Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/pQlM2OtK0QxqZYQEu_V-X_TzrUw.roa
File: pQlM2OtK0QxqZYQEu_V-X_TzrUw.roa (raw, json)
Hash identifier: GdjsGztAnCLXoyesv/dDZLz4ADxr8P9UdhbYUeTe7Kg=
Subject key identifier: A5:09:4C:D8:EB:4A:D1:0C:6A:65:84:04:BB:F5:7E:5F:F4:F3:AD:4C
Certificate issuer: /CN=fb3bb3b4ab6fff588ddb4cf2afe6d5ac46557bb9
Certificate serial: 019427B5ECC9442972AA90042C1CF0A7A8BD
Authority key identifier: FB:3B:B3:B4:AB:6F:FF:58:8D:DB:4C:F2:AF:E6:D5:AC:46:55:7B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zuztKtv_1iN20zyr-bVrEZVe7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/pQlM2OtK0QxqZYQEu_V-X_TzrUw.roa
Signing time: Thu 02 Jan 2025 15:50:21 +0000
ROA not before: Thu 02 Jan 2025 15:50:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203936
IP address blocks: 185.232.36.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/1-zuztKtv_1iN20zyr-bVrEZVe7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/1-zuztKtv_1iN20zyr-bVrEZVe7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-zuztKtv_1iN20zyr-bVrEZVe7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ec:c9:44:29:72:aa:90:04:2c:1c:f0:a7:a8:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3bb3b4ab6fff588ddb4cf2afe6d5ac46557bb9
Validity
Not Before: Jan 2 15:50:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5094cd8eb4ad10c6a658404bbf57e5ff4f3ad4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:41:78:9d:03:0e:c7:72:c8:ee:42:8f:8b:5e:
93:23:f4:cd:22:0a:b3:88:7b:02:ed:0a:17:fa:4c:
3d:43:28:4b:27:d3:a2:59:33:e4:05:07:43:2b:1d:
0a:6c:f6:f7:f7:7a:90:2a:5f:b4:12:4a:f9:3f:f9:
cf:e8:a1:94:1e:a3:ac:68:a0:2f:32:34:ce:90:3e:
5c:73:e8:d4:59:bd:85:c0:29:a6:fe:c8:ef:b5:82:
1f:9a:1b:a4:e2:20:ff:8d:11:4d:b4:98:16:cd:51:
4c:5b:ff:86:cf:6e:05:7e:ef:3a:ce:86:7d:b9:8e:
34:0d:8f:ab:6e:da:a4:56:1b:d5:1d:b3:d0:d9:9a:
7d:b9:50:e8:f3:05:25:fe:c4:c6:28:b3:b2:39:d1:
56:c1:ca:48:3d:22:b1:db:23:36:58:d3:ca:31:35:
7d:1c:50:69:a7:37:5e:a3:06:76:ff:94:49:e2:0d:
24:10:94:a1:fe:56:39:4a:12:0c:79:c2:7b:6d:c8:
1b:8f:12:71:9c:f2:26:40:83:aa:42:d1:22:4f:6d:
71:25:88:b6:f8:92:c6:f7:03:d1:6a:3c:ce:6b:10:
52:1f:33:d3:c4:19:5d:b6:0a:3d:30:08:f4:4b:b3:
3f:d7:dd:f4:9f:4d:db:ef:98:db:c0:31:a0:df:b1:
21:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:09:4C:D8:EB:4A:D1:0C:6A:65:84:04:BB:F5:7E:5F:F4:F3:AD:4C
X509v3 Authority Key Identifier:
keyid:FB:3B:B3:B4:AB:6F:FF:58:8D:DB:4C:F2:AF:E6:D5:AC:46:55:7B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zuztKtv_1iN20zyr-bVrEZVe7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/pQlM2OtK0QxqZYQEu_V-X_TzrUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/1-zuztKtv_1iN20zyr-bVrEZVe7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.36.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:a9:a3:f7:e9:df:29:7b:0b:8f:14:a1:41:ca:03:e4:15:ff:
15:28:3e:61:8f:05:10:47:26:60:cd:12:eb:0d:2b:06:29:a8:
28:c9:72:34:27:a9:7a:eb:44:e1:84:ec:f1:4c:ff:ae:e3:77:
73:62:83:c4:74:ec:56:48:5e:ff:ee:2b:a9:f5:1c:5e:a0:76:
e7:25:8b:02:75:c0:fa:22:d5:dd:6b:77:f9:0f:83:77:48:60:
c5:bc:7a:7a:8b:97:ea:bd:c0:3d:b3:99:25:8e:de:98:4a:2d:
7e:85:5c:c2:02:65:87:41:44:6b:68:fb:f9:7c:0e:f5:ed:87:
01:6d:98:a4:0d:ef:2a:a7:a5:95:27:f3:76:41:e9:0d:d9:c8:
59:44:e5:d8:07:5e:1d:e1:b0:7c:0a:8c:02:8e:18:aa:9d:5a:
ff:35:45:d2:89:d3:32:70:8a:e9:7f:e9:65:83:32:7a:8f:c7:
ee:cd:5e:a0:84:e2:30:00:0a:ad:bf:18:73:0d:a6:d2:c3:7d:
4d:48:41:2b:c2:52:91:ea:e1:cb:7a:15:a1:9c:9a:b8:58:7d:
48:99:b5:bd:5c:a3:bc:54:f7:a8:63:fd:21:62:80:06:eb:56:
b2:4d:d0:41:63:dc:8a:ef:1b:f3:44:d9:21:ca:b8:56:3b:19:
fc:77:d5:dc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQntezJRClyqpAELBzwp6i9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiM2JiM2I0YWI2ZmZmNTg4ZGRiNGNmMmFmZTZkNWFjNDY1
NTdiYjkwHhcNMjUwMTAyMTU1MDIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA5NGNkOGViNGFkMTBjNmE2NTg0MDRiYmY1N2U1ZmY0ZjNhZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/kF4nQMOx3LI7kKPi16TI/TNIgqz
iHsC7QoX+kw9QyhLJ9OiWTPkBQdDKx0KbPb393qQKl+0Ekr5P/nP6KGUHqOsaKAv
MjTOkD5cc+jUWb2FwCmm/sjvtYIfmhuk4iD/jRFNtJgWzVFMW/+Gz24Ffu86zoZ9
uY40DY+rbtqkVhvVHbPQ2Zp9uVDo8wUl/sTGKLOyOdFWwcpIPSKx2yM2WNPKMTV9
HFBppzdeowZ2/5RJ4g0kEJSh/lY5ShIMecJ7bcgbjxJxnPImQIOqQtEiT21xJYi2
+JLG9wPRajzOaxBSHzPTxBldtgo9MAj0S7M/1930n03b75jbwDGg37EhnwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKUJTNjrStEMamWEBLv1fl/0861MMB8GA1UdIwQY
MBaAFPs7s7Srb/9YjdtM8q/m1axGVXu5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16dXp0S3R2XzFpTjIwenlyLWJWckVaVmU3ay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYvNjhmYmFmLTQ1ZjEtNDk0Ni1hMzQ2
LTY4NmEwMTg4OGQyOS8xL3BRbE0yT3RLMFF4cVpZUUV1X1YtWF9UenJVdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTYvNjhmYmFmLTQ1ZjEtNDk0Ni1hMzQ2LTY4NmEwMTg4OGQy
OS8xLzEtenV6dEt0dl8xaU4yMHp5ci1iVnJFWlZlN2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK56CQw
DQYJKoZIhvcNAQELBQADggEBADypo/fp3yl7C48UoUHKA+QV/xUoPmGPBRBHJmDN
EusNKwYpqCjJcjQnqXrrROGE7PFM/67jd3Nig8R07FZIXv/uK6n1HF6gducliwJ1
wPoi1d1rd/kPg3dIYMW8enqLl+q9wD2zmSWO3phKLX6FXMICZYdBRGto+/l8DvXt
hwFtmKQN7yqnpZUn83ZB6Q3ZyFlE5dgHXh3hsHwKjAKOGKqdWv81RdKJ0zJwiul/
6WWDMnqPx+7NXqCE4jAACq2/GHMNptLDfU1IQSvCUpHq4ct6FaGcmrhYfUiZtb1c
o7xU96hj/SFigAbrVrJN0EFj3IrvG/NE2SHKuFY7Gfx31dw=
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:39:08 2025 by rpki-client