Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/PSDB3rxaHd0K4mVOY1cyBcJTdPw.roa
File: PSDB3rxaHd0K4mVOY1cyBcJTdPw.roa (raw, json)
Hash identifier: lhJBdeC0f3J+yEhgEnVqj73RUHXBcOQw1UsBPjByvQg=
Subject key identifier: 3D:20:C1:DE:BC:5A:1D:DD:0A:E2:65:4E:63:57:32:05:C2:53:74:FC
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 01942747FB1D0FB7CAD26CC5EC8E3D65D070
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/PSDB3rxaHd0K4mVOY1cyBcJTdPw.roa
Signing time: Thu 02 Jan 2025 13:50:16 +0000
ROA not before: Thu 02 Jan 2025 13:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61112
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:fb:1d:0f:b7:ca:d2:6c:c5:ec:8e:3d:65:d0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jan 2 13:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d20c1debc5a1ddd0ae2654e63573205c25374fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fb:69:9e:1e:6b:1e:97:2c:4a:3f:a6:a3:b9:
09:01:20:c9:70:b2:a7:b7:5a:13:9b:75:0b:fd:b0:
47:9f:4c:7b:fc:d6:a8:a5:46:ba:54:30:80:f0:99:
78:7b:3f:c8:34:96:04:ec:46:3e:52:89:f8:5d:6b:
c2:eb:c4:bf:78:c1:90:f1:bb:f8:b9:04:49:bd:a6:
46:b9:c5:42:c6:8c:0c:26:53:5e:3c:c1:4e:73:f0:
13:c9:a0:05:9c:6d:b9:84:1f:c0:70:19:6e:27:59:
c6:47:09:89:50:3d:49:d3:ac:cc:c6:72:8f:70:0c:
d4:bb:d5:43:ec:9e:25:95:aa:85:a1:34:8d:5c:ae:
73:48:ab:d1:54:02:ab:b5:37:d5:2a:c9:9c:72:f1:
0b:79:b7:20:3d:74:0f:f5:d3:74:5b:e7:ca:a4:cf:
0e:8b:70:13:89:70:0d:22:81:72:d6:30:f4:37:b9:
42:7f:82:fd:5f:ad:8b:f3:40:1c:15:b2:a9:28:6b:
c7:6e:c9:30:07:53:77:de:ef:21:ec:4e:ee:45:4a:
b6:7c:ee:c2:ae:11:df:9b:5a:41:72:d1:0f:50:82:
05:eb:3a:83:60:6f:da:a4:e2:ed:98:2d:bd:20:58:
24:f3:74:18:b8:71:ef:ac:78:37:47:35:e5:15:68:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:20:C1:DE:BC:5A:1D:DD:0A:E2:65:4E:63:57:32:05:C2:53:74:FC
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/PSDB3rxaHd0K4mVOY1cyBcJTdPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/22
83.147.12.0/22
Signature Algorithm: sha256WithRSAEncryption
60:bc:37:30:6b:7d:35:f5:1f:23:5b:e8:f5:95:c1:26:68:4c:
41:e0:e1:98:09:4f:11:69:1f:ed:2b:ae:2a:32:98:20:ce:78:
5d:07:92:a9:c5:60:10:6a:11:01:70:d0:b0:7d:41:92:97:63:
25:6a:41:a6:36:ee:ca:a9:0b:41:95:f7:c4:23:b1:45:db:1e:
28:e8:de:bc:15:69:91:cd:1c:7c:da:a8:28:d5:c1:9f:8e:c7:
a5:5f:5a:31:17:17:17:f2:13:aa:77:97:71:95:d7:c4:94:df:
33:bd:5e:44:52:a4:7e:5f:3f:c9:c4:c8:49:b6:4e:12:7a:51:
96:21:34:8f:47:8c:6f:ca:2f:04:ab:98:2b:2d:a3:1d:e3:67:
fb:d9:f3:3b:2b:67:81:11:c6:89:c1:26:8c:ad:c7:60:4f:4b:
62:bc:7d:db:4a:b4:10:d1:d6:a9:6b:87:a2:60:b2:1c:17:11:
f1:fb:02:49:43:da:85:cb:a2:1c:95:12:2d:86:02:a7:bb:74:
d0:43:8e:c9:63:db:22:5c:f6:08:15:71:6a:da:2e:e4:48:9b:
90:43:9b:b8:e7:cc:2e:8a:4f:a8:33:7f:a1:18:16:a6:91:a0:
18:40:dd:4d:af:45:ec:33:34:c5:da:8e:ec:4c:ba:9f:80:af:
b0:65:05:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnR/sdD7fK0mzF7I49ZdBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwMTAyMTM1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDIwYzFkZWJjNWExZGRkMGFlMjY1NGU2MzU3MzIwNWMyNTM3NGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/tpnh5rHpcsSj+mo7kJASDJcLKn
t1oTm3UL/bBHn0x7/NaopUa6VDCA8Jl4ez/INJYE7EY+Uon4XWvC68S/eMGQ8bv4
uQRJvaZGucVCxowMJlNePMFOc/ATyaAFnG25hB/AcBluJ1nGRwmJUD1J06zMxnKP
cAzUu9VD7J4llaqFoTSNXK5zSKvRVAKrtTfVKsmccvELebcgPXQP9dN0W+fKpM8O
i3ATiXANIoFy1jD0N7lCf4L9X62L80AcFbKpKGvHbskwB1N33u8h7E7uRUq2fO7C
rhHfm1pBctEPUIIF6zqDYG/apOLtmC29IFgk83QYuHHvrHg3RzXlFWjctwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD0gwd68Wh3dCuJlTmNXMgXCU3T8MB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvUFNEQjNyeGFIZDBLNG1WT1kxY3lCY0pUZFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCU5MAAwQC
U5MMMA0GCSqGSIb3DQEBCwUAA4IBAQBgvDcwa3019R8jW+j1lcEmaExB4OGYCU8R
aR/tK64qMpggznhdB5KpxWAQahEBcNCwfUGSl2MlakGmNu7KqQtBlffEI7FF2x4o
6N68FWmRzRx82qgo1cGfjselX1oxFxcX8hOqd5dxldfElN8zvV5EUqR+Xz/JxMhJ
tk4SelGWITSPR4xvyi8Eq5grLaMd42f72fM7K2eBEcaJwSaMrcdgT0tivH3bSrQQ
0dapa4eiYLIcFxHx+wJJQ9qFy6IclRIthgKnu3TQQ47JY9siXPYIFXFq2i7kSJuQ
Q5u458wuik+oM3+hGBamkaAYQN1Nr0XsMzTF2o7sTLqfgK+wZQXZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:49:35 2025 by rpki-client