Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/PdctoMgTw2-Nt4ZPBmRXGu0XZPo.roa
File: PdctoMgTw2-Nt4ZPBmRXGu0XZPo.roa (raw, json)
Hash identifier: n9lnP0LlXaq1mXYcdy8fdP94AepAw+KQCy1tAj0j/P8=
Subject key identifier: 3D:D7:2D:A0:C8:13:C3:6F:8D:B7:86:4F:06:64:57:1A:ED:17:64:FA
Certificate issuer: /CN=51da0066122e6ba294d2b747938d46c74e99f880
Certificate serial: 01953D283F368DFDF899A1E86A937C6B3878
Authority key identifier: 51:DA:00:66:12:2E:6B:A2:94:D2:B7:47:93:8D:46:C7:4E:99:F8:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/PdctoMgTw2-Nt4ZPBmRXGu0XZPo.roa
Signing time: Tue 25 Feb 2025 12:50:02 +0000
ROA not before: Tue 25 Feb 2025 12:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211644
IP address blocks: 91.147.80.0/22 maxlen: 22
91.147.80.0/24 maxlen: 24
91.147.81.0/24 maxlen: 24
91.147.82.0/24 maxlen: 24
91.147.83.0/24 maxlen: 24
185.252.192.0/24 maxlen: 24
2a10:b0c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3d:28:3f:36:8d:fd:f8:99:a1:e8:6a:93:7c:6b:38:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51da0066122e6ba294d2b747938d46c74e99f880
Validity
Not Before: Feb 25 12:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dd72da0c813c36f8db7864f0664571aed1764fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c4:f1:db:f4:5c:60:c4:cd:7c:84:e0:07:fe:
86:34:fd:33:aa:2c:da:6c:b0:35:ed:e2:51:53:f8:
dc:93:e1:e8:32:ba:7a:f1:8d:3e:39:e9:4f:dd:27:
e3:90:f9:91:ac:1b:21:68:ba:e2:1b:59:95:b4:78:
f3:f2:49:d3:6d:8f:b2:95:1b:8f:d3:7e:8d:22:e1:
1d:e2:63:e4:7b:a4:14:e0:a3:ba:f2:0f:1e:81:ce:
69:22:15:e5:b8:b4:36:1f:b4:e4:65:77:a6:1d:36:
f5:73:25:6c:fe:c9:c8:77:a7:83:40:45:3e:42:bf:
42:cf:9a:d8:a8:35:22:7c:95:65:3d:49:24:aa:86:
57:fa:db:57:26:95:aa:39:47:60:98:7b:a8:2d:e7:
49:85:15:d7:a6:52:fe:7d:37:7d:e6:a7:ce:bb:c8:
46:e6:e5:6a:d9:18:fe:49:ef:e9:f8:84:e0:ee:e9:
34:4e:c9:99:cc:81:a6:04:87:34:ab:ee:71:01:d6:
05:58:1c:b4:80:3e:b0:bf:ed:91:da:8f:c4:94:15:
18:0b:c4:46:7f:85:92:91:b7:6e:82:bf:27:ee:cb:
1b:1a:fd:ce:fe:66:0a:69:40:1e:57:29:14:7d:cb:
2c:2e:4b:36:70:09:74:41:1c:14:c4:0f:f2:bc:c5:
8d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D7:2D:A0:C8:13:C3:6F:8D:B7:86:4F:06:64:57:1A:ED:17:64:FA
X509v3 Authority Key Identifier:
keyid:51:DA:00:66:12:2E:6B:A2:94:D2:B7:47:93:8D:46:C7:4E:99:F8:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/PdctoMgTw2-Nt4ZPBmRXGu0XZPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.80.0/22
185.252.192.0/24
IPv6:
2a10:b0c0::/32
Signature Algorithm: sha256WithRSAEncryption
95:cb:fa:eb:4e:db:1f:7e:5e:d9:d6:82:24:34:dc:2a:fc:23:
91:70:bf:6d:50:c6:3a:27:f6:f3:a2:0c:0a:87:c0:78:1e:e2:
0e:95:62:99:2c:9b:13:ba:62:eb:cf:e6:4a:0d:53:12:f6:20:
4e:22:0e:18:af:be:d4:91:ef:b7:f6:b2:6d:75:ce:62:5a:a6:
35:76:94:90:ab:7a:ce:79:4a:68:c8:ab:77:e1:b0:ac:a8:c6:
04:e9:ef:34:e7:fe:cc:ae:10:c7:70:6a:62:d9:72:67:d5:3a:
6d:ac:6f:39:03:c1:f4:a3:e1:96:64:85:23:20:bf:ec:f5:f2:
43:b9:bf:1b:31:98:01:98:17:89:03:f1:fd:32:94:42:1c:11:
df:d7:36:92:16:6d:10:00:59:f8:47:60:63:34:97:37:c0:01:
89:4f:aa:a9:7f:ab:64:24:0b:92:a0:76:23:a0:f9:4a:e3:80:
8a:f5:e8:72:ba:d6:60:ca:9c:1d:6e:a3:53:53:bd:39:72:81:
58:a5:d3:dd:c0:79:43:63:e1:75:f8:e2:4d:eb:d8:be:81:bc:
5d:d6:99:9f:0d:72:4c:31:02:be:e2:23:36:f9:81:54:f3:87:
4c:7d:35:5c:fa:96:77:4e:0c:b0:09:5b:31:6c:d1:4a:6f:43:
b1:08:b8:6f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZU9KD82jf34maHoapN8azh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZGEwMDY2MTIyZTZiYTI5NGQyYjc0NzkzOGQ0NmM3NGU5
OWY4ODAwHhcNMjUwMjI1MTI1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQ3MmRhMGM4MTNjMzZmOGRiNzg2NGYwNjY0NTcxYWVkMTc2NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18Tx2/RcYMTNfITgB/6GNP0zqiza
bLA17eJRU/jck+HoMrp68Y0+OelP3SfjkPmRrBshaLriG1mVtHjz8knTbY+ylRuP
036NIuEd4mPke6QU4KO68g8egc5pIhXluLQ2H7TkZXemHTb1cyVs/snId6eDQEU+
Qr9Cz5rYqDUifJVlPUkkqoZX+ttXJpWqOUdgmHuoLedJhRXXplL+fTd95qfOu8hG
5uVq2Rj+Se/p+ITg7uk0TsmZzIGmBIc0q+5xAdYFWBy0gD6wv+2R2o/ElBUYC8RG
f4WSkbdugr8n7ssbGv3O/mYKaUAeVykUfcssLks2cAl0QRwUxA/yvMWNbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD3XLaDIE8NvjbeGTwZkVxrtF2T6MB8GA1UdIwQY
MBaAFFHaAGYSLmuilNK3R5ONRsdOmfiAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWRvQVpoSXVhNktVMHJkSGs0MUd4MDZaLUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mNjRlYjQtMjZjYy00MDU2LTg1M2It
YmU0OGI3OTI1NDc4LzEvUGRjdG9NZ1R3Mi1OdDRaUEJtUlhHdTBYWlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mNjRlYjQtMjZjYy00MDU2LTg1M2ItYmU0OGI3OTI1NDc4
LzEvVWRvQVpoSXVhNktVMHJkSGs0MUd4MDZaLUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW5NQAwQA
ufzAMA0EAgACMAcDBQAqELDAMA0GCSqGSIb3DQEBCwUAA4IBAQCVy/rrTtsffl7Z
1oIkNNwq/CORcL9tUMY6J/bzogwKh8B4HuIOlWKZLJsTumLrz+ZKDVMS9iBOIg4Y
r77Uke+39rJtdc5iWqY1dpSQq3rOeUpoyKt34bCsqMYE6e805/7MrhDHcGpi2XJn
1TptrG85A8H0o+GWZIUjIL/s9fJDub8bMZgBmBeJA/H9MpRCHBHf1zaSFm0QAFn4
R2BjNJc3wAGJT6qpf6tkJAuSoHYjoPlK44CK9ehyutZgypwdbqNTU705coFYpdPd
wHlDY+F1+OJN69i+gbxd1pmfDXJMMQK+4iM2+YFU84dMfTVc+pZ3TgywCVsxbNFK
b0OxCLhv
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:05:27 2025 by rpki-client