Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/PsjhieTymPBMhbBeD2G4Eb2tiXM.roa
File: PsjhieTymPBMhbBeD2G4Eb2tiXM.roa (raw, json)
Hash identifier: bN6R2jhfh/x3ks5vaycX08tQPelsEHr78ADbPw3Z954=
Subject key identifier: 3E:C8:E1:89:E4:F2:98:F0:4C:85:B0:5E:0F:61:B8:11:BD:AD:89:73
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 01941F8C3A110AA9C1EE23E40751FDB33396
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/PsjhieTymPBMhbBeD2G4Eb2tiXM.roa
Signing time: Wed 01 Jan 2025 01:47:51 +0000
ROA not before: Wed 01 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8218
IP address blocks: 46.255.176.0/21 maxlen: 21
83.167.32.0/19 maxlen: 19
91.194.208.0/23 maxlen: 24
94.103.128.0/20 maxlen: 20
141.255.136.0/21 maxlen: 21
158.255.96.0/19 maxlen: 19
158.255.106.0/24 maxlen: 24
185.110.192.0/22 maxlen: 22
193.34.130.0/23 maxlen: 24
193.227.248.0/23 maxlen: 24
195.216.192.0/23 maxlen: 24
212.69.160.0/19 maxlen: 19
213.152.0.0/19 maxlen: 19
213.179.76.0/22 maxlen: 22
2001:1b48::/32 maxlen: 32
2a00:1f60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:3a:11:0a:a9:c1:ee:23:e4:07:51:fd:b3:33:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 1 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ec8e189e4f298f04c85b05e0f61b811bdad8973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e0:ab:c7:4c:4a:3f:31:ca:0a:62:82:2e:f3:
52:97:76:d8:a1:9f:0a:15:39:ef:20:c0:bd:a4:eb:
7d:42:1e:f2:0a:59:24:6d:93:28:59:57:94:d5:aa:
0b:d5:7d:c7:cc:df:69:e0:8b:20:07:ea:f4:d9:ed:
d7:96:ad:8a:45:1e:44:85:36:59:13:90:de:93:0c:
7f:4c:d9:95:d4:c2:76:df:41:fc:76:82:45:87:93:
2f:e4:ab:7f:77:4c:58:fd:f5:63:3f:3c:6c:e9:6b:
f3:49:c1:28:ed:f4:ee:4c:8f:0b:2e:ac:ee:f8:ed:
2f:92:d5:5e:4b:0f:72:6f:12:5e:51:81:63:42:41:
2f:19:7d:44:c9:d9:c9:d4:4b:6c:99:95:a6:b2:2b:
ae:ef:da:b0:c0:96:03:df:b1:4d:42:8c:88:d2:a2:
ec:6a:cc:a3:bc:82:cd:0d:5a:0a:f6:46:31:f6:ef:
6c:b3:f6:77:fa:8d:da:03:67:0b:3d:76:41:ab:45:
1a:4e:ae:32:9b:d0:ea:f3:13:94:c2:82:2c:3c:3f:
3b:87:5c:ef:50:ba:ed:2e:29:42:85:3f:df:d1:83:
cd:0b:af:77:84:84:f7:4a:b3:ed:84:ad:d1:1a:f1:
2d:ef:6f:d8:b1:63:55:9a:24:c3:38:52:bb:bb:58:
36:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C8:E1:89:E4:F2:98:F0:4C:85:B0:5E:0F:61:B8:11:BD:AD:89:73
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/PsjhieTymPBMhbBeD2G4Eb2tiXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.176.0/21
83.167.32.0/19
91.194.208.0/23
94.103.128.0/20
141.255.136.0/21
158.255.96.0/19
185.110.192.0/22
193.34.130.0/23
193.227.248.0/23
195.216.192.0/23
212.69.160.0/19
213.152.0.0/19
213.179.76.0/22
IPv6:
2001:1b48::/32
2a00:1f60::/32
Signature Algorithm: sha256WithRSAEncryption
31:5d:d7:9f:4e:7f:84:90:72:1d:d8:19:1e:43:da:5b:8c:ad:
74:2f:5d:29:f2:f1:e1:c3:1c:b4:f6:77:55:f8:1f:d3:f1:c9:
3b:50:fd:ec:c7:c1:1c:4a:79:91:fb:b9:d4:bd:f5:60:ff:3f:
63:fb:46:17:03:9d:74:23:1a:e7:95:38:be:46:5e:1e:ea:5e:
23:c5:34:2b:21:02:db:83:11:62:b8:b9:b8:06:c0:25:7d:54:
63:8d:ff:e6:b8:9f:73:bf:9a:38:ca:f0:f1:98:bb:fe:85:b2:
a4:ba:99:fa:f2:41:05:0e:d0:f6:7f:34:f7:e5:46:37:97:c5:
f7:1d:65:71:61:dd:11:87:b4:96:7a:14:9c:eb:fb:6b:7b:7c:
1d:9d:c8:12:3e:96:24:ae:dd:02:87:e3:a2:f1:a0:84:be:a7:
da:16:52:b0:da:56:c3:56:85:2e:d4:ff:04:9e:46:50:d7:84:
04:8b:d8:78:1e:a7:6a:60:04:9a:e4:e1:3f:2a:d3:46:5f:9f:
62:d8:e1:91:f9:a1:40:2e:66:c5:c0:2a:b6:e3:ce:fc:9c:19:
42:c2:04:5d:6f:60:8c:2b:35:2d:9d:a0:f0:5a:fe:ef:8d:29:
6e:49:2a:99:f8:45:0b:6b:92:fc:e5:77:d9:6c:6f:3f:16:9c:
6d:8c:65:1e
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZQfjDoRCqnB7iPkB1H9szOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzlhZjE3MTZkYzQ2MWU1YmIzZjg3NjIxNWJjYjk0ZTg4
MDhiYTAwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWM4ZTE4OWU0ZjI5OGYwNGM4NWIwNWUwZjYxYjgxMWJkYWQ4OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eCrx0xKPzHKCmKCLvNSl3bYoZ8K
FTnvIMC9pOt9Qh7yClkkbZMoWVeU1aoL1X3HzN9p4IsgB+r02e3Xlq2KRR5EhTZZ
E5Dekwx/TNmV1MJ230H8doJFh5Mv5Kt/d0xY/fVjPzxs6WvzScEo7fTuTI8LLqzu
+O0vktVeSw9ybxJeUYFjQkEvGX1EydnJ1EtsmZWmsiuu79qwwJYD37FNQoyI0qLs
asyjvILNDVoK9kYx9u9ss/Z3+o3aA2cLPXZBq0UaTq4ym9Dq8xOUwoIsPD87h1zv
ULrtLilChT/f0YPNC693hIT3SrPthK3RGvEt72/YsWNVmiTDOFK7u1g2SQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFD7I4Ynk8pjwTIWwXg9huBG9rYlzMB8GA1UdIwQY
MBaAFOR5rxcW3EYeW7P4diFby5TogIugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTIt
MjQxZWFiNjE0ODNmLzEvUHNqaGllVHltUEJNaGJCZUQyRzRFYjJ0aVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTItMjQxZWFiNjE0ODNm
LzEvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQDLv+wAwQF
U6cgAwQBW8LQAwQEXmeAAwQDjf+IAwQFnv9gAwQCuW7AAwQBwSKCAwQBweP4AwQB
w9jAAwQF1EWgAwQF1ZgAAwQC1bNMMBQEAgACMA4DBQAgARtIAwUAKgAfYDANBgkq
hkiG9w0BAQsFAAOCAQEAMV3Xn05/hJByHdgZHkPaW4ytdC9dKfLx4cMctPZ3Vfgf
0/HJO1D97MfBHEp5kfu51L31YP8/Y/tGFwOddCMa55U4vkZeHupeI8U0KyEC24MR
Yri5uAbAJX1UY43/5rifc7+aOMrw8Zi7/oWypLqZ+vJBBQ7Q9n809+VGN5fF9x1l
cWHdEYe0lnoUnOv7a3t8HZ3IEj6WJK7dAofjovGghL6n2hZSsNpWw1aFLtT/BJ5G
UNeEBIvYeB6namAEmuThPyrTRl+fYtjhkfmhQC5mxcAqtuPO/JwZQsIEXW9gjCs1
LZ2g8Fr+740pbkkqmfhFC2uS/OV32WxvPxacbYxlHg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:03:50 2025 by rpki-client