Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PbkW73hc8e5S3ZT8-62dF6BshGA.roa
File: PbkW73hc8e5S3ZT8-62dF6BshGA.roa (raw, json)
Hash identifier: kOrPc2ogluyu971TgUL0yUO1cW+JP4dj/8xVrGsQCDw=
Subject key identifier: 3D:B9:16:EF:78:5C:F1:EE:52:DD:94:FC:FB:AD:9D:17:A0:6C:84:60
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01979CD216D8CDB20A65D611A234C1AAE544
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PbkW73hc8e5S3ZT8-62dF6BshGA.roa
Signing time: Mon 23 Jun 2025 12:45:03 +0000
ROA not before: Mon 23 Jun 2025 12:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213535
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:d2:16:d8:cd:b2:0a:65:d6:11:a2:34:c1:aa:e5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jun 23 12:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3db916ef785cf1ee52dd94fcfbad9d17a06c8460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:63:ad:3e:2c:5d:d6:1b:89:bc:a7:5c:da:59:
c8:53:ca:0f:b3:4f:08:22:1c:9b:c6:f8:57:79:8f:
17:ff:15:99:b8:32:92:be:d2:10:df:9a:85:a2:a1:
8f:a1:f0:e9:ec:6f:7d:a6:67:95:19:dc:fc:a8:cf:
f3:a2:3e:64:4c:40:a8:b6:26:23:e4:7b:8d:c2:14:
fa:91:70:cd:f9:f7:da:a3:da:d0:5f:21:47:33:6b:
e2:a6:e6:8d:22:cb:92:a0:38:77:ee:88:ce:1a:85:
3a:e6:76:f9:37:a5:37:15:af:4a:28:a4:bb:c8:46:
3c:01:7d:9c:0f:87:9e:bf:0f:7a:fa:97:89:17:d7:
2c:0c:b1:e8:db:db:cc:99:e0:51:36:fd:03:aa:27:
2d:77:ff:92:70:4e:03:3a:f0:d2:b5:e7:de:28:33:
04:60:e6:56:b5:58:d2:ad:32:89:67:d9:91:b8:f1:
74:b7:ed:ba:43:77:54:66:c3:35:52:1c:28:dc:32:
5f:37:9b:d7:58:76:a0:ae:ae:71:21:a1:bb:4b:f4:
bb:ae:ce:a1:ec:be:6f:3b:b0:29:6f:a6:5d:fd:db:
79:1c:e4:48:63:99:81:03:b6:82:c6:12:04:fc:3b:
3b:25:f3:89:2f:bb:4b:c8:2b:5e:de:d8:f2:3e:ee:
43:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B9:16:EF:78:5C:F1:EE:52:DD:94:FC:FB:AD:9D:17:A0:6C:84:60
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/PbkW73hc8e5S3ZT8-62dF6BshGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.136.0/24
45.67.139.0/24
45.92.219.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
15:52:f3:5f:91:ca:09:15:1a:08:e1:2b:22:7e:b1:30:08:90:
fc:01:96:44:16:da:6c:2c:51:ea:e7:62:be:c5:23:27:3d:5a:
1a:43:79:19:b3:4a:e7:03:95:4c:06:84:05:42:84:34:56:43:
e6:a3:27:f0:22:49:53:2c:6d:72:67:17:c8:b2:a1:04:9b:f8:
ea:04:af:20:fb:9e:34:5a:30:a2:53:9d:b5:a6:ba:59:be:b2:
e2:97:83:fb:06:b7:4f:37:c1:0a:3f:1e:5b:3c:44:a7:11:81:
07:5a:16:9a:d7:82:1b:68:18:6a:06:f6:9e:d1:03:8d:e1:76:
10:6a:0a:fe:5f:bd:73:4e:5b:f0:52:25:6a:a4:b1:aa:7e:20:
d6:a0:de:60:04:85:8a:21:a1:48:d3:4a:ed:71:b7:66:9e:5b:
33:62:eb:3c:6d:e1:eb:5e:17:32:58:d1:b6:37:ec:82:3b:78:
f5:8f:a8:2d:1b:bb:fe:77:f8:5b:c2:3c:14:4a:f4:d6:c8:ae:
57:7d:c9:05:6b:b2:18:23:af:12:2f:63:71:2d:b0:36:c5:86:
b7:9c:aa:72:0c:5b:4a:d9:8d:e9:17:0d:78:22:8b:b8:25:16:
fa:ae:da:fa:bc:cc:ab:fb:75:0b:8b:ad:4d:3e:c9:aa:eb:db:
4b:3a:e4:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZec0hbYzbIKZdYRojTBquVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwNjIzMTI0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI5MTZlZjc4NWNmMWVlNTJkZDk0ZmNmYmFkOWQxN2EwNmM4NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWOtPixd1huJvKdc2lnIU8oPs08I
IhybxvhXeY8X/xWZuDKSvtIQ35qFoqGPofDp7G99pmeVGdz8qM/zoj5kTECotiYj
5HuNwhT6kXDN+ffao9rQXyFHM2vipuaNIsuSoDh37ojOGoU65nb5N6U3Fa9KKKS7
yEY8AX2cD4eevw96+peJF9csDLHo29vMmeBRNv0Dqictd/+ScE4DOvDStefeKDME
YOZWtVjSrTKJZ9mRuPF0t+26Q3dUZsM1Uhwo3DJfN5vXWHagrq5xIaG7S/S7rs6h
7L5vO7Apb6Zd/dt5HORIY5mBA7aCxhIE/Ds7JfOJL7tLyCte3tjyPu5D5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD25Fu94XPHuUt2U/PutnRegbIRgMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvUGJrVzczaGM4ZTVTM1pUOC02MmRGNkJzaEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ3iAwQA
LUOIAwQALUOLAwQALVzbAwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQAVUvNfkcoJ
FRoI4SsifrEwCJD8AZZEFtpsLFHq52K+xSMnPVoaQ3kZs0rnA5VMBoQFQoQ0VkPm
oyfwIklTLG1yZxfIsqEEm/jqBK8g+540WjCiU521prpZvrLil4P7BrdPN8EKPx5b
PESnEYEHWhaa14IbaBhqBvae0QON4XYQagr+X71zTlvwUiVqpLGqfiDWoN5gBIWK
IaFI00rtcbdmnlszYus8beHrXhcyWNG2N+yCO3j1j6gtG7v+d/hbwjwUSvTWyK5X
fckFa7IYI68SL2NxLbA2xYa3nKpyDFtK2Y3pFw14Iou4JRb6rtr6vMyr+3ULi61N
Psmq69tLOuRk
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:27:22 2025 by rpki-client