Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/pPr-RfjQ8TKLflLIUQw5yKTIFpY.roa
File: pPr-RfjQ8TKLflLIUQw5yKTIFpY.roa (raw, json)
Hash identifier: oEBThZTfbjTX75q4IqjgPgOk7OlUAtwvGwGIzijgHts=
Subject key identifier: A4:FA:FE:45:F8:D0:F1:32:8B:7E:52:C8:51:0C:39:C8:A4:C8:16:96
Certificate issuer: /CN=52413f2e55907004c5ab6989de7eed1543535811
Certificate serial: 0194274840E71A28716392B92E08EF515518
Authority key identifier: 52:41:3F:2E:55:90:70:04:C5:AB:69:89:DE:7E:ED:15:43:53:58:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkE_LlWQcATFq2mJ3n7tFUNTWBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/pPr-RfjQ8TKLflLIUQw5yKTIFpY.roa
Signing time: Thu 02 Jan 2025 13:50:34 +0000
ROA not before: Thu 02 Jan 2025 13:50:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47546
IP address blocks: 185.142.56.0/22 maxlen: 22
185.142.56.0/23 maxlen: 23
185.142.58.0/23 maxlen: 23
188.215.33.0/24 maxlen: 24
188.215.35.0/24 maxlen: 24
195.88.64.0/24 maxlen: 24
195.88.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/UkE_LlWQcATFq2mJ3n7tFUNTWBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/UkE_LlWQcATFq2mJ3n7tFUNTWBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/UkE_LlWQcATFq2mJ3n7tFUNTWBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:40:e7:1a:28:71:63:92:b9:2e:08:ef:51:55:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52413f2e55907004c5ab6989de7eed1543535811
Validity
Not Before: Jan 2 13:50:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4fafe45f8d0f1328b7e52c8510c39c8a4c81696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4e:a0:36:21:f5:e9:b6:d9:69:cb:10:00:74:
46:bd:2f:dc:4d:50:96:25:58:9c:48:b1:a1:f8:9b:
7f:3e:1f:10:5f:f6:d7:78:f4:af:af:2f:9c:f5:56:
75:ab:c9:e1:bc:54:55:0e:9a:9d:b0:be:a1:08:71:
7e:92:71:3f:cc:fb:51:ba:97:13:d6:bc:b1:da:91:
c3:7d:34:71:5e:c6:d6:81:f8:a4:9c:cf:02:67:42:
e7:11:31:c3:8d:a4:a8:c5:ce:8d:38:55:0d:ac:a3:
b1:02:9e:cd:2d:d6:c0:d5:6b:6c:58:f4:c1:5f:28:
bd:c1:98:93:3b:5a:9e:eb:2c:ee:a8:aa:1f:f6:91:
a2:ef:99:16:ec:ef:63:f2:ce:e2:fe:4a:16:b0:23:
01:f5:6e:6b:68:ec:d6:26:08:d4:ea:16:53:70:11:
15:17:70:fd:98:35:9c:63:e3:5b:de:fa:75:25:b9:
63:2e:29:e7:fd:2e:c2:7f:1c:7e:b1:32:6d:16:d1:
b9:b1:65:39:e7:9f:32:aa:e6:ea:c7:8a:52:ce:ed:
08:00:1e:22:68:0e:5e:63:1c:f9:a2:37:10:16:57:
c5:9b:ac:ad:9c:1a:bb:59:5c:5f:ad:ed:4a:c5:19:
a6:a2:b4:b5:7b:ae:af:21:1b:d6:f2:5a:6f:46:f5:
5f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FA:FE:45:F8:D0:F1:32:8B:7E:52:C8:51:0C:39:C8:A4:C8:16:96
X509v3 Authority Key Identifier:
keyid:52:41:3F:2E:55:90:70:04:C5:AB:69:89:DE:7E:ED:15:43:53:58:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkE_LlWQcATFq2mJ3n7tFUNTWBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/pPr-RfjQ8TKLflLIUQw5yKTIFpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/fbd6c5-460e-44fc-b074-8bfdb969859c/1/UkE_LlWQcATFq2mJ3n7tFUNTWBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.56.0/22
188.215.33.0/24
188.215.35.0/24
195.88.64.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:cb:6c:70:e0:f5:27:0a:e1:59:dd:31:a2:76:fd:59:f5:f3:
8b:44:0b:f5:22:6d:09:2d:88:26:0f:dc:c6:82:5f:11:63:fe:
78:72:51:d8:fc:87:f4:63:a6:b2:a1:45:cb:9e:9a:36:8f:4e:
56:74:94:6e:00:ee:e7:9b:ae:09:08:57:91:f8:4e:f4:7c:7c:
13:32:5c:d3:32:d4:99:ef:68:c0:3a:c2:10:f8:ce:cc:ca:f0:
1b:60:6f:5b:f6:22:65:47:e8:d7:09:86:75:2e:98:f3:61:32:
27:fc:bb:1f:6f:ca:04:99:50:dc:ef:b9:9e:7c:e1:84:a9:e3:
04:78:7a:69:a9:a2:95:72:75:2f:11:ac:cb:d8:05:33:b0:74:
5e:de:84:e5:c0:6d:5a:22:d0:0b:19:59:63:3c:bd:93:79:28:
01:02:df:9f:a3:16:3b:3a:19:9c:1d:a5:ec:a9:ac:67:a2:9a:
36:46:1b:f2:9a:bc:f1:5c:b9:2b:06:f8:8b:27:65:ca:44:4c:
fd:5c:1d:73:c4:9c:bf:91:91:04:92:cb:34:fe:a4:5a:5e:09:
89:1d:17:e1:a4:48:f2:18:2d:33:3f:85:4b:5d:3c:0d:97:3f:
e8:8f:8e:a0:6a:f8:5b:e1:bf:24:25:f0:6e:b7:5e:ad:51:3d:
b7:c7:8d:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSEDnGihxY5K5LgjvUVUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDEzZjJlNTU5MDcwMDRjNWFiNjk4OWRlN2VlZDE1NDM1
MzU4MTEwHhcNMjUwMTAyMTM1MDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGZhZmU0NWY4ZDBmMTMyOGI3ZTUyYzg1MTBjMzljOGE0YzgxNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk6gNiH16bbZacsQAHRGvS/cTVCW
JVicSLGh+Jt/Ph8QX/bXePSvry+c9VZ1q8nhvFRVDpqdsL6hCHF+knE/zPtRupcT
1ryx2pHDfTRxXsbWgfiknM8CZ0LnETHDjaSoxc6NOFUNrKOxAp7NLdbA1WtsWPTB
Xyi9wZiTO1qe6yzuqKof9pGi75kW7O9j8s7i/koWsCMB9W5raOzWJgjU6hZTcBEV
F3D9mDWcY+Nb3vp1JbljLinn/S7Cfxx+sTJtFtG5sWU5558yqubqx4pSzu0IAB4i
aA5eYxz5ojcQFlfFm6ytnBq7WVxfre1KxRmmorS1e66vIRvW8lpvRvVf/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKT6/kX40PEyi35SyFEMOcikyBaWMB8GA1UdIwQY
MBaAFFJBPy5VkHAExatpid5+7RVDU1gRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtFX0xsV1FjQVRGcTJtSjNuN3RGVU5UV0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mYmQ2YzUtNDYwZS00NGZjLWIwNzQt
OGJmZGI5Njk4NTljLzEvcFByLVJmalE4VEtMZmxMSVVRdzV5S1RJRnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mYmQ2YzUtNDYwZS00NGZjLWIwNzQtOGJmZGI5Njk4NTlj
LzEvVWtFX0xsV1FjQVRGcTJtSjNuN3RGVU5UV0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuY44AwQA
vNchAwQAvNcjAwQBw1hAMA0GCSqGSIb3DQEBCwUAA4IBAQDCy2xw4PUnCuFZ3TGi
dv1Z9fOLRAv1Im0JLYgmD9zGgl8RY/54clHY/If0Y6ayoUXLnpo2j05WdJRuAO7n
m64JCFeR+E70fHwTMlzTMtSZ72jAOsIQ+M7MyvAbYG9b9iJlR+jXCYZ1LpjzYTIn
/Lsfb8oEmVDc77mefOGEqeMEeHppqaKVcnUvEazL2AUzsHRe3oTlwG1aItALGVlj
PL2TeSgBAt+foxY7OhmcHaXsqaxnopo2RhvymrzxXLkrBviLJ2XKREz9XB1zxJy/
kZEEkss0/qRaXgmJHRfhpEjyGC0zP4VLXTwNlz/oj46gavhb4b8kJfBut16tUT23
x42B
-----END CERTIFICATE-----
Generated at Thu Mar 13 10:18:59 2025 by rpki-client