Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/pvgIN6QNHNBs60IvrUFIahwkpN8.roa
File: pvgIN6QNHNBs60IvrUFIahwkpN8.roa (raw, json)
Hash identifier: SRb6cmNEXQNaL5JeiDfLUBlTpbbbs7eTPPHe0FchMao=
Subject key identifier: A6:F8:08:37:A4:0D:1C:D0:6C:EB:42:2F:AD:41:48:6A:1C:24:A4:DF
Certificate issuer: /CN=9a5550e908a9b9688c29aac9895353dea836c45a
Certificate serial: 019421B1E1E0EF81C89E4888615DE7DFDA12
Authority key identifier: 9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/pvgIN6QNHNBs60IvrUFIahwkpN8.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19551
IP address blocks: 149.126.72.0/21 maxlen: 24
149.126.75.177/32 maxlen: 32
149.126.75.178/32 maxlen: 32
185.11.124.0/22 maxlen: 24
2a02:e980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e1:e0:ef:81:c8:9e:48:88:61:5d:e7:df:da:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5550e908a9b9688c29aac9895353dea836c45a
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6f80837a40d1cd06ceb422fad41486a1c24a4df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:18:ab:66:0f:db:ee:76:8d:1c:93:af:55:d6:
37:ca:6e:d7:d2:8c:53:a4:c2:d7:57:1b:cb:51:a6:
89:fa:34:f2:30:59:43:df:fc:db:68:56:a5:32:34:
32:ed:4a:f5:ac:a8:1b:89:95:52:58:02:df:56:a0:
c9:27:e1:ed:b7:05:d8:a2:00:e7:da:52:35:20:35:
ca:1e:9b:fe:d3:0b:2c:c7:33:5b:d1:a2:36:81:38:
79:73:60:e1:64:4a:93:2b:bb:82:d6:c0:f7:b2:e0:
47:83:94:e0:ea:d2:44:80:73:b5:ed:e0:66:6c:c5:
8c:33:f9:7e:87:1a:0d:54:1b:d9:f8:98:c9:fc:50:
42:4c:33:2b:ca:b2:e6:f0:e8:3b:67:09:62:6d:ea:
f8:d3:ad:45:8d:63:8d:cb:49:aa:f0:f1:8a:35:02:
84:99:1d:02:74:21:43:7f:7c:90:86:a3:ba:66:b3:
64:3b:c2:be:1b:6c:9f:7c:fe:a4:0c:ac:f6:27:79:
23:24:29:c5:b6:12:3d:28:dd:4b:e1:9a:a4:e5:a1:
e4:92:46:0c:e7:5f:13:29:ca:16:ce:4d:6f:cd:2b:
3d:46:5a:01:05:29:aa:af:94:ce:a4:83:9d:29:47:
73:4f:eb:3c:6a:e0:f5:25:d9:2b:37:56:04:1d:f8:
a9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F8:08:37:A4:0D:1C:D0:6C:EB:42:2F:AD:41:48:6A:1C:24:A4:DF
X509v3 Authority Key Identifier:
keyid:9A:55:50:E9:08:A9:B9:68:8C:29:AA:C9:89:53:53:DE:A8:36:C4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlVQ6QipuWiMKarJiVNT3qg2xFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/pvgIN6QNHNBs60IvrUFIahwkpN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/bbb30b-2688-4a6e-b2a2-1399a282227a/1/mlVQ6QipuWiMKarJiVNT3qg2xFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.126.72.0/21
185.11.124.0/22
IPv6:
2a02:e980::/29
Signature Algorithm: sha256WithRSAEncryption
62:46:e3:cd:de:46:55:e3:c4:d5:9f:e8:1e:4a:33:2d:d1:f2:
2f:d7:82:72:ef:bd:06:60:16:39:ff:ec:b8:88:1c:54:11:6d:
52:f1:d6:40:32:77:a4:f4:bf:e5:0b:a1:9b:32:a0:be:5e:8f:
40:e9:f5:b6:c6:99:81:08:c4:ed:28:11:08:49:b0:b3:c0:4c:
da:ce:5b:fd:80:25:32:a9:44:9b:75:1c:ee:19:0a:9f:77:1e:
ed:a9:f1:89:49:ff:df:e6:62:d4:21:c6:13:7b:0f:b0:37:50:
cc:27:d5:52:c4:4a:16:bf:03:86:4a:1c:a9:9b:a7:5c:9a:36:
c5:d5:ab:fc:03:fe:4c:6f:71:1f:77:dc:03:c5:46:23:06:ed:
29:65:5e:3c:0b:af:73:1b:12:3d:73:f0:8b:bb:1a:97:93:dc:
51:62:db:6c:77:52:c5:6a:05:42:53:61:d4:ee:50:5c:03:d7:
97:09:3f:f9:20:e4:b5:50:e6:f1:49:29:6d:c3:12:6c:9e:59:
18:9b:15:e3:49:9a:dc:7d:b7:42:ea:93:21:ec:3e:5d:1a:90:
da:6c:3d:86:d1:f5:88:6e:ef:58:74:fb:35:fa:af:25:89:c2:
39:f6:8e:d6:4b:e3:51:8e:5b:f6:6d:27:1b:87:26:3c:46:4a:
aa:0a:d5:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhseHg74HInkiIYV3n39oSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTU1MGU5MDhhOWI5Njg4YzI5YWFjOTg5NTM1M2RlYTgz
NmM0NWEwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY4MDgzN2E0MGQxY2QwNmNlYjQyMmZhZDQxNDg2YTFjMjRhNGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixirZg/b7naNHJOvVdY3ym7X0oxT
pMLXVxvLUaaJ+jTyMFlD3/zbaFalMjQy7Ur1rKgbiZVSWALfVqDJJ+HttwXYogDn
2lI1IDXKHpv+0wssxzNb0aI2gTh5c2DhZEqTK7uC1sD3suBHg5Tg6tJEgHO17eBm
bMWMM/l+hxoNVBvZ+JjJ/FBCTDMryrLm8Og7Zwliber4061FjWONy0mq8PGKNQKE
mR0CdCFDf3yQhqO6ZrNkO8K+G2yffP6kDKz2J3kjJCnFthI9KN1L4Zqk5aHkkkYM
518TKcoWzk1vzSs9RloBBSmqr5TOpIOdKUdzT+s8auD1JdkrN1YEHfipqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKb4CDekDRzQbOtCL61BSGocJKTfMB8GA1UdIwQY
MBaAFJpVUOkIqblojCmqyYlTU96oNsRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTIt
MTM5OWEyODIyMjdhLzEvcHZnSU42UU5ITkJzNjBJdnJVRklhaHdrcE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iYmIzMGItMjY4OC00YTZlLWIyYTItMTM5OWEyODIyMjdh
LzEvbWxWUTZRaXB1V2lNS2FySmlWTlQzcWcyeEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDlX5IAwQC
uQt8MA0EAgACMAcDBQMqAumAMA0GCSqGSIb3DQEBCwUAA4IBAQBiRuPN3kZV48TV
n+geSjMt0fIv14Jy770GYBY5/+y4iBxUEW1S8dZAMnek9L/lC6GbMqC+Xo9A6fW2
xpmBCMTtKBEISbCzwEzazlv9gCUyqUSbdRzuGQqfdx7tqfGJSf/f5mLUIcYTew+w
N1DMJ9VSxEoWvwOGShypm6dcmjbF1av8A/5Mb3Efd9wDxUYjBu0pZV48C69zGxI9
c/CLuxqXk9xRYttsd1LFagVCU2HU7lBcA9eXCT/5IOS1UObxSSltwxJsnlkYmxXj
SZrcfbdC6pMh7D5dGpDabD2G0fWIbu9YdPs1+q8licI59o7WS+NRjlv2bScbhyY8
RkqqCtVr
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:05:28 2025 by rpki-client