Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Pcba8QNq05Onyt8c9PChrOeDwkk.roa
File: Pcba8QNq05Onyt8c9PChrOeDwkk.roa (raw, json)
Hash identifier: 1zhirneHsYlEsC5JAw7XhZDInFj824D/W2vvSSXKLa8=
Subject key identifier: 3D:C6:DA:F1:03:6A:D3:93:A7:CA:DF:1C:F4:F0:A1:AC:E7:83:C2:49
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019589520C6E87A82D8ECAFF218CFEDF9B58
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Pcba8QNq05Onyt8c9PChrOeDwkk.roa
Signing time: Wed 12 Mar 2025 07:46:50 +0000
ROA not before: Wed 12 Mar 2025 07:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 88.209.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:89:52:0c:6e:87:a8:2d:8e:ca:ff:21:8c:fe:df:9b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 12 07:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dc6daf1036ad393a7cadf1cf4f0a1ace783c249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b3:3c:e6:e4:4f:e4:8e:bc:aa:1d:e2:e5:4e:
9b:38:33:60:c5:a8:80:23:79:bc:ae:26:e5:85:8f:
62:6e:b8:43:ae:5e:24:f9:c8:87:65:8e:49:0c:73:
48:5c:e3:83:02:51:41:94:5f:32:fa:59:09:2a:99:
83:c7:ba:10:39:7b:8d:56:42:e2:e2:bd:23:fd:b5:
be:a8:96:04:9d:a3:0e:fa:ae:17:c0:5c:e8:09:96:
58:b6:68:a5:c5:0d:14:f7:70:5e:6a:a7:a8:7f:32:
1c:c4:74:9f:42:be:4f:b0:a7:ee:fa:f4:00:6e:f4:
75:db:52:0d:2c:97:d7:96:ed:9c:63:37:88:c0:14:
bc:c9:f8:ba:09:bc:2e:3c:54:42:b3:8b:7e:f4:21:
41:6a:89:71:4e:3f:3b:cf:84:c8:9b:79:64:c3:91:
3e:56:96:cb:d0:42:de:4d:e4:09:62:f3:57:c7:4a:
18:78:54:30:ba:8a:a2:24:9c:df:ff:9e:32:30:e1:
ba:ae:53:7c:10:dd:46:8b:5a:3a:81:66:48:2b:b3:
a4:05:be:61:0d:33:a8:c4:7c:36:2b:a0:45:aa:ff:
cb:19:a8:ee:ba:a1:1c:f1:87:e1:85:24:e5:ca:5a:
ab:71:89:15:93:9d:24:99:d7:a5:60:ee:02:a5:c3:
06:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C6:DA:F1:03:6A:D3:93:A7:CA:DF:1C:F4:F0:A1:AC:E7:83:C2:49
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Pcba8QNq05Onyt8c9PChrOeDwkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.204.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b0:d3:6e:c5:47:d2:b5:92:6c:fb:02:bf:0b:af:12:23:78:
d3:80:d4:d8:5e:fc:48:dc:92:32:b8:59:88:eb:f3:a2:70:56:
87:6d:5f:64:a8:7d:f4:dd:79:71:be:e5:9b:9c:8e:e8:c8:fc:
45:ea:33:39:84:9f:85:83:85:a5:49:b1:c7:ad:77:36:8f:db:
52:17:05:e8:ab:dc:e0:ad:b6:ea:75:eb:ad:ad:84:19:e3:26:
a8:25:92:eb:c4:01:e7:13:05:5c:9b:3b:47:ed:98:7a:e0:5d:
21:28:31:bd:5c:bd:dd:73:6e:eb:1b:7d:71:61:fd:4f:fe:d3:
de:86:ca:2f:35:e7:eb:4e:4e:a4:bf:9b:f9:7f:1b:6e:63:8a:
98:33:9f:30:a1:f7:23:03:e7:66:34:91:c0:39:2d:27:b5:a1:
c5:25:e9:09:b9:51:8b:7b:47:7f:de:f4:92:2a:a8:6e:7e:b7:
35:f5:fd:91:d0:80:e4:3d:8a:44:14:38:9c:9b:9e:73:d6:f8:
a8:f3:60:66:7d:fb:86:07:cd:44:cf:83:67:7d:9d:ca:81:14:
eb:67:ac:ef:c2:06:66:ce:00:ed:c4:4e:2f:57:5f:6f:91:ee:
14:da:b7:8d:63:56:e0:cc:40:8b:e6:74:c0:e2:af:4e:b9:fd:
f5:5a:4e:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWJUgxuh6gtjsr/IYz+35tYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwMzEyMDc0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGM2ZGFmMTAzNmFkMzkzYTdjYWRmMWNmNGYwYTFhY2U3ODNjMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrM85uRP5I68qh3i5U6bODNgxaiA
I3m8riblhY9ibrhDrl4k+ciHZY5JDHNIXOODAlFBlF8y+lkJKpmDx7oQOXuNVkLi
4r0j/bW+qJYEnaMO+q4XwFzoCZZYtmilxQ0U93BeaqeofzIcxHSfQr5PsKfu+vQA
bvR121INLJfXlu2cYzeIwBS8yfi6CbwuPFRCs4t+9CFBaolxTj87z4TIm3lkw5E+
VpbL0ELeTeQJYvNXx0oYeFQwuoqiJJzf/54yMOG6rlN8EN1Gi1o6gWZIK7OkBb5h
DTOoxHw2K6BFqv/LGajuuqEc8YfhhSTlylqrcYkVk50kmdelYO4CpcMG5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3G2vEDatOTp8rfHPTwoazng8JJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUGNiYThRTnEwNU9ueXQ4YzlQQ2hyT2VEd2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHMMA0G
CSqGSIb3DQEBCwUAA4IBAQBVsNNuxUfStZJs+wK/C68SI3jTgNTYXvxI3JIyuFmI
6/OicFaHbV9kqH303XlxvuWbnI7oyPxF6jM5hJ+Fg4WlSbHHrXc2j9tSFwXoq9zg
rbbqdeutrYQZ4yaoJZLrxAHnEwVcmztH7Zh64F0hKDG9XL3dc27rG31xYf1P/tPe
hsovNefrTk6kv5v5fxtuY4qYM58wofcjA+dmNJHAOS0ntaHFJekJuVGLe0d/3vSS
Kqhufrc19f2R0IDkPYpEFDicm55z1vio82BmffuGB81Ez4NnfZ3KgRTrZ6zvwgZm
zgDtxE4vV19vke4U2reNY1bgzECL5nTA4q9Ouf31Wk7e
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:39:41 2025 by rpki-client