Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b6baa4-c131-430d-806a-2e967a4cdde1/1/PmVcb6mc4PNxZC_ptgP_O-XbGLI.roa
File: PmVcb6mc4PNxZC_ptgP_O-XbGLI.roa (raw, json)
Hash identifier: pKGXoSvQeFa7SbcSS7sBYIQ1DYaO2+BzF5Gj11hr5Ic=
Subject key identifier: 3E:65:5C:6F:A9:9C:E0:F3:71:64:2F:E9:B6:03:FF:3B:E5:DB:18:B2
Certificate issuer: /CN=35e5f0fbf3d6bf3a16a24bec780cb0fd6edf31e7
Certificate serial: 019423D7945C10F485AA7477F4339CA9DD3D
Authority key identifier: 35:E5:F0:FB:F3:D6:BF:3A:16:A2:4B:EC:78:0C:B0:FD:6E:DF:31:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NeXw-_PWvzoWokvseAyw_W7fMec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b6baa4-c131-430d-806a-2e967a4cdde1/1/PmVcb6mc4PNxZC_ptgP_O-XbGLI.roa
Signing time: Wed 01 Jan 2025 21:48:38 +0000
ROA not before: Wed 01 Jan 2025 21:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12741
IP address blocks: 195.85.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b6baa4-c131-430d-806a-2e967a4cdde1/1/NeXw-_PWvzoWokvseAyw_W7fMec.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b6baa4-c131-430d-806a-2e967a4cdde1/1/NeXw-_PWvzoWokvseAyw_W7fMec.mft
rsync://rpki.ripe.net/repository/DEFAULT/NeXw-_PWvzoWokvseAyw_W7fMec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:94:5c:10:f4:85:aa:74:77:f4:33:9c:a9:dd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35e5f0fbf3d6bf3a16a24bec780cb0fd6edf31e7
Validity
Not Before: Jan 1 21:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e655c6fa99ce0f371642fe9b603ff3be5db18b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cd:2b:4c:5d:b1:a4:22:36:79:dc:dc:8e:fc:
02:55:a4:b4:d5:4d:82:f0:8a:d2:7f:41:f2:29:3d:
91:41:92:bd:3f:54:57:e8:93:da:65:c6:40:2d:be:
32:a9:a5:6a:2c:0b:ff:e3:dd:17:9d:e6:17:7b:c7:
6c:4a:f7:87:1b:62:8c:86:0b:1b:6f:c3:3f:f9:37:
aa:31:6b:2a:f3:9c:ac:6d:66:e6:3c:26:17:f8:05:
22:26:41:89:fb:0d:eb:50:22:57:1d:ed:c5:ed:02:
aa:cd:ba:4c:09:d2:92:98:a5:9c:8b:19:8d:48:83:
91:02:3e:5a:1f:d7:90:18:00:e0:e2:ea:75:0e:11:
5c:dc:6d:84:82:63:0c:36:89:14:4d:35:66:5f:ce:
e5:ea:60:2f:02:30:2c:d9:5d:c2:aa:74:d1:71:45:
da:ca:2d:4d:4a:67:6c:48:56:07:cc:2b:e2:0c:d6:
c1:3e:8a:2f:29:4e:1d:a0:98:1f:78:4a:30:c5:d7:
6d:c6:d5:17:02:05:b7:b6:f0:2f:3a:15:f6:dc:71:
f6:9c:47:15:79:81:d9:2f:fb:9a:f4:2b:8c:7f:40:
39:2a:bb:29:7a:9f:0f:dc:48:7c:ed:bf:09:da:73:
5d:83:f3:31:69:df:70:37:d8:c9:b7:7a:0f:b8:b7:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:65:5C:6F:A9:9C:E0:F3:71:64:2F:E9:B6:03:FF:3B:E5:DB:18:B2
X509v3 Authority Key Identifier:
keyid:35:E5:F0:FB:F3:D6:BF:3A:16:A2:4B:EC:78:0C:B0:FD:6E:DF:31:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NeXw-_PWvzoWokvseAyw_W7fMec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b6baa4-c131-430d-806a-2e967a4cdde1/1/PmVcb6mc4PNxZC_ptgP_O-XbGLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b6baa4-c131-430d-806a-2e967a4cdde1/1/NeXw-_PWvzoWokvseAyw_W7fMec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.241.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b6:1c:fe:87:61:0a:2f:9f:e8:61:c4:df:c8:1f:42:e6:4a:
7b:83:24:c0:51:ea:e9:c1:1d:78:12:1c:10:da:e8:a8:38:c6:
80:54:09:b8:38:2f:16:74:6a:52:59:81:af:cc:26:8e:27:f2:
63:82:5f:58:bf:80:2a:c7:41:c7:0f:a8:19:3b:27:6c:76:cb:
5c:e9:76:c5:a6:87:cf:2d:de:e9:42:29:45:df:44:b9:b4:b5:
69:83:a7:a7:1e:5e:df:d1:8a:54:30:e0:1e:b0:20:cc:16:6b:
8d:f6:a1:5e:e2:03:4f:f3:6f:fd:c7:ea:0e:85:a1:e6:ac:8c:
a0:88:d3:63:73:c0:d9:fb:86:a7:e0:9d:bd:a9:06:fd:76:57:
ef:6e:17:fb:a2:6a:98:ec:f2:33:a9:31:79:58:98:1f:4c:5d:
b0:e8:fc:0b:04:fb:76:be:3a:34:98:e5:8d:ae:b2:4f:3a:22:
bd:84:99:5b:5c:37:62:71:3c:6c:df:f5:88:c2:cf:6e:2e:15:
93:76:c4:71:24:d4:57:38:cd:fc:b1:4e:6f:ae:09:3a:8f:2f:
ba:27:2d:61:41:3e:77:26:d0:12:86:de:7f:7a:6f:3b:69:23:
22:60:87:6b:5d:34:c0:96:7c:80:9a:36:f7:1e:69:ec:bb:12:
c3:01:7a:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj15RcEPSFqnR39DOcqd09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZTVmMGZiZjNkNmJmM2ExNmEyNGJlYzc4MGNiMGZkNmVk
ZjMxZTcwHhcNMjUwMTAxMjE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTY1NWM2ZmE5OWNlMGYzNzE2NDJmZTliNjAzZmYzYmU1ZGIxOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuM0rTF2xpCI2edzcjvwCVaS01U2C
8IrSf0HyKT2RQZK9P1RX6JPaZcZALb4yqaVqLAv/490XneYXe8dsSveHG2KMhgsb
b8M/+TeqMWsq85ysbWbmPCYX+AUiJkGJ+w3rUCJXHe3F7QKqzbpMCdKSmKWcixmN
SIORAj5aH9eQGADg4up1DhFc3G2EgmMMNokUTTVmX87l6mAvAjAs2V3CqnTRcUXa
yi1NSmdsSFYHzCviDNbBPoovKU4doJgfeEowxddtxtUXAgW3tvAvOhX23HH2nEcV
eYHZL/ua9CuMf0A5Krspep8P3Eh87b8J2nNdg/Mxad9wN9jJt3oPuLe+NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5lXG+pnODzcWQv6bYD/zvl2xiyMB8GA1UdIwQY
MBaAFDXl8Pvz1r86FqJL7HgMsP1u3zHnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmVYdy1fUFd2em9Xb2t2c2VBeXdfVzdmTWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iNmJhYTQtYzEzMS00MzBkLTgwNmEt
MmU5NjdhNGNkZGUxLzEvUG1WY2I2bWM0UE54WkNfcHRnUF9PLVhiR0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iNmJhYTQtYzEzMS00MzBkLTgwNmEtMmU5NjdhNGNkZGUx
LzEvTmVYdy1fUFd2em9Xb2t2c2VBeXdfVzdmTWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XxMA0G
CSqGSIb3DQEBCwUAA4IBAQAuthz+h2EKL5/oYcTfyB9C5kp7gyTAUerpwR14EhwQ
2uioOMaAVAm4OC8WdGpSWYGvzCaOJ/Jjgl9Yv4Aqx0HHD6gZOydsdstc6XbFpofP
Ld7pQilF30S5tLVpg6enHl7f0YpUMOAesCDMFmuN9qFe4gNP82/9x+oOhaHmrIyg
iNNjc8DZ+4an4J29qQb9dlfvbhf7omqY7PIzqTF5WJgfTF2w6PwLBPt2vjo0mOWN
rrJPOiK9hJlbXDdicTxs3/WIws9uLhWTdsRxJNRXOM38sU5vrgk6jy+6Jy1hQT53
JtASht5/em87aSMiYIdrXTTAlnyAmjb3HmnsuxLDAXr8
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:49:09 2025 by rpki-client