Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/pwPsYJfs2vnUf15_MeMU_hA-6CU.roa
File: pwPsYJfs2vnUf15_MeMU_hA-6CU.roa (raw, json)
Hash identifier: smjjAOw4zvZQ0c4TXCjwjpB3rI9MVKm+DRNb4qequDk=
Subject key identifier: A7:03:EC:60:97:EC:DA:F9:D4:7F:5E:7F:31:E3:14:FE:10:3E:E8:25
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B5688959354A84F8ABC39DA7065AA1
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/pwPsYJfs2vnUf15_MeMU_hA-6CU.roa
Signing time: Thu 02 Jan 2025 15:49:47 +0000
ROA not before: Thu 02 Jan 2025 15:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199599
IP address blocks: 212.67.16.0/24 maxlen: 24
212.67.18.0/24 maxlen: 24
212.67.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:68:89:59:35:4a:84:f8:ab:c3:9d:a7:06:5a:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a703ec6097ecdaf9d47f5e7f31e314fe103ee825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:57:26:f6:c4:db:1f:af:bc:ef:fc:32:59:b8:
57:e2:e7:cd:f0:c4:d2:d6:50:4e:3a:91:a8:d3:8b:
6f:d4:aa:3d:90:3a:48:0b:64:fc:f7:63:87:17:b1:
65:2b:2a:0d:89:39:9a:07:76:ee:a8:19:c7:74:2c:
20:64:14:8f:4c:c5:93:98:b2:58:e7:f2:9d:57:54:
c2:d9:80:00:aa:5c:b6:27:8c:c1:d4:1f:9b:31:3b:
23:d6:bf:cd:1c:f9:e9:48:32:a8:cc:21:07:79:2d:
ac:fa:e7:01:8e:a8:89:e1:38:73:6c:9d:00:dc:f7:
fc:6b:64:98:4a:34:28:c8:a6:e2:aa:d5:5b:33:8c:
af:ee:20:1f:da:d5:48:2e:69:a5:c4:a6:c3:77:31:
ba:b5:4b:9a:48:cc:9c:69:5e:ea:cb:9c:0b:60:6a:
69:9d:a6:93:7f:04:24:6f:21:ba:18:fe:87:65:ff:
34:99:4a:58:ec:b6:b9:fc:2a:e9:82:43:a7:2b:c8:
19:de:ff:b5:5f:84:92:e3:7c:1c:c9:03:42:fe:f6:
46:4b:b4:54:7b:a1:73:0e:7b:1c:1b:48:4d:9b:b6:
19:e9:5e:27:c5:3b:4f:e8:6a:b7:3b:92:f9:f1:05:
db:ac:89:e8:29:c6:36:0a:c0:24:41:0b:34:68:7a:
3e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:03:EC:60:97:EC:DA:F9:D4:7F:5E:7F:31:E3:14:FE:10:3E:E8:25
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/pwPsYJfs2vnUf15_MeMU_hA-6CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.67.16.0/24
212.67.18.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:dd:d1:f8:81:e3:b3:63:02:c7:5b:7e:e1:e4:d0:ac:ac:3b:
f9:7e:e7:e7:0e:2a:e9:25:86:ab:7b:73:6c:15:27:c0:bc:11:
9c:b2:f3:2f:cb:0a:95:65:83:fa:40:11:50:ce:e2:f4:ff:18:
2d:f5:3e:81:d6:6d:88:a8:68:10:a5:0a:c0:99:94:b6:98:fa:
b8:34:3c:b0:9c:8f:d3:6a:51:f6:9f:bd:49:8e:ba:d9:0d:69:
77:3b:21:57:92:bf:cb:6e:cd:92:28:72:37:ba:64:28:18:7f:
ae:0a:e7:d5:35:3f:2d:97:6a:50:4a:fb:0a:57:78:c1:f2:29:
6e:b1:49:d9:38:d9:9e:96:0a:a2:b5:94:cc:cf:b8:2c:5d:34:
2f:e3:2b:35:28:24:46:48:e8:4c:2d:01:d3:df:5c:c8:6c:e3:
99:c4:cb:5c:73:11:d8:e4:1f:5a:1b:f2:49:fe:90:e6:35:01:
7e:46:6d:70:0d:3d:62:7f:45:6d:ad:0e:3d:23:29:db:30:7f:
c7:6e:53:5a:93:f5:8d:17:23:a8:e3:08:26:47:dd:cc:39:e7:
ef:c5:64:50:4d:04:f0:d3:30:7a:d4:f5:3b:86:e4:20:70:ef:
b9:ed:52:dd:59:f1:03:d7:88:8c:3b:9f:38:bd:ab:53:88:f4:
f6:5f:fb:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntWiJWTVKhPirw52nBlqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzAzZWM2MDk3ZWNkYWY5ZDQ3ZjVlN2YzMWUzMTRmZTEwM2VlODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFcm9sTbH6+87/wyWbhX4ufN8MTS
1lBOOpGo04tv1Ko9kDpIC2T892OHF7FlKyoNiTmaB3buqBnHdCwgZBSPTMWTmLJY
5/KdV1TC2YAAqly2J4zB1B+bMTsj1r/NHPnpSDKozCEHeS2s+ucBjqiJ4ThzbJ0A
3Pf8a2SYSjQoyKbiqtVbM4yv7iAf2tVILmmlxKbDdzG6tUuaSMycaV7qy5wLYGpp
naaTfwQkbyG6GP6HZf80mUpY7La5/CrpgkOnK8gZ3v+1X4SS43wcyQNC/vZGS7RU
e6FzDnscG0hNm7YZ6V4nxTtP6Gq3O5L58QXbrInoKcY2CsAkQQs0aHo+LwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKcD7GCX7Nr51H9efzHjFP4QPuglMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvcHdQc1lKZnMydm5VZjE1X01lTVVfaEEtNkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1EMQAwQB
1EMSMA0GCSqGSIb3DQEBCwUAA4IBAQAa3dH4geOzYwLHW37h5NCsrDv5fufnDirp
JYare3NsFSfAvBGcsvMvywqVZYP6QBFQzuL0/xgt9T6B1m2IqGgQpQrAmZS2mPq4
NDywnI/TalH2n71JjrrZDWl3OyFXkr/Lbs2SKHI3umQoGH+uCufVNT8tl2pQSvsK
V3jB8ilusUnZONmelgqitZTMz7gsXTQv4ys1KCRGSOhMLQHT31zIbOOZxMtccxHY
5B9aG/JJ/pDmNQF+Rm1wDT1if0VtrQ49IynbMH/HblNak/WNFyOo4wgmR93MOefv
xWRQTQTw0zB61PU7huQgcO+57VLdWfED14iMO584vatTiPT2X/vl
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:23 2025 by rpki-client