Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/C_PGOc03jGMSWjD8mAR0igEEyyQ.roa
File: C_PGOc03jGMSWjD8mAR0igEEyyQ.roa (raw, json)
Hash identifier: C4bHsZyQHmYG17oRmY2GwNsr94o4S9tEWANWUmFjfac=
Subject key identifier: 0B:F3:C6:39:CD:37:8C:63:12:5A:30:FC:98:04:74:8A:01:04:CB:24
Certificate issuer: /CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Certificate serial: 01966CFDBD22A9188889FF455322FD899BE0
Authority key identifier: F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/C_PGOc03jGMSWjD8mAR0igEEyyQ.roa
Signing time: Fri 25 Apr 2025 12:48:10 +0000
ROA not before: Fri 25 Apr 2025 12:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15693
IP address blocks: 46.183.248.0/21 maxlen: 21
185.29.60.0/24 maxlen: 24
185.29.62.0/23 maxlen: 23
195.191.120.0/23 maxlen: 23
2a01:8800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:fd:bd:22:a9:18:88:89:ff:45:53:22:fd:89:9b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8dd7ae12d2a37f21aac6f81b6af67d6617ca28e
Validity
Not Before: Apr 25 12:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bf3c639cd378c63125a30fc9804748a0104cb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:56:fe:06:5a:5b:9d:58:59:3b:64:35:75:9a:
60:21:1a:f6:f8:6c:00:a7:40:d2:08:1e:6b:19:9e:
1a:39:2b:63:10:49:46:73:d9:a8:07:b9:b4:52:a2:
f6:65:a3:09:87:f7:ac:c9:32:2b:7c:1b:06:18:53:
bb:fb:03:53:72:95:04:1b:ff:e0:04:53:ae:ba:03:
76:13:33:f6:f1:71:a7:da:b4:43:f2:7e:34:f5:cc:
19:63:20:e2:c4:1d:f2:bd:c0:98:47:af:05:42:f3:
6c:cc:d8:25:23:e9:4d:9b:24:31:31:99:88:de:ac:
66:75:10:63:3c:07:7d:fc:8b:49:f7:43:ab:40:78:
50:c8:f8:f8:ac:59:a6:95:c0:a2:01:fc:d7:9c:7c:
d8:80:85:40:ba:ed:4a:62:b5:6b:6b:c1:5a:59:60:
c1:db:73:9c:b6:05:30:f6:73:af:b6:58:da:29:1b:
c9:6f:0e:4c:68:32:63:b5:47:1c:8f:e2:6e:ae:92:
0c:4d:b7:c8:e1:98:79:8d:b1:be:8c:d6:95:05:c8:
ec:3b:3e:b2:c9:09:67:e2:08:d1:6c:97:93:7d:b9:
d6:c7:f6:83:bd:6c:6b:42:33:fd:e1:c3:eb:d7:aa:
a2:81:16:83:93:4e:2c:32:72:19:d8:bf:a1:1e:c0:
e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F3:C6:39:CD:37:8C:63:12:5A:30:FC:98:04:74:8A:01:04:CB:24
X509v3 Authority Key Identifier:
keyid:F8:DD:7A:E1:2D:2A:37:F2:1A:AC:6F:81:B6:AF:67:D6:61:7C:A2:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-N164S0qN_IarG-Btq9n1mF8oo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/C_PGOc03jGMSWjD8mAR0igEEyyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/2c0d80-3937-4455-b9cf-2b4a3538c5e3/1/1-N164S0qN_IarG-Btq9n1mF8oo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.248.0/21
185.29.60.0/24
185.29.62.0/23
195.191.120.0/23
IPv6:
2a01:8800::/29
Signature Algorithm: sha256WithRSAEncryption
2c:80:66:a6:97:1a:a7:dd:a9:50:b6:34:f4:fb:44:94:4e:49:
54:10:83:b8:62:0f:7f:ab:34:7a:81:f9:e6:0a:27:89:1c:68:
ba:53:dc:b9:f2:14:66:e3:34:53:2b:50:55:e9:91:27:e6:82:
f7:c8:cb:95:ef:c7:1e:8d:29:ae:ad:41:e7:7f:d0:d4:0c:7a:
20:ab:ca:96:ae:0c:ee:07:c9:8e:d5:ef:14:57:30:32:4c:6a:
79:54:71:ae:cc:1d:0c:5f:dd:27:21:6a:46:b1:c0:a2:b9:5d:
a3:e6:fa:a1:01:e0:2b:0d:2e:83:57:99:36:53:ae:2f:12:e7:
a1:9d:18:8c:9e:2c:1c:1d:68:5a:01:21:9d:43:cc:fd:20:d4:
95:c4:f8:cf:86:82:c8:e9:04:f3:27:13:50:3c:a1:7b:f0:8c:
65:e0:93:dc:d2:f9:59:fb:ea:04:4e:b7:bd:31:10:0a:0b:43:
56:ca:a7:1a:9e:55:88:37:41:98:d6:a9:31:b2:8f:5e:a3:00:
64:47:61:04:dc:8d:a2:b2:ae:a3:c7:e9:6f:66:7c:80:88:c7:
b9:8f:e8:5c:c0:dd:ab:08:69:2d:d5:68:96:e2:93:4e:cc:ff:
69:1d:65:b6:4f:4d:70:0b:25:6f:77:e7:f1:57:b5:b8:3f:bb:
38:b7:a2:af
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZZs/b0iqRiIif9FUyL9iZvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZGQ3YWUxMmQyYTM3ZjIxYWFjNmY4MWI2YWY2N2Q2NjE3
Y2EyOGUwHhcNMjUwNDI1MTI0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmYzYzYzOWNkMzc4YzYzMTI1YTMwZmM5ODA0NzQ4YTAxMDRjYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Fb+BlpbnVhZO2Q1dZpgIRr2+GwA
p0DSCB5rGZ4aOStjEElGc9moB7m0UqL2ZaMJh/esyTIrfBsGGFO7+wNTcpUEG//g
BFOuugN2EzP28XGn2rRD8n409cwZYyDixB3yvcCYR68FQvNszNglI+lNmyQxMZmI
3qxmdRBjPAd9/ItJ90OrQHhQyPj4rFmmlcCiAfzXnHzYgIVAuu1KYrVra8FaWWDB
23OctgUw9nOvtljaKRvJbw5MaDJjtUccj+JurpIMTbfI4Zh5jbG+jNaVBcjsOz6y
yQln4gjRbJeTfbnWx/aDvWxrQjP94cPr16qigRaDk04sMnIZ2L+hHsDgXwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAvzxjnNN4xjElow/JgEdIoBBMskMB8GA1UdIwQY
MBaAFPjdeuEtKjfyGqxvgbavZ9ZhfKKOMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1OMTY0UzBxTl9JYXJHLUJ0cTluMW1GOG9vNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNm
LTJiNGEzNTM4YzVlMy8xL0NfUEdPYzAzakdNU1dqRDhtQVIwaWdFRXl5US5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDYvMmMwZDgwLTM5MzctNDQ1NS1iOWNmLTJiNGEzNTM4YzVl
My8xLzEtTjE2NFMwcU5fSWFyRy1CdHE5bjFtRjhvbzQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAMut/gD
BAC5HTwDBAG5HT4DBAHDv3gwDQQCAAIwBwMFAyoBiAAwDQYJKoZIhvcNAQELBQAD
ggEBACyAZqaXGqfdqVC2NPT7RJROSVQQg7hiD3+rNHqB+eYKJ4kcaLpT3LnyFGbj
NFMrUFXpkSfmgvfIy5Xvxx6NKa6tQed/0NQMeiCrypauDO4HyY7V7xRXMDJManlU
ca7MHQxf3SchakaxwKK5XaPm+qEB4CsNLoNXmTZTri8S56GdGIyeLBwdaFoBIZ1D
zP0g1JXE+M+GgsjpBPMnE1A8oXvwjGXgk9zS+Vn76gROt70xEAoLQ1bKpxqeVYg3
QZjWqTGyj16jAGRHYQTcjaKyrqPH6W9mfICIx7mP6FzA3asIaS3VaJbik07M/2kd
ZbZPTXALJW935/FXtbg/uzi3oq8=
-----END CERTIFICATE-----
Generated at Sun May 11 09:10:10 2025 by rpki-client