Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/Pmrx9HZexDjQdROL1xOD1S-BjzQ.roa
File: Pmrx9HZexDjQdROL1xOD1S-BjzQ.roa (raw, json)
Hash identifier: aBRM8zJUU2ZF0wAF5h20OpU3VGQ3W++oIRE8v06cZXM=
Subject key identifier: 3E:6A:F1:F4:76:5E:C4:38:D0:75:13:8B:D7:13:83:D5:2F:81:8F:34
Certificate issuer: /CN=b48184549e12e9934bffb7615bca3d0c25681360
Certificate serial: 019473B8C51F2D0E36CA56602AE474B3879B
Authority key identifier: B4:81:84:54:9E:12:E9:93:4B:FF:B7:61:5B:CA:3D:0C:25:68:13:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/Pmrx9HZexDjQdROL1xOD1S-BjzQ.roa
Signing time: Fri 17 Jan 2025 10:04:36 +0000
ROA not before: Fri 17 Jan 2025 10:04:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5409
IP address blocks: 185.95.80.0/22 maxlen: 22
212.126.192.0/19 maxlen: 19
213.218.0.0/19 maxlen: 19
2001:4180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:73:b8:c5:1f:2d:0e:36:ca:56:60:2a:e4:74:b3:87:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48184549e12e9934bffb7615bca3d0c25681360
Validity
Not Before: Jan 17 10:04:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e6af1f4765ec438d075138bd71383d52f818f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:66:b8:1d:4f:bd:dc:7e:1d:6f:4b:4c:59:
8e:1d:2d:fb:44:7a:dd:6f:36:cf:bf:05:7c:d8:c9:
4a:ac:76:01:ad:1f:78:9d:eb:39:24:f1:57:e9:10:
43:a1:34:13:8b:79:8e:af:64:3b:d9:48:f2:29:77:
8d:f3:af:7c:cb:15:df:cd:46:ed:26:4d:a5:b7:09:
90:49:68:fe:38:cf:ac:2a:1d:31:85:8d:fc:d5:34:
70:44:ff:d6:34:47:2d:bc:fb:1d:07:10:18:ef:f7:
06:27:fc:4b:99:cd:dd:90:b4:a8:5e:33:24:d9:8d:
8c:6f:7a:ba:e7:00:d4:51:16:e5:fe:d3:b5:6b:86:
9a:b5:71:22:00:91:dd:1c:13:68:66:8e:d5:c8:69:
86:78:70:28:77:75:24:49:a5:54:4b:01:a9:36:7f:
ec:22:4b:42:e9:80:81:bb:cf:2b:02:cb:88:c8:a4:
39:be:3b:7e:c1:e1:c3:77:e5:75:1f:43:17:3b:e6:
9a:fc:1e:b8:db:25:75:5d:04:68:33:ca:c0:ea:a0:
92:b3:0a:a0:f0:95:ff:c4:52:ef:ea:94:fa:75:e9:
21:38:e8:74:eb:1c:d3:d5:c1:6a:cf:c4:23:e9:0a:
0b:de:71:d7:fa:6e:be:b4:00:9f:ba:c3:be:e1:48:
79:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6A:F1:F4:76:5E:C4:38:D0:75:13:8B:D7:13:83:D5:2F:81:8F:34
X509v3 Authority Key Identifier:
keyid:B4:81:84:54:9E:12:E9:93:4B:FF:B7:61:5B:CA:3D:0C:25:68:13:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/Pmrx9HZexDjQdROL1xOD1S-BjzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f67177-78d5-4388-a21a-28263656c6de/1/tIGEVJ4S6ZNL_7dhW8o9DCVoE2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.80.0/22
212.126.192.0/19
213.218.0.0/19
IPv6:
2001:4180::/32
Signature Algorithm: sha256WithRSAEncryption
78:e5:08:61:6e:a3:e1:92:0a:bc:6f:fe:c2:2f:6b:4f:36:a3:
fc:a6:b7:77:1b:80:51:ce:9e:a7:ea:5f:53:40:4c:04:c7:b7:
7e:54:82:1b:4c:d0:5d:d2:cd:44:e1:96:17:06:e4:2f:71:15:
f7:79:2e:5f:fd:f6:f1:b5:81:ca:e5:15:fc:1b:a5:35:80:6f:
29:89:25:4b:9b:62:44:82:69:d2:5e:89:95:21:91:13:0d:81:
30:6d:c7:9b:fe:2d:0d:56:da:a5:68:01:95:6a:e1:4f:80:35:
9d:06:f7:84:9b:a4:ef:a5:48:9e:50:69:1f:81:53:c0:a5:f3:
82:5d:df:06:16:68:34:fe:7f:34:d3:61:a8:b8:8a:68:0d:ca:
d2:92:25:61:c4:e9:4f:b8:c1:9b:c9:64:b6:52:2d:a1:49:32:
c8:48:05:f4:2c:24:c4:1a:82:84:f0:b5:b3:33:d6:45:d7:61:
c0:50:d7:8d:a8:72:a4:da:6c:2a:1b:b9:40:8f:ab:cb:c3:7b:
24:d5:81:f3:1b:4b:de:45:47:d2:56:6a:80:9f:a1:45:35:8f:
2e:50:5c:44:bc:14:9f:2e:3c:78:81:c6:45:66:e8:4a:62:d7:
15:fc:41:af:cd:8f:14:44:22:dc:6c:ec:1f:d8:18:95:ab:37:
a3:e4:21:62
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZRzuMUfLQ42ylZgKuR0s4ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODE4NDU0OWUxMmU5OTM0YmZmYjc2MTViY2EzZDBjMjU2
ODEzNjAwHhcNMjUwMTE3MTAwNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZhZjFmNDc2NWVjNDM4ZDA3NTEzOGJkNzEzODNkNTJmODE4ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjFmuB1Pvdx+HW9LTFmOHS37RHrd
bzbPvwV82MlKrHYBrR94nes5JPFX6RBDoTQTi3mOr2Q72UjyKXeN8698yxXfzUbt
Jk2ltwmQSWj+OM+sKh0xhY381TRwRP/WNEctvPsdBxAY7/cGJ/xLmc3dkLSoXjMk
2Y2Mb3q65wDUURbl/tO1a4aatXEiAJHdHBNoZo7VyGmGeHAod3UkSaVUSwGpNn/s
IktC6YCBu88rAsuIyKQ5vjt+weHDd+V1H0MXO+aa/B642yV1XQRoM8rA6qCSswqg
8JX/xFLv6pT6dekhOOh06xzT1cFqz8Qj6QoL3nHX+m6+tACfusO+4Uh5vwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFD5q8fR2XsQ40HUTi9cTg9UvgY80MB8GA1UdIwQY
MBaAFLSBhFSeEumTS/+3YVvKPQwlaBNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElHRVZKNFM2Wk5MXzdkaFc4bzlEQ1ZvRTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mNjcxNzctNzhkNS00Mzg4LWEyMWEt
MjgyNjM2NTZjNmRlLzEvUG1yeDlIWmV4RGpRZFJPTDF4T0QxUy1CanpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mNjcxNzctNzhkNS00Mzg4LWEyMWEtMjgyNjM2NTZjNmRl
LzEvdElHRVZKNFM2Wk5MXzdkaFc4bzlEQ1ZvRTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuV9QAwQF
1H7AAwQF1doAMA0EAgACMAcDBQAgAUGAMA0GCSqGSIb3DQEBCwUAA4IBAQB45Qhh
bqPhkgq8b/7CL2tPNqP8prd3G4BRzp6n6l9TQEwEx7d+VIIbTNBd0s1E4ZYXBuQv
cRX3eS5f/fbxtYHK5RX8G6U1gG8piSVLm2JEgmnSXomVIZETDYEwbceb/i0NVtql
aAGVauFPgDWdBveEm6TvpUieUGkfgVPApfOCXd8GFmg0/n8002GouIpoDcrSkiVh
xOlPuMGbyWS2Ui2hSTLISAX0LCTEGoKE8LWzM9ZF12HAUNeNqHKk2mwqG7lAj6vL
w3sk1YHzG0veRUfSVmqAn6FFNY8uUFxEvBSfLjx4gcZFZuhKYtcV/EGvzY8URCLc
bOwf2BiVqzej5CFi
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:07 2025 by rpki-client