Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/PkuzLc70cdZNfzBONmq4AlueJ3c.roa
File: PkuzLc70cdZNfzBONmq4AlueJ3c.roa (raw, json)
Hash identifier: IUupDkJ+pYc5DFM+j/FDYtvyoxCFZGawCLtSOO5xgU0=
Subject key identifier: 3E:4B:B3:2D:CE:F4:71:D6:4D:7F:30:4E:36:6A:B8:02:5B:9E:27:77
Certificate issuer: /CN=6debd19da98c27fabab7b2f294bcf9ec6af44905
Certificate serial: 0194266B445FB7ECA7B334E1660B50D6A1B5
Authority key identifier: 6D:EB:D1:9D:A9:8C:27:FA:BA:B7:B2:F2:94:BC:F9:EC:6A:F4:49:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bevRnamMJ_q6t7LylLz57Gr0SQU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/PkuzLc70cdZNfzBONmq4AlueJ3c.roa
Signing time: Thu 02 Jan 2025 09:49:11 +0000
ROA not before: Thu 02 Jan 2025 09:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36924
IP address blocks: 146.0.64.0/21 maxlen: 24
185.56.48.0/22 maxlen: 24
185.183.228.0/22 maxlen: 24
2a0b:2080::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/bevRnamMJ_q6t7LylLz57Gr0SQU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/bevRnamMJ_q6t7LylLz57Gr0SQU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bevRnamMJ_q6t7LylLz57Gr0SQU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 18:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:44:5f:b7:ec:a7:b3:34:e1:66:0b:50:d6:a1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6debd19da98c27fabab7b2f294bcf9ec6af44905
Validity
Not Before: Jan 2 09:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e4bb32dcef471d64d7f304e366ab8025b9e2777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:3e:83:dc:41:39:0f:4e:6b:3d:4f:e0:02:
ba:2e:1d:ee:b1:2e:0a:03:bc:b9:af:19:7b:2c:85:
48:25:79:58:06:b5:e9:27:86:9e:32:c3:29:6c:59:
fd:a8:a1:97:9d:b5:25:98:ea:52:5f:02:19:eb:82:
24:1e:63:eb:b0:0a:16:ea:2d:7b:aa:ad:3e:ae:31:
ea:66:3b:41:21:fc:c3:70:49:e9:85:ef:1d:70:81:
11:fe:9a:f3:89:7c:d7:68:da:d2:17:74:2a:ec:1b:
cc:9e:1e:3d:bf:43:6a:76:53:bf:ae:16:8c:3f:21:
a4:df:5b:4e:c5:97:0e:71:18:82:78:43:40:7f:6c:
37:60:ce:2d:ce:32:52:56:9d:49:de:34:9f:2b:b8:
2a:f4:2a:ed:9a:1d:b3:7e:f8:c4:9b:f8:67:8e:3e:
f8:eb:24:86:91:9b:b4:7b:ba:c2:8a:f5:95:80:e5:
0c:e7:98:5a:db:bf:60:ee:f2:f1:e5:98:18:56:3c:
13:cd:cd:a0:9e:b9:05:a9:9b:99:f4:16:b6:52:89:
9d:85:da:f1:05:a7:14:0f:3e:9f:ba:f7:94:fe:5f:
68:2e:f8:99:0f:62:e2:43:e2:42:b8:2d:cf:f5:2b:
25:21:62:50:a6:00:fa:55:6f:d1:b7:76:e9:33:cb:
75:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4B:B3:2D:CE:F4:71:D6:4D:7F:30:4E:36:6A:B8:02:5B:9E:27:77
X509v3 Authority Key Identifier:
keyid:6D:EB:D1:9D:A9:8C:27:FA:BA:B7:B2:F2:94:BC:F9:EC:6A:F4:49:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bevRnamMJ_q6t7LylLz57Gr0SQU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/PkuzLc70cdZNfzBONmq4AlueJ3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1ad349-edfe-4150-9d37-264ab9337fa0/1/bevRnamMJ_q6t7LylLz57Gr0SQU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.64.0/21
185.56.48.0/22
185.183.228.0/22
IPv6:
2a0b:2080::/29
Signature Algorithm: sha256WithRSAEncryption
22:ea:0f:50:b3:9b:a4:51:30:d7:db:8e:7b:c1:6c:58:1a:b5:
c4:6f:ca:15:3e:15:df:c2:fa:33:6e:4a:d8:b7:5b:74:b8:c9:
07:99:0a:13:24:07:20:a9:cb:ab:3c:9b:a8:dd:7c:0b:8c:48:
b7:a0:61:3f:ab:7c:68:17:62:61:22:3f:a0:b0:be:a4:1a:8b:
9d:d0:63:b9:a2:87:79:67:39:2b:1c:c7:d2:17:72:5c:4a:0b:
1a:43:1a:5f:d2:fe:77:07:c6:eb:99:e2:bd:eb:e9:91:8d:13:
62:4d:99:73:ef:c3:17:57:22:60:75:97:f9:c6:a8:17:fe:37:
6d:71:97:10:41:15:be:15:64:fd:19:a4:ba:6f:27:9e:cb:13:
fb:98:7c:7b:36:36:40:83:f6:fb:47:0f:de:b6:48:1f:e5:ad:
a8:ff:4c:43:0a:c3:1d:8d:fb:b3:34:9f:e6:2d:17:fe:ea:2f:
69:20:dd:80:bc:ff:3d:bd:08:58:6c:78:e8:af:70:1a:8e:07:
86:99:ef:76:cf:76:82:ee:ef:8d:2a:27:7e:a1:b2:8f:e6:2a:
27:4a:31:89:70:e0:d0:0e:94:d6:b2:f3:8e:c7:39:d9:32:69:
9d:55:28:f7:e4:d9:5e:62:6b:0a:36:52:ca:17:d7:52:66:48:
75:36:07:73
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQma0Rft+ynszThZgtQ1qG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZWJkMTlkYTk4YzI3ZmFiYWI3YjJmMjk0YmNmOWVjNmFm
NDQ5MDUwHhcNMjUwMTAyMDk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRiYjMyZGNlZjQ3MWQ2NGQ3ZjMwNGUzNjZhYjgwMjViOWUyNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEw+g9xBOQ9Oaz1P4AK6Lh3usS4K
A7y5rxl7LIVIJXlYBrXpJ4aeMsMpbFn9qKGXnbUlmOpSXwIZ64IkHmPrsAoW6i17
qq0+rjHqZjtBIfzDcEnphe8dcIER/prziXzXaNrSF3Qq7BvMnh49v0NqdlO/rhaM
PyGk31tOxZcOcRiCeENAf2w3YM4tzjJSVp1J3jSfK7gq9Crtmh2zfvjEm/hnjj74
6ySGkZu0e7rCivWVgOUM55ha279g7vLx5ZgYVjwTzc2gnrkFqZuZ9Ba2Uomdhdrx
BacUDz6fuveU/l9oLviZD2LiQ+JCuC3P9SslIWJQpgD6VW/Rt3bpM8t1vQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD5Lsy3O9HHWTX8wTjZquAJbnid3MB8GA1UdIwQY
MBaAFG3r0Z2pjCf6urey8pS8+exq9EkFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmV2Um5hbU1KX3E2dDdMeWxMejU3R3IwU1FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xYWQzNDktZWRmZS00MTUwLTlkMzct
MjY0YWI5MzM3ZmEwLzEvUGt1ekxjNzBjZFpOZnpCT05tcTRBbHVlSjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xYWQzNDktZWRmZS00MTUwLTlkMzctMjY0YWI5MzM3ZmEw
LzEvYmV2Um5hbU1KX3E2dDdMeWxMejU3R3IwU1FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDkgBAAwQC
uTgwAwQCubfkMA0EAgACMAcDBQMqCyCAMA0GCSqGSIb3DQEBCwUAA4IBAQAi6g9Q
s5ukUTDX2457wWxYGrXEb8oVPhXfwvozbkrYt1t0uMkHmQoTJAcgqcurPJuo3XwL
jEi3oGE/q3xoF2JhIj+gsL6kGoud0GO5ood5ZzkrHMfSF3JcSgsaQxpf0v53B8br
meK96+mRjRNiTZlz78MXVyJgdZf5xqgX/jdtcZcQQRW+FWT9GaS6byeeyxP7mHx7
NjZAg/b7Rw/etkgf5a2o/0xDCsMdjfuzNJ/mLRf+6i9pIN2AvP89vQhYbHjor3Aa
jgeGme92z3aC7u+NKid+obKP5ionSjGJcODQDpTWsvOOxznZMmmdVSj35NleYmsK
NlLKF9dSZkh1Ngdz
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:49:16 2025 by rpki-client