Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/DHpzmZTvBAxT-43rfcQUmYozPLE.roa
File: DHpzmZTvBAxT-43rfcQUmYozPLE.roa (raw, json)
Hash identifier: i/1DwqMjkRxMvpb2yMahb4K0v+eBiFoV+4UTK3EmkHM=
Subject key identifier: 0C:7A:73:99:94:EF:04:0C:53:FB:8D:EB:7D:C4:14:99:8A:33:3C:B1
Certificate issuer: /CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Certificate serial: 0195D26996384DAD5CCD9D57D700D0A85492
Authority key identifier: 16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/DHpzmZTvBAxT-43rfcQUmYozPLE.roa
Signing time: Wed 26 Mar 2025 12:24:49 +0000
ROA not before: Wed 26 Mar 2025 12:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203847
IP address blocks: 45.142.15.0/24 maxlen: 24
62.112.200.0/22 maxlen: 22
89.222.64.0/20 maxlen: 20
185.122.44.0/24 maxlen: 24
185.122.45.0/24 maxlen: 24
185.122.46.0/24 maxlen: 24
185.122.47.0/24 maxlen: 24
185.206.52.0/23 maxlen: 23
193.162.128.0/24 maxlen: 24
2a01:57e0:1::/48 maxlen: 48
2a01:57e0:200::/39 maxlen: 39
2a01:57e0:400::/39 maxlen: 39
2a01:57e0:600::/39 maxlen: 39
2a01:57e0:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:69:96:38:4d:ad:5c:cd:9d:57:d7:00:d0:a8:54:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166afc51c922fd842fec5b0cbbd26ebdbd1a161e
Validity
Not Before: Mar 26 12:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c7a739994ef040c53fb8deb7dc414998a333cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:02:03:5b:94:3d:0d:a8:8f:62:81:68:7d:84:
f0:5c:3c:5e:21:64:2f:fa:e5:c2:bd:c8:d9:d3:fb:
6f:d3:71:ee:05:cc:06:1e:c4:7d:4f:7b:5a:50:9a:
cf:b6:02:dd:d6:f3:8d:03:b5:73:79:72:29:ba:d2:
54:6b:3a:d2:6c:a0:b5:d8:fc:d3:62:59:8d:c8:9c:
a5:69:6d:31:34:96:c7:87:a7:25:8a:83:1d:f2:1b:
07:d9:dc:7a:01:cd:19:4b:07:3f:a0:32:17:52:cb:
39:ab:6f:86:bf:d8:66:c7:fa:3c:36:0b:83:84:2d:
c8:01:3f:6f:c8:f8:1d:c9:d2:eb:b4:e4:cf:b4:7e:
30:79:01:80:a3:f6:48:f3:71:2e:1a:df:f9:b4:35:
6a:d0:dd:17:13:21:b4:5a:ac:6c:5d:63:46:54:96:
cd:42:24:52:18:19:03:0e:43:8a:57:9c:f4:b1:56:
85:f1:1b:1c:40:ef:0a:df:e1:87:62:14:3f:2d:c3:
54:3b:d1:d1:b7:a1:98:c9:d1:23:9b:02:6a:5c:bf:
ae:b5:2d:b6:6c:a4:4e:34:e7:99:87:57:c8:bc:b9:
7f:f4:94:f8:18:bd:94:e5:62:5c:1e:dd:da:60:90:
f3:b5:64:4d:e1:9a:1b:10:35:d2:d6:ea:f7:03:ee:
cf:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7A:73:99:94:EF:04:0C:53:FB:8D:EB:7D:C4:14:99:8A:33:3C:B1
X509v3 Authority Key Identifier:
keyid:16:6A:FC:51:C9:22:FD:84:2F:EC:5B:0C:BB:D2:6E:BD:BD:1A:16:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/DHpzmZTvBAxT-43rfcQUmYozPLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/88c454-cbaa-43fd-b3c1-13b9110ce20c/1/Fmr8Ucki_YQv7FsMu9Juvb0aFh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.15.0/24
62.112.200.0/22
89.222.64.0/20
185.122.44.0/22
185.206.52.0/23
193.162.128.0/24
IPv6:
2a01:57e0:1::/48
2a01:57e0:200::-2a01:57e0:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
89:e4:e1:4a:60:6c:83:e9:9b:b9:7a:bd:a8:80:17:52:21:88:
ac:1b:6d:53:5a:2c:c8:dc:e9:ad:92:8a:d4:d5:5f:35:10:d8:
ce:64:9d:e0:72:63:75:28:44:23:c5:0a:79:b5:91:4c:4c:ae:
56:04:c6:24:37:1f:29:31:5a:e0:55:e8:08:31:a4:60:2d:6c:
6b:bb:a8:9b:81:1b:ee:fd:8b:cb:16:06:fa:70:68:09:8a:ce:
ce:08:9d:3c:cc:ac:98:a9:76:13:46:72:25:3d:77:2c:2c:34:
eb:d1:26:2b:11:6e:f3:95:f0:b8:62:15:a7:15:23:ee:d7:94:
45:62:89:0e:11:a2:a8:b0:a3:e6:aa:f9:f9:f1:f3:83:64:fa:
09:e4:e1:be:b3:41:c2:1c:99:b1:cb:f8:ba:03:de:3a:d9:82:
da:50:57:4f:32:a7:77:3d:6f:5a:20:90:1c:dd:17:1b:af:58:
1e:91:98:b2:48:0e:f1:74:49:dc:47:d0:42:2f:9b:90:02:7e:
4e:86:c8:6a:a1:ac:5a:72:15:40:bc:f1:5e:56:40:22:11:29:
76:06:3c:2d:2f:6d:1f:55:cb:d4:da:9e:8d:9b:af:61:56:6a:
66:d0:7a:d7:31:38:c1:ed:cb:36:08:c9:4f:8c:91:c7:8b:10:
85:05:d9:b6
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZXSaZY4Ta1czZ1X1wDQqFSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmFmYzUxYzkyMmZkODQyZmVjNWIwY2JiZDI2ZWJkYmQx
YTE2MWUwHhcNMjUwMzI2MTIyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzdhNzM5OTk0ZWYwNDBjNTNmYjhkZWI3ZGM0MTQ5OThhMzMzY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAIDW5Q9DaiPYoFofYTwXDxeIWQv
+uXCvcjZ0/tv03HuBcwGHsR9T3taUJrPtgLd1vONA7VzeXIputJUazrSbKC12PzT
YlmNyJylaW0xNJbHh6clioMd8hsH2dx6Ac0ZSwc/oDIXUss5q2+Gv9hmx/o8NguD
hC3IAT9vyPgdydLrtOTPtH4weQGAo/ZI83EuGt/5tDVq0N0XEyG0WqxsXWNGVJbN
QiRSGBkDDkOKV5z0sVaF8RscQO8K3+GHYhQ/LcNUO9HRt6GYydEjmwJqXL+utS22
bKRONOeZh1fIvLl/9JT4GL2U5WJcHt3aYJDztWRN4ZobEDXS1ur3A+7PrQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAx6c5mU7wQMU/uN633EFJmKMzyxMB8GA1UdIwQY
MBaAFBZq/FHJIv2EL+xbDLvSbr29GhYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEt
MTNiOTExMGNlMjBjLzEvREhwem1aVHZCQXhULTQzcmZjUVVtWW96UExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy84OGM0NTQtY2JhYS00M2ZkLWIzYzEtMTNiOTExMGNlMjBj
LzEvRm1yOFVja2lfWVF2N0ZzTXU5SnV2YjBhRmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAqBAIAATAkAwQALY4PAwQC
PnDIAwQEWd5AAwQCuXosAwQBuc40AwQAwaKAMCEEAgACMBsDBwAqAVfgAAEwEAMG
ASoBV+ACAwYEKgFX4AAwDQYJKoZIhvcNAQELBQADggEBAInk4UpgbIPpm7l6vaiA
F1IhiKwbbVNaLMjc6a2SitTVXzUQ2M5kneByY3UoRCPFCnm1kUxMrlYExiQ3Hykx
WuBV6AgxpGAtbGu7qJuBG+79i8sWBvpwaAmKzs4InTzMrJipdhNGciU9dywsNOvR
JisRbvOV8LhiFacVI+7XlEViiQ4Roqiwo+aq+fnx84Nk+gnk4b6zQcIcmbHL+LoD
3jrZgtpQV08yp3c9b1ogkBzdFxuvWB6RmLJIDvF0SdxH0EIvm5ACfk6GyGqhrFpy
FUC88V5WQCIRKXYGPC0vbR9Vy9Tano2br2FWambQetcxOMHtyzYIyU+MkceLEIUF
2bY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:49:10 2025 by rpki-client