Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PRDq_COIMfhgriRtyufXAYqpMfY.roa
File: PRDq_COIMfhgriRtyufXAYqpMfY.roa (raw, json)
Hash identifier: Xb49mgPlz4y1X5Cxe4o49NPAD1/OxLpDXmE9ByhJgz4=
Subject key identifier: 3D:10:EA:FC:23:88:31:F8:60:AE:24:6D:CA:E7:D7:01:8A:A9:31:F6
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0195F5EE9A6D71E6CDE3D4DE8BF93F8B8941
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PRDq_COIMfhgriRtyufXAYqpMfY.roa
Signing time: Wed 02 Apr 2025 09:56:49 +0000
ROA not before: Wed 02 Apr 2025 09:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 87.229.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 09:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:ee:9a:6d:71:e6:cd:e3:d4:de:8b:f9:3f:8b:89:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 2 09:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d10eafc238831f860ae246dcae7d7018aa931f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:12:73:f2:16:5a:b4:ad:ca:1f:86:83:6d:3c:
46:df:03:f3:fe:40:47:8a:fc:2c:eb:e5:40:00:fb:
9c:36:05:21:25:d2:6e:5a:04:5a:0e:ae:b1:dc:d8:
64:ff:bd:58:b5:11:e9:26:9a:1d:fc:fe:2a:f0:be:
b9:8c:92:e6:4c:9a:6b:bb:28:c4:87:a6:d9:15:76:
84:6d:15:1b:27:24:d8:60:d4:1c:f5:50:3d:b2:eb:
44:2d:18:46:af:fd:75:59:d9:77:70:f9:ed:a4:41:
19:44:3f:bd:81:02:49:ef:da:09:92:98:5a:be:bf:
97:e7:7e:c7:77:ff:29:43:44:fd:e9:4a:c2:df:74:
d6:e2:4d:96:7e:21:a1:0b:bc:bf:97:64:b6:7c:07:
7a:51:98:33:95:4e:c7:9f:8d:80:82:30:62:9e:c4:
7e:86:c8:41:b7:e9:d7:d2:ee:17:9d:e2:24:bb:17:
bb:45:fa:42:8b:89:cb:10:ee:bd:53:b2:28:49:a4:
17:8a:91:2c:49:c8:75:e8:d3:86:24:06:d8:ea:0a:
71:ff:c3:b1:4c:ec:78:82:47:4f:c0:c7:25:a2:93:
d7:b2:15:0e:50:49:37:e9:63:74:b6:e2:b6:f4:0f:
04:de:00:88:89:3c:df:f6:35:1a:1a:ed:23:d8:f5:
ca:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:10:EA:FC:23:88:31:F8:60:AE:24:6D:CA:E7:D7:01:8A:A9:31:F6
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PRDq_COIMfhgriRtyufXAYqpMfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:7d:49:db:d9:4b:e0:6f:fa:ec:fb:8e:99:76:44:e2:b1:6a:
e2:13:c0:6e:4c:16:90:7e:14:21:21:cb:79:30:97:58:6e:e5:
a5:d9:d4:50:26:12:fe:b6:50:d7:9f:55:f3:9e:8b:cc:86:3d:
b2:50:96:68:3c:a7:cf:d4:4b:11:2c:dc:4e:68:61:e6:75:c7:
57:83:90:b3:46:f1:d8:88:27:ff:d9:5f:59:65:fa:a6:58:6e:
ed:75:0a:47:10:3b:06:00:c4:63:ed:7e:8f:dc:88:00:7c:22:
5e:79:14:b9:1a:dc:14:cd:54:c8:f2:5f:26:a3:04:26:22:5f:
c9:2e:e5:bf:08:ea:e5:3a:7b:2b:6f:a1:24:d2:f9:79:5e:de:
ed:6a:01:d5:1a:d3:34:8f:41:64:2f:fc:a0:8a:c2:b5:4a:7b:
6e:bc:af:eb:12:01:d4:86:e5:8a:9a:33:1c:23:60:ff:67:f4:
7d:d0:c3:7d:e0:e4:9f:b1:b4:24:80:91:7a:ab:84:f9:6d:73:
40:0a:53:d2:52:a2:5f:8a:de:ef:d2:86:8f:e5:d7:18:c5:0f:
ce:d9:a0:0b:05:6b:60:70:3e:97:2a:03:6a:c7:03:2d:4a:7d:
15:6b:11:cc:9e:79:67:c0:63:b8:8d:83:c6:77:d8:e6:43:07:
64:d1:82:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX17pptcebN49Tei/k/i4lBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDAyMDk1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDEwZWFmYzIzODgzMWY4NjBhZTI0NmRjYWU3ZDcwMThhYTkzMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBJz8hZatK3KH4aDbTxG3wPz/kBH
ivws6+VAAPucNgUhJdJuWgRaDq6x3Nhk/71YtRHpJpod/P4q8L65jJLmTJpruyjE
h6bZFXaEbRUbJyTYYNQc9VA9sutELRhGr/11Wdl3cPntpEEZRD+9gQJJ79oJkpha
vr+X537Hd/8pQ0T96UrC33TW4k2WfiGhC7y/l2S2fAd6UZgzlU7Hn42AgjBinsR+
hshBt+nX0u4XneIkuxe7RfpCi4nLEO69U7IoSaQXipEsSch16NOGJAbY6gpx/8Ox
TOx4gkdPwMclopPXshUOUEk36WN0tuK29A8E3gCIiTzf9jUaGu0j2PXKKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0Q6vwjiDH4YK4kbcrn1wGKqTH2MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvUFJEcV9DT0lNZmhncmlSdHl1ZlhBWXFwTWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV+UKMA0G
CSqGSIb3DQEBCwUAA4IBAQBPfUnb2Uvgb/rs+46ZdkTisWriE8BuTBaQfhQhIct5
MJdYbuWl2dRQJhL+tlDXn1XznovMhj2yUJZoPKfP1EsRLNxOaGHmdcdXg5CzRvHY
iCf/2V9ZZfqmWG7tdQpHEDsGAMRj7X6P3IgAfCJeeRS5GtwUzVTI8l8mowQmIl/J
LuW/COrlOnsrb6Ek0vl5Xt7tagHVGtM0j0FkL/ygisK1SntuvK/rEgHUhuWKmjMc
I2D/Z/R90MN94OSfsbQkgJF6q4T5bXNAClPSUqJfit7v0oaP5dcYxQ/O2aALBWtg
cD6XKgNqxwMtSn0VaxHMnnlnwGO4jYPGd9jmQwdk0YIf
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:59:17 2025 by rpki-client