Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/HIpztZT__B_f9n2gN6auamR5pIU.roa
File: HIpztZT__B_f9n2gN6auamR5pIU.roa (raw, json)
Hash identifier: rJY52okWB1TeezbKU/iuTbv7tjIWb1W5p6bbeWIcdzo=
Subject key identifier: 1C:8A:73:B5:94:FF:FC:1F:DF:F6:7D:A0:37:A6:AE:6A:64:79:A4:85
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 019420D59BE8CA5430CC78DA6C12553D3FD9
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/HIpztZT__B_f9n2gN6auamR5pIU.roa
Signing time: Wed 01 Jan 2025 07:47:37 +0000
ROA not before: Wed 01 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210213
IP address blocks: 195.244.146.0/24 maxlen: 24
195.244.152.0/24 maxlen: 24
195.244.153.0/24 maxlen: 24
195.244.156.0/24 maxlen: 24
2a00:1780:dc00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:9b:e8:ca:54:30:cc:78:da:6c:12:55:3d:3f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 1 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c8a73b594fffc1fdff67da037a6ae6a6479a485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:e7:4b:c7:56:bc:9f:4c:e0:a9:36:bd:83:
c2:e8:09:2e:2e:80:8f:c3:8c:57:e0:61:fc:71:81:
45:18:50:1e:82:25:86:cc:70:ab:dc:cd:66:ac:94:
d6:b6:88:d2:f1:b5:ce:5e:69:dc:f0:94:5b:6c:6c:
31:31:02:a8:e1:bd:5e:da:24:9a:30:02:7a:08:4a:
8c:ff:9d:81:cc:41:21:db:69:0c:d4:fc:a1:5b:db:
82:cb:26:af:e8:32:1f:8b:8f:ea:9e:73:12:e7:7d:
1b:29:7c:af:2e:73:41:d5:d8:37:85:ea:21:f1:01:
05:11:48:f4:0b:d1:e0:6e:13:03:47:23:e5:2e:eb:
7b:d6:a0:89:87:23:08:7d:d4:90:fd:f6:31:4c:81:
c6:10:de:2b:57:da:21:a1:3e:fe:21:05:98:ad:19:
3d:9b:e0:62:a7:a0:4e:5e:3b:48:86:fe:1e:ab:a1:
c9:cf:9c:d8:df:f3:1c:43:63:e8:51:25:29:8c:e1:
57:b0:97:b6:57:57:8c:35:f1:81:9f:39:c0:de:b3:
6d:ea:94:38:9b:b6:fe:72:26:a8:c9:98:cf:8c:b1:
f6:e6:d3:f8:e0:78:75:b6:7b:89:af:ed:62:90:3c:
a5:0e:0c:8d:65:ca:d3:bd:ba:6c:14:86:36:d0:5e:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:8A:73:B5:94:FF:FC:1F:DF:F6:7D:A0:37:A6:AE:6A:64:79:A4:85
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/HIpztZT__B_f9n2gN6auamR5pIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.146.0/24
195.244.152.0/23
195.244.156.0/24
IPv6:
2a00:1780:dc00::/40
Signature Algorithm: sha256WithRSAEncryption
8e:72:5d:4f:c8:4e:5a:43:ee:af:2c:bd:ba:c4:e0:75:60:e2:
45:6c:51:34:99:3c:dd:6c:28:04:a4:03:41:f6:b7:be:35:f5:
73:26:d8:90:7c:7b:f8:1d:d2:62:be:88:4e:85:3e:ef:d9:59:
b2:e3:f0:6e:b3:6a:c4:79:c3:b3:05:fc:80:5e:0e:7d:cd:5f:
22:fa:5a:c0:4d:f0:e0:42:04:42:09:13:3f:65:04:05:c5:c2:
f4:8f:dd:43:13:84:dc:0f:34:32:22:67:e8:03:98:83:75:a2:
4e:6f:1b:8b:a2:00:c2:9c:d6:28:71:cf:a4:3f:32:fc:7a:9d:
47:ea:31:60:b9:c8:79:a1:6b:d3:79:fc:92:75:53:5d:82:8a:
e4:c8:49:d0:37:10:50:62:0d:9c:3f:e6:e1:f2:5a:a1:20:0f:
11:b7:55:ac:13:fb:fc:a6:ac:e4:0b:64:79:cb:a3:33:02:68:
57:86:77:32:db:1b:7b:bf:7d:b0:3e:e7:3b:4c:f4:40:0c:72:
60:d1:a6:52:49:b3:14:8f:b1:fc:c1:16:6b:66:92:c9:6f:fb:
6e:ad:14:4a:d3:1b:8a:1a:2c:3d:11:ab:4f:76:8a:38:40:8c:
56:ce:95:eb:7c:f8:37:55:10:46:ba:c8:23:db:d7:bd:c3:ef:
2b:e8:53:04
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQg1ZvoylQwzHjabBJVPT/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjUwMTAxMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzhhNzNiNTk0ZmZmYzFmZGZmNjdkYTAzN2E2YWU2YTY0NzlhNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbvnS8dWvJ9M4Kk2vYPC6AkuLoCP
w4xX4GH8cYFFGFAegiWGzHCr3M1mrJTWtojS8bXOXmnc8JRbbGwxMQKo4b1e2iSa
MAJ6CEqM/52BzEEh22kM1PyhW9uCyyav6DIfi4/qnnMS530bKXyvLnNB1dg3heoh
8QEFEUj0C9HgbhMDRyPlLut71qCJhyMIfdSQ/fYxTIHGEN4rV9ohoT7+IQWYrRk9
m+Bip6BOXjtIhv4eq6HJz5zY3/McQ2PoUSUpjOFXsJe2V1eMNfGBnznA3rNt6pQ4
m7b+ciaoyZjPjLH25tP44Hh1tnuJr+1ikDylDgyNZcrTvbpsFIY20F4ZAwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFByKc7WU//wf3/Z9oDemrmpkeaSFMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvSElwenRaVF9fQl9mOW4yZ042YXVhbVI1cElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAw/SSAwQB
w/SYAwQAw/ScMA4EAgACMAgDBgAqABeA3DANBgkqhkiG9w0BAQsFAAOCAQEAjnJd
T8hOWkPuryy9usTgdWDiRWxRNJk83WwoBKQDQfa3vjX1cybYkHx7+B3SYr6IToU+
79lZsuPwbrNqxHnDswX8gF4Ofc1fIvpawE3w4EIEQgkTP2UEBcXC9I/dQxOE3A80
MiJn6AOYg3WiTm8bi6IAwpzWKHHPpD8y/HqdR+oxYLnIeaFr03n8knVTXYKK5MhJ
0DcQUGINnD/m4fJaoSAPEbdVrBP7/Kas5AtkecujMwJoV4Z3Mtsbe799sD7nO0z0
QAxyYNGmUkmzFI+x/MEWa2aSyW/7bq0UStMbihosPRGrT3aKOECMVs6V63z4N1UQ
RrrII9vXvcPvK+hTBA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:51:06 2025 by rpki-client