Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/PVPdjWfp5158kOXCBG02gGqvS2k.roa
File: PVPdjWfp5158kOXCBG02gGqvS2k.roa (raw, json)
Hash identifier: yHL6CrBTx/Lx7UNatKVR0PW+xHw8+FZidWVfHY4s2Bw=
Subject key identifier: 3D:53:DD:8D:67:E9:E7:5E:7C:90:E5:C2:04:6D:36:80:6A:AF:4B:69
Certificate issuer: /CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Certificate serial: 01942445822FBADD478B5F514C065F56D693
Authority key identifier: 23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/PVPdjWfp5158kOXCBG02gGqvS2k.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197874
IP address blocks: 194.246.156.0/24 maxlen: 24
194.246.159.0/24 maxlen: 24
2001:67c:22ec::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:82:2f:ba:dd:47:8b:5f:51:4c:06:5f:56:d6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d53dd8d67e9e75e7c90e5c2046d36806aaf4b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:19:20:f8:d1:55:67:55:14:31:1b:54:46:de:
f9:d5:db:8b:a3:3e:99:5f:6a:bb:a6:ea:31:dd:53:
dd:dc:fd:2e:99:78:b3:25:0d:a5:70:34:d4:02:d4:
50:17:f4:3f:07:0a:78:c7:5d:3d:c5:eb:a9:7c:b0:
d1:66:44:00:8f:ef:52:00:ca:42:63:90:29:5a:b4:
77:d2:47:a7:16:61:0a:48:e4:af:0e:42:c6:7f:e7:
53:59:13:92:38:f3:e7:32:82:46:48:97:7f:de:82:
f9:14:1e:88:43:f1:66:d2:f6:79:b7:2d:e5:93:b9:
de:f7:43:04:cc:12:03:37:cf:fd:b2:ff:9f:00:e1:
40:86:82:d6:80:bd:23:02:d0:c7:3a:6c:22:6b:80:
81:41:ab:bf:d3:0c:d2:a3:28:93:00:0a:85:55:e9:
87:e9:b5:4e:2d:2e:bc:47:7f:c8:dc:a7:4d:b7:19:
b7:77:89:af:45:0f:95:e1:f3:07:e7:45:42:61:41:
eb:47:a3:ac:bc:07:4d:c6:ae:8a:fe:3b:b6:df:2e:
07:00:7b:47:23:43:1e:39:94:df:18:eb:b3:ed:71:
65:73:e7:b0:cb:68:b8:d8:c1:10:e9:53:b5:97:19:
64:a2:62:3b:f1:b0:e2:b7:29:a2:c6:b9:57:92:ce:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:53:DD:8D:67:E9:E7:5E:7C:90:E5:C2:04:6D:36:80:6A:AF:4B:69
X509v3 Authority Key Identifier:
keyid:23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/PVPdjWfp5158kOXCBG02gGqvS2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.156.0/24
194.246.159.0/24
IPv6:
2001:67c:22ec::/48
Signature Algorithm: sha256WithRSAEncryption
5a:a8:64:e9:e2:29:31:0e:d3:88:05:51:e4:35:d9:8d:72:25:
a2:9c:a3:56:35:fa:5d:6c:10:61:4a:f3:52:a3:9f:bd:f8:0c:
35:43:64:6c:52:b5:52:89:4d:57:b5:1e:1b:34:ae:62:1d:a0:
22:0b:8f:22:11:d4:11:bb:60:44:f5:8a:c7:c2:20:d7:0f:1c:
13:82:ac:d7:6f:23:e7:4a:b6:6d:b0:67:a8:5e:7d:e6:6f:80:
a2:ee:c8:c6:d1:dd:6e:9d:91:fa:2f:4b:eb:30:13:f4:15:ce:
45:70:49:11:91:17:c1:7f:c8:68:b1:2f:56:f2:1a:3f:16:2c:
7a:91:7f:93:52:b5:37:0e:45:70:3b:8a:19:d6:e6:2c:d4:58:
a5:4b:73:a7:d0:cd:6b:d5:1e:28:71:f6:f6:2d:94:e9:a6:0e:
16:1f:2a:a3:b3:75:89:68:74:c4:f3:5b:34:39:19:d8:3a:ee:
28:47:43:1f:78:8a:64:66:0d:3d:8c:ed:64:a8:0c:a5:6f:f2:
c7:41:84:67:2f:c7:ab:c0:01:04:43:c0:a3:59:7e:3c:53:3f:
c1:48:b8:00:39:2b:b1:74:ae:fc:1f:96:0f:0a:32:8a:57:6f:
ba:00:2f:30:08:bc:b1:f5:c2:88:89:71:2c:20:f3:80:9c:c7:
bc:8b:1e:cc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQkRYIvut1Hi19RTAZfVtaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMTIwYzZhNmM4Y2YxNzI2ZTdkNDhlMzE0YTE2Y2NkMDVl
Zjg2MDcwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDUzZGQ4ZDY3ZTllNzVlN2M5MGU1YzIwNDZkMzY4MDZhYWY0YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhkg+NFVZ1UUMRtURt751duLoz6Z
X2q7puox3VPd3P0umXizJQ2lcDTUAtRQF/Q/Bwp4x109xeupfLDRZkQAj+9SAMpC
Y5ApWrR30kenFmEKSOSvDkLGf+dTWROSOPPnMoJGSJd/3oL5FB6IQ/Fm0vZ5ty3l
k7ne90MEzBIDN8/9sv+fAOFAhoLWgL0jAtDHOmwia4CBQau/0wzSoyiTAAqFVemH
6bVOLS68R3/I3KdNtxm3d4mvRQ+V4fMH50VCYUHrR6OsvAdNxq6K/ju23y4HAHtH
I0MeOZTfGOuz7XFlc+ewy2i42MEQ6VO1lxlkomI78bDitymixrlXks7JFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD1T3Y1n6edefJDlwgRtNoBqr0tpMB8GA1UdIwQY
MBaAFCMSDGpsjPFybn1I4xShbM0F74YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQt
ZTRiNzAyZjE2MTE2LzEvUFZQZGpXZnA1MTU4a09YQ0JHMDJnR3F2UzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQtZTRiNzAyZjE2MTE2
LzEvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwvacAwQA
wvafMA8EAgACMAkDBwAgAQZ8IuwwDQYJKoZIhvcNAQELBQADggEBAFqoZOniKTEO
04gFUeQ12Y1yJaKco1Y1+l1sEGFK81Kjn734DDVDZGxStVKJTVe1Hhs0rmIdoCIL
jyIR1BG7YET1isfCINcPHBOCrNdvI+dKtm2wZ6hefeZvgKLuyMbR3W6dkfovS+sw
E/QVzkVwSRGRF8F/yGixL1byGj8WLHqRf5NStTcORXA7ihnW5izUWKVLc6fQzWvV
Hihx9vYtlOmmDhYfKqOzdYlodMTzWzQ5Gdg67ihHQx94imRmDT2M7WSoDKVv8sdB
hGcvx6vAAQRDwKNZfjxTP8FIuAA5K7F0rvwflg8KMopXb7oALzAIvLH1woiJcSwg
84Ccx7yLHsw=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:17 2025 by rpki-client