Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/PkCW-_NsM-T7UPkn9ndPg_lm2Cc.roa
File: PkCW-_NsM-T7UPkn9ndPg_lm2Cc.roa (raw, json)
Hash identifier: 6zURgMS5q85VCfD90tOCn/JEDDZzrGjQCgloW9Hyt6U=
Subject key identifier: 3E:40:96:FB:F3:6C:33:E4:FB:50:F9:27:F6:77:4F:83:F9:66:D8:27
Certificate issuer: /CN=774d215caedb050d6f6fe8426d5058afe29aa896
Certificate serial: 019423D73BF60D724B606232042F1ADD0DA1
Authority key identifier: 77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/PkCW-_NsM-T7UPkn9ndPg_lm2Cc.roa
Signing time: Wed 01 Jan 2025 21:48:15 +0000
ROA not before: Wed 01 Jan 2025 21:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47264
IP address blocks: 93.191.32.0/21 maxlen: 23
178.248.104.0/21 maxlen: 23
178.248.105.0/24 maxlen: 24
185.66.112.0/24 maxlen: 24
185.66.113.0/24 maxlen: 24
185.66.114.0/24 maxlen: 24
185.66.115.0/24 maxlen: 24
2a02:400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3b:f6:0d:72:4b:60:62:32:04:2f:1a:dd:0d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=774d215caedb050d6f6fe8426d5058afe29aa896
Validity
Not Before: Jan 1 21:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e4096fbf36c33e4fb50f927f6774f83f966d827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3e:e0:a5:07:36:10:71:0d:6d:64:76:a2:50:
dd:fc:c8:57:00:b5:ef:29:93:1a:3e:c5:0e:10:71:
ea:8c:73:9b:61:80:91:0f:b0:c0:b9:6c:09:51:45:
03:33:5e:78:1e:f5:98:f6:a5:7f:f6:bc:25:28:f4:
a8:12:e7:f3:4e:0c:a4:c0:3d:e1:aa:f9:90:e2:24:
f9:ed:c3:ca:4c:ae:9d:b7:7c:3e:2d:b3:2b:1d:22:
cb:f9:12:fc:ff:5c:7b:05:33:2a:e5:85:37:26:fc:
ff:3a:05:66:4a:05:22:27:1e:53:49:15:99:53:8e:
43:0e:e7:24:c4:c9:bf:06:f5:85:65:e6:a8:20:b9:
49:ed:08:28:20:e3:42:89:8c:a5:6e:1d:fc:25:f7:
ff:ca:07:a9:06:a0:70:bf:89:db:e6:80:3f:fd:cc:
56:ef:9f:14:d5:bc:c0:6d:6c:10:bb:c5:b6:b7:45:
5f:4e:e7:32:c1:93:e1:12:16:ad:2a:48:04:26:45:
67:0e:7d:60:a9:48:ba:6f:d9:e1:e5:c3:f0:0f:53:
9c:7c:aa:09:c7:7b:f9:47:f8:44:b1:f8:72:5e:e0:
dc:e0:64:82:7e:87:61:1b:fc:86:4c:74:5c:1f:a5:
6f:da:5d:20:eb:9d:28:ae:3e:3d:6f:34:72:2e:15:
3d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:40:96:FB:F3:6C:33:E4:FB:50:F9:27:F6:77:4F:83:F9:66:D8:27
X509v3 Authority Key Identifier:
keyid:77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/PkCW-_NsM-T7UPkn9ndPg_lm2Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.32.0/21
178.248.104.0/21
185.66.112.0/22
IPv6:
2a02:400::/32
Signature Algorithm: sha256WithRSAEncryption
27:f9:5e:2a:3a:dc:3c:da:a2:ae:3c:5f:11:5f:c2:e9:e1:2e:
80:b2:0a:d8:cf:4d:1d:96:2f:90:d7:41:a0:5f:10:96:ba:c0:
67:c4:37:57:c9:dd:51:52:e6:0c:c1:d5:e4:ba:6b:58:0b:46:
41:c5:6a:67:42:9a:ba:d7:c3:f0:33:1a:0a:ba:a6:e9:26:57:
a5:55:6d:a1:f1:f3:ae:16:75:f3:10:a0:08:e4:96:8c:67:18:
df:e3:3a:97:59:34:4a:3e:c2:bf:85:34:85:c4:d2:1d:a2:f0:
0c:35:7c:c8:ec:c7:a1:77:ce:56:8d:1d:9a:f5:46:8e:60:fa:
c2:4a:bd:61:4e:bd:3c:6b:fd:8c:d1:02:a0:79:fc:67:2a:9f:
da:e7:75:2d:0e:dc:2b:80:5f:81:05:5d:8c:1c:84:4d:c6:7d:
72:e9:52:ab:a0:7f:b2:5f:f2:8d:e9:24:04:70:7b:83:7d:95:
e8:e5:f1:1f:24:df:df:70:93:c5:3a:f3:2f:b5:0d:b5:83:dd:
96:cc:91:71:99:1b:97:0c:59:c4:81:34:fd:d3:bd:4f:df:b2:
98:77:7c:87:c1:27:3a:6c:bd:c1:fe:90:02:a2:d5:87:f0:05:
24:33:02:7b:8c:f6:b9:1a:a5:c8:c3:73:18:2d:ab:2c:45:25:
f0:3d:06:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQj1zv2DXJLYGIyBC8a3Q2hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NGQyMTVjYWVkYjA1MGQ2ZjZmZTg0MjZkNTA1OGFmZTI5
YWE4OTYwHhcNMjUwMTAxMjE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQwOTZmYmYzNmMzM2U0ZmI1MGY5MjdmNjc3NGY4M2Y5NjZkODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArj7gpQc2EHENbWR2olDd/MhXALXv
KZMaPsUOEHHqjHObYYCRD7DAuWwJUUUDM154HvWY9qV/9rwlKPSoEufzTgykwD3h
qvmQ4iT57cPKTK6dt3w+LbMrHSLL+RL8/1x7BTMq5YU3Jvz/OgVmSgUiJx5TSRWZ
U45DDuckxMm/BvWFZeaoILlJ7QgoIONCiYylbh38Jff/ygepBqBwv4nb5oA//cxW
758U1bzAbWwQu8W2t0VfTucywZPhEhatKkgEJkVnDn1gqUi6b9nh5cPwD1OcfKoJ
x3v5R/hEsfhyXuDc4GSCfodhG/yGTHRcH6Vv2l0g650orj49bzRyLhU9cwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD5AlvvzbDPk+1D5J/Z3T4P5ZtgnMB8GA1UdIwQY
MBaAFHdNIVyu2wUNb2/oQm1QWK/imqiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzIt
NWQ4ZmU5YWNlZjgzLzEvUGtDVy1fTnNNLVQ3VVBrbjluZFBnX2xtMkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzItNWQ4ZmU5YWNlZjgz
LzEvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXb8gAwQD
svhoAwQCuUJwMA0EAgACMAcDBQAqAgQAMA0GCSqGSIb3DQEBCwUAA4IBAQAn+V4q
Otw82qKuPF8RX8Lp4S6AsgrYz00dli+Q10GgXxCWusBnxDdXyd1RUuYMwdXkumtY
C0ZBxWpnQpq618PwMxoKuqbpJlelVW2h8fOuFnXzEKAI5JaMZxjf4zqXWTRKPsK/
hTSFxNIdovAMNXzI7Mehd85WjR2a9UaOYPrCSr1hTr08a/2M0QKgefxnKp/a53Ut
DtwrgF+BBV2MHIRNxn1y6VKroH+yX/KN6SQEcHuDfZXo5fEfJN/fcJPFOvMvtQ21
g92WzJFxmRuXDFnEgTT9071P37KYd3yHwSc6bL3B/pACotWH8AUkMwJ7jPa5GqXI
w3MYLassRSXwPQbH
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:14:44 2025 by rpki-client