Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/HJiUdFRcnCCA97tz7GIyzHp366Y.roa
File: HJiUdFRcnCCA97tz7GIyzHp366Y.roa (raw, json)
Hash identifier: yKaY+45Vcb3qR17Dz+EuLvkK0krevHkZZEA1gt2KjQg=
Subject key identifier: 1C:98:94:74:54:5C:9C:20:80:F7:BB:73:EC:62:32:CC:7A:77:EB:A6
Certificate issuer: /CN=39d43c26468819c07b1925115fe4921f84203d16
Certificate serial: 01942748161094F8DB2C5B6CB25AE9A19952
Authority key identifier: 39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/HJiUdFRcnCCA97tz7GIyzHp366Y.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59970
IP address blocks: 185.61.84.0/22 maxlen: 22
185.219.16.0/22 maxlen: 22
185.244.188.0/22 maxlen: 22
2a02:78a0::/29 maxlen: 29
2a0b:ddc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:16:10:94:f8:db:2c:5b:6c:b2:5a:e9:a1:99:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39d43c26468819c07b1925115fe4921f84203d16
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c989474545c9c2080f7bb73ec6232cc7a77eba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bc:44:b8:e3:c0:70:b5:e0:03:dc:b9:54:e1:
93:25:4a:d8:d9:70:b1:f4:78:ba:b2:92:d0:68:62:
15:17:0e:09:ee:11:b7:a0:40:36:e7:27:da:95:12:
38:bc:d0:fd:23:fa:ce:ca:a5:05:3e:24:34:32:ea:
db:cd:dc:0b:bb:c8:de:97:90:0b:bc:d4:07:38:ad:
d8:e6:c9:25:06:ec:f3:cb:91:50:e5:9d:76:d7:cf:
b6:bd:b0:03:bf:00:1c:85:cc:5b:fe:d7:39:a2:b5:
d5:8d:7a:fa:a1:2f:ae:3d:e4:7a:5f:dd:18:77:1a:
e0:fe:09:19:af:49:5e:38:88:db:1f:fa:ff:df:3a:
80:7a:c1:a5:91:b4:d2:64:f5:ee:3b:80:ae:1c:8a:
b1:8f:4d:ba:32:41:de:ca:05:7b:a9:20:6c:c2:30:
d6:be:63:49:bb:55:82:e5:eb:43:2e:26:b0:25:53:
9e:72:14:2d:a8:5c:4e:90:3e:6d:2a:f7:43:23:e8:
22:d0:97:74:ee:d2:c3:1f:8e:e5:05:fe:4d:10:49:
1d:8b:bc:cf:fc:05:e0:08:ff:e2:f4:0e:38:52:64:
95:90:20:83:27:c9:96:30:a0:bd:b1:fb:ac:17:c1:
df:68:5d:68:bc:00:20:76:6e:88:3b:1c:15:bb:be:
95:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:98:94:74:54:5C:9C:20:80:F7:BB:73:EC:62:32:CC:7A:77:EB:A6
X509v3 Authority Key Identifier:
keyid:39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/HJiUdFRcnCCA97tz7GIyzHp366Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.84.0/22
185.219.16.0/22
185.244.188.0/22
IPv6:
2a02:78a0::/29
2a0b:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:1c:75:cb:13:7a:3e:ea:d4:84:aa:46:52:9e:0c:29:eb:f5:
98:cd:e6:83:9b:c1:35:d9:7c:24:6c:78:86:2e:f5:e9:5a:1d:
41:96:c8:e6:b8:ae:7d:4c:86:f3:76:fa:66:19:ba:a1:f8:22:
2f:e8:0d:e4:c5:80:75:78:b8:af:1a:7c:87:8a:cc:bd:c8:65:
f8:6a:30:9a:91:03:11:3a:4f:be:da:27:63:49:53:9e:10:de:
62:3b:ea:0c:fa:e6:18:09:d7:b3:42:4a:ab:a5:bb:56:04:e1:
dd:50:ed:4f:0a:3e:cd:00:72:9e:39:c9:83:2f:5b:b1:07:4b:
be:04:25:75:46:e5:e5:e1:93:fe:59:e5:05:f4:24:ff:94:d9:
1b:a7:de:00:31:65:9a:68:e5:2a:8c:8d:8d:63:50:a2:60:93:
bd:67:53:0d:a4:02:11:09:0c:34:9d:e1:70:54:db:58:f4:36:
b0:56:95:22:5c:5e:94:41:82:59:48:e5:34:15:70:f7:f2:b8:
e5:c0:93:a2:f3:a9:64:68:20:b8:14:38:dd:4a:05:61:28:c1:
68:e7:85:3d:b1:28:eb:8a:78:69:99:30:be:1b:f4:c0:31:84:
71:80:e1:5b:f4:b7:3d:da:17:0f:ae:9f:d3:1b:dc:70:ff:e6:
7e:c2:58:e5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQnSBYQlPjbLFtsslrpoZlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZDQzYzI2NDY4ODE5YzA3YjE5MjUxMTVmZTQ5MjFmODQy
MDNkMTYwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk4OTQ3NDU0NWM5YzIwODBmN2JiNzNlYzYyMzJjYzdhNzdlYmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLxEuOPAcLXgA9y5VOGTJUrY2XCx
9Hi6spLQaGIVFw4J7hG3oEA25yfalRI4vND9I/rOyqUFPiQ0MurbzdwLu8jel5AL
vNQHOK3Y5sklBuzzy5FQ5Z1218+2vbADvwAchcxb/tc5orXVjXr6oS+uPeR6X90Y
dxrg/gkZr0leOIjbH/r/3zqAesGlkbTSZPXuO4CuHIqxj026MkHeygV7qSBswjDW
vmNJu1WC5etDLiawJVOechQtqFxOkD5tKvdDI+gi0Jd07tLDH47lBf5NEEkdi7zP
/AXgCP/i9A44UmSVkCCDJ8mWMKC9sfusF8HfaF1ovAAgdm6IOxwVu76VgwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFByYlHRUXJwggPe7c+xiMsx6d+umMB8GA1UdIwQY
MBaAFDnUPCZGiBnAexklEV/kkh+EID0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQt
YWJmMGVhMDdlZmFmLzEvSEppVWRGUmNuQ0NBOTd0ejdHSXl6SHAzNjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQtYWJmMGVhMDdlZmFm
LzEvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT1UAwQC
udsQAwQCufS8MBQEAgACMA4DBQMqAnigAwUDKgvdwDANBgkqhkiG9w0BAQsFAAOC
AQEAbxx1yxN6PurUhKpGUp4MKev1mM3mg5vBNdl8JGx4hi716VodQZbI5riufUyG
83b6Zhm6ofgiL+gN5MWAdXi4rxp8h4rMvchl+GowmpEDETpPvtonY0lTnhDeYjvq
DPrmGAnXs0JKq6W7VgTh3VDtTwo+zQBynjnJgy9bsQdLvgQldUbl5eGT/lnlBfQk
/5TZG6feADFlmmjlKoyNjWNQomCTvWdTDaQCEQkMNJ3hcFTbWPQ2sFaVIlxelEGC
WUjlNBVw9/K45cCTovOpZGgguBQ43UoFYSjBaOeFPbEo64p4aZkwvhv0wDGEcYDh
W/S3PdoXD66f0xvccP/mfsJY5Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:43:37 2025 by rpki-client