Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/pEP-pQhZiYbw0SOD31dKWiKIqmI.roa
File: pEP-pQhZiYbw0SOD31dKWiKIqmI.roa (raw, json)
Hash identifier: CfAhs6liLNKygVMpweyGMUtkUgPvkHCadlR7GSV9YRQ=
Subject key identifier: A4:43:FE:A5:08:59:89:86:F0:D1:23:83:DF:57:4A:5A:22:88:AA:62
Certificate issuer: /CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Certificate serial: 019424B30900AF2CC29D9CAA76D7659F1AD4
Authority key identifier: 6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/pEP-pQhZiYbw0SOD31dKWiKIqmI.roa
Signing time: Thu 02 Jan 2025 01:48:20 +0000
ROA not before: Thu 02 Jan 2025 01:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215282
IP address blocks: 86.109.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:09:00:af:2c:c2:9d:9c:aa:76:d7:65:9f:1a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Validity
Not Before: Jan 2 01:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a443fea508598986f0d12383df574a5a2288aa62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:40:8e:4e:36:da:2f:f1:7e:36:af:3f:ca:cf:
84:c9:cf:a7:f0:2e:f3:1e:f9:b1:25:24:7f:aa:c0:
51:a1:50:3e:99:db:66:35:3f:08:3e:d9:f8:c8:60:
f9:6e:3d:22:65:e8:4c:fc:0e:9d:3c:3e:8b:c1:f9:
eb:ae:34:f3:80:ee:73:a6:5f:a4:e7:71:fd:3a:4c:
d6:75:7a:4e:dd:63:78:8a:48:99:37:81:49:bf:d7:
fe:e7:72:68:58:31:de:4c:6b:24:d5:d8:ba:9f:c9:
14:8a:90:67:0e:8f:5e:a6:51:f7:5f:5d:e1:af:0a:
f8:1e:7a:f9:0f:4f:cc:d0:9a:1b:47:d5:97:2c:c8:
73:53:25:a9:0b:c2:00:8f:6b:bf:d6:e3:6b:47:2b:
d6:27:52:a2:85:16:3b:ec:dd:b3:7d:8d:61:67:8c:
2d:2b:35:6e:4b:28:7b:bf:41:a4:21:09:c3:53:cf:
0b:e1:23:6a:d6:3a:80:c6:31:ac:d6:fb:14:9e:97:
6c:5c:13:a3:f5:4c:67:08:12:1e:84:10:32:32:2b:
d6:2b:9a:f6:3b:00:40:98:58:be:91:a0:46:42:93:
8f:3d:89:ba:d5:77:cb:0c:43:6d:25:b9:45:7a:0a:
dc:dc:51:52:bf:51:a5:39:b4:a6:9e:54:c4:fc:1f:
c3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:43:FE:A5:08:59:89:86:F0:D1:23:83:DF:57:4A:5A:22:88:AA:62
X509v3 Authority Key Identifier:
keyid:6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/pEP-pQhZiYbw0SOD31dKWiKIqmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.232.0/24
Signature Algorithm: sha256WithRSAEncryption
46:94:9c:ab:e9:f7:c0:04:4d:af:5a:6f:c7:9e:4d:55:0b:61:
b0:8b:1e:de:79:15:5c:23:a2:e0:44:d8:17:db:3f:8c:96:16:
06:1c:4b:37:5f:1a:de:b7:cd:0d:91:28:91:51:f4:59:36:e2:
f6:f4:75:99:ef:ae:10:96:f5:55:36:d7:f1:81:51:b5:a5:6b:
dd:f7:82:42:db:f8:2b:b0:4c:29:21:a5:3d:8b:8e:cc:e6:27:
fe:32:00:74:74:70:17:72:93:03:41:25:22:13:e8:f3:62:02:
f1:d7:64:6b:32:64:4e:2b:a3:ca:be:b9:67:70:74:04:2e:e9:
d8:1c:c9:75:01:d3:47:ad:72:8c:bd:dc:dc:f2:6e:31:cb:f1:
26:28:f0:4b:d4:19:7a:23:fa:de:3e:bb:ed:a9:f5:fa:28:dd:
51:83:2c:54:7a:61:1f:60:84:e3:53:32:82:98:98:4f:36:89:
97:ce:a2:cf:ff:04:95:48:dc:f8:38:03:fd:3a:59:2d:9c:4b:
b3:3a:e5:a3:74:50:a1:ad:5b:23:3a:84:9b:70:74:18:64:b9:
b0:6f:3c:2d:2f:0d:a4:c5:fb:46:c1:dc:ae:2f:9b:35:37:fb:
1c:26:00:14:87:71:a3:15:2f:43:a8:1b:78:7e:93:9e:50:d5:
54:03:fb:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkswkAryzCnZyqdtdlnxrUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzNlNmNiMmViMDJmY2M3NDJiYWY5MWFiODY1YzliMjBk
NjQ4NGIwHhcNMjUwMTAyMDE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDQzZmVhNTA4NTk4OTg2ZjBkMTIzODNkZjU3NGE1YTIyODhhYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkCOTjbaL/F+Nq8/ys+Eyc+n8C7z
HvmxJSR/qsBRoVA+mdtmNT8IPtn4yGD5bj0iZehM/A6dPD6LwfnrrjTzgO5zpl+k
53H9OkzWdXpO3WN4ikiZN4FJv9f+53JoWDHeTGsk1di6n8kUipBnDo9eplH3X13h
rwr4Hnr5D0/M0JobR9WXLMhzUyWpC8IAj2u/1uNrRyvWJ1KihRY77N2zfY1hZ4wt
KzVuSyh7v0GkIQnDU88L4SNq1jqAxjGs1vsUnpdsXBOj9UxnCBIehBAyMivWK5r2
OwBAmFi+kaBGQpOPPYm61XfLDENtJblFegrc3FFSv1GlObSmnlTE/B/DTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRD/qUIWYmG8NEjg99XSloiiKpiMB8GA1UdIwQY
MBaAFGvD5ssusC/MdCuvkauGXJsg1khLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYt
MTEwOThhYTJlYmMzLzEvcEVQLXBRaFppWWJ3MFNPRDMxZEtXaUtJcW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYtMTEwOThhYTJlYmMz
LzEvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm3oMA0G
CSqGSIb3DQEBCwUAA4IBAQBGlJyr6ffABE2vWm/Hnk1VC2Gwix7eeRVcI6LgRNgX
2z+MlhYGHEs3Xxret80NkSiRUfRZNuL29HWZ764QlvVVNtfxgVG1pWvd94JC2/gr
sEwpIaU9i47M5if+MgB0dHAXcpMDQSUiE+jzYgLx12RrMmROK6PKvrlncHQELunY
HMl1AdNHrXKMvdzc8m4xy/EmKPBL1Bl6I/rePrvtqfX6KN1RgyxUemEfYITjUzKC
mJhPNomXzqLP/wSVSNz4OAP9OlktnEuzOuWjdFChrVsjOoSbcHQYZLmwbzwtLw2k
xftGwdyuL5s1N/scJgAUh3GjFS9DqBt4fpOeUNVUA/v3
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:05 2025 by rpki-client