Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PbRA-5wSVjcm3InXFdFc9BOYYJ0.roa
File: PbRA-5wSVjcm3InXFdFc9BOYYJ0.roa (raw, json)
Hash identifier: umL671Tqss51VkzpF8ACnw6L8YVx/YuQ5AonmLs28kc=
Subject key identifier: 3D:B4:40:FB:9C:12:56:37:26:DC:89:D7:15:D1:5C:F4:13:98:60:9D
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0197874C72180428782F75CE184F06FF0940
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PbRA-5wSVjcm3InXFdFc9BOYYJ0.roa
Signing time: Thu 19 Jun 2025 08:27:03 +0000
ROA not before: Thu 19 Jun 2025 08:27:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
45.140.221.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
85.202.161.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:4c:72:18:04:28:78:2f:75:ce:18:4f:06:ff:09:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jun 19 08:27:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3db440fb9c12563726dc89d715d15cf41398609d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d1:99:8c:1f:0d:fe:5d:cb:1f:2c:41:34:96:
fd:cf:75:83:69:b1:ec:4e:3d:3b:5c:94:dc:b8:bf:
83:50:7d:5d:75:60:10:7a:25:51:ac:28:6a:3f:30:
fb:72:29:78:fd:f7:6d:f4:1f:75:33:04:9a:21:02:
a1:81:ae:cf:93:a8:a9:fb:b6:85:92:f2:16:6c:73:
9a:2c:d7:0a:a6:7c:54:30:02:03:0d:e4:61:82:a6:
72:c1:71:81:64:0c:a0:e6:99:90:2a:aa:d9:84:6e:
03:26:ff:70:89:3d:f9:eb:5b:3c:99:7e:f4:78:bc:
5c:0d:f6:db:ae:72:ff:92:fe:95:16:75:89:af:13:
eb:95:46:ca:12:d9:a4:65:05:83:77:01:04:e2:65:
2b:69:34:fe:e2:a1:cc:e8:a9:0d:1f:da:24:ce:a1:
fa:42:80:ba:e9:bc:ce:b4:58:b2:e2:0e:7d:55:80:
0c:3b:fb:22:fd:e6:f7:8e:87:fa:db:ca:5d:38:67:
33:22:68:54:c3:57:5a:3b:10:9a:db:db:37:59:48:
66:fa:93:d7:5d:3e:dd:cf:b0:11:fb:69:d6:b2:43:
43:4a:95:65:4b:b1:09:fd:13:94:12:44:3a:ed:c3:
44:2f:ca:b8:87:4e:4f:9a:c0:b8:5d:9f:d9:9b:62:
55:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B4:40:FB:9C:12:56:37:26:DC:89:D7:15:D1:5C:F4:13:98:60:9D
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/PbRA-5wSVjcm3InXFdFc9BOYYJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.145.0-45.90.146.255
45.140.220.0/23
77.83.241.0/24
85.202.161.0/24
185.227.71.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e4:f5:f7:01:60:3a:87:2f:b3:3d:95:a6:ad:e4:e5:be:28:
79:46:f0:2d:71:68:81:4d:0c:b9:57:7c:ad:51:b1:b6:95:3a:
cb:64:9b:e5:9c:b6:6c:b4:ca:8d:39:eb:20:aa:d1:f2:ca:f4:
83:fc:0b:ae:f6:2a:24:70:36:6c:26:44:c1:45:83:46:fa:4b:
ab:99:a0:11:50:49:9f:fb:2f:e1:a6:1d:dc:f3:41:37:33:62:
5a:ec:bf:76:6e:d8:03:aa:24:e2:1e:f3:6e:ac:54:e0:6a:c7:
6d:30:7e:54:11:69:82:7b:51:ed:4e:e8:bd:bc:5f:23:1a:56:
d7:05:e2:ef:30:0f:e6:06:41:62:74:9d:d4:59:78:b5:e1:a4:
67:10:af:95:a7:00:3b:fe:04:52:27:c3:59:0d:01:11:24:16:
02:c7:3a:84:82:7c:d7:9e:6c:7d:f5:8f:40:74:00:64:0a:20:
53:56:53:60:8a:93:c5:83:15:24:ce:d9:f1:9b:b3:a6:2b:31:
35:62:48:2b:3a:1c:f1:2a:10:52:bb:43:43:1b:d8:35:9e:c0:
24:5b:a3:55:af:29:c5:ff:a3:47:ea:9e:48:fd:ad:d6:65:79:
f6:b1:17:1d:0c:3d:d7:55:76:9b:43:41:78:29:94:19:d8:f7:
90:c6:cf:45
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZeHTHIYBCh4L3XOGE8G/wlAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNjE5MDgyNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI0NDBmYjljMTI1NjM3MjZkYzg5ZDcxNWQxNWNmNDEzOTg2MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtGZjB8N/l3LHyxBNJb9z3WDabHs
Tj07XJTcuL+DUH1ddWAQeiVRrChqPzD7cil4/fdt9B91MwSaIQKhga7Pk6ip+7aF
kvIWbHOaLNcKpnxUMAIDDeRhgqZywXGBZAyg5pmQKqrZhG4DJv9wiT3561s8mX70
eLxcDfbbrnL/kv6VFnWJrxPrlUbKEtmkZQWDdwEE4mUraTT+4qHM6KkNH9okzqH6
QoC66bzOtFiy4g59VYAMO/si/eb3jof628pdOGczImhUw1daOxCa29s3WUhm+pPX
XT7dz7AR+2nWskNDSpVlS7EJ/ROUEkQ67cNEL8q4h05PmsC4XZ/Zm2JVgwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFD20QPucElY3JtyJ1xXRXPQTmGCdMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvUGJSQS01d1NWamNtM0luWEZkRmM5Qk9ZWUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAAjimMAwD
BAAtWpEDBAAtWpIDBAEtjNwDBABNU/EDBABVyqEDBAC540cDBAC56koDBADCH4wD
BADCOOEwDQYJKoZIhvcNAQELBQADggEBAIzk9fcBYDqHL7M9laat5OW+KHlG8C1x
aIFNDLlXfK1RsbaVOstkm+Wctmy0yo056yCq0fLK9IP8C672KiRwNmwmRMFFg0b6
S6uZoBFQSZ/7L+GmHdzzQTczYlrsv3Zu2AOqJOIe826sVOBqx20wflQRaYJ7Ue1O
6L28XyMaVtcF4u8wD+YGQWJ0ndRZeLXhpGcQr5WnADv+BFInw1kNAREkFgLHOoSC
fNeebH31j0B0AGQKIFNWU2CKk8WDFSTO2fGbs6YrMTViSCs6HPEqEFK7Q0Mb2DWe
wCRbo1WvKcX/o0fqnkj9rdZlefaxFx0MPddVdptDQXgplBnY95DGz0U=
-----END CERTIFICATE-----
Generated at Mon Jun 30 17:12:52 2025 by rpki-client