Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/hS1jiuVl2dU6SMvZXo-aur-baIo.roa
File: hS1jiuVl2dU6SMvZXo-aur-baIo.roa (raw, json)
Hash identifier: wRVp8ycxJk1e2oMiYTfs3ketnUSkqnJTyHStucSEmSA=
Subject key identifier: 85:2D:63:8A:E5:65:D9:D5:3A:48:CB:D9:5E:8F:9A:BA:BF:9B:68:8A
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA50E0D778B162834626D0D04348C1
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/hS1jiuVl2dU6SMvZXo-aur-baIo.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200946
IP address blocks: 84.207.232.0/24 maxlen: 24
84.207.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:50:e0:d7:78:b1:62:83:46:26:d0:d0:43:48:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=852d638ae565d9d53a48cbd95e8f9ababf9b688a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2c:53:34:32:e2:3a:96:ef:ed:a4:ca:cb:9b:
bc:ee:78:9e:b6:9a:33:53:27:d1:f3:24:3a:2a:c1:
27:e3:12:ac:50:88:83:08:6c:14:48:be:df:cf:67:
e9:37:b6:26:77:fc:67:5c:6f:ae:e0:c0:87:95:92:
5d:7f:2e:dd:bc:03:42:6a:ca:4e:80:73:1d:6d:a4:
b8:1e:c5:13:b2:e6:1a:0d:dc:7c:cf:e1:c5:79:71:
d9:f0:74:e3:58:76:33:ca:8b:2c:71:79:3c:36:45:
ef:22:04:ad:06:03:ab:9c:80:2a:b9:d6:c0:4d:8d:
b6:3b:4e:c5:6e:48:ac:53:2b:18:6f:fb:0b:f8:59:
c3:06:db:2e:d9:48:e8:ea:38:21:e5:ba:d4:48:84:
8d:1c:8c:d0:59:99:04:76:27:c5:9d:46:e7:db:36:
70:17:74:6b:4b:fd:9a:c6:4d:a2:a2:e2:05:b1:6b:
54:04:5b:e8:0e:cd:66:29:7c:fa:54:7f:79:fe:f4:
ea:f8:59:e1:66:9a:03:0a:1f:b2:62:8e:bb:f5:a5:
21:99:e9:ab:98:55:7e:9e:5d:7e:b6:c4:39:68:b4:
0b:47:92:4d:f0:c7:d9:ee:7c:98:70:21:1d:d2:71:
54:84:44:13:e1:79:ff:11:b1:47:ba:ce:f0:a2:35:
5f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2D:63:8A:E5:65:D9:D5:3A:48:CB:D9:5E:8F:9A:BA:BF:9B:68:8A
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/hS1jiuVl2dU6SMvZXo-aur-baIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.207.232.0/24
84.207.246.0/24
Signature Algorithm: sha256WithRSAEncryption
04:be:76:39:8c:6e:34:e6:2f:87:b1:77:9c:9f:3d:ff:1b:5e:
0e:ec:ee:18:61:25:fd:0a:db:7f:15:f1:7e:c7:c0:08:ca:b2:
7f:29:63:fd:2b:e9:65:d5:5f:9b:95:3e:26:80:9c:5b:b0:e1:
10:98:8b:d7:b3:2c:dd:9d:a5:a1:41:c6:d9:45:c4:99:24:cf:
3d:78:b9:b6:7f:58:7a:8c:ad:b6:f2:94:68:05:91:2f:84:37:
b8:99:cb:f0:35:19:cb:11:ca:f9:46:0c:33:7c:35:45:a0:16:
d3:25:37:6b:f9:4c:74:5d:4d:16:02:dc:f4:97:d7:ed:9d:43:
ed:b3:95:9b:7f:49:43:ca:33:f4:b1:96:40:7d:b1:a1:e2:64:
cb:34:12:2a:b1:ef:12:0e:3f:66:02:a1:d6:d9:35:f6:1d:3c:
b7:48:60:d4:11:bc:71:46:e1:44:54:73:bc:7e:b6:94:5f:90:
fa:d7:2f:b1:01:23:c3:f0:6b:d7:da:89:d6:bc:7c:f3:ef:f1:
79:94:5b:d3:93:cc:4b:c7:c2:79:33:f6:f4:c2:fa:ad:4a:2c:
c3:17:56:92:5b:9a:56:6e:94:cf:bf:47:fb:d8:04:f8:a4:65:
01:51:1e:e6:2f:57:af:ed:c0:3e:65:7c:7b:b8:22:cc:7c:c5:
2a:8d:c0:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+lDg13ixYoNGJtDQQ0jBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJkNjM4YWU1NjVkOWQ1M2E0OGNiZDk1ZThmOWFiYWJmOWI2ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhixTNDLiOpbv7aTKy5u87nietpoz
UyfR8yQ6KsEn4xKsUIiDCGwUSL7fz2fpN7Ymd/xnXG+u4MCHlZJdfy7dvANCaspO
gHMdbaS4HsUTsuYaDdx8z+HFeXHZ8HTjWHYzyosscXk8NkXvIgStBgOrnIAqudbA
TY22O07FbkisUysYb/sL+FnDBtsu2Ujo6jgh5brUSISNHIzQWZkEdifFnUbn2zZw
F3RrS/2axk2iouIFsWtUBFvoDs1mKXz6VH95/vTq+FnhZpoDCh+yYo679aUhmemr
mFV+nl1+tsQ5aLQLR5JN8MfZ7nyYcCEd0nFUhEQT4Xn/EbFHus7wojVfbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIUtY4rlZdnVOkjL2V6Pmrq/m2iKMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvaFMxaml1VmwyZFU2U012WlhvLWF1ci1iYUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVM/oAwQA
VM/2MA0GCSqGSIb3DQEBCwUAA4IBAQAEvnY5jG405i+HsXecnz3/G14O7O4YYSX9
Ctt/FfF+x8AIyrJ/KWP9K+ll1V+blT4mgJxbsOEQmIvXsyzdnaWhQcbZRcSZJM89
eLm2f1h6jK228pRoBZEvhDe4mcvwNRnLEcr5RgwzfDVFoBbTJTdr+Ux0XU0WAtz0
l9ftnUPts5Wbf0lDyjP0sZZAfbGh4mTLNBIqse8SDj9mAqHW2TX2HTy3SGDUEbxx
RuFEVHO8fraUX5D61y+xASPD8GvX2onWvHzz7/F5lFvTk8xLx8J5M/b0wvqtSizD
F1aSW5pWbpTPv0f72AT4pGUBUR7mL1ev7cA+ZXx7uCLMfMUqjcB4
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:11:18 2025 by rpki-client