Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/7HWHA8UqwHtsqDMBW-DwrAaDDjM.roa
File: 7HWHA8UqwHtsqDMBW-DwrAaDDjM.roa (raw, json)
Hash identifier: e8s5o0udkcNi/3gr4/Pby8a6BORkIl6Tk5BcUgdqf98=
Subject key identifier: EC:75:87:03:C5:2A:C0:7B:6C:A8:33:01:5B:E0:F0:AC:06:83:0E:33
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 0194228DD50E65C2E5E92C7A0F0AFB22980E
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/7HWHA8UqwHtsqDMBW-DwrAaDDjM.roa
Signing time: Wed 01 Jan 2025 15:48:28 +0000
ROA not before: Wed 01 Jan 2025 15:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60089
IP address blocks: 185.206.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d5:0e:65:c2:e5:e9:2c:7a:0f:0a:fb:22:98:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jan 1 15:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec758703c52ac07b6ca833015be0f0ac06830e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e1:8c:4c:a9:28:c6:a8:0f:fb:f6:c1:56:1e:
24:5d:d4:2e:52:dd:0c:84:ab:80:2c:e1:91:4a:ab:
31:ec:3b:a4:b9:d8:c6:fb:af:02:71:ad:e4:45:b2:
48:a3:65:33:65:7a:da:ac:18:2d:37:c1:4b:ab:9b:
ce:b7:43:14:3b:27:e7:99:fc:4e:5a:41:be:16:a1:
43:0a:83:ea:a3:3f:18:84:58:f2:d5:da:2e:a5:4a:
4a:fc:72:ee:09:e7:1c:2c:16:16:04:37:30:0e:f9:
3f:26:ee:e2:1f:72:67:cc:2f:e1:be:11:7a:88:47:
7e:74:9c:9b:7d:2a:35:81:88:21:a1:11:01:3f:05:
a5:73:70:e1:d2:9f:84:4e:92:0f:07:83:e1:13:f5:
c1:b1:51:a3:89:21:c8:2e:d1:60:77:ff:90:49:58:
54:fb:ca:c5:f2:0a:3f:c3:71:c4:b7:3c:cf:0b:ca:
cd:f0:ce:2e:eb:c2:e6:a4:55:0d:8f:23:d2:f6:19:
10:30:e0:20:e1:7f:07:13:fb:3d:39:e3:90:9e:ac:
7c:ff:73:73:fb:fb:c2:24:fd:8e:d7:4d:0e:00:f1:
fd:89:9f:44:ca:13:76:4c:c5:c4:07:c4:c3:18:08:
6e:70:96:0f:58:aa:7b:fa:2c:64:d8:82:7a:76:9c:
dd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:75:87:03:C5:2A:C0:7B:6C:A8:33:01:5B:E0:F0:AC:06:83:0E:33
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/7HWHA8UqwHtsqDMBW-DwrAaDDjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.55.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ff:fc:a5:47:4c:a1:e0:c7:74:ef:79:ba:5e:d5:49:23:8a:
da:b1:c0:67:fb:45:2b:2c:2e:d7:96:b5:fd:ca:41:4c:02:67:
14:f5:b2:21:6b:eb:3f:ff:cc:e0:18:f9:3c:5a:60:2d:0b:99:
60:c4:50:f5:ba:cd:76:bc:f0:b9:a2:1f:1f:04:8d:f9:0a:c5:
57:e7:cc:39:bd:15:62:c7:c7:db:dd:2d:5c:73:bd:11:e4:5f:
60:15:35:02:ed:85:14:45:b7:61:1b:88:85:2e:66:7e:82:04:
48:f5:23:5f:86:5f:9e:13:23:ee:58:34:cb:c1:b1:e7:b8:39:
3a:e8:dc:15:05:e6:ba:b6:51:68:b5:f6:ae:a3:f6:64:60:ee:
17:74:86:d8:4c:82:c9:ee:09:70:5f:7a:bc:03:a0:a3:b9:72:
27:4d:46:fe:31:38:35:ff:48:29:a8:a5:d2:54:5b:4a:7e:7a:
68:36:bc:93:a1:b1:85:b9:db:36:0e:ba:1a:42:f8:d6:b5:ef:
38:38:9b:10:80:e6:43:23:9e:68:da:be:ff:19:b6:4f:62:69:
d6:40:f7:be:98:4d:2c:32:70:79:c5:ef:6b:70:42:3c:70:57:
12:2d:ad:8c:60:6d:71:6e:04:1c:46:32:9a:e9:90:7a:32:94:
cf:40:ab:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdUOZcLl6Sx6Dwr7IpgOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjUwMTAxMTU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc1ODcwM2M1MmFjMDdiNmNhODMzMDE1YmUwZjBhYzA2ODMwZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuGMTKkoxqgP+/bBVh4kXdQuUt0M
hKuALOGRSqsx7DukudjG+68Cca3kRbJIo2UzZXrarBgtN8FLq5vOt0MUOyfnmfxO
WkG+FqFDCoPqoz8YhFjy1doupUpK/HLuCeccLBYWBDcwDvk/Ju7iH3JnzC/hvhF6
iEd+dJybfSo1gYghoREBPwWlc3Dh0p+ETpIPB4PhE/XBsVGjiSHILtFgd/+QSVhU
+8rF8go/w3HEtzzPC8rN8M4u68LmpFUNjyPS9hkQMOAg4X8HE/s9OeOQnqx8/3Nz
+/vCJP2O100OAPH9iZ9EyhN2TMXEB8TDGAhucJYPWKp7+ixk2IJ6dpzdowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOx1hwPFKsB7bKgzAVvg8KwGgw4zMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvN0hXSEE4VXF3SHRzcURNQlctRHdyQWFERGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc43MA0G
CSqGSIb3DQEBCwUAA4IBAQBa//ylR0yh4Md073m6XtVJI4rascBn+0UrLC7XlrX9
ykFMAmcU9bIha+s//8zgGPk8WmAtC5lgxFD1us12vPC5oh8fBI35CsVX58w5vRVi
x8fb3S1cc70R5F9gFTUC7YUURbdhG4iFLmZ+ggRI9SNfhl+eEyPuWDTLwbHnuDk6
6NwVBea6tlFotfauo/ZkYO4XdIbYTILJ7glwX3q8A6CjuXInTUb+MTg1/0gpqKXS
VFtKfnpoNryTobGFuds2DroaQvjWte84OJsQgOZDI55o2r7/GbZPYmnWQPe+mE0s
MnB5xe9rcEI8cFcSLa2MYG1xbgQcRjKa6ZB6MpTPQKun
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:59:30 2025 by rpki-client