Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/Pk3Y8bmZ9v5bN1_6zxU4UYzAM4s.roa
File: Pk3Y8bmZ9v5bN1_6zxU4UYzAM4s.roa (raw, json)
Hash identifier: So1EWdtcEMDdLT99zqpyRyyrElAoZiXcpiXiUbqjYGI=
Subject key identifier: 3E:4D:D8:F1:B9:99:F6:FE:5B:37:5F:FA:CF:15:38:51:8C:C0:33:8B
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0194266BDB8C9E1E8050143E617E05C84988
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/Pk3Y8bmZ9v5bN1_6zxU4UYzAM4s.roa
Signing time: Thu 02 Jan 2025 09:49:50 +0000
ROA not before: Thu 02 Jan 2025 09:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213038
IP address blocks: 185.131.144.0/24 maxlen: 24
185.131.145.0/24 maxlen: 24
194.88.108.0/24 maxlen: 24
194.88.109.0/24 maxlen: 24
194.88.110.0/24 maxlen: 24
194.88.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 11:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:db:8c:9e:1e:80:50:14:3e:61:7e:05:c8:49:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 09:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e4dd8f1b999f6fe5b375ffacf1538518cc0338b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d6:b4:f1:45:e6:a1:75:f2:9b:f6:91:f8:04:
4c:ef:53:5e:a9:bb:9a:bb:08:b9:1e:7c:77:a9:04:
95:c7:ce:a9:34:e7:1e:cd:cb:12:89:64:df:a5:ec:
74:0f:22:05:c7:d3:0d:7e:c3:75:96:0b:89:b3:36:
62:bd:8b:7e:d4:ca:55:aa:17:41:09:ce:1e:c5:6a:
21:01:f1:24:e5:99:43:26:9b:6a:e0:ec:3e:49:9b:
1f:13:d1:a2:04:d4:2f:b1:98:3e:a6:6c:42:24:a6:
ce:65:91:a8:be:a4:19:2f:76:be:e9:1b:19:33:a8:
cf:a4:2e:25:97:fa:85:9f:5c:f9:0a:da:50:ca:de:
cd:19:cb:8e:39:37:e3:7a:b6:d0:92:ae:ae:4a:29:
4e:7c:50:a3:85:9d:ef:b4:7f:1d:db:c7:02:21:1f:
9b:f3:dc:7d:62:03:64:5b:bf:52:a9:d2:f1:66:c6:
a1:d4:1b:f1:19:3b:79:c1:04:13:9e:e8:d6:db:7b:
cd:47:66:84:3a:82:dd:09:a4:2d:75:0e:20:7e:f4:
43:56:ae:85:90:84:f1:53:a4:4e:0b:39:b5:a2:d6:
dd:cc:03:15:a0:52:b7:96:56:ce:a6:c1:f7:23:2f:
63:3e:d7:e3:d0:67:be:70:f1:0f:d0:ee:66:0b:c5:
55:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4D:D8:F1:B9:99:F6:FE:5B:37:5F:FA:CF:15:38:51:8C:C0:33:8B
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/Pk3Y8bmZ9v5bN1_6zxU4UYzAM4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.144.0/23
194.88.108.0/22
Signature Algorithm: sha256WithRSAEncryption
66:26:fa:0e:22:ac:63:3b:76:02:e0:04:f9:17:28:87:b3:4e:
60:c2:6f:a9:e8:77:75:55:64:4f:33:37:cc:10:69:c2:10:d7:
28:e0:a7:c4:30:3f:63:5e:44:2f:3e:a4:36:e8:4a:75:af:46:
5e:07:49:cd:02:82:5a:7b:fa:50:ae:c0:fa:f8:f9:c9:45:fd:
21:15:51:85:74:24:99:3c:21:1a:0e:df:dd:17:2a:43:9c:01:
f3:a7:19:6b:52:20:a1:f0:a0:e4:ee:7f:dd:72:90:4d:b4:9d:
b0:27:36:1e:d6:06:f7:49:5b:0a:18:c6:a3:2a:5e:b7:68:8f:
b7:ae:dc:a1:c0:80:0f:f9:32:69:b5:65:1f:a5:09:cc:cd:7a:
2e:17:f1:0f:e5:5a:7e:38:02:75:23:7b:3b:10:08:ab:ce:5b:
7d:53:b5:8d:52:e2:7a:44:f4:0d:8d:27:e1:b2:12:fc:ce:d3:
2c:d0:60:bb:4d:84:50:cc:fa:f7:3b:7c:ed:41:b9:44:ce:1f:
65:15:8a:44:44:95:51:5d:e6:27:5b:8f:52:2a:9d:4d:99:05:
f4:af:70:59:c6:2f:7f:b3:6b:1e:82:1e:c0:27:a2:70:76:e5:
67:11:73:cb:2b:c3:d1:17:9a:d9:2a:81:b4:2f:60:dd:cf:9f:
8c:6b:82:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma9uMnh6AUBQ+YX4FyEmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjUwMTAyMDk0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRkZDhmMWI5OTlmNmZlNWIzNzVmZmFjZjE1Mzg1MThjYzAzMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9a08UXmoXXym/aR+ARM71Neqbua
uwi5Hnx3qQSVx86pNOcezcsSiWTfpex0DyIFx9MNfsN1lguJszZivYt+1MpVqhdB
Cc4exWohAfEk5ZlDJptq4Ow+SZsfE9GiBNQvsZg+pmxCJKbOZZGovqQZL3a+6RsZ
M6jPpC4ll/qFn1z5CtpQyt7NGcuOOTfjerbQkq6uSilOfFCjhZ3vtH8d28cCIR+b
89x9YgNkW79SqdLxZsah1BvxGTt5wQQTnujW23vNR2aEOoLdCaQtdQ4gfvRDVq6F
kITxU6ROCzm1otbdzAMVoFK3llbOpsH3Iy9jPtfj0Ge+cPEP0O5mC8VVqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD5N2PG5mfb+Wzdf+s8VOFGMwDOLMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvUGszWThibVo5djViTjFfNnp4VTRVWXpBTTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQBmJvoOIqxjO3YC4AT5FyiHs05gwm+p6Hd1
VWRPMzfMEGnCENco4KfEMD9jXkQvPqQ26Ep1r0ZeB0nNAoJae/pQrsD6+PnJRf0h
FVGFdCSZPCEaDt/dFypDnAHzpxlrUiCh8KDk7n/dcpBNtJ2wJzYe1gb3SVsKGMaj
Kl63aI+3rtyhwIAP+TJptWUfpQnMzXouF/EP5Vp+OAJ1I3s7EAirzlt9U7WNUuJ6
RPQNjSfhshL8ztMs0GC7TYRQzPr3O3ztQblEzh9lFYpERJVRXeYnW49SKp1NmQX0
r3BZxi9/s2segh7AJ6JwduVnEXPLK8PRF5rZKoG0L2Ddz5+Ma4Im
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:34:52 2025 by rpki-client