Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/Pl-xLYhjY5YlhNM49xs9QKMtfBU.roa
File: Pl-xLYhjY5YlhNM49xs9QKMtfBU.roa (raw, json)
Hash identifier: UmyMwMyNw8j81M3/HKdHg6H50eTkm3sFnC7O9PysISQ=
Subject key identifier: 3E:5F:B1:2D:88:63:63:96:25:84:D3:38:F7:1B:3D:40:A3:2D:7C:15
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 0194266AC9376D497F72C44E22EC539A4398
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/Pl-xLYhjY5YlhNM49xs9QKMtfBU.roa
Signing time: Thu 02 Jan 2025 09:48:39 +0000
ROA not before: Thu 02 Jan 2025 09:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200223
IP address blocks: 185.229.32.0/24 maxlen: 24
2a03:3a61::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:c9:37:6d:49:7f:72:c4:4e:22:ec:53:9a:43:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 2 09:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e5fb12d886363962584d338f71b3d40a32d7c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f8:66:68:45:a0:26:09:78:54:22:a2:27:9e:
6d:73:6a:93:42:e3:2f:d8:bf:58:77:74:20:b0:01:
b0:6b:6e:bc:78:ec:29:86:7c:9a:84:dd:47:86:4c:
24:3d:52:4b:86:27:6a:d8:50:ce:eb:29:d7:70:6e:
b1:50:80:fb:48:ef:21:1c:a9:16:62:c2:39:75:5d:
e1:c2:72:b7:50:0b:06:5c:18:91:f7:e6:c8:8f:e2:
29:5b:64:4f:fc:80:e2:db:fc:7a:ff:de:12:7b:ee:
d4:e4:0d:c8:1c:cf:0c:49:1b:16:ab:cb:e7:59:38:
b9:c6:e5:ad:ea:fb:06:34:49:88:1d:18:c4:88:a8:
d5:94:ce:8d:ec:07:13:fe:d9:64:24:95:72:1d:97:
4c:99:a9:26:70:31:c3:ba:c5:81:5b:3e:5a:1a:14:
81:45:d3:88:c3:d5:a0:bc:c8:93:5d:b6:be:48:83:
25:7e:02:fc:e0:a1:be:94:f6:59:74:36:e2:bd:f5:
c8:43:e0:08:2a:e0:05:a8:f9:bc:76:a8:0d:c6:4e:
d7:55:ba:ca:7e:c1:15:56:4e:82:19:0e:2c:a3:92:
bf:d3:01:75:f6:fd:a6:dd:6d:01:b7:78:21:89:36:
7e:7e:5e:5f:b6:3b:94:f9:a7:8b:f5:ef:31:35:b3:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5F:B1:2D:88:63:63:96:25:84:D3:38:F7:1B:3D:40:A3:2D:7C:15
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/Pl-xLYhjY5YlhNM49xs9QKMtfBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.32.0/24
IPv6:
2a03:3a61::/32
Signature Algorithm: sha256WithRSAEncryption
44:2c:b2:19:67:93:25:f2:b2:1e:fa:c5:de:01:55:57:96:81:
47:aa:f3:03:d8:59:df:7c:84:d1:c4:92:cc:61:d9:55:70:fd:
9c:64:07:4c:85:29:78:71:f7:e8:9d:2b:30:82:c3:50:37:5b:
7c:8f:e4:a0:79:eb:1d:03:75:e5:c9:e3:15:1e:f0:d6:6d:9f:
3f:c1:e5:c4:dd:39:b2:9c:2d:57:21:30:c8:b3:3e:66:e5:55:
93:2c:78:4a:35:3c:9d:99:d7:0a:f1:d8:0e:6b:67:5c:b2:88:
db:d5:e6:29:1e:1c:ec:4c:4c:4e:a8:37:56:64:24:ab:ef:bf:
c3:9e:b4:1f:1c:24:ac:bd:e5:29:fe:cb:31:7a:8f:c2:a8:b4:
31:2b:73:4d:11:dc:ab:68:7a:52:df:bf:49:28:a2:e7:be:c4:
f7:c1:c9:8f:6e:32:09:9c:08:b4:f1:ff:75:d0:32:fd:45:c2:
6a:fe:5d:1b:87:57:2f:08:a1:b9:63:ff:af:87:fa:80:f1:30:
42:c1:9b:9f:30:d2:e6:ea:60:7c:de:f9:3c:5b:be:05:b7:a6:
76:32:14:52:82:60:d2:fd:2b:00:b4:6a:b5:71:02:8a:38:98:
4c:8a:63:00:80:72:c8:1e:86:f5:19:06:c8:84:50:b0:0f:56:
7c:f7:b3:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmask3bUl/csROIuxTmkOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjUwMTAyMDk0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTVmYjEyZDg4NjM2Mzk2MjU4NGQzMzhmNzFiM2Q0MGEzMmQ3YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfhmaEWgJgl4VCKiJ55tc2qTQuMv
2L9Yd3QgsAGwa268eOwphnyahN1HhkwkPVJLhidq2FDO6ynXcG6xUID7SO8hHKkW
YsI5dV3hwnK3UAsGXBiR9+bIj+IpW2RP/IDi2/x6/94Se+7U5A3IHM8MSRsWq8vn
WTi5xuWt6vsGNEmIHRjEiKjVlM6N7AcT/tlkJJVyHZdMmakmcDHDusWBWz5aGhSB
RdOIw9WgvMiTXba+SIMlfgL84KG+lPZZdDbivfXIQ+AIKuAFqPm8dqgNxk7XVbrK
fsEVVk6CGQ4so5K/0wF19v2m3W0Bt3ghiTZ+fl5ftjuU+aeL9e8xNbNU8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD5fsS2IY2OWJYTTOPcbPUCjLXwVMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvUGwteExZaGpZNVlsaE5NNDl4czlRS010ZkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueUgMA0E
AgACMAcDBQAqAzphMA0GCSqGSIb3DQEBCwUAA4IBAQBELLIZZ5Ml8rIe+sXeAVVX
loFHqvMD2FnffITRxJLMYdlVcP2cZAdMhSl4cffonSswgsNQN1t8j+SgeesdA3Xl
yeMVHvDWbZ8/weXE3TmynC1XITDIsz5m5VWTLHhKNTydmdcK8dgOa2dcsojb1eYp
HhzsTExOqDdWZCSr77/DnrQfHCSsveUp/ssxeo/CqLQxK3NNEdyraHpS379JKKLn
vsT3wcmPbjIJnAi08f910DL9RcJq/l0bh1cvCKG5Y/+vh/qA8TBCwZufMNLm6mB8
3vk8W74Ft6Z2MhRSgmDS/SsAtGq1cQKKOJhMimMAgHLIHob1GQbIhFCwD1Z897OM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:42 2025 by rpki-client