Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nHAb3tlVPbbdEAfE_Fo8A_-EnGQ.roa
File: nHAb3tlVPbbdEAfE_Fo8A_-EnGQ.roa (raw, json)
Hash identifier: qArhM7qApjV1/gs2Vx9CgvkpwMpSAJm/KS8epNthw9I=
Subject key identifier: 9C:70:1B:DE:D9:55:3D:B6:DD:10:07:C4:FC:5A:3C:03:FF:84:9C:64
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2EB3E0ABA6F5295EA2BFD5889640D
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nHAb3tlVPbbdEAfE_Fo8A_-EnGQ.roa
Signing time: Thu 02 Jan 2025 01:48:12 +0000
ROA not before: Thu 02 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34549
IP address blocks: 85.254.76.0/22 maxlen: 22
85.254.80.0/22 maxlen: 22
85.254.180.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:eb:3e:0a:ba:6f:52:95:ea:2b:fd:58:89:64:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c701bded9553db6dd1007c4fc5a3c03ff849c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:27:1c:1e:4a:71:8d:3b:11:3f:fb:10:da:99:
71:dc:f7:a7:5a:9e:84:5c:78:6c:be:79:32:28:39:
f4:13:74:38:84:f5:1b:b2:36:50:7e:6a:77:aa:68:
54:40:eb:52:cc:73:94:84:b6:6f:aa:87:cc:26:2a:
ac:38:29:a3:40:fc:8a:ff:af:e5:b3:0d:94:9d:76:
69:7c:59:d6:d3:a2:7a:b3:66:10:0f:4b:9b:d7:9b:
55:43:a3:eb:d0:a0:32:47:05:3a:55:b6:45:07:8d:
15:4f:fb:cb:ae:8d:2a:9a:9d:ce:06:f1:81:96:c1:
8d:67:f5:66:cc:27:93:36:b1:b0:c4:97:f4:f6:2a:
18:25:81:04:af:fe:96:62:b8:0a:d1:21:c0:39:78:
72:3e:d3:90:49:08:2c:d2:c3:82:b2:04:63:6a:2e:
32:ee:d6:3f:2d:9a:b4:0e:d3:85:4c:22:5c:7d:cd:
4d:39:36:15:bb:f9:63:73:53:1c:85:b5:8b:4b:28:
d7:71:3b:9e:b3:b1:ae:98:f1:4c:77:d6:b0:74:52:
68:1b:e5:24:69:b5:cf:db:e2:5d:d0:65:da:6a:db:
f3:64:d5:90:da:9b:2a:0d:ba:b7:c0:a7:bd:1c:65:
f4:ef:a4:3c:d7:a2:11:20:57:1a:b5:b8:f4:54:77:
f3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:70:1B:DE:D9:55:3D:B6:DD:10:07:C4:FC:5A:3C:03:FF:84:9C:64
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/nHAb3tlVPbbdEAfE_Fo8A_-EnGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.76.0-85.254.83.255
85.254.180.0/23
Signature Algorithm: sha256WithRSAEncryption
21:59:0b:c7:62:28:c9:23:5a:47:b2:56:05:c2:a5:6b:4b:c5:
91:df:ba:99:47:9c:6a:d8:61:a4:58:d2:dd:7c:c1:24:ac:2b:
4d:78:d3:55:6a:07:78:52:8b:a0:af:d3:cb:58:62:57:d8:d5:
b7:ae:55:cc:6c:cc:2d:eb:58:37:dd:99:22:1f:b7:5b:d6:26:
84:47:2b:c8:da:66:9e:7c:7c:5e:f7:e7:01:70:0a:f8:ae:04:
ef:3c:ff:86:2d:19:33:60:7a:95:1c:57:ea:97:12:3f:85:b4:
d8:ca:81:88:ae:35:cc:e6:fa:bd:e6:3a:fa:98:97:3f:20:a8:
3f:cb:f8:36:aa:f0:66:f3:c7:90:b5:68:79:5e:81:f4:e9:df:
67:f1:ea:55:18:22:62:eb:5f:a2:3d:61:49:8a:89:ec:2d:09:
43:01:c6:74:23:a2:5c:b5:fd:a3:e1:63:06:97:8b:5f:e6:43:
59:a2:6e:fb:b1:12:88:01:d0:91:4a:ad:c6:86:66:e7:f7:e9:
5e:73:20:91:ef:39:d1:f1:4d:bd:cd:db:ef:c6:7a:f9:3b:4d:
09:45:cd:7d:d0:45:14:f8:6e:b7:bf:fd:42:94:7a:08:c3:f7:
5f:f1:6d:cc:3d:aa:ab:43:1e:a9:08:49:ad:b9:10:c7:b9:a7:
31:e2:c1:b2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQksus+CrpvUpXqK/1YiWQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzcwMWJkZWQ5NTUzZGI2ZGQxMDA3YzRmYzVhM2MwM2ZmODQ5YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCccHkpxjTsRP/sQ2plx3PenWp6E
XHhsvnkyKDn0E3Q4hPUbsjZQfmp3qmhUQOtSzHOUhLZvqofMJiqsOCmjQPyK/6/l
sw2UnXZpfFnW06J6s2YQD0ub15tVQ6Pr0KAyRwU6VbZFB40VT/vLro0qmp3OBvGB
lsGNZ/VmzCeTNrGwxJf09ioYJYEEr/6WYrgK0SHAOXhyPtOQSQgs0sOCsgRjai4y
7tY/LZq0DtOFTCJcfc1NOTYVu/ljc1MchbWLSyjXcTues7GumPFMd9awdFJoG+Uk
abXP2+Jd0GXaatvzZNWQ2psqDbq3wKe9HGX076Q816IRIFcatbj0VHfztQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJxwG97ZVT223RAHxPxaPAP/hJxkMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbkhBYjN0bFZQYmJkRUFmRV9GbzhBXy1FbkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJV/kwD
BAJV/lADBAFV/rQwDQYJKoZIhvcNAQELBQADggEBACFZC8diKMkjWkeyVgXCpWtL
xZHfuplHnGrYYaRY0t18wSSsK01401VqB3hSi6Cv08tYYlfY1beuVcxszC3rWDfd
mSIft1vWJoRHK8jaZp58fF735wFwCviuBO88/4YtGTNgepUcV+qXEj+FtNjKgYiu
Nczm+r3mOvqYlz8gqD/L+Daq8Gbzx5C1aHlegfTp32fx6lUYImLrX6I9YUmKiewt
CUMBxnQjoly1/aPhYwaXi1/mQ1mibvuxEogB0JFKrcaGZuf36V5zIJHvOdHxTb3N
2+/Gevk7TQlFzX3QRRT4bre//UKUegjD91/xbcw9qqtDHqkISa25EMe5pzHiwbI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:22 2025 by rpki-client