Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pko-gJfZQYUoJGd1z0NvaIewPnQ.roa
File: pko-gJfZQYUoJGd1z0NvaIewPnQ.roa (raw, json)
Hash identifier: BjI8Dn8d/0Fy2pOr0dHX8tZiuJJtvdqpdUr4M7I8gfA=
Subject key identifier: A6:4A:3E:80:97:D9:41:85:28:24:67:75:CF:43:6F:68:87:B0:3E:74
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B50EFD78E576F3756C966CADAE24
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pko-gJfZQYUoJGd1z0NvaIewPnQ.roa
Signing time: Thu 02 Jan 2025 15:47:56 +0000
ROA not before: Thu 02 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 45.85.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b5:0e:fd:78:e5:76:f3:75:6c:96:6c:ad:ae:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a64a3e8097d9418528246775cf436f6887b03e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:47:3d:61:c8:8e:5e:b7:15:9c:c7:ee:7a:f6:
94:a4:43:7e:41:2c:7c:97:2f:09:55:e3:f0:1c:a0:
95:82:f6:dc:2a:47:67:f8:92:6f:a2:b6:8e:cd:b7:
e2:76:36:b7:b1:f7:72:69:cd:fb:a0:df:dc:cf:f1:
bf:12:5d:e4:c4:37:c1:2f:cd:1e:60:36:f1:7d:db:
be:3b:41:63:50:27:58:68:55:0b:8e:28:2a:b5:e0:
42:27:e2:b0:77:1f:8f:16:3f:ad:65:d1:9c:0b:8d:
96:f0:99:21:c9:03:3a:f7:d6:14:c7:d1:fc:3c:1b:
ee:44:f0:7b:b7:62:8c:77:bb:1a:60:f1:81:2b:58:
0f:1e:80:31:9b:bc:2b:b0:d8:3b:85:18:8f:8e:62:
e9:91:08:65:7e:71:ea:54:ca:a9:31:44:28:bd:5e:
7c:b4:28:22:82:dd:43:bd:49:46:1a:db:48:fe:7c:
cd:13:ef:7a:d8:cd:de:1e:78:8a:2d:9c:92:53:65:
eb:c6:ef:85:66:88:6f:05:d0:c5:7b:94:cc:ce:37:
1e:eb:3b:30:34:49:43:6e:1d:a6:85:00:78:36:01:
e5:4a:0e:47:ad:5f:ef:82:db:10:0a:7b:58:a6:ad:
0e:c1:de:2f:25:46:52:f0:9c:00:cb:25:89:c2:ec:
c3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4A:3E:80:97:D9:41:85:28:24:67:75:CF:43:6F:68:87:B0:3E:74
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/pko-gJfZQYUoJGd1z0NvaIewPnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.89.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:d6:62:6a:2d:3d:a6:81:f3:6d:16:59:b3:52:24:c6:e3:e4:
e9:d5:74:c0:41:56:91:49:a7:bb:6b:c5:a3:74:61:84:34:28:
a1:36:d9:50:3e:3a:ef:a8:3f:d9:3f:98:1e:fb:c0:c1:3f:be:
db:0f:b9:89:3d:1d:94:43:27:b2:d6:59:7e:41:81:d9:83:16:
be:b0:34:83:1d:26:e1:ee:27:54:4c:31:12:85:2e:5f:25:de:
9b:3a:4e:a7:f3:7e:06:df:5d:31:6e:34:77:9b:9a:7f:d5:71:
9d:0d:5f:8e:ca:a7:16:68:b4:1b:7a:2e:91:eb:9e:f2:d5:8c:
a9:c9:9b:90:6c:61:f8:c5:30:1a:97:5a:13:34:de:d4:c3:0c:
96:a8:ed:15:c5:ee:de:b4:6e:fa:f6:23:6b:2a:51:a6:df:e8:
7b:e3:6e:95:83:88:d2:41:22:b2:59:fa:a9:c6:d1:3a:9d:02:
f5:c0:88:fb:aa:f2:66:93:74:2b:91:d2:b6:ef:97:5b:11:9a:
00:87:ff:9e:24:2c:85:15:b1:98:5d:02:4a:b6:9a:a9:e5:72:
a9:8e:77:a9:8f:8c:68:7e:08:34:ee:52:e2:8d:2d:96:6f:fe:
8e:cc:c6:83:07:91:98:4c:04:1d:b1:0f:68:97:6a:6d:5c:d4:
d0:44:4c:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns7UO/XjldvN1bJZsra4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRhM2U4MDk3ZDk0MTg1MjgyNDY3NzVjZjQzNmY2ODg3YjAzZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEc9YciOXrcVnMfuevaUpEN+QSx8
ly8JVePwHKCVgvbcKkdn+JJvoraOzbfidja3sfdyac37oN/cz/G/El3kxDfBL80e
YDbxfdu+O0FjUCdYaFULjigqteBCJ+Kwdx+PFj+tZdGcC42W8JkhyQM699YUx9H8
PBvuRPB7t2KMd7saYPGBK1gPHoAxm7wrsNg7hRiPjmLpkQhlfnHqVMqpMUQovV58
tCgigt1DvUlGGttI/nzNE+962M3eHniKLZySU2Xrxu+FZohvBdDFe5TMzjce6zsw
NElDbh2mhQB4NgHlSg5HrV/vgtsQCntYpq0Owd4vJUZS8JwAyyWJwuzDTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZKPoCX2UGFKCRndc9Db2iHsD50MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvcGtvLWdKZlpRWVVvSkdkMXowTnZhSWV3UG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVZMA0G
CSqGSIb3DQEBCwUAA4IBAQCy1mJqLT2mgfNtFlmzUiTG4+Tp1XTAQVaRSae7a8Wj
dGGENCihNtlQPjrvqD/ZP5ge+8DBP77bD7mJPR2UQyey1ll+QYHZgxa+sDSDHSbh
7idUTDEShS5fJd6bOk6n834G310xbjR3m5p/1XGdDV+OyqcWaLQbei6R657y1Yyp
yZuQbGH4xTAal1oTNN7UwwyWqO0Vxe7etG769iNrKlGm3+h7426Vg4jSQSKyWfqp
xtE6nQL1wIj7qvJmk3QrkdK275dbEZoAh/+eJCyFFbGYXQJKtpqp5XKpjnepj4xo
fgg07lLijS2Wb/6OzMaDB5GYTAQdsQ9ol2ptXNTQRExS
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:57 2025 by rpki-client