
e7:2e:5b:47:a8:21:8e:a3:0f:f9:ea:5a:70:a0:80:a5:ec:16:
1a:f6:50:30:4c:99:e8:3d:d3:b3:d8:3d:5a:ff:8f:6a:05:bd:
cc:28:29:a1:68:4c:bd:43:00:fd:0d:ee:7c:b6:50:0a:78:47:
8f:90:fb:6e:ca:41:bc:ef:f5:8b:c2:1e:a6:7c:fa:3a:29:ca:
89:f4:c8:a7:ce:3b:96:a2:22:5a:69:94:2e:48:26:10:23:3b:
7e:af:5e:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/PqBP5aQ+Z1SdMcoPW2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOTMxZjI2NWE4NDcxZDMyY2U4NDQ5ZDllMTg2ZjBkYzcx
MTRhN2EwHhcNMjUwMTAyMDc0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQyNjFjYWRmNjk0ZjViODZiY2QxMjQ1ZDQyYzM0NjcyMjgyOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUusjLjLeBc3lwx/F6ivLI6kfJs2
3jB1K7fz1ZLEYITP6TAE6u7qi/GPcwl0gLOkzEo7EvCZtdsaBrFvt0K8VAyanR3d
SbCX6NCcSSKkdqbZu8C5WsYpWl18znuDthnHbAP33Z/nxaVKxXtR1YISUQvlcvb8
4y3Z86DuuCUqAEyMPC8LkaSoTry7oIQr8f3KCWA8E04nOi4/IWpc/a6HU9isTTtU
qU80KOd74q9kySo0j8ArJ6CCAWTsFAOkGdJuLGVIvUctQAM/WM0vHYRkKU48iBL+
cnrzSASTR2IMlN5cWGrt0vuZeplX758ncdtDaaBmzeIjNkjwksb6nSjNqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5CYcrfaU9bhrzRJF1Cw0ZyKCjPMB8GA1UdIwQY
MBaAFDyTHyZahHHTLOhEnZ4Ybw3HEUp6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEpNZkpscUVjZE1zNkVTZG5oaHZEY2NSU25vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iNTBiZGEtNjg5OS00ZWVmLWEyMzEt
NWUwMDI2MzAzNjI5LzEvUGtKaHl0OXBUMXVHdk5Fa1hVTERSbklvS004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iNTBiZGEtNjg5OS00ZWVmLWEyMzEtNWUwMDI2MzAzNjI5
LzEvUEpNZkpscUVjZE1zNkVTZG5oaHZEY2NSU25vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXp6AAwQC
wSIAMA0GCSqGSIb3DQEBCwUAA4IBAQBSABtuVrSzjgB3Iq/80WmHfQyii157GiDH
ubeweQBflmYAO013yB8iHbMjBCiqR7pbD5DLAamwwrKZBLZvl+DURs+MsMpuaDxB
CuQXdKk0vRYdkJPOMIQkhnU7j+OOlRMKW4juwHal1MCGSxDqy73BOnS9RIVINp5x
x9W6xPXrXN1+TR7ZKkP7xdVA3NrgTGLwh3FMc5JgFgl99F9wpiZhgNfnLltHqCGO
ow/56lpwoICl7BYa9lAwTJnoPdOz2D1a/49qBb3MKCmhaEy9QwD9De58tlAKeEeP
kPtuykG87/WLwh6mfPo6KcqJ9MinzjuWoiJaaZQuSCYQIzt+r16t
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:05:20 2025 by rpki-client