Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pgPj7EoxVrdfzta1DXtXAEhxyng.roa
File: pgPj7EoxVrdfzta1DXtXAEhxyng.roa (raw, json)
Hash identifier: cc8q1UVRqsDxiQdu+PykD1pQ4RC4xfAoo+Uymv/5IqY=
Subject key identifier: A6:03:E3:EC:4A:31:56:B7:5F:CE:D6:B5:0D:7B:57:00:48:71:CA:78
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD5031D0CD9DDAD9DD87EF559A96FE
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pgPj7EoxVrdfzta1DXtXAEhxyng.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13075
IP address blocks: 195.208.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 05:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:50:31:d0:cd:9d:da:d9:dd:87:ef:55:9a:96:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a603e3ec4a3156b75fced6b50d7b57004871ca78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6d:a2:d1:41:af:eb:42:37:35:a3:d4:5f:d0:
08:7d:1c:58:9d:4c:4a:c9:7e:09:c0:56:b5:74:17:
23:7c:38:7e:14:d0:59:fb:9a:1f:0e:46:58:10:69:
04:40:88:e2:ef:60:41:28:26:12:09:2b:0c:8b:58:
e1:93:98:4a:13:55:b4:c6:bc:a2:2b:0d:45:b7:fd:
90:b1:0b:4f:ff:bb:9f:72:27:60:57:67:fc:5c:bd:
f2:d9:fa:eb:f5:74:07:7b:e4:45:f5:f7:3d:04:d9:
eb:38:dc:ce:d1:b8:5c:08:82:76:90:f1:d7:a1:fa:
c8:4f:ab:4a:a2:44:d6:f7:d2:ea:0e:16:02:8a:dc:
4d:0b:3a:61:1a:a9:7d:c6:42:f5:b9:55:d8:69:6d:
b7:aa:be:5c:0d:ec:02:91:fd:26:cc:49:a5:cd:64:
ea:ee:32:8d:cd:56:88:2b:ee:de:35:d7:20:da:52:
14:9e:1a:d1:1f:c7:e8:88:0e:a3:ef:d0:e9:08:d1:
46:9a:b5:8a:9f:c7:1c:7e:53:97:05:c3:21:e7:ad:
20:34:88:8d:c4:ff:47:e4:f9:06:08:a2:27:03:ce:
69:7c:4a:8f:76:d6:14:ba:29:b6:cd:0f:24:c2:a3:
db:e4:d6:9f:e4:94:db:8c:e4:7e:8a:bd:ef:f3:d8:
ff:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:03:E3:EC:4A:31:56:B7:5F:CE:D6:B5:0D:7B:57:00:48:71:CA:78
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/pgPj7EoxVrdfzta1DXtXAEhxyng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.38.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:72:62:5e:58:0a:68:b7:3b:ae:a6:44:d6:59:8e:c0:6a:61:
c0:84:32:ec:65:60:db:47:d2:3b:13:09:85:de:8b:9a:30:1b:
4d:9f:57:6b:08:3e:b9:7d:a9:1d:2a:e8:43:5a:e7:c6:5a:60:
79:1b:51:7c:d4:58:62:d0:f7:61:aa:a9:d4:b2:0f:fe:43:58:
ba:94:3d:60:a6:2b:99:60:81:7b:42:0b:8e:1c:02:16:9c:e6:
29:e8:0a:93:77:71:76:3c:d5:54:bf:df:eb:b5:59:a7:54:d3:
0a:80:74:4a:05:88:4b:60:80:5b:13:3c:e7:39:62:d0:a9:bf:
de:eb:80:6e:9e:46:da:9c:f4:79:47:8b:18:99:5b:d3:30:13:
d5:aa:ff:dd:40:14:10:6e:a2:02:fc:55:e6:5e:25:6f:bc:20:
5d:ae:a6:bb:78:6b:21:e8:eb:6a:50:56:15:2c:6b:e8:50:30:
97:ee:7d:94:7b:7b:85:f0:19:b8:bc:76:e7:60:d2:68:5a:b4:
51:15:b4:b4:20:9f:d7:63:7b:d2:79:1e:dc:da:5e:0c:21:a9:
19:79:64:61:70:38:a1:c1:26:6e:f2:86:b7:cf:e8:c6:b8:3b:
2a:57:8a:d7:48:55:5a:95:44:62:cf:a5:64:24:6c:c9:35:fa:
8d:91:1e:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/VAx0M2d2tndh+9Vmpb+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjAzZTNlYzRhMzE1NmI3NWZjZWQ2YjUwZDdiNTcwMDQ4NzFjYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlW2i0UGv60I3NaPUX9AIfRxYnUxK
yX4JwFa1dBcjfDh+FNBZ+5ofDkZYEGkEQIji72BBKCYSCSsMi1jhk5hKE1W0xryi
Kw1Ft/2QsQtP/7ufcidgV2f8XL3y2frr9XQHe+RF9fc9BNnrONzO0bhcCIJ2kPHX
ofrIT6tKokTW99LqDhYCitxNCzphGql9xkL1uVXYaW23qr5cDewCkf0mzEmlzWTq
7jKNzVaIK+7eNdcg2lIUnhrRH8foiA6j79DpCNFGmrWKn8ccflOXBcMh560gNIiN
xP9H5PkGCKInA85pfEqPdtYUuim2zQ8kwqPb5Naf5JTbjOR+ir3v89j/lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYD4+xKMVa3X87WtQ17VwBIccp4MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvcGdQajdFb3hWcmRmenRhMURYdFhBRWh4eW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9AmMA0G
CSqGSIb3DQEBCwUAA4IBAQBvcmJeWApotzuupkTWWY7AamHAhDLsZWDbR9I7EwmF
3ouaMBtNn1drCD65fakdKuhDWufGWmB5G1F81Fhi0PdhqqnUsg/+Q1i6lD1gpiuZ
YIF7QguOHAIWnOYp6AqTd3F2PNVUv9/rtVmnVNMKgHRKBYhLYIBbEzznOWLQqb/e
64BunkbanPR5R4sYmVvTMBPVqv/dQBQQbqIC/FXmXiVvvCBdrqa7eGsh6OtqUFYV
LGvoUDCX7n2Ue3uF8Bm4vHbnYNJoWrRRFbS0IJ/XY3vSeR7c2l4MIakZeWRhcDih
wSZu8oa3z+jGuDsqV4rXSFValURiz6VkJGzJNfqNkR7g
-----END CERTIFICATE-----
Generated at Tue Apr 15 11:23:02 2025 by rpki-client