Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PCD4pMjwm_sRERMqew6nmJJTBQA.roa
File: PCD4pMjwm_sRERMqew6nmJJTBQA.roa (raw, json)
Hash identifier: 2fehJOOMp4gKy2ffEG7e7LdpmTzD0XqXygBTbsZGg7w=
Subject key identifier: 3C:20:F8:A4:C8:F0:9B:FB:11:11:13:2A:7B:0E:A7:98:92:53:05:00
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01963F8878AE6F3255A2C069DE645A08C949
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PCD4pMjwm_sRERMqew6nmJJTBQA.roa
Signing time: Wed 16 Apr 2025 16:57:10 +0000
ROA not before: Wed 16 Apr 2025 16:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59729
IP address blocks: 91.220.198.0/24 maxlen: 24
195.88.220.0/24 maxlen: 24
195.96.144.0/24 maxlen: 24
195.96.147.0/24 maxlen: 24
195.96.154.0/24 maxlen: 24
212.18.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 14:33:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:88:78:ae:6f:32:55:a2:c0:69:de:64:5a:08:c9:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Apr 16 16:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c20f8a4c8f09bfb1111132a7b0ea79892530500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5f:8a:1b:6a:5d:cb:32:41:fe:0f:1d:04:96:
9b:e9:38:e9:03:dd:71:20:83:58:46:37:0f:5d:37:
69:39:9f:f6:1b:e0:e0:70:0f:dd:44:68:91:ca:35:
4a:24:2d:86:b7:28:cf:46:5a:b8:a1:8a:bd:c3:67:
f4:ea:c6:ff:b6:cc:45:bb:77:85:89:ac:95:25:60:
b6:0d:fb:82:15:b5:56:49:f5:06:94:f7:4b:58:a4:
45:de:f2:d0:cb:eb:aa:c4:ec:c2:98:6f:7c:60:a7:
08:d8:b3:89:cf:2c:82:8d:50:78:65:60:b4:fa:61:
39:db:e8:b6:ac:a9:88:72:0e:f9:f7:8d:f2:7e:1e:
26:52:71:5a:fa:09:7d:16:83:51:3e:0a:c4:df:53:
e8:6d:4b:2a:93:a0:68:a0:07:ff:3e:5f:34:81:0d:
14:5c:c1:58:70:98:4a:8f:1c:f8:31:31:1b:3b:d8:
a0:91:9f:61:b0:d9:1e:10:39:75:51:cb:de:5f:d6:
33:72:3d:2c:3e:67:5f:21:a5:9d:f0:f6:1d:fa:24:
4f:93:e4:69:7a:09:ed:25:ba:2f:e6:37:5e:04:18:
bf:28:4c:e6:f3:6c:f3:8c:ce:0e:d2:80:af:1a:f9:
e7:e5:35:1b:b6:8c:15:a6:a8:dc:af:2e:30:ad:39:
53:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:20:F8:A4:C8:F0:9B:FB:11:11:13:2A:7B:0E:A7:98:92:53:05:00
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/PCD4pMjwm_sRERMqew6nmJJTBQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.198.0/24
195.88.220.0/24
195.96.144.0/24
195.96.147.0/24
195.96.154.0/24
212.18.126.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:80:94:39:9b:8a:ed:1a:b0:13:37:c3:b2:d0:04:99:21:2b:
d7:2c:58:80:ab:52:aa:3d:92:36:4b:16:e7:28:5b:75:02:ce:
fd:8f:51:08:f0:bd:a7:84:10:90:0f:97:ce:a9:11:64:d1:eb:
bd:aa:4b:83:a5:fe:a1:ec:fd:b2:91:ca:49:17:b9:7f:36:35:
d2:4f:2b:9c:d9:fe:12:92:85:11:16:89:bc:24:f7:c8:33:04:
0c:64:fe:1e:a5:43:31:49:da:61:82:00:54:d6:50:8d:7a:d4:
d8:38:92:77:c7:79:0c:96:88:95:87:93:c3:19:e3:08:3e:31:
38:4c:4c:12:9e:61:53:c3:49:b2:af:7c:1d:5f:fb:1e:a3:1e:
20:23:f7:56:4a:46:e6:ae:d3:fe:00:21:3a:b8:1b:70:7a:48:
37:7b:b5:5a:e8:70:b9:02:95:52:89:d1:b9:36:82:7c:89:94:
98:16:6d:c8:65:b3:5f:e9:ce:65:17:e8:ae:3a:22:26:92:ac:
56:9c:c3:cb:b5:71:b2:aa:38:d8:a9:ca:aa:23:93:b7:47:fb:
17:5f:d8:8a:f9:8a:d9:31:c2:fb:72:6a:bf:2a:09:d1:91:52:
f6:4f:1b:3b:b4:97:6a:8c:f7:c2:02:58:f5:29:99:d1:8b:ef:
19:11:68:1f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZY/iHiubzJVosBp3mRaCMlJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwNDE2MTY1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIwZjhhNGM4ZjA5YmZiMTExMTEzMmE3YjBlYTc5ODkyNTMwNTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F+KG2pdyzJB/g8dBJab6TjpA91x
IINYRjcPXTdpOZ/2G+DgcA/dRGiRyjVKJC2GtyjPRlq4oYq9w2f06sb/tsxFu3eF
iayVJWC2DfuCFbVWSfUGlPdLWKRF3vLQy+uqxOzCmG98YKcI2LOJzyyCjVB4ZWC0
+mE52+i2rKmIcg75943yfh4mUnFa+gl9FoNRPgrE31PobUsqk6BooAf/Pl80gQ0U
XMFYcJhKjxz4MTEbO9igkZ9hsNkeEDl1UcveX9Yzcj0sPmdfIaWd8PYd+iRPk+Rp
egntJbov5jdeBBi/KEzm82zzjM4O0oCvGvnn5TUbtowVpqjcry4wrTlTXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDwg+KTI8Jv7ERETKnsOp5iSUwUAMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvUENENHBNandtX3NSRVJNcWV3Nm5tSkpUQlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW9zGAwQA
w1jcAwQAw2CQAwQAw2CTAwQAw2CaAwQA1BJ+MA0GCSqGSIb3DQEBCwUAA4IBAQCL
gJQ5m4rtGrATN8Oy0ASZISvXLFiAq1KqPZI2SxbnKFt1As79j1EI8L2nhBCQD5fO
qRFk0eu9qkuDpf6h7P2ykcpJF7l/NjXSTyuc2f4SkoURFom8JPfIMwQMZP4epUMx
SdphggBU1lCNetTYOJJ3x3kMloiVh5PDGeMIPjE4TEwSnmFTw0myr3wdX/seox4g
I/dWSkbmrtP+ACE6uBtwekg3e7Va6HC5ApVSidG5NoJ8iZSYFm3IZbNf6c5lF+iu
OiImkqxWnMPLtXGyqjjYqcqqI5O3R/sXX9iK+YrZMcL7cmq/KgnRkVL2Txs7tJdq
jPfCAlj1KZnRi+8ZEWgf
-----END CERTIFICATE-----
Generated at Thu May 1 18:45:37 2025 by rpki-client