Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/dd672d-e980-4dca-9195-859dbca38714/1/hT840T8mica095PLsmh6UJWn1xw.roa
File: hT840T8mica095PLsmh6UJWn1xw.roa (raw, json)
Hash identifier: BtlUar+Qm61Tys6a6+qj8yTMdU/uS3Pp3uWg+aNGVWY=
Subject key identifier: 85:3F:38:D1:3F:26:89:C6:B4:F7:93:CB:B2:68:7A:50:95:A7:D7:1C
Certificate issuer: /CN=ad442bdda2a35320a96d806bf168d5b84a76d426
Certificate serial: 0194221FC267C5982C71F5D903AED0F75885
Authority key identifier: AD:44:2B:DD:A2:A3:53:20:A9:6D:80:6B:F1:68:D5:B8:4A:76:D4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUQr3aKjUyCpbYBr8WjVuEp21CY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/dd672d-e980-4dca-9195-859dbca38714/1/hT840T8mica095PLsmh6UJWn1xw.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41099
IP address blocks: 193.9.15.0/24 maxlen: 24
193.9.255.0/24 maxlen: 24
193.16.0.0/24 maxlen: 24
195.10.215.0/24 maxlen: 24
195.10.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/dd672d-e980-4dca-9195-859dbca38714/1/rUQr3aKjUyCpbYBr8WjVuEp21CY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/dd672d-e980-4dca-9195-859dbca38714/1/rUQr3aKjUyCpbYBr8WjVuEp21CY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rUQr3aKjUyCpbYBr8WjVuEp21CY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c2:67:c5:98:2c:71:f5:d9:03:ae:d0:f7:58:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad442bdda2a35320a96d806bf168d5b84a76d426
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=853f38d13f2689c6b4f793cbb2687a5095a7d71c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:50:58:fc:d2:ed:73:5d:f2:78:6c:8f:1e:81:
13:8a:be:65:e1:03:e5:f3:65:2c:48:d7:bd:2b:76:
55:2f:f5:6b:59:94:d7:2d:89:cf:aa:ed:ae:c5:3e:
ca:4d:e6:81:6c:a2:8f:bb:56:87:d3:03:3d:77:40:
19:df:17:22:51:40:ef:55:73:f8:8c:11:07:cf:07:
71:34:22:86:78:e3:18:1f:1d:c1:41:1a:fe:22:4b:
64:6f:a4:9c:df:02:68:6a:6a:62:22:10:17:61:bf:
67:ec:ad:99:e7:e3:05:92:62:af:70:64:f3:94:08:
4b:d3:55:5b:4f:f8:b4:ad:6e:37:7d:51:44:2f:4a:
02:e7:f4:3d:68:86:90:8b:48:3d:19:8f:a2:b1:a1:
57:19:5c:d3:2f:52:00:8e:d8:97:b5:84:48:91:fa:
39:f3:2c:67:0c:7c:3d:b4:7f:42:21:c8:de:66:2f:
df:cc:3d:a1:1e:01:53:f2:c3:31:2f:da:04:40:7a:
57:36:45:67:ca:a2:b6:51:d6:c3:fb:97:00:5f:36:
f2:13:bb:88:00:7f:54:fc:57:63:d6:ea:47:f0:74:
25:09:20:98:33:fb:86:d4:8c:fe:8e:43:58:a9:df:
41:12:7b:54:3a:8d:2b:cc:48:af:da:d9:37:ca:68:
58:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3F:38:D1:3F:26:89:C6:B4:F7:93:CB:B2:68:7A:50:95:A7:D7:1C
X509v3 Authority Key Identifier:
keyid:AD:44:2B:DD:A2:A3:53:20:A9:6D:80:6B:F1:68:D5:B8:4A:76:D4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUQr3aKjUyCpbYBr8WjVuEp21CY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/dd672d-e980-4dca-9195-859dbca38714/1/hT840T8mica095PLsmh6UJWn1xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/dd672d-e980-4dca-9195-859dbca38714/1/rUQr3aKjUyCpbYBr8WjVuEp21CY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.15.0/24
193.9.255.0/24
193.16.0.0/24
195.10.215.0/24
195.10.222.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:2d:0a:51:53:3b:07:3e:36:41:94:00:48:0a:64:ce:27:bd:
2b:e7:21:c7:75:29:88:13:68:22:47:92:35:42:69:22:51:ab:
2f:df:4b:47:e5:ec:3b:10:e0:ee:ea:a1:59:d5:56:6d:a8:5c:
a3:cc:c3:ba:28:c4:63:3e:3f:34:09:2b:c7:8d:4a:7a:81:40:
d2:84:79:99:b5:35:8b:07:d2:2f:1f:5d:50:43:f1:04:5e:4e:
94:02:f4:88:d9:1e:2d:ae:1e:fc:85:e0:ba:a6:cd:99:7e:af:
0d:53:09:cf:42:15:a6:79:d3:e6:4c:f5:55:9e:7a:06:0a:28:
9a:7c:dc:b0:29:9f:93:80:f2:88:f2:7e:64:c5:65:8c:a9:f0:
02:10:34:96:12:18:7f:ec:a2:d2:9f:78:cb:58:27:11:1d:70:
a0:56:79:9f:29:3b:e0:20:1f:0f:fd:9f:dc:15:fe:b9:91:87:
24:92:af:52:a7:dd:14:f3:03:a1:b3:31:92:8c:80:37:22:ce:
57:ce:01:0d:55:26:75:38:99:b2:48:00:9d:ca:25:97:4d:c4:
37:d3:8f:12:64:46:08:c3:c8:3b:92:c6:30:9e:4b:d3:3c:7a:
44:d5:0b:eb:32:a7:99:2e:81:07:22:5b:4f:30:39:95:9a:30:
a5:a1:2f:9a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiH8JnxZgscfXZA67Q91iFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNDQyYmRkYTJhMzUzMjBhOTZkODA2YmYxNjhkNWI4NGE3
NmQ0MjYwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNmMzhkMTNmMjY4OWM2YjRmNzkzY2JiMjY4N2E1MDk1YTdkNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1BY/NLtc13yeGyPHoETir5l4QPl
82UsSNe9K3ZVL/VrWZTXLYnPqu2uxT7KTeaBbKKPu1aH0wM9d0AZ3xciUUDvVXP4
jBEHzwdxNCKGeOMYHx3BQRr+Iktkb6Sc3wJoampiIhAXYb9n7K2Z5+MFkmKvcGTz
lAhL01VbT/i0rW43fVFEL0oC5/Q9aIaQi0g9GY+isaFXGVzTL1IAjtiXtYRIkfo5
8yxnDHw9tH9CIcjeZi/fzD2hHgFT8sMxL9oEQHpXNkVnyqK2UdbD+5cAXzbyE7uI
AH9U/Fdj1upH8HQlCSCYM/uG1Iz+jkNYqd9BEntUOo0rzEiv2tk3ymhYRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIU/ONE/JonGtPeTy7JoelCVp9ccMB8GA1UdIwQY
MBaAFK1EK92io1MgqW2Aa/Fo1bhKdtQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclVRcjNhS2pVeUNwYllCcjhXalZ1RXAyMUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9kZDY3MmQtZTk4MC00ZGNhLTkxOTUt
ODU5ZGJjYTM4NzE0LzEvaFQ4NDBUOG1pY2EwOTVQTHNtaDZVSlduMXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9kZDY3MmQtZTk4MC00ZGNhLTkxOTUtODU5ZGJjYTM4NzE0
LzEvclVRcjNhS2pVeUNwYllCcjhXalZ1RXAyMUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwQkPAwQA
wQn/AwQAwRAAAwQAwwrXAwQAwwreMA0GCSqGSIb3DQEBCwUAA4IBAQCdLQpRUzsH
PjZBlABICmTOJ70r5yHHdSmIE2giR5I1QmkiUasv30tH5ew7EODu6qFZ1VZtqFyj
zMO6KMRjPj80CSvHjUp6gUDShHmZtTWLB9IvH11QQ/EEXk6UAvSI2R4trh78heC6
ps2Zfq8NUwnPQhWmedPmTPVVnnoGCiiafNywKZ+TgPKI8n5kxWWMqfACEDSWEhh/
7KLSn3jLWCcRHXCgVnmfKTvgIB8P/Z/cFf65kYckkq9Sp90U8wOhszGSjIA3Is5X
zgENVSZ1OJmySACdyiWXTcQ3048SZEYIw8g7ksYwnkvTPHpE1QvrMqeZLoEHIltP
MDmVmjCloS+a
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:01:00 2025 by rpki-client