Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/pMwZ_dWs8ojtwFFRIemRw2PGl-4.roa
File: pMwZ_dWs8ojtwFFRIemRw2PGl-4.roa (raw, json)
Hash identifier: N5kw38iMWCD98CNIZvqnGspiT0ia5Z9rWUHOZazCoDk=
Subject key identifier: A4:CC:19:FD:D5:AC:F2:88:ED:C0:51:51:21:E9:91:C3:63:C6:97:EE
Certificate issuer: /CN=dcd246e1830567ab115231db775f2879d99af0a0
Certificate serial: 019424453A13C68783AC3B6E4389399417D6
Authority key identifier: DC:D2:46:E1:83:05:67:AB:11:52:31:DB:77:5F:28:79:D9:9A:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3NJG4YMFZ6sRUjHbd18oedma8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/pMwZ_dWs8ojtwFFRIemRw2PGl-4.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42314
IP address blocks: 85.114.96.0/24 maxlen: 24
85.114.104.0/24 maxlen: 24
85.114.106.0/24 maxlen: 24
85.114.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/3NJG4YMFZ6sRUjHbd18oedma8KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/3NJG4YMFZ6sRUjHbd18oedma8KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3NJG4YMFZ6sRUjHbd18oedma8KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3a:13:c6:87:83:ac:3b:6e:43:89:39:94:17:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcd246e1830567ab115231db775f2879d99af0a0
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4cc19fdd5acf288edc0515121e991c363c697ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6c:81:4b:a6:31:b7:c8:68:c6:d9:9f:1e:db:
e6:d2:a0:84:f3:65:5f:88:aa:b9:e4:a5:a2:d7:ce:
68:e3:0a:04:a9:69:45:ee:4c:9e:5b:14:d2:96:cd:
a5:53:53:6d:f8:a6:94:60:30:20:5e:59:f6:c2:6c:
e3:33:d0:d7:97:12:2c:a4:ad:ba:29:c0:2c:21:eb:
47:21:e4:96:f3:3c:f1:ec:97:5d:13:21:26:fe:58:
3e:99:68:b8:3b:e5:d9:b0:9b:49:ca:20:2b:dd:74:
40:ae:10:0a:dc:d1:ce:c0:40:5b:06:44:bd:2a:24:
50:7e:64:68:f6:6f:68:ea:8d:d9:f8:28:9f:42:e8:
89:50:fc:25:29:35:e1:fd:2b:c8:4d:12:21:fd:94:
79:ce:54:7b:86:69:d1:3c:7a:2d:26:39:4d:f2:af:
79:37:0b:02:5a:c5:fb:71:5c:4c:f7:4e:26:a1:d3:
7c:16:31:d2:78:20:b6:b0:ad:5c:04:77:3d:7a:7e:
c2:fb:c4:71:ab:b8:77:f0:fc:ab:e2:d4:58:26:77:
97:bf:3e:dd:87:90:c5:fc:a5:d2:f4:05:e8:c8:bb:
23:46:73:bf:26:76:f9:0b:b1:80:93:ab:08:f9:e3:
b1:da:af:73:e2:fd:9a:32:bf:cb:9b:5c:80:27:80:
d4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CC:19:FD:D5:AC:F2:88:ED:C0:51:51:21:E9:91:C3:63:C6:97:EE
X509v3 Authority Key Identifier:
keyid:DC:D2:46:E1:83:05:67:AB:11:52:31:DB:77:5F:28:79:D9:9A:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3NJG4YMFZ6sRUjHbd18oedma8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/pMwZ_dWs8ojtwFFRIemRw2PGl-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e116b6-3c6d-485f-afcd-a41e620ba3eb/1/3NJG4YMFZ6sRUjHbd18oedma8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.96.0/24
85.114.104.0/24
85.114.106.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:d9:91:12:c0:a2:9e:75:0a:75:5e:19:a6:f1:b4:63:fe:f3:
46:9c:40:78:91:0e:92:4b:8e:4a:85:04:7c:6e:f7:00:98:7a:
d7:b7:1f:c2:7f:d0:de:85:ab:02:12:3e:f4:79:5a:fb:95:34:
01:d3:56:e7:e6:27:43:3c:9e:1a:c8:20:ec:9b:a6:a9:98:5f:
29:18:a3:b5:26:d9:55:19:c5:7a:46:3d:cf:76:ac:b6:b3:82:
e8:33:16:65:9d:1c:d6:f9:94:45:e9:7c:8d:71:e0:15:d0:00:
65:63:75:11:7e:78:27:55:9a:12:6f:47:7c:dd:bc:69:f5:01:
f7:a5:5d:4e:a3:51:9b:a6:e4:f1:4a:83:0b:79:0d:ba:d4:07:
ea:16:39:18:c6:63:cd:76:04:6d:b7:00:df:80:78:f7:36:4b:
7e:e3:5d:c1:24:65:94:50:62:59:24:84:2e:7d:87:80:0d:c5:
43:c2:04:d9:4f:00:ed:36:93:39:49:ae:9e:9c:cd:40:5b:12:
e3:10:0b:9f:71:3c:13:8f:8d:b8:af:cd:c3:8c:c2:63:18:ed:
df:6e:98:fa:88:7e:fd:1d:d3:70:82:0d:04:a1:81:e6:e1:43:
5e:36:8a:3a:84:db:5b:d2:3b:c3:80:88:75:3e:a0:fc:9f:73:
b7:23:1b:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRToTxoeDrDtuQ4k5lBfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZDI0NmUxODMwNTY3YWIxMTUyMzFkYjc3NWYyODc5ZDk5
YWYwYTAwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNjMTlmZGQ1YWNmMjg4ZWRjMDUxNTEyMWU5OTFjMzYzYzY5N2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWyBS6Yxt8hoxtmfHtvm0qCE82Vf
iKq55KWi185o4woEqWlF7kyeWxTSls2lU1Nt+KaUYDAgXln2wmzjM9DXlxIspK26
KcAsIetHIeSW8zzx7JddEyEm/lg+mWi4O+XZsJtJyiAr3XRArhAK3NHOwEBbBkS9
KiRQfmRo9m9o6o3Z+CifQuiJUPwlKTXh/SvITRIh/ZR5zlR7hmnRPHotJjlN8q95
NwsCWsX7cVxM904modN8FjHSeCC2sK1cBHc9en7C+8Rxq7h38Pyr4tRYJneXvz7d
h5DF/KXS9AXoyLsjRnO/Jnb5C7GAk6sI+eOx2q9z4v2aMr/Lm1yAJ4DU9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKTMGf3VrPKI7cBRUSHpkcNjxpfuMB8GA1UdIwQY
MBaAFNzSRuGDBWerEVIx23dfKHnZmvCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM05KRzRZTUZaNnNSVWpIYmQxOG9lZG1hOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lMTE2YjYtM2M2ZC00ODVmLWFmY2Qt
YTQxZTYyMGJhM2ViLzEvcE13Wl9kV3M4b2p0d0ZGUkllbVJ3MlBHbC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lMTE2YjYtM2M2ZC00ODVmLWFmY2QtYTQxZTYyMGJhM2Vi
LzEvM05KRzRZTUZaNnNSVWpIYmQxOG9lZG1hOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVXJgAwQA
VXJoAwQBVXJqMA0GCSqGSIb3DQEBCwUAA4IBAQAt2ZESwKKedQp1Xhmm8bRj/vNG
nEB4kQ6SS45KhQR8bvcAmHrXtx/Cf9DehasCEj70eVr7lTQB01bn5idDPJ4ayCDs
m6apmF8pGKO1JtlVGcV6Rj3Pdqy2s4LoMxZlnRzW+ZRF6XyNceAV0ABlY3URfngn
VZoSb0d83bxp9QH3pV1Oo1GbpuTxSoMLeQ261AfqFjkYxmPNdgRttwDfgHj3Nkt+
413BJGWUUGJZJIQufYeADcVDwgTZTwDtNpM5Sa6enM1AWxLjEAufcTwTj424r83D
jMJjGO3fbpj6iH79HdNwgg0EoYHm4UNeNoo6hNtb0jvDgIh1PqD8n3O3Ixv4
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:54:03 2025 by rpki-client