Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/PjnPc92Q2V1HGAF2zMcKnf8EY3s.roa
File: PjnPc92Q2V1HGAF2zMcKnf8EY3s.roa (raw, json)
Hash identifier: oJHQplo1wgSYzbHd7U3NabjFZf8l2Xl3wzFPd6jcOa8=
Subject key identifier: 3E:39:CF:73:DD:90:D9:5D:47:18:01:76:CC:C7:0A:9D:FF:04:63:7B
Certificate issuer: /CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Certificate serial: 0194501B920AD7D2664D7FC51FED08CFD814
Authority key identifier: E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/PjnPc92Q2V1HGAF2zMcKnf8EY3s.roa
Signing time: Fri 10 Jan 2025 12:06:11 +0000
ROA not before: Fri 10 Jan 2025 12:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21497
IP address blocks: 5.207.0.0/16 maxlen: 17
31.144.0.0/16 maxlen: 19
46.133.0.0/16 maxlen: 19
77.52.0.0/16 maxlen: 18
80.255.64.0/20 maxlen: 21
88.214.64.0/18 maxlen: 19
89.209.0.0/16 maxlen: 19
128.124.0.0/16 maxlen: 19
178.133.0.0/16 maxlen: 19
2a00:f50::/30 maxlen: 32
2a00:f50::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 09:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:1b:92:0a:d7:d2:66:4d:7f:c5:1f:ed:08:cf:d8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Validity
Not Before: Jan 10 12:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e39cf73dd90d95d47180176ccc70a9dff04637b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:13:c1:1e:78:e8:bd:35:ab:5b:5b:dc:61:
9a:ea:0c:dd:5c:57:c5:a0:d7:05:f3:ba:08:0a:07:
30:15:67:a3:1e:8b:87:b1:bf:e4:8d:3b:87:0f:4a:
55:86:91:29:4f:f1:c6:1e:16:6a:5f:67:73:4d:7d:
e6:17:0d:bf:c7:11:30:62:fc:b8:b6:aa:64:5c:3e:
24:8f:7e:3b:fe:70:d7:ba:40:7b:ec:e3:2e:4e:da:
11:4a:a9:0b:95:ce:97:50:10:d2:0b:67:e3:b7:03:
62:f2:d6:de:a5:00:30:ce:8e:73:74:90:9b:03:02:
a3:b1:0f:61:9b:e3:83:d8:cc:7f:f1:da:15:98:ef:
bd:4d:9c:6e:2d:4b:3c:d1:f0:2f:15:5e:15:82:4c:
73:a5:3c:57:b1:52:0d:0a:3a:d9:79:12:c0:e2:c6:
b4:af:61:85:08:67:54:c3:64:26:ec:87:76:5d:bc:
f9:6d:c3:65:e0:37:d1:ae:86:e0:45:dc:e6:97:e8:
7b:9c:ff:f0:23:65:65:40:7a:32:70:2f:19:01:6d:
7d:28:68:46:55:19:a9:c5:a5:1b:fc:3e:a5:d3:eb:
6b:11:da:b5:a4:c5:7a:53:77:e7:f6:ca:ce:80:ab:
f2:d6:89:b7:a6:23:b1:a0:15:a6:6c:c5:de:4e:ad:
48:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:39:CF:73:DD:90:D9:5D:47:18:01:76:CC:C7:0A:9D:FF:04:63:7B
X509v3 Authority Key Identifier:
keyid:E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/PjnPc92Q2V1HGAF2zMcKnf8EY3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.207.0.0/16
31.144.0.0/16
46.133.0.0/16
77.52.0.0/16
80.255.64.0/20
88.214.64.0/18
89.209.0.0/16
128.124.0.0/16
178.133.0.0/16
IPv6:
2a00:f50::/30
Signature Algorithm: sha256WithRSAEncryption
70:3e:c0:3d:a7:da:5e:95:e6:46:c1:c5:1d:b1:19:3c:f9:50:
b9:8b:6f:ef:2d:67:09:8d:0e:c0:8b:13:ae:6a:d8:a0:3b:07:
b4:dd:ca:f6:e1:9d:08:f2:15:a1:96:78:39:1d:1e:f3:fe:a6:
9e:b8:65:e4:05:08:7a:b9:5c:67:bf:36:9d:c5:61:fd:48:0d:
52:be:15:02:c3:7e:f8:15:b5:a5:e3:cd:a7:4e:65:0c:2d:b8:
ea:02:3f:a9:9a:33:c6:80:58:b0:d3:e5:36:9e:64:69:e9:04:
8a:63:6c:8a:a1:96:ed:14:70:16:81:bd:19:05:42:d8:40:77:
2a:0b:f3:d3:37:e8:01:13:b1:60:7b:bf:24:4c:98:c4:f4:5e:
31:8e:43:eb:67:f5:b3:19:86:2f:52:95:fd:fe:5f:58:6a:62:
f3:07:d4:97:8a:8f:ad:d5:d8:ff:4b:5e:04:cc:f7:e8:53:40:
3d:d0:b4:90:56:6f:e3:f6:8f:98:50:8a:ce:79:02:db:db:d8:
31:27:c0:b4:ac:c4:fc:c5:65:08:da:7a:9d:19:48:2c:0d:5e:
b3:90:d6:45:f9:7e:fc:1f:d6:51:86:97:7c:88:fb:5e:b0:da:
a7:57:6a:61:8d:cf:ac:17:00:de:e6:41:b5:96:b0:7b:02:a7:
8d:d5:55:f0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZRQG5IK19JmTX/FH+0Iz9gUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxY2FkYzhhNDIxYzFmMjJmMWUyOTA0Y2NmZGJiY2VjNWRi
ZTFiMTEwHhcNMjUwMTEwMTIwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM5Y2Y3M2RkOTBkOTVkNDcxODAxNzZjY2M3MGE5ZGZmMDQ2MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PsTwR546L01q1tb3GGa6gzdXFfF
oNcF87oICgcwFWejHouHsb/kjTuHD0pVhpEpT/HGHhZqX2dzTX3mFw2/xxEwYvy4
tqpkXD4kj347/nDXukB77OMuTtoRSqkLlc6XUBDSC2fjtwNi8tbepQAwzo5zdJCb
AwKjsQ9hm+OD2Mx/8doVmO+9TZxuLUs80fAvFV4VgkxzpTxXsVINCjrZeRLA4sa0
r2GFCGdUw2Qm7Id2Xbz5bcNl4DfRrobgRdzml+h7nP/wI2VlQHoycC8ZAW19KGhG
VRmpxaUb/D6l0+trEdq1pMV6U3fn9srOgKvy1om3piOxoBWmbMXeTq1IWQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFD45z3PdkNldRxgBdszHCp3/BGN7MB8GA1UdIwQY
MBaAFOHK3IpCHB8i8eKQTM/bvOxdvhsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQt
NzQyZGMwYzk3MGMwLzEvUGpuUGM5MlEyVjFIR0FGMnpNY0tuZjhFWTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQtNzQyZGMwYzk3MGMw
LzEvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMABc8DAwAf
kAMDAC6FAwMATTQDBARQ/0ADBAZY1kADAwBZ0QMDAIB8AwMAsoUwDQQCAAIwBwMF
AioAD1AwDQYJKoZIhvcNAQELBQADggEBAHA+wD2n2l6V5kbBxR2xGTz5ULmLb+8t
ZwmNDsCLE65q2KA7B7TdyvbhnQjyFaGWeDkdHvP+pp64ZeQFCHq5XGe/Np3FYf1I
DVK+FQLDfvgVtaXjzadOZQwtuOoCP6maM8aAWLDT5TaeZGnpBIpjbIqhlu0UcBaB
vRkFQthAdyoL89M36AETsWB7vyRMmMT0XjGOQ+tn9bMZhi9Slf3+X1hqYvMH1JeK
j63V2P9LXgTM9+hTQD3QtJBWb+P2j5hQis55Atvb2DEnwLSsxPzFZQjaep0ZSCwN
XrOQ1kX5fvwf1lGGl3yI+16w2qdXamGNz6wXAN7mQbWWsHsCp43VVfA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:09 2025 by rpki-client