Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/PcjnIOs0xHAadMUPf6vwApxUGPI.roa
File: PcjnIOs0xHAadMUPf6vwApxUGPI.roa (raw, json)
Hash identifier: ahUECt5ec83Dg9RUG/tnn3VXtR+x9lfVVXmvWME9edo=
Subject key identifier: 3D:C8:E7:20:EB:34:C4:70:1A:74:C5:0F:7F:AB:F0:02:9C:54:18:F2
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 0194274856616EDE7D988061B8F08EF3D076
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/PcjnIOs0xHAadMUPf6vwApxUGPI.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35285
IP address blocks: 193.189.122.0/24 maxlen: 24
193.189.123.0/24 maxlen: 24
2001:678:b1::/48 maxlen: 48
2001:14e8:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:56:61:6e:de:7d:98:80:61:b8:f0:8e:f3:d0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dc8e720eb34c4701a74c50f7fabf0029c5418f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e8:dd:14:40:69:2a:eb:d8:22:8a:59:b2:69:
92:2f:ea:3d:ef:fb:ed:77:1b:7a:e2:cb:db:8a:9b:
f4:07:5b:a9:fa:71:26:d8:48:ca:e1:a2:0f:b6:94:
b0:ba:af:92:de:9c:1f:3e:d8:34:d4:0e:01:f0:6f:
fb:17:67:a4:a7:da:c0:30:1c:e2:cb:0a:02:86:97:
49:04:79:2f:c3:ad:81:32:53:6c:67:05:22:c6:d8:
6e:3f:98:a1:75:27:7d:cf:8a:f0:05:0a:a5:46:77:
1a:3e:8e:b8:d5:c4:63:64:fa:b5:39:1e:c9:be:5a:
64:78:5f:50:ce:f3:46:01:9b:42:62:f5:d0:bd:24:
e6:d1:fb:a6:ee:12:6c:9b:ae:1a:c3:17:51:a6:c0:
b3:d1:c4:bc:7c:b9:66:75:d5:20:a4:88:2d:c0:8c:
b5:88:c5:fe:59:f2:df:09:cd:04:7b:6a:6f:8b:e7:
1f:f5:44:d1:87:d8:0f:50:4e:81:c2:f7:dc:2c:1e:
a6:b7:95:f4:a3:1d:d1:d4:bf:01:07:73:8f:aa:ea:
97:8c:e1:7f:85:e9:e3:11:39:f7:c3:2f:4c:be:81:
75:da:61:5a:f7:44:64:2c:5e:a8:a7:30:7b:61:5d:
75:32:4f:0d:24:bd:f0:86:28:c3:f4:9c:be:3f:54:
a1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C8:E7:20:EB:34:C4:70:1A:74:C5:0F:7F:AB:F0:02:9C:54:18:F2
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/PcjnIOs0xHAadMUPf6vwApxUGPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.122.0/23
IPv6:
2001:678:b1::/48
2001:14e8:c::/48
Signature Algorithm: sha256WithRSAEncryption
93:e1:06:8e:c0:9c:3e:d8:d6:2e:df:db:4e:2c:ff:1f:b2:90:
be:dd:af:7a:e4:1c:39:a4:3d:93:20:ff:69:ea:aa:d5:78:d9:
37:2b:a0:c8:d0:fe:a0:fa:a1:62:06:0d:c8:5a:0a:91:99:4a:
0e:53:f7:79:48:c8:e9:b9:9f:d3:df:34:17:14:12:e2:e5:ee:
a5:58:03:c6:39:37:c0:4b:5e:7b:81:de:b4:0c:95:23:f4:31:
0d:81:c6:1c:db:be:e0:f4:8b:1f:b9:66:60:6b:ed:e9:6d:92:
96:5b:d1:59:29:75:ff:1a:95:91:b0:e8:af:e9:62:08:96:1d:
3d:dd:f4:00:94:cf:86:65:d5:3b:15:55:02:c1:a2:7c:cd:ec:
b8:31:7c:83:5d:f1:fe:18:d5:49:da:7f:ff:84:ce:0e:f7:d8:
d3:d3:8c:88:16:89:ff:a8:65:ac:23:96:e4:03:71:ac:60:33:
ea:f1:71:fa:fe:f8:22:c6:c1:96:15:af:0b:af:60:f6:4d:e2:
ad:c7:bd:4c:d9:23:42:85:43:23:da:3c:2e:a9:74:ce:f3:e3:
69:76:8f:a9:9d:86:71:9d:33:f7:c9:d0:6c:34:86:94:f3:00:
0a:98:64:bd:7b:f3:f4:7e:8e:d8:cb:83:5e:d1:5c:43:7c:6d:
24:97:52:00
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQnSFZhbt59mIBhuPCO89B2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGM4ZTcyMGViMzRjNDcwMWE3NGM1MGY3ZmFiZjAwMjljNTQxOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxejdFEBpKuvYIopZsmmSL+o97/vt
dxt64svbipv0B1up+nEm2EjK4aIPtpSwuq+S3pwfPtg01A4B8G/7F2ekp9rAMBzi
ywoChpdJBHkvw62BMlNsZwUixthuP5ihdSd9z4rwBQqlRncaPo641cRjZPq1OR7J
vlpkeF9QzvNGAZtCYvXQvSTm0fum7hJsm64awxdRpsCz0cS8fLlmddUgpIgtwIy1
iMX+WfLfCc0Ee2pvi+cf9UTRh9gPUE6BwvfcLB6mt5X0ox3R1L8BB3OPquqXjOF/
henjETn3wy9MvoF12mFa90RkLF6opzB7YV11Mk8NJL3whijD9Jy+P1ShCQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFD3I5yDrNMRwGnTFD3+r8AKcVBjyMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvUGNqbklPczB4SEFhZE1VUGY2dndBcHhVR1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwb16MBgE
AgACMBIDBwAgAQZ4ALEDBwAgARToAAwwDQYJKoZIhvcNAQELBQADggEBAJPhBo7A
nD7Y1i7f204s/x+ykL7dr3rkHDmkPZMg/2nqqtV42TcroMjQ/qD6oWIGDchaCpGZ
Sg5T93lIyOm5n9PfNBcUEuLl7qVYA8Y5N8BLXnuB3rQMlSP0MQ2BxhzbvuD0ix+5
ZmBr7eltkpZb0Vkpdf8alZGw6K/pYgiWHT3d9ACUz4Zl1TsVVQLBonzN7LgxfINd
8f4Y1Unaf/+Ezg732NPTjIgWif+oZawjluQDcaxgM+rxcfr++CLGwZYVrwuvYPZN
4q3HvUzZI0KFQyPaPC6pdM7z42l2j6mdhnGdM/fJ0Gw0hpTzAAqYZL178/R+jtjL
g17RXEN8bSSXUgA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:31 2025 by rpki-client