Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/PAiV7wwH5lDn0JNrrWRqQNYoPCA.roa
File: PAiV7wwH5lDn0JNrrWRqQNYoPCA.roa (raw, json)
Hash identifier: U/HM2vtQqlyAA5VvXddzuybceKGB/8tIXNAeUOLwY20=
Subject key identifier: 3C:08:95:EF:0C:07:E6:50:E7:D0:93:6B:AD:64:6A:40:D6:28:3C:20
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E44EF9EC69A0366E3A7D44428729B
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/PAiV7wwH5lDn0JNrrWRqQNYoPCA.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 213.145.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:44:ef:9e:c6:9a:03:66:e3:a7:d4:44:28:72:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c0895ef0c07e650e7d0936bad646a40d6283c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e1:d1:a4:4a:7d:93:5b:cf:b2:fc:a8:04:98:
b8:1e:52:52:5d:42:b8:26:a1:6a:fa:a4:19:49:35:
ed:9f:48:74:ee:c1:67:d4:46:8c:65:7b:e6:48:ee:
65:36:99:0e:68:0a:3b:79:ff:b4:a4:fe:c9:ea:14:
c0:0e:9a:2d:ae:de:3b:82:88:36:bd:3e:bc:b6:36:
ec:27:0b:e0:61:86:5b:70:e6:76:24:a2:83:0a:d5:
0e:84:a9:3e:99:30:d3:57:d1:71:ce:bc:70:02:fd:
9e:79:c3:78:e9:b8:04:6d:e2:e3:cb:b6:a1:d8:84:
d7:10:ea:54:fe:72:ed:85:77:d8:54:f0:27:18:54:
27:a3:61:9e:1d:76:53:07:39:b3:2e:e6:3b:91:91:
e3:16:98:ee:0c:78:e7:94:20:02:0b:af:36:12:20:
5f:36:72:d1:17:ae:48:fb:64:0b:5a:14:32:c8:b8:
a0:7f:52:d5:24:25:fe:e3:07:7a:33:91:38:7f:6d:
75:a4:b0:85:a0:f0:dd:ba:18:aa:a5:e7:ab:c3:59:
7d:6d:17:d7:cd:43:3b:0a:a6:74:81:77:e5:50:9c:
13:e0:60:9c:d4:bb:91:75:61:fc:4a:21:ce:16:4b:
25:b3:35:0b:e1:b1:aa:6d:14:2b:00:04:29:a6:d4:
81:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:95:EF:0C:07:E6:50:E7:D0:93:6B:AD:64:6A:40:D6:28:3C:20
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/PAiV7wwH5lDn0JNrrWRqQNYoPCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.70.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:15:40:77:8b:75:32:48:ee:86:17:21:9b:40:1b:51:2a:16:
21:33:bb:22:02:08:36:5c:ef:33:2d:7d:65:c9:74:aa:a5:fa:
40:82:3e:20:ad:2c:d2:66:1f:9c:ae:d1:90:ab:b9:1e:94:71:
26:9e:fc:7f:86:1a:68:3a:98:c9:ed:68:ff:df:49:59:7c:06:
0e:71:45:de:60:a5:5f:e7:94:0e:49:98:b9:58:f0:16:e0:58:
ca:b4:df:9d:66:98:1f:4d:94:57:47:5d:8e:35:27:a1:0c:25:
44:d6:58:70:55:e7:5a:6f:18:cc:84:4e:2e:9c:cb:c3:1d:e3:
56:fc:95:44:eb:93:6f:fd:f6:c6:df:0e:08:40:e2:c0:ad:3f:
2b:b2:c0:5f:d5:1c:24:90:6c:e4:52:de:7a:70:53:d8:bb:55:
2f:95:bd:cc:15:c4:9d:75:b1:dc:b0:30:8a:9f:51:88:05:ac:
bb:62:ef:ef:39:25:99:75:f4:7d:77:3d:82:d2:e7:7d:69:b5:
25:38:6b:82:76:68:e1:d3:14:5e:f7:5e:56:07:8f:f7:4a:b0:
41:9e:0d:b5:cd:4c:68:4e:15:04:84:c3:d1:8e:04:9d:02:5f:
45:f6:54:b1:8b:ba:14:2a:36:50:87:c3:35:2a:77:ac:40:50:
1d:55:0a:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkTvnsaaA2bjp9REKHKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA4OTVlZjBjMDdlNjUwZTdkMDkzNmJhZDY0NmE0MGQ2MjgzYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOHRpEp9k1vPsvyoBJi4HlJSXUK4
JqFq+qQZSTXtn0h07sFn1EaMZXvmSO5lNpkOaAo7ef+0pP7J6hTADpotrt47gog2
vT68tjbsJwvgYYZbcOZ2JKKDCtUOhKk+mTDTV9FxzrxwAv2eecN46bgEbeLjy7ah
2ITXEOpU/nLthXfYVPAnGFQno2GeHXZTBzmzLuY7kZHjFpjuDHjnlCACC682EiBf
NnLRF65I+2QLWhQyyLigf1LVJCX+4wd6M5E4f211pLCFoPDduhiqpeerw1l9bRfX
zUM7CqZ0gXflUJwT4GCc1LuRdWH8SiHOFkslszUL4bGqbRQrAAQpptSBfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwIle8MB+ZQ59CTa61kakDWKDwgMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvUEFpVjd3d0g1bERuMEpOcnJXUnFRTllvUENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFGMA0G
CSqGSIb3DQEBCwUAA4IBAQAvFUB3i3UySO6GFyGbQBtRKhYhM7siAgg2XO8zLX1l
yXSqpfpAgj4grSzSZh+crtGQq7kelHEmnvx/hhpoOpjJ7Wj/30lZfAYOcUXeYKVf
55QOSZi5WPAW4FjKtN+dZpgfTZRXR12ONSehDCVE1lhwVedabxjMhE4unMvDHeNW
/JVE65Nv/fbG3w4IQOLArT8rssBf1RwkkGzkUt56cFPYu1Uvlb3MFcSddbHcsDCK
n1GIBay7Yu/vOSWZdfR9dz2C0ud9abUlOGuCdmjh0xRe915WB4/3SrBBng21zUxo
ThUEhMPRjgSdAl9F9lSxi7oUKjZQh8M1KnesQFAdVQqV
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:16:08 2025 by rpki-client