Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/PRMcJkFlL8XJPZgANBWKlVSQZ5c.roa
File: PRMcJkFlL8XJPZgANBWKlVSQZ5c.roa (raw, json)
Hash identifier: e+Y1tkzutXRox4eL5GooKSwOo4HhIbPTTCUhcl3ME2A=
Subject key identifier: 3D:13:1C:26:41:65:2F:C5:C9:3D:98:00:34:15:8A:95:54:90:67:97
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B38D17A90DE7347C612FE3F7B22290
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/PRMcJkFlL8XJPZgANBWKlVSQZ5c.roa
Signing time: Thu 02 Jan 2025 15:47:45 +0000
ROA not before: Thu 02 Jan 2025 15:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 45.87.30.0/23 maxlen: 23
45.134.220.0/23 maxlen: 23
45.148.97.0/24 maxlen: 24
45.148.98.0/23 maxlen: 23
45.149.105.0/24 maxlen: 24
45.149.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:8d:17:a9:0d:e7:34:7c:61:2f:e3:f7:b2:22:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d131c2641652fc5c93d980034158a9554906797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ca:8c:49:58:e9:91:04:d2:21:a4:a9:df:20:
74:18:39:40:ab:8a:69:02:1a:71:3a:58:b6:81:54:
b6:c4:4c:52:af:2c:bc:79:a3:6c:4c:96:0d:4d:ca:
42:80:73:11:46:db:fb:65:40:66:c1:d2:81:6c:90:
4b:b4:41:4a:2f:82:96:7f:1d:58:94:bf:af:8b:78:
7d:14:ec:d2:c4:df:3f:7c:8a:3b:0a:5d:bd:cd:b1:
e2:51:13:e6:1a:c7:78:d4:a3:81:70:d7:07:8e:06:
46:c6:6b:25:c0:79:15:ce:eb:f7:6d:c4:f4:b2:58:
0f:2e:5f:ba:24:4f:5d:44:1f:92:14:d1:f2:76:20:
b4:6a:c3:74:d4:53:3f:0f:2e:44:5d:0b:92:e7:7c:
40:32:4a:14:ab:8c:bd:ae:ce:85:05:48:57:1c:6d:
13:d2:87:50:47:3b:fe:10:de:d6:74:15:a8:d0:f6:
d8:9a:50:64:3b:07:76:a2:cc:c0:27:dc:21:24:70:
1d:62:aa:fa:4d:06:d5:37:94:fa:8d:77:4c:15:d1:
6e:c6:d7:dc:66:4c:6d:18:43:e7:df:a0:33:f6:2d:
28:7e:a4:93:97:1b:4b:fa:70:c1:94:40:f9:e0:b3:
93:92:a7:f1:e5:5a:de:42:91:1c:18:c6:02:cc:25:
b9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:13:1C:26:41:65:2F:C5:C9:3D:98:00:34:15:8A:95:54:90:67:97
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/PRMcJkFlL8XJPZgANBWKlVSQZ5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.30.0/23
45.134.220.0/23
45.148.97.0-45.148.99.255
45.149.105.0-45.149.107.255
Signature Algorithm: sha256WithRSAEncryption
47:ab:74:a8:2f:bc:3d:1a:65:71:72:35:21:be:d8:b5:18:f8:
5a:23:60:bb:f5:1b:15:35:92:be:c6:3e:5f:2d:6a:78:a1:a7:
62:63:47:a0:bd:ad:9e:39:03:0c:33:84:71:fe:68:c6:8e:65:
4c:cb:c7:3e:28:7c:f3:66:37:29:81:19:59:4f:f1:62:67:5c:
75:3c:85:57:78:d7:f2:30:86:87:47:28:dc:bc:10:eb:c7:f3:
af:1c:19:a0:4b:9b:31:c5:84:aa:8c:cc:39:f6:1d:bc:7a:90:
49:d0:ca:49:d8:47:06:22:6c:09:cc:e3:da:b0:82:af:90:e1:
b3:08:0f:82:0c:71:b7:86:e7:a6:66:64:39:28:4d:07:c2:3a:
6a:91:f8:78:ac:c5:62:d0:6e:c3:6a:be:1d:c6:a0:7f:a1:22:
9b:df:f9:a4:66:ee:e3:40:b0:06:b4:fe:d6:d0:bf:52:91:c2:
11:67:10:0b:8a:96:c9:cd:a6:aa:e0:1e:58:b9:4a:1a:06:8b:
e2:04:5d:84:ce:2c:81:cb:24:db:be:71:4e:f4:de:eb:a2:a1:
2a:ea:a6:6e:85:73:8d:d0:6d:a7:38:af:13:5b:f3:4d:22:69:
9f:41:35:5a:6f:51:a3:38:b2:17:10:1c:5a:7f:57:33:85:4c:
33:7e:f3:23
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQns40XqQ3nNHxhL+P3siKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDEzMWMyNjQxNjUyZmM1YzkzZDk4MDAzNDE1OGE5NTU0OTA2Nzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sqMSVjpkQTSIaSp3yB0GDlAq4pp
AhpxOli2gVS2xExSryy8eaNsTJYNTcpCgHMRRtv7ZUBmwdKBbJBLtEFKL4KWfx1Y
lL+vi3h9FOzSxN8/fIo7Cl29zbHiURPmGsd41KOBcNcHjgZGxmslwHkVzuv3bcT0
slgPLl+6JE9dRB+SFNHydiC0asN01FM/Dy5EXQuS53xAMkoUq4y9rs6FBUhXHG0T
0odQRzv+EN7WdBWo0PbYmlBkOwd2oszAJ9whJHAdYqr6TQbVN5T6jXdMFdFuxtfc
ZkxtGEPn36Az9i0ofqSTlxtL+nDBlED54LOTkqfx5VreQpEcGMYCzCW5ZwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD0THCZBZS/FyT2YADQVipVUkGeXMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvUFJNY0prRmxMOFhKUFpnQU5CV0tsVlNRWjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBLVceAwQB
LYbcMAwDBAAtlGEDBAItlGAwDAMEAC2VaQMEAi2VaDANBgkqhkiG9w0BAQsFAAOC
AQEAR6t0qC+8PRplcXI1Ib7YtRj4WiNgu/UbFTWSvsY+Xy1qeKGnYmNHoL2tnjkD
DDOEcf5oxo5lTMvHPih882Y3KYEZWU/xYmdcdTyFV3jX8jCGh0co3LwQ68fzrxwZ
oEubMcWEqozMOfYdvHqQSdDKSdhHBiJsCczj2rCCr5DhswgPggxxt4bnpmZkOShN
B8I6apH4eKzFYtBuw2q+Hcagf6Eim9/5pGbu40CwBrT+1tC/UpHCEWcQC4qWyc2m
quAeWLlKGgaL4gRdhM4sgcsk275xTvTe66KhKuqmboVzjdBtpzivE1vzTSJpn0E1
Wm9RoziyFxAcWn9XM4VMM37zIw==
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:19:56 2025 by rpki-client