Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/HH4kNc1X7Vv3MoqhViTWK_E_VGI.roa
File: HH4kNc1X7Vv3MoqhViTWK_E_VGI.roa (raw, json)
Hash identifier: O3Hf94Oha/v7Hh9wzuFaVr7kYXEFrWI2haBjKaDT/FA=
Subject key identifier: 1C:7E:24:35:CD:57:ED:5B:F7:32:8A:A1:56:24:D6:2B:F1:3F:54:62
Certificate issuer: /CN=70e7ad0598208a6af9d1500a740d73bcf28f0384
Certificate serial: 019420D59E1B3690A55C47324C815361910E
Authority key identifier: 70:E7:AD:05:98:20:8A:6A:F9:D1:50:0A:74:0D:73:BC:F2:8F:03:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOetBZggimr50VAKdA1zvPKPA4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/HH4kNc1X7Vv3MoqhViTWK_E_VGI.roa
Signing time: Wed 01 Jan 2025 07:47:37 +0000
ROA not before: Wed 01 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29663
IP address blocks: 193.201.116.0/24 maxlen: 24
2001:67c:5e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/cOetBZggimr50VAKdA1zvPKPA4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/cOetBZggimr50VAKdA1zvPKPA4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOetBZggimr50VAKdA1zvPKPA4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:9e:1b:36:90:a5:5c:47:32:4c:81:53:61:91:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e7ad0598208a6af9d1500a740d73bcf28f0384
Validity
Not Before: Jan 1 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c7e2435cd57ed5bf7328aa15624d62bf13f5462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:30:83:8a:ab:48:b5:c5:fb:94:76:33:0f:69:
e1:e2:4a:12:08:a2:a0:02:2f:e4:73:0d:c9:60:68:
cd:10:f2:78:d0:91:95:ff:56:69:41:69:89:00:24:
17:1d:d9:52:14:9d:bb:49:b4:47:3d:ed:1c:09:dd:
c2:a4:2d:93:c1:ac:c0:05:9d:bf:e3:b4:38:09:88:
5d:69:8d:a0:d7:7a:41:ba:61:bc:82:2c:b3:c9:f9:
6e:94:6a:16:2c:ae:3e:ac:e6:96:8e:d7:7a:20:03:
0f:f5:89:99:48:6a:7c:6e:ef:45:72:5b:56:c1:12:
e1:20:2b:da:5c:ba:63:11:9b:ab:d7:ed:b3:3a:93:
8f:dd:1c:5d:00:9e:58:1f:93:4e:84:cb:ff:d2:2a:
b3:86:2e:6d:6a:a3:8d:d8:13:0e:76:36:a4:5e:06:
14:0e:17:c7:2d:b4:84:d3:ad:5d:86:3b:95:e1:70:
09:5f:78:93:54:6e:a7:e1:2f:17:73:49:e0:df:b0:
85:65:1e:69:f9:1f:8a:94:7d:28:17:9f:d5:0c:ae:
76:e9:49:c5:8d:92:57:62:c6:90:0d:55:bd:e1:34:
66:cc:3a:8d:e4:90:b6:41:51:e7:fe:be:41:d3:1b:
9e:ff:fd:6b:75:cf:85:d0:fe:5f:dd:d8:f7:c0:76:
19:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:7E:24:35:CD:57:ED:5B:F7:32:8A:A1:56:24:D6:2B:F1:3F:54:62
X509v3 Authority Key Identifier:
keyid:70:E7:AD:05:98:20:8A:6A:F9:D1:50:0A:74:0D:73:BC:F2:8F:03:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOetBZggimr50VAKdA1zvPKPA4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/HH4kNc1X7Vv3MoqhViTWK_E_VGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/cOetBZggimr50VAKdA1zvPKPA4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.116.0/24
IPv6:
2001:67c:5e8::/48
Signature Algorithm: sha256WithRSAEncryption
58:aa:9c:1b:f9:e3:58:01:d3:51:53:9e:48:58:45:54:57:4f:
85:dc:a0:68:25:7b:60:61:e7:7f:32:11:d1:c7:c1:9c:3e:9b:
19:54:fa:1b:92:9c:15:52:b0:ae:31:0e:4f:fa:88:69:44:ba:
14:b2:44:da:ef:fe:93:1a:cf:32:06:fb:e2:08:13:d5:31:1f:
41:fd:18:64:96:23:9b:74:61:ff:d4:56:37:31:97:1c:7b:77:
9b:b6:bf:79:13:31:fb:cb:15:59:a9:ff:3a:bd:34:c4:8a:17:
e2:0b:a9:b9:65:39:16:ce:5f:e7:5d:f0:13:9c:03:95:f8:9f:
5e:65:78:3f:47:2d:43:ec:2f:1a:e2:c4:f2:05:9e:a0:1f:62:
3a:68:1a:5c:aa:a3:1d:08:b4:a1:4b:bf:f4:f9:99:0c:c4:15:
d3:c9:66:06:67:7f:da:a0:6f:53:eb:bf:59:9e:ab:6f:81:7b:
4c:33:e3:0d:6e:f6:db:bc:02:28:f8:7b:60:17:f7:e8:9b:7b:
b2:77:31:22:31:88:b5:84:ae:af:26:2e:b1:55:e4:8f:d1:7e:
f9:61:a7:bc:89:7d:c3:0b:86:88:94:5f:10:4b:0f:b7:ce:a9:
c0:5a:8f:66:b4:6d:20:7c:61:e6:30:b5:c8:03:7d:fa:59:4f:
83:7e:a9:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQg1Z4bNpClXEcyTIFTYZEOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTdhZDA1OTgyMDhhNmFmOWQxNTAwYTc0MGQ3M2JjZjI4
ZjAzODQwHhcNMjUwMTAxMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzdlMjQzNWNkNTdlZDViZjczMjhhYTE1NjI0ZDYyYmYxM2Y1NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDCDiqtItcX7lHYzD2nh4koSCKKg
Ai/kcw3JYGjNEPJ40JGV/1ZpQWmJACQXHdlSFJ27SbRHPe0cCd3CpC2TwazABZ2/
47Q4CYhdaY2g13pBumG8giyzyflulGoWLK4+rOaWjtd6IAMP9YmZSGp8bu9FcltW
wRLhICvaXLpjEZur1+2zOpOP3RxdAJ5YH5NOhMv/0iqzhi5taqON2BMOdjakXgYU
DhfHLbSE061dhjuV4XAJX3iTVG6n4S8Xc0ng37CFZR5p+R+KlH0oF5/VDK526UnF
jZJXYsaQDVW94TRmzDqN5JC2QVHn/r5B0xue//1rdc+F0P5f3dj3wHYZ2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBx+JDXNV+1b9zKKoVYk1ivxP1RiMB8GA1UdIwQY
MBaAFHDnrQWYIIpq+dFQCnQNc7zyjwOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09ldEJaZ2dpbXI1MFZBS2RBMXp2UEtQQTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82NjY0MDQtYzI4Zi00ZDI5LTk2ZTQt
NjA3ZTE3YWVjNzUwLzEvSEg0a05jMVg3VnYzTW9xaFZpVFdLX0VfVkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82NjY0MDQtYzI4Zi00ZDI5LTk2ZTQtNjA3ZTE3YWVjNzUw
LzEvY09ldEJaZ2dpbXI1MFZBS2RBMXp2UEtQQTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcl0MA8E
AgACMAkDBwAgAQZ8BegwDQYJKoZIhvcNAQELBQADggEBAFiqnBv541gB01FTnkhY
RVRXT4XcoGgle2Bh538yEdHHwZw+mxlU+huSnBVSsK4xDk/6iGlEuhSyRNrv/pMa
zzIG++IIE9UxH0H9GGSWI5t0Yf/UVjcxlxx7d5u2v3kTMfvLFVmp/zq9NMSKF+IL
qbllORbOX+dd8BOcA5X4n15leD9HLUPsLxrixPIFnqAfYjpoGlyqox0ItKFLv/T5
mQzEFdPJZgZnf9qgb1Prv1meq2+Be0wz4w1u9tu8Aij4e2AX9+ibe7J3MSIxiLWE
rq8mLrFV5I/Rfvlhp7yJfcMLhoiUXxBLD7fOqcBaj2a0bSB8YeYwtcgDffpZT4N+
qSg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:07 2025 by rpki-client