Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/PZNxNz45jwhU2f2Vk-rUkU1xuZQ.roa
File: PZNxNz45jwhU2f2Vk-rUkU1xuZQ.roa (raw, json)
Hash identifier: F+PZJf4GxvF8kf0ckwm9Pxo9WyYXyL9ytkInNQ2bSTY=
Subject key identifier: 3D:93:71:37:3E:39:8F:08:54:D9:FD:95:93:EA:D4:91:4D:71:B9:94
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 0194221FB553FAE92C42DEE715E6078AAA71
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/PZNxNz45jwhU2f2Vk-rUkU1xuZQ.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140693
IP address blocks: 157.23.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b5:53:fa:e9:2c:42:de:e7:15:e6:07:8a:aa:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d9371373e398f0854d9fd9593ead4914d71b994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:20:c6:b1:59:9f:89:c3:1d:24:20:8a:9e:43:
1d:2c:fb:98:9c:ba:17:ba:55:7b:aa:34:75:cc:73:
13:76:96:db:44:74:9e:00:7f:85:7b:a9:3f:f6:87:
21:da:d2:18:4e:c0:41:5c:3b:eb:65:56:8a:c2:78:
f2:3b:fe:fc:84:41:6f:04:4c:a4:18:f3:8e:d0:31:
9c:2e:c1:4f:9e:30:31:92:93:85:b0:d3:c3:00:72:
c2:c7:f6:17:58:a4:af:49:a0:fe:e2:c9:11:12:43:
19:9e:87:82:d7:3a:84:98:50:14:e5:fd:4d:0c:2d:
00:ca:4a:97:e9:e9:f5:18:3f:2d:3a:50:c1:af:64:
88:ca:bf:59:1f:df:e0:31:69:b0:38:51:73:f2:54:
8c:ca:14:61:d0:8f:df:dc:b6:79:8a:fc:1e:3b:7d:
72:c2:16:57:9e:29:bf:48:d7:aa:53:12:1f:74:37:
2d:a8:65:32:61:75:87:4e:58:93:a2:23:80:22:06:
66:5b:30:57:3c:b5:54:80:0b:78:85:da:90:8c:9c:
1d:67:8d:89:f6:7c:46:0e:9c:61:27:e6:9a:bb:59:
ae:6b:f4:59:8c:37:5a:7b:ba:a4:f2:31:bc:be:fc:
fc:99:ed:f9:57:00:47:d2:d7:a2:d7:6a:ea:6a:2d:
9d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:93:71:37:3E:39:8F:08:54:D9:FD:95:93:EA:D4:91:4D:71:B9:94
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/PZNxNz45jwhU2f2Vk-rUkU1xuZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.248.0/24
Signature Algorithm: sha256WithRSAEncryption
25:be:87:9e:18:7d:00:c7:05:6d:ec:ec:88:03:d9:5b:d7:fd:
9a:2a:4b:e4:4b:69:67:5b:26:94:21:1c:01:06:41:d4:fb:dd:
36:fe:77:b1:51:1f:6e:a9:06:2e:ec:f0:4b:15:cf:63:80:88:
43:ee:f4:6c:56:d7:ce:56:7c:be:fc:7a:ca:a8:9b:ae:81:a4:
3a:7d:9e:95:24:d7:20:3b:79:22:aa:7c:78:f2:e1:cf:e7:24:
85:b2:29:78:a8:2d:0e:cc:1f:ef:f2:2e:63:26:82:95:23:f7:
0f:c9:d1:6b:5c:53:18:70:5c:dc:0a:60:3c:f2:5c:45:8c:8e:
fd:be:62:1f:c3:4a:ce:58:c8:d4:8c:ab:7d:32:1a:33:06:cc:
c6:16:e2:54:a4:cf:38:ab:81:8a:7b:36:b4:9f:16:39:dd:89:
62:91:8f:94:43:50:56:6d:72:65:ef:a0:f4:59:31:00:8b:fc:
b6:4e:fe:cf:a1:87:94:c1:fc:73:f1:27:c4:3f:3f:a9:ea:2e:
54:e6:cd:47:cb:bb:75:e0:d4:c7:67:b5:f5:e2:40:48:76:2f:
b7:21:9b:20:a8:be:69:24:b0:ab:7f:e9:7a:54:77:4d:c7:72:
52:36:c0:63:68:4f:27:e3:39:4f:a6:2f:a9:34:28:67:ed:f2:
30:87:4a:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7VT+uksQt7nFeYHiqpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5
MzYyNWUwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDkzNzEzNzNlMzk4ZjA4NTRkOWZkOTU5M2VhZDQ5MTRkNzFiOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyDGsVmficMdJCCKnkMdLPuYnLoX
ulV7qjR1zHMTdpbbRHSeAH+Fe6k/9och2tIYTsBBXDvrZVaKwnjyO/78hEFvBEyk
GPOO0DGcLsFPnjAxkpOFsNPDAHLCx/YXWKSvSaD+4skREkMZnoeC1zqEmFAU5f1N
DC0AykqX6en1GD8tOlDBr2SIyr9ZH9/gMWmwOFFz8lSMyhRh0I/f3LZ5ivweO31y
whZXnim/SNeqUxIfdDctqGUyYXWHTliToiOAIgZmWzBXPLVUgAt4hdqQjJwdZ42J
9nxGDpxhJ+aau1mua/RZjDdae7qk8jG8vvz8me35VwBH0tei12rqai2d9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2TcTc+OY8IVNn9lZPq1JFNcbmUMB8GA1UdIwQY
MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt
NTk3YjZlMjQ5MmFiLzEvUFpOeE56NDVqd2hVMmYyVmstclVrVTF4dVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi
LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRf4MA0G
CSqGSIb3DQEBCwUAA4IBAQAlvoeeGH0AxwVt7OyIA9lb1/2aKkvkS2lnWyaUIRwB
BkHU+902/nexUR9uqQYu7PBLFc9jgIhD7vRsVtfOVny+/HrKqJuugaQ6fZ6VJNcg
O3kiqnx48uHP5ySFsil4qC0OzB/v8i5jJoKVI/cPydFrXFMYcFzcCmA88lxFjI79
vmIfw0rOWMjUjKt9MhozBszGFuJUpM84q4GKeza0nxY53YlikY+UQ1BWbXJl76D0
WTEAi/y2Tv7PoYeUwfxz8SfEPz+p6i5U5s1Hy7t14NTHZ7X14kBIdi+3IZsgqL5p
JLCrf+l6VHdNx3JSNsBjaE8n4zlPpi+pNChn7fIwh0pc
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:44:16 2025 by rpki-client