Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/PAdijC34nr5oNMfrJ7fBKertBW0.roa
File: PAdijC34nr5oNMfrJ7fBKertBW0.roa (raw, json)
Hash identifier: gutQFHA8Ql/o1ne5M+dpU0TQTfal0TR6oWI0g8prBRA=
Subject key identifier: 3C:07:62:8C:2D:F8:9E:BE:68:34:C7:EB:27:B7:C1:29:EA:ED:05:6D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019687F03C7C4432DB2439E0D371B60223D9
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/PAdijC34nr5oNMfrJ7fBKertBW0.roa
Signing time: Wed 30 Apr 2025 18:23:10 +0000
ROA not before: Wed 30 Apr 2025 18:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200017
IP address blocks: 89.44.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:f0:3c:7c:44:32:db:24:39:e0:d3:71:b6:02:23:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Apr 30 18:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c07628c2df89ebe6834c7eb27b7c129eaed056d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:52:e0:ee:b4:86:c6:df:3b:74:18:fe:4f:73:
f5:55:62:a2:03:03:bb:c6:d9:cb:e2:d3:54:e0:41:
d6:02:d7:38:cc:97:e4:32:85:2f:81:88:05:4a:b4:
72:18:6d:7e:ec:ff:d3:a2:38:4a:79:f6:87:38:32:
36:f4:2e:8a:8e:e0:bb:b6:47:d9:5d:89:8c:ad:b0:
59:19:e7:31:96:8b:13:e2:86:75:83:88:6b:37:9f:
a1:3b:20:ca:13:84:2a:65:18:ec:d0:63:7f:00:ec:
3b:c1:16:29:46:fd:a0:12:0d:43:95:d1:89:8f:ce:
fc:69:a7:2a:ec:09:85:7b:71:59:a4:2a:25:87:0b:
93:48:c4:9b:f7:2b:6e:33:cf:b7:5f:f7:a5:cd:1f:
c0:df:3a:d2:09:fb:53:ba:c6:d4:25:5f:2e:03:73:
f7:6d:a3:0d:0c:10:64:5a:1f:91:65:05:13:e7:69:
36:d1:47:cf:bd:06:0e:44:d4:6d:4e:42:84:80:3f:
42:c2:17:28:f9:c1:34:54:3f:30:89:a2:9e:43:7a:
ec:ce:50:27:65:46:13:28:a5:35:8a:ff:a6:55:84:
24:73:36:62:4e:c4:dc:b5:39:71:ad:54:60:dd:9a:
26:80:15:a3:10:b2:aa:a0:b0:e5:3d:e4:cf:aa:08:
e0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:07:62:8C:2D:F8:9E:BE:68:34:C7:EB:27:B7:C1:29:EA:ED:05:6D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/PAdijC34nr5oNMfrJ7fBKertBW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.102.0/24
Signature Algorithm: sha256WithRSAEncryption
87:6f:05:ed:10:10:94:3f:a6:a0:26:64:80:ae:53:54:48:47:
40:38:fd:99:89:3b:fd:d4:4a:6e:f5:92:dd:c1:36:e3:32:66:
a6:8b:5d:84:b1:2a:cb:b2:7a:5b:bd:b9:c4:f1:ed:62:69:ab:
8c:11:68:7d:1a:90:e5:b9:d9:8c:58:84:9f:36:67:e7:6d:da:
45:77:c7:e3:5a:f6:4d:d9:55:90:08:ae:7e:5f:9b:2a:c2:d7:
24:91:d9:7e:9d:bf:b4:dc:f3:38:db:5f:d5:1e:5b:c6:c8:a0:
d0:60:21:d4:0d:69:35:85:8f:aa:2d:5a:5e:f3:d2:16:f3:4c:
cb:8b:85:8d:f1:e8:30:9e:ab:a9:76:3b:10:24:2c:bb:75:2c:
01:25:c3:c3:82:08:78:75:41:83:ca:22:87:43:b7:d2:29:8a:
c8:3d:69:05:e0:24:ce:99:d9:ec:01:2b:a7:31:86:4b:c3:25:
04:22:fb:7b:3c:c6:46:1c:ba:2d:3c:64:12:fd:13:99:e2:c5:
86:03:48:0c:d6:f0:77:c1:72:0d:0a:b6:82:b4:f7:1f:3f:ce:
a5:88:d1:35:71:6e:86:0c:be:a7:9a:87:0c:c4:7a:c1:3a:c2:
b1:da:f2:5b:83:f6:0e:04:6a:39:b0:5b:20:61:a2:cf:a4:dd:
1b:1d:6e:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaH8Dx8RDLbJDng03G2AiPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwNDMwMTgyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA3NjI4YzJkZjg5ZWJlNjgzNGM3ZWIyN2I3YzEyOWVhZWQwNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVLg7rSGxt87dBj+T3P1VWKiAwO7
xtnL4tNU4EHWAtc4zJfkMoUvgYgFSrRyGG1+7P/TojhKefaHODI29C6KjuC7tkfZ
XYmMrbBZGecxlosT4oZ1g4hrN5+hOyDKE4QqZRjs0GN/AOw7wRYpRv2gEg1DldGJ
j878aacq7AmFe3FZpColhwuTSMSb9ytuM8+3X/elzR/A3zrSCftTusbUJV8uA3P3
baMNDBBkWh+RZQUT52k20UfPvQYORNRtTkKEgD9Cwhco+cE0VD8wiaKeQ3rszlAn
ZUYTKKU1iv+mVYQkczZiTsTctTlxrVRg3ZomgBWjELKqoLDlPeTPqgjgFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwHYowt+J6+aDTH6ye3wSnq7QVtMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUEFkaWpDMzRucjVvTk1mcko3ZkJLZXJ0QlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSxmMA0G
CSqGSIb3DQEBCwUAA4IBAQCHbwXtEBCUP6agJmSArlNUSEdAOP2ZiTv91Epu9ZLd
wTbjMmami12EsSrLsnpbvbnE8e1iaauMEWh9GpDludmMWISfNmfnbdpFd8fjWvZN
2VWQCK5+X5sqwtckkdl+nb+03PM421/VHlvGyKDQYCHUDWk1hY+qLVpe89IW80zL
i4WN8egwnqupdjsQJCy7dSwBJcPDggh4dUGDyiKHQ7fSKYrIPWkF4CTOmdnsASun
MYZLwyUEIvt7PMZGHLotPGQS/ROZ4sWGA0gM1vB3wXINCraCtPcfP86liNE1cW6G
DL6nmocMxHrBOsKx2vJbg/YOBGo5sFsgYaLPpN0bHW7N
-----END CERTIFICATE-----
Generated at Thu Jun 5 05:07:00 2025 by rpki-client