Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/PBf0S_XCOWGCDYc7IsBwzNjXUv4.roa
File: PBf0S_XCOWGCDYc7IsBwzNjXUv4.roa (raw, json)
Hash identifier: wIJBZTHjWVLcl1Q1wQQRLHCktcuIvC2tO3xx3JR07wM=
Subject key identifier: 3C:17:F4:4B:F5:C2:39:61:82:0D:87:3B:22:C0:70:CC:D8:D7:52:FE
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDBE82FC365089636DC85799B983BA
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/PBf0S_XCOWGCDYc7IsBwzNjXUv4.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48037
IP address blocks: 147.181.40.0/22 maxlen: 24
147.181.64.0/18 maxlen: 24
147.181.96.0/24 maxlen: 24
147.181.97.0/24 maxlen: 24
147.181.98.0/24 maxlen: 24
147.181.99.0/24 maxlen: 24
147.181.103.0/24 maxlen: 24
147.181.108.0/24 maxlen: 24
147.181.109.0/24 maxlen: 24
147.181.112.0/24 maxlen: 24
147.181.113.0/24 maxlen: 24
147.181.114.0/24 maxlen: 24
147.181.117.0/24 maxlen: 24
2a04:9a00:1004::/48 maxlen: 48
2a04:9a00:111c::/48 maxlen: 48
2a04:9a00:1121::/48 maxlen: 48
2a04:9a00:1124::/48 maxlen: 48
2a04:9a03:1010::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:be:82:fc:36:50:89:63:6d:c8:57:99:b9:83:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c17f44bf5c23961820d873b22c070ccd8d752fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:de:ea:2d:e5:1c:cb:73:30:52:2e:15:87:05:
d3:a9:8c:03:1e:bf:c4:5d:70:37:17:e8:09:e7:c7:
e2:8f:51:72:78:45:0b:f5:6a:7f:90:a4:08:50:4c:
c5:d6:64:51:d8:67:17:88:01:ab:b9:1f:60:a8:dc:
83:36:f3:ad:ae:5c:1e:78:5c:62:dd:75:96:5b:4e:
34:83:c1:fa:2a:3c:83:ef:6f:3b:50:47:dd:24:ed:
35:17:5d:c2:dc:00:38:76:5c:2d:e5:37:b8:dd:a6:
bb:9b:4a:3a:c2:c8:cd:c7:87:37:5d:ea:de:68:6f:
3c:93:dd:55:a3:ed:6c:a5:fc:5d:39:cc:f8:ed:b9:
78:db:f9:af:c9:c3:db:c6:bb:a9:84:07:74:16:91:
85:11:22:88:92:77:bf:4c:43:4e:77:9a:e6:43:af:
ce:e6:76:c5:c4:24:62:bc:d2:95:41:10:eb:fc:61:
d9:17:d4:37:38:16:f2:87:f3:20:49:7f:14:2d:11:
a8:b0:fe:fe:0d:f8:24:5f:38:7a:0e:03:c3:a2:3e:
be:da:38:10:78:99:45:7e:2c:7e:da:47:2e:c3:df:
16:7e:c5:60:08:54:d9:68:38:79:ea:a5:4c:19:a9:
c4:3a:7b:a7:c9:b9:66:e7:5a:89:1d:22:e1:00:17:
ef:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:17:F4:4B:F5:C2:39:61:82:0D:87:3B:22:C0:70:CC:D8:D7:52:FE
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/PBf0S_XCOWGCDYc7IsBwzNjXUv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.40.0/22
147.181.64.0/18
IPv6:
2a04:9a00:1004::/48
2a04:9a00:111c::/48
2a04:9a00:1121::/48
2a04:9a00:1124::/48
2a04:9a03:1010::/44
Signature Algorithm: sha256WithRSAEncryption
16:86:a0:47:30:ba:ad:fb:2b:14:e0:b7:bf:74:f0:b1:6d:97:
44:a9:98:19:c7:bd:28:e3:05:7f:e9:c5:3b:e2:53:6d:59:dd:
33:fd:94:6b:35:c2:06:fb:46:c8:be:59:c9:a7:8c:e4:64:d4:
e0:23:b3:bc:06:ad:ae:4b:c7:ae:c3:84:b5:e9:43:82:f7:47:
29:39:b1:de:6f:99:7c:04:24:43:d3:19:5f:26:e8:6e:c3:5b:
99:11:cf:97:82:61:b9:a7:66:e9:6e:dc:a0:f8:11:3d:38:e2:
65:22:2a:29:61:70:57:8b:a5:de:10:72:a7:2c:fb:0b:87:d3:
64:cd:97:44:9a:6c:ae:ab:f5:8d:e0:6b:b0:21:a4:cb:e9:54:
c6:b6:af:97:0e:a7:f2:6d:da:88:cf:f8:8e:cd:91:1f:fb:0a:
7b:82:8c:59:50:6f:0e:a7:6d:34:86:f5:1c:2d:c4:04:91:05:
18:14:46:c8:37:fe:45:37:8b:17:9e:9a:fe:62:15:a1:76:15:
be:ca:12:73:d2:e6:ae:cf:41:60:18:4f:1c:fe:dc:fa:8a:65:
fc:e7:4c:2e:e0:4f:cf:02:a6:3c:d1:95:0d:e0:67:fe:67:a6:
4f:2d:7b:d9:97:d7:33:79:72:a7:f7:c1:93:94:35:a4:8c:52:
46:8c:7e:df
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZQl/b6C/DZQiWNtyFeZuYO6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE3ZjQ0YmY1YzIzOTYxODIwZDg3M2IyMmMwNzBjY2Q4ZDc1MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd7qLeUcy3MwUi4VhwXTqYwDHr/E
XXA3F+gJ58fij1FyeEUL9Wp/kKQIUEzF1mRR2GcXiAGruR9gqNyDNvOtrlweeFxi
3XWWW040g8H6KjyD7287UEfdJO01F13C3AA4dlwt5Te43aa7m0o6wsjNx4c3Xere
aG88k91Vo+1spfxdOcz47bl42/mvycPbxruphAd0FpGFESKIkne/TENOd5rmQ6/O
5nbFxCRivNKVQRDr/GHZF9Q3OBbyh/MgSX8ULRGosP7+DfgkXzh6DgPDoj6+2jgQ
eJlFfix+2kcuw98WfsVgCFTZaDh56qVMGanEOnunyblm51qJHSLhABfvDQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFDwX9Ev1wjlhgg2HOyLAcMzY11L+MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvUEJmMFNfWENPV0dDRFljN0lzQnd6TmpYVXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQCk7UoAwQG
k7VAMDMEAgACMC0DBwAqBJoAEAQDBwAqBJoAERwDBwAqBJoAESEDBwAqBJoAESQD
BwQqBJoDEBAwDQYJKoZIhvcNAQELBQADggEBABaGoEcwuq37KxTgt7908LFtl0Sp
mBnHvSjjBX/pxTviU21Z3TP9lGs1wgb7Rsi+WcmnjORk1OAjs7wGra5Lx67DhLXp
Q4L3Ryk5sd5vmXwEJEPTGV8m6G7DW5kRz5eCYbmnZulu3KD4ET044mUiKilhcFeL
pd4Qcqcs+wuH02TNl0SabK6r9Y3ga7AhpMvpVMa2r5cOp/Jt2ojP+I7NkR/7CnuC
jFlQbw6nbTSG9RwtxASRBRgURsg3/kU3ixeemv5iFaF2Fb7KEnPS5q7PQWAYTxz+
3PqKZfznTC7gT88CpjzRlQ3gZ/5npk8te9mX1zN5cqf3wZOUNaSMUkaMft8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:47 2025 by rpki-client