Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/P4rhr2yvQsT2Wmsa0d3b9mzRihQ.roa
File: P4rhr2yvQsT2Wmsa0d3b9mzRihQ.roa (raw, json)
Hash identifier: yJrwkDYUS+18A8gxekBRmTpvchECkoVfjLp8pGWlkB0=
Subject key identifier: 3F:8A:E1:AF:6C:AF:42:C4:F6:5A:6B:1A:D1:DD:DB:F6:6C:D1:8A:14
Certificate issuer: /CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Certificate serial: 01942521247BC137AAE47A3E84443412FE9B
Authority key identifier: 7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/P4rhr2yvQsT2Wmsa0d3b9mzRihQ.roa
Signing time: Thu 02 Jan 2025 03:48:36 +0000
ROA not before: Thu 02 Jan 2025 03:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50719
IP address blocks: 5.206.200.0/21 maxlen: 21
91.227.231.0/24 maxlen: 24
195.191.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:24:7b:c1:37:aa:e4:7a:3e:84:44:34:12:fe:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Validity
Not Before: Jan 2 03:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f8ae1af6caf42c4f65a6b1ad1dddbf66cd18a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c6:ac:c7:d4:68:90:05:90:c0:c8:b7:40:4f:
7b:bc:c8:38:5e:e6:dd:41:1a:a1:58:b7:1c:70:81:
d4:e6:43:b1:4f:d8:e9:96:e9:34:fd:b5:6b:f1:78:
48:eb:11:5b:37:24:6a:04:b6:58:91:39:62:6f:8d:
f2:93:26:4c:eb:2b:17:bf:6b:b3:0f:71:e5:c3:d2:
ea:82:7f:2f:cb:3b:f4:c6:43:7b:c6:ba:e4:6f:42:
02:46:5e:ea:eb:29:4f:f2:64:40:10:cd:2b:5d:6c:
a3:cc:70:25:12:59:4d:66:92:24:91:51:d8:19:ab:
60:93:46:86:79:ab:be:ca:c4:b3:c0:a4:f5:15:18:
aa:71:0a:49:b9:95:fa:54:23:99:dd:0d:b4:a6:58:
76:e9:2a:db:48:a1:e1:3e:f9:1c:31:74:f7:ef:6f:
e9:a0:6b:04:27:21:28:0c:0a:32:71:99:d0:98:76:
7e:79:e2:27:3f:2f:1e:17:98:27:9d:bf:77:a3:de:
90:77:1c:a7:07:9c:5a:76:f6:34:64:4e:6d:2c:f0:
94:b1:84:53:f4:2f:63:98:32:2c:44:cb:d4:81:a4:
ff:98:b8:b2:03:61:ca:3c:5a:70:53:2e:93:fc:88:
17:1b:ae:f3:eb:bf:42:f6:d4:d3:07:c0:7a:ad:4d:
41:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8A:E1:AF:6C:AF:42:C4:F6:5A:6B:1A:D1:DD:DB:F6:6C:D1:8A:14
X509v3 Authority Key Identifier:
keyid:7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/P4rhr2yvQsT2Wmsa0d3b9mzRihQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.200.0/21
91.227.231.0/24
195.191.252.0/23
Signature Algorithm: sha256WithRSAEncryption
64:a6:f1:33:90:34:f8:5b:a1:08:02:9b:55:cb:0f:cc:b6:c1:
01:a5:fc:c0:7b:fa:34:f7:00:6f:c6:c3:3a:00:73:8e:ef:75:
1f:ef:b4:07:d5:53:f3:64:d3:67:4d:be:44:b6:cc:e0:72:48:
4d:f4:43:21:03:01:64:f5:0c:4c:d5:9e:90:cd:3a:73:80:b2:
85:e6:e9:c2:93:2a:5a:4a:01:1b:20:4b:59:05:e4:ee:5f:ab:
5f:1a:d2:87:14:17:9c:b4:6f:66:4a:a4:52:8b:55:9c:5e:02:
7c:78:8d:10:0d:40:b6:7e:69:9d:cf:74:7e:d8:e6:58:2b:74:
83:7b:9c:2e:e7:6e:ff:63:3d:ed:9f:b9:89:86:f1:ee:db:1f:
1b:68:6e:f0:ef:c8:1b:f1:ca:e4:4f:ab:1a:5c:26:d0:af:b8:
7d:0e:fd:c6:d1:13:83:9f:01:20:e8:5f:e5:c4:1f:1d:79:12:
45:35:13:d7:fb:50:d5:4e:f1:90:7c:b5:61:e8:f2:29:a0:36:
ff:cf:6f:f2:33:5d:bf:5c:73:25:e8:41:12:e1:85:93:8e:dd:
cf:19:3c:ca:d9:40:64:05:14:4f:88:13:69:71:66:ea:d5:a7:
b2:ae:5c:9f:81:1e:de:90:bf:b0:7f:b9:38:7f:b3:2e:0c:5e:
ea:30:69:a6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlISR7wTeq5Ho+hEQ0Ev6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDIxM2UzZTdlYmU2MTcwYTM2MDBhOGUzYWU2NGVkOTYy
YzBlMzYwHhcNMjUwMTAyMDM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhhZTFhZjZjYWY0MmM0ZjY1YTZiMWFkMWRkZGJmNjZjZDE4YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcasx9RokAWQwMi3QE97vMg4Xubd
QRqhWLcccIHU5kOxT9jpluk0/bVr8XhI6xFbNyRqBLZYkTlib43ykyZM6ysXv2uz
D3Hlw9Lqgn8vyzv0xkN7xrrkb0ICRl7q6ylP8mRAEM0rXWyjzHAlEllNZpIkkVHY
Gatgk0aGeau+ysSzwKT1FRiqcQpJuZX6VCOZ3Q20plh26SrbSKHhPvkcMXT372/p
oGsEJyEoDAoycZnQmHZ+eeInPy8eF5gnnb93o96QdxynB5xadvY0ZE5tLPCUsYRT
9C9jmDIsRMvUgaT/mLiyA2HKPFpwUy6T/IgXG67z679C9tTTB8B6rU1B+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD+K4a9sr0LE9lprGtHd2/Zs0YoUMB8GA1UdIwQY
MBaAFH0CE+Pn6+YXCjYAqOOuZO2WLA42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3Nzct
MDM1MzIxNDBlZjUyLzEvUDRyaHIyeXZRc1QyV21zYTBkM2I5bXpSaWhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3NzctMDM1MzIxNDBlZjUy
LzEvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBc7IAwQA
W+PnAwQBw7/8MA0GCSqGSIb3DQEBCwUAA4IBAQBkpvEzkDT4W6EIAptVyw/MtsEB
pfzAe/o09wBvxsM6AHOO73Uf77QH1VPzZNNnTb5EtszgckhN9EMhAwFk9QxM1Z6Q
zTpzgLKF5unCkypaSgEbIEtZBeTuX6tfGtKHFBectG9mSqRSi1WcXgJ8eI0QDUC2
fmmdz3R+2OZYK3SDe5wu527/Yz3tn7mJhvHu2x8baG7w78gb8crkT6saXCbQr7h9
Dv3G0RODnwEg6F/lxB8deRJFNRPX+1DVTvGQfLVh6PIpoDb/z2/yM12/XHMl6EES
4YWTjt3PGTzK2UBkBRRPiBNpcWbq1aeyrlyfgR7ekL+wf7k4f7MuDF7qMGmm
-----END CERTIFICATE-----
Generated at Wed Apr 23 09:31:06 2025 by rpki-client