Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/PafYfOtVjXYHVKDufTTvmrp8Mi0.roa
File: PafYfOtVjXYHVKDufTTvmrp8Mi0.roa (raw, json)
Hash identifier: b398RFkcQTPPXL4dnLyJgJVo5J/jWt94iLAKJmGnQNI=
Subject key identifier: 3D:A7:D8:7C:EB:55:8D:76:07:54:A0:EE:7D:34:EF:9A:BA:7C:32:2D
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C7B59EB5F1C8CDB373ABFB0500663
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/PafYfOtVjXYHVKDufTTvmrp8Mi0.roa
Signing time: Thu 02 Jan 2025 09:50:31 +0000
ROA not before: Thu 02 Jan 2025 09:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43793
IP address blocks: 31.47.144.0/20 maxlen: 20
46.183.80.0/21 maxlen: 21
78.111.240.0/20 maxlen: 20
109.205.144.0/21 maxlen: 21
185.43.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:7b:59:eb:5f:1c:8c:db:37:3a:bf:b0:50:06:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3da7d87ceb558d760754a0ee7d34ef9aba7c322d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:ec:43:41:0a:50:17:9e:a9:71:99:9b:23:
1e:8f:99:13:d3:11:6f:b2:56:79:f0:db:e9:86:4f:
ba:f0:4a:61:54:98:a8:dc:a6:be:05:f8:64:0f:d8:
90:21:00:a7:a2:18:f0:10:0d:e7:02:c9:89:9f:39:
45:0b:1d:22:b9:d9:97:f3:16:81:13:7c:9b:51:eb:
9f:35:bb:6d:81:76:ec:6d:6b:bf:35:47:2d:0c:2f:
3c:e1:38:35:72:3c:e1:92:3e:e3:76:4b:6f:de:17:
7a:2c:20:c3:c4:95:32:3e:68:59:f6:59:ec:82:43:
14:06:24:94:fd:80:ca:91:20:64:62:3a:52:ad:8b:
dd:7d:ed:fe:c1:c6:35:35:06:fd:09:e9:69:e3:34:
fe:9f:56:7d:45:b9:19:67:0d:60:38:84:86:6d:f0:
ea:d6:ad:dc:78:6e:54:57:52:bc:de:10:79:e9:1a:
7f:07:46:fd:4a:1e:e7:46:33:98:00:29:06:5a:a6:
8b:44:d8:84:9c:8c:54:e3:b3:5e:45:60:cc:f1:ca:
9f:d3:ca:3a:0c:1a:ae:38:a6:56:e6:58:60:8e:d6:
d0:a1:b8:9d:2c:81:25:d5:b8:68:ee:5e:86:f4:1f:
e4:f5:11:2b:ab:0d:6c:2f:05:d4:ef:06:85:b1:6e:
f5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A7:D8:7C:EB:55:8D:76:07:54:A0:EE:7D:34:EF:9A:BA:7C:32:2D
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/PafYfOtVjXYHVKDufTTvmrp8Mi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.144.0/20
46.183.80.0/21
78.111.240.0/20
109.205.144.0/21
185.43.100.0/22
Signature Algorithm: sha256WithRSAEncryption
76:b4:c9:35:ed:75:45:77:f3:aa:3c:e4:0b:e5:20:27:74:28:
47:ac:11:4c:47:4a:34:7b:60:62:1f:0b:51:61:eb:89:5c:ad:
6f:ed:fd:00:70:19:51:ab:b7:15:1f:2a:46:c5:da:7c:84:34:
da:3b:5d:f6:a8:0e:74:8e:71:2f:84:93:82:54:31:c4:65:79:
f1:79:46:63:da:a3:13:9b:87:b9:09:71:fe:95:36:8a:f1:f3:
49:11:4e:b2:38:54:39:2f:7a:a7:ef:3b:0c:14:fd:ac:f9:97:
34:3d:d1:86:67:05:32:9c:42:d8:dc:3d:f6:ac:25:7b:84:83:
fa:03:9a:55:20:ff:9a:77:9e:7b:ae:61:32:05:7b:6a:52:ae:
9d:40:67:3e:7c:0d:fa:4b:a2:12:19:55:f6:e9:08:32:72:e9:
d5:fc:78:a5:a4:0d:35:92:0c:ac:f1:bb:eb:83:c8:4a:fc:68:
e4:9b:0b:d4:8d:a4:89:b5:9d:50:8a:b0:24:ae:15:bf:6a:41:
a5:90:6c:7e:09:d2:21:f1:91:14:3b:46:88:08:a5:14:57:73:
1c:66:3d:7f:d8:44:39:0a:61:76:ff:39:8b:4e:75:f5:0c:1b:
a5:4a:be:80:57:a3:ae:98:4c:f4:5d:2d:c7:95:3d:b3:c1:12:
3e:7e:f6:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmbHtZ618cjNs3Or+wUAZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE3ZDg3Y2ViNTU4ZDc2MDc1NGEwZWU3ZDM0ZWY5YWJhN2MzMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAnsQ0EKUBeeqXGZmyMej5kT0xFv
slZ58Nvphk+68EphVJio3Ka+BfhkD9iQIQCnohjwEA3nAsmJnzlFCx0iudmX8xaB
E3ybUeufNbttgXbsbWu/NUctDC884Tg1cjzhkj7jdktv3hd6LCDDxJUyPmhZ9lns
gkMUBiSU/YDKkSBkYjpSrYvdfe3+wcY1NQb9Celp4zT+n1Z9RbkZZw1gOISGbfDq
1q3ceG5UV1K83hB56Rp/B0b9Sh7nRjOYACkGWqaLRNiEnIxU47NeRWDM8cqf08o6
DBquOKZW5lhgjtbQobidLIEl1bho7l6G9B/k9RErqw1sLwXU7waFsW71kwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD2n2HzrVY12B1Sg7n0075q6fDItMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvUGFmWWZPdFZqWFlIVktEdWZUVHZtcnA4TWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEHy+QAwQD
LrdQAwQETm/wAwQDbc2QAwQCuStkMA0GCSqGSIb3DQEBCwUAA4IBAQB2tMk17XVF
d/OqPOQL5SAndChHrBFMR0o0e2BiHwtRYeuJXK1v7f0AcBlRq7cVHypGxdp8hDTa
O132qA50jnEvhJOCVDHEZXnxeUZj2qMTm4e5CXH+lTaK8fNJEU6yOFQ5L3qn7zsM
FP2s+Zc0PdGGZwUynELY3D32rCV7hIP6A5pVIP+ad557rmEyBXtqUq6dQGc+fA36
S6ISGVX26QgycunV/HilpA01kgys8bvrg8hK/GjkmwvUjaSJtZ1QirAkrhW/akGl
kGx+CdIh8ZEUO0aICKUUV3McZj1/2EQ5CmF2/zmLTnX1DBulSr6AV6OumEz0XS3H
lT2zwRI+fvY2
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:58 2025 by rpki-client