Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/Pn858ay-FN8CpYdFWrDb1csuRqk.roa
File: Pn858ay-FN8CpYdFWrDb1csuRqk.roa (raw, json)
Hash identifier: 1x6q+bHbiK4ZO727dNBvS4qznomEqP/sj4NA0FmsokM=
Subject key identifier: 3E:7F:39:F1:AC:BE:14:DF:02:A5:87:45:5A:B0:DB:D5:CB:2E:46:A9
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 0194FA45238058E011F7E75A10505FDBDCDB
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/Pn858ay-FN8CpYdFWrDb1csuRqk.roa
Signing time: Wed 12 Feb 2025 13:07:02 +0000
ROA not before: Wed 12 Feb 2025 13:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 91.108.192.0/24 maxlen: 24
91.108.193.0/24 maxlen: 24
91.108.194.0/24 maxlen: 24
91.108.195.0/24 maxlen: 24
91.108.196.0/22 maxlen: 22
91.108.200.0/22 maxlen: 22
91.108.204.0/22 maxlen: 22
91.108.208.0/22 maxlen: 22
91.108.208.0/24 maxlen: 24
91.108.212.0/22 maxlen: 22
91.108.216.0/22 maxlen: 22
91.108.220.0/22 maxlen: 22
91.108.224.0/24 maxlen: 24
91.108.225.0/24 maxlen: 24
91.108.228.0/22 maxlen: 22
91.108.232.0/22 maxlen: 22
91.108.236.0/24 maxlen: 24
91.108.238.0/24 maxlen: 24
91.108.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:45:23:80:58:e0:11:f7:e7:5a:10:50:5f:db:dc:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Feb 12 13:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e7f39f1acbe14df02a587455ab0dbd5cb2e46a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f3:0a:85:48:98:a7:8e:f5:8a:05:58:08:d2:
4f:6d:a2:c4:f1:41:b0:05:3b:1e:ee:65:6b:99:0e:
dc:e4:ad:93:d4:fc:04:89:86:4e:20:d3:5f:9c:d0:
5a:bb:26:1b:71:05:50:66:1e:42:06:b2:2c:c5:e2:
6f:34:b3:3a:95:61:22:60:31:52:b7:a8:5a:04:ba:
c6:07:91:72:5b:5d:df:c6:a7:a6:ef:2a:e9:2a:12:
7f:60:96:94:37:10:58:c5:56:6e:ff:04:57:4a:b5:
da:67:f2:13:04:54:db:42:65:c0:d6:c7:a9:47:15:
3e:90:80:c0:28:89:86:bc:7c:30:6b:d2:3a:01:71:
f4:00:48:26:f8:5e:87:d2:c4:3e:70:f2:57:0b:ee:
7f:c5:4c:47:be:a4:24:e1:a9:3f:bc:25:9e:75:8b:
7f:a6:ac:91:4c:d4:15:46:ac:7c:df:d7:92:3d:08:
51:bf:63:c5:e6:83:26:dc:8a:e2:3e:e0:6f:30:5d:
b8:2e:36:5b:36:5b:db:bb:79:b7:19:82:cc:ff:a4:
d2:9d:12:d6:2c:a3:2a:80:69:11:6a:77:e8:14:7f:
d4:77:49:f4:30:d6:58:eb:43:df:b1:a8:d7:fa:6c:
74:f2:f5:2c:64:d2:8a:d5:6a:04:60:51:4a:90:0f:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:7F:39:F1:AC:BE:14:DF:02:A5:87:45:5A:B0:DB:D5:CB:2E:46:A9
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/Pn858ay-FN8CpYdFWrDb1csuRqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.192.0-91.108.225.255
91.108.228.0-91.108.236.255
91.108.238.0/24
91.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:60:6d:d6:c4:e9:f9:86:5f:a3:51:88:26:8d:df:37:d7:67:
f6:61:33:e7:6d:bf:d3:1a:c2:c3:8b:f2:61:d1:ea:dc:04:bd:
ce:7a:23:c7:08:b1:1d:9e:2b:63:e9:80:21:30:4e:de:98:8e:
4b:81:c3:e0:8b:a4:a1:cf:f8:36:28:8f:cf:6c:e7:27:d9:90:
29:e8:50:58:28:02:9a:b2:bb:9d:a5:38:cb:ea:22:18:9d:69:
75:26:0c:55:47:36:3a:e8:6e:8f:2a:4a:75:28:df:14:11:12:
fc:e4:7e:04:7c:f1:ad:37:57:dc:0f:85:d3:b2:a4:00:06:f5:
8c:5f:f3:a0:30:db:6c:95:3b:67:af:03:15:cd:f4:22:8a:8e:
ce:cc:d7:4f:3a:18:53:e6:26:6f:25:d2:2c:d3:b5:a6:de:bc:
98:07:8d:c6:01:0f:13:74:ac:ce:d2:29:9a:c5:22:38:ca:1d:
aa:8e:a8:80:49:8a:85:20:2c:8c:51:21:f9:74:59:2c:db:ab:
c8:8e:0c:1d:cb:53:10:04:33:04:eb:ab:60:a2:d5:e5:fe:83:
2d:5c:ff:22:a1:2e:29:2b:1a:c9:2b:6b:29:80:82:ad:15:5a:
6d:e8:d5:6d:0e:89:10:92:e4:93:ec:d1:bf:b2:fb:9e:a7:e3:
69:86:39:2a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZT6RSOAWOAR9+daEFBf29zbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwMjEyMTMwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTdmMzlmMWFjYmUxNGRmMDJhNTg3NDU1YWIwZGJkNWNiMmU0NmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvMKhUiYp471igVYCNJPbaLE8UGw
BTse7mVrmQ7c5K2T1PwEiYZOINNfnNBauyYbcQVQZh5CBrIsxeJvNLM6lWEiYDFS
t6haBLrGB5FyW13fxqem7yrpKhJ/YJaUNxBYxVZu/wRXSrXaZ/ITBFTbQmXA1sep
RxU+kIDAKImGvHwwa9I6AXH0AEgm+F6H0sQ+cPJXC+5/xUxHvqQk4ak/vCWedYt/
pqyRTNQVRqx839eSPQhRv2PF5oMm3IriPuBvMF24LjZbNlvbu3m3GYLM/6TSnRLW
LKMqgGkRanfoFH/Ud0n0MNZY60PfsajX+mx08vUsZNKK1WoEYFFKkA+RewIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD5/OfGsvhTfAqWHRVqw29XLLkapMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvUG44NThheS1GTjhDcFlkRldyRGIxY3N1UnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAZbbMAD
BAFbbOAwDAMEAlts5AMEAFts7AMEAFts7gMEAFts/zANBgkqhkiG9w0BAQsFAAOC
AQEAqWBt1sTp+YZfo1GIJo3fN9dn9mEz522/0xrCw4vyYdHq3AS9znojxwixHZ4r
Y+mAITBO3piOS4HD4Iukoc/4NiiPz2znJ9mQKehQWCgCmrK7naU4y+oiGJ1pdSYM
VUc2OuhujypKdSjfFBES/OR+BHzxrTdX3A+F07KkAAb1jF/zoDDbbJU7Z68DFc30
IoqOzszXTzoYU+YmbyXSLNO1pt68mAeNxgEPE3SsztIpmsUiOModqo6ogEmKhSAs
jFEh+XRZLNuryI4MHctTEAQzBOurYKLV5f6DLVz/IqEuKSsayStrKYCCrRVabejV
bQ6JEJLkk+zRv7L7nqfjaYY5Kg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:35 2025 by rpki-client