Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/hBKsbi06dqWQsHOJ9T-z_RIbUjA.roa
File: hBKsbi06dqWQsHOJ9T-z_RIbUjA.roa (raw, json)
Hash identifier: uWUX6xGjuFBVk0pdcf+5Gpk/beOEbACzQvY2ZU/EXNs=
Subject key identifier: 84:12:AC:6E:2D:3A:76:A5:90:B0:73:89:F5:3F:B3:FD:12:1B:52:30
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 019428255308871693A03F706269A9A4FFE3
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/hBKsbi06dqWQsHOJ9T-z_RIbUjA.roa
Signing time: Thu 02 Jan 2025 17:52:02 +0000
ROA not before: Thu 02 Jan 2025 17:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212921
IP address blocks: 2.59.152.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:53:08:87:16:93:a0:3f:70:62:69:a9:a4:ff:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jan 2 17:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8412ac6e2d3a76a590b07389f53fb3fd121b5230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:49:62:f5:6f:27:45:51:45:6c:90:87:f7:33:
09:c7:89:6a:38:3a:33:83:15:f4:94:3e:a9:de:2c:
eb:85:23:62:aa:d2:05:4c:fd:0d:0a:04:cf:ea:f2:
71:77:55:9f:bf:2e:54:45:a6:c6:0a:91:9f:f4:a6:
e0:c5:76:a0:fa:6a:7d:71:ed:c6:a0:7d:57:c8:58:
b3:03:c0:c9:2f:ed:26:da:b0:43:2a:d2:2f:d9:b6:
22:cd:d2:d9:b0:62:9c:14:06:61:2e:1f:c0:27:a6:
95:07:71:5b:bf:24:c5:8e:0a:c8:c8:3e:b3:58:e4:
bb:10:bd:0a:1a:86:c5:91:0d:72:0f:ae:53:04:6d:
a0:8f:84:0f:53:cb:3c:80:e0:36:e6:4e:ba:55:83:
49:3c:4e:82:ab:11:67:09:2e:14:59:a1:79:26:49:
e7:c8:42:b3:b4:23:d3:28:e2:68:0a:a8:36:20:09:
bc:3e:6e:6c:c9:a5:3f:1b:44:9a:21:89:60:29:01:
12:8f:94:8a:c7:a8:c0:22:f1:1d:65:70:fc:18:0d:
8f:cd:54:a9:f4:30:14:3e:30:79:73:68:06:26:30:
f2:7c:1a:5a:5e:40:af:83:f2:3c:dd:7c:6e:bb:12:
00:be:87:32:32:f1:ad:23:7c:b1:ce:b0:f5:85:30:
36:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:12:AC:6E:2D:3A:76:A5:90:B0:73:89:F5:3F:B3:FD:12:1B:52:30
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/hBKsbi06dqWQsHOJ9T-z_RIbUjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/24
2.59.155.0/24
45.91.227.0/24
45.142.152.0/24
45.142.155.0/24
193.239.150.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ee:c4:5c:24:97:b7:84:39:96:22:ea:d4:77:d6:09:be:1f:
cf:50:42:d8:5a:8f:f6:c1:e9:9d:80:5f:ad:fa:1c:a9:d9:72:
eb:54:4f:0a:94:c0:d3:5e:d3:42:12:40:b1:2a:dd:5b:02:2a:
2f:53:2f:be:12:5b:a8:91:c2:91:d1:bc:13:02:28:fe:94:e5:
4b:2d:99:a2:a7:89:a7:08:b1:c3:16:b7:c6:b8:e3:03:d0:df:
ab:48:bc:3c:0f:a2:a1:18:64:56:b2:78:ee:22:7f:36:53:63:
4c:85:ed:bf:89:99:d1:b2:9e:14:00:ee:b1:0b:fe:72:e3:39:
89:40:71:6b:1a:df:17:c8:40:a2:fe:a6:50:eb:8a:7f:c4:f4:
41:05:41:47:e0:59:61:8b:63:1c:a3:f4:e4:c1:83:21:c2:e8:
0f:3a:d8:0b:47:d9:8e:32:ce:36:b4:03:d3:ef:8e:1e:cb:bb:
12:a4:7c:2e:f8:ef:b3:34:0d:47:42:94:54:fd:64:17:2f:49:
41:b1:0e:22:63:05:62:ab:08:53:1d:3a:00:a0:20:ec:c7:cc:
f1:f1:b7:9a:c7:c4:0e:51:5c:99:70:73:38:80:46:28:15:e9:
9c:bb:47:48:91:3b:5c:23:95:47:1a:52:50:cb:2f:19:5e:12:
df:25:0a:37
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQoJVMIhxaToD9wYmmppP/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjUwMTAyMTc1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEyYWM2ZTJkM2E3NmE1OTBiMDczODlmNTNmYjNmZDEyMWI1MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUli9W8nRVFFbJCH9zMJx4lqODoz
gxX0lD6p3izrhSNiqtIFTP0NCgTP6vJxd1Wfvy5URabGCpGf9KbgxXag+mp9ce3G
oH1XyFizA8DJL+0m2rBDKtIv2bYizdLZsGKcFAZhLh/AJ6aVB3FbvyTFjgrIyD6z
WOS7EL0KGobFkQ1yD65TBG2gj4QPU8s8gOA25k66VYNJPE6CqxFnCS4UWaF5Jknn
yEKztCPTKOJoCqg2IAm8Pm5syaU/G0SaIYlgKQESj5SKx6jAIvEdZXD8GA2PzVSp
9DAUPjB5c2gGJjDyfBpaXkCvg/I83XxuuxIAvocyMvGtI3yxzrD1hTA2VQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIQSrG4tOnalkLBzifU/s/0SG1IwMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvaEJLc2JpMDZkcVdRc0hPSjlULXpfUkliVWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjuYAwQA
AjubAwQALVvjAwQALY6YAwQALY6bAwQAwe+WAwQAwn7KMA0GCSqGSIb3DQEBCwUA
A4IBAQBu7sRcJJe3hDmWIurUd9YJvh/PUELYWo/2wemdgF+t+hyp2XLrVE8KlMDT
XtNCEkCxKt1bAiovUy++EluokcKR0bwTAij+lOVLLZmip4mnCLHDFrfGuOMD0N+r
SLw8D6KhGGRWsnjuIn82U2NMhe2/iZnRsp4UAO6xC/5y4zmJQHFrGt8XyECi/qZQ
64p/xPRBBUFH4Flhi2Mco/TkwYMhwugPOtgLR9mOMs42tAPT744ey7sSpHwu+O+z
NA1HQpRU/WQXL0lBsQ4iYwViqwhTHToAoCDsx8zx8beax8QOUVyZcHM4gEYoFemc
u0dIkTtcI5VHGlJQyy8ZXhLfJQo3
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:43:31 2025 by rpki-client