Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/b-H1HafvFZHqAREOClh3E9AccmU.roa
File: b-H1HafvFZHqAREOClh3E9AccmU.roa (raw, json)
Hash identifier: MvASKCNf0q7mbKy4jwGmZ3TcUV1oDH8tUiKsCWNFvAY=
Subject key identifier: 6F:E1:F5:1D:A7:EF:15:91:EA:01:11:0E:0A:58:77:13:D0:1C:72:65
Certificate issuer: /CN=5871720a8884167fef82a49267661fb346d7561a
Certificate serial: 0194228D0D9A247C6B74EBB009076AB4E797
Authority key identifier: 58:71:72:0A:88:84:16:7F:EF:82:A4:92:67:66:1F:B3:46:D7:56:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/b-H1HafvFZHqAREOClh3E9AccmU.roa
Signing time: Wed 01 Jan 2025 15:47:36 +0000
ROA not before: Wed 01 Jan 2025 15:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208070
IP address blocks: 45.159.168.0/24 maxlen: 24
45.159.169.0/24 maxlen: 24
45.159.170.0/24 maxlen: 24
45.159.171.0/24 maxlen: 24
2a01:fc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.mft
rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0d:9a:24:7c:6b:74:eb:b0:09:07:6a:b4:e7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5871720a8884167fef82a49267661fb346d7561a
Validity
Not Before: Jan 1 15:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fe1f51da7ef1591ea01110e0a587713d01c7265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1e:fd:d8:7d:30:c1:62:38:99:32:63:b0:69:
51:12:10:26:04:2c:18:38:3d:ac:ea:56:a9:50:c5:
8b:a3:07:1f:be:2d:00:f3:34:ba:09:93:da:c1:d6:
19:db:86:bb:cd:2e:3a:e4:13:f7:9c:46:ad:99:96:
24:29:d9:31:90:f6:a1:41:e6:fd:5a:da:34:c3:f0:
4e:f5:16:51:b0:19:fc:67:26:9b:51:af:ca:e8:bc:
f7:c8:ff:91:c1:dc:bd:2d:0f:64:e0:0b:aa:62:4f:
1f:e3:98:88:8e:e8:5d:f9:27:1b:f9:71:cc:90:dc:
f1:e1:fc:ea:59:f1:15:93:c6:aa:9d:7e:20:aa:50:
91:38:a3:6d:09:21:4b:52:67:67:84:11:63:57:0f:
bd:22:fb:52:d2:b0:28:42:7d:d6:9d:b5:6f:6f:7c:
dc:03:be:35:16:90:a6:68:ce:a0:f5:ae:6c:dc:2f:
0f:a2:9f:c2:36:68:04:37:84:0c:f6:c0:cf:bf:d5:
0e:01:40:8d:76:88:5b:b1:28:66:17:3b:8b:af:3a:
ef:e1:84:dc:4a:cf:06:ce:91:64:9a:9d:84:f2:1f:
5d:2e:83:a7:eb:c3:05:48:15:e1:40:72:b8:bb:25:
30:26:fb:92:aa:80:ca:9e:0a:c5:27:4c:43:6d:c9:
3f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E1:F5:1D:A7:EF:15:91:EA:01:11:0E:0A:58:77:13:D0:1C:72:65
X509v3 Authority Key Identifier:
keyid:58:71:72:0A:88:84:16:7F:EF:82:A4:92:67:66:1F:B3:46:D7:56:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/b-H1HafvFZHqAREOClh3E9AccmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/0fa602-f6b8-47ae-bf06-7da89cda9f71/1/WHFyCoiEFn_vgqSSZ2Yfs0bXVho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.168.0/22
IPv6:
2a01:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
25:bc:1c:3c:49:9b:46:70:db:c6:c1:da:44:f9:6b:6c:c0:90:
30:98:df:20:f8:19:67:4d:79:7d:6c:4f:a0:1b:46:5b:86:0f:
79:c4:c0:42:a3:84:15:96:58:0d:92:e3:a5:d2:e9:cb:dd:02:
b2:b0:c8:5a:9c:f2:95:d6:8f:c9:07:ba:6b:84:82:1a:3c:96:
c5:5c:54:d2:6b:1f:c0:ca:a6:0a:fe:62:1c:7b:e5:27:a6:6d:
6e:0c:49:3c:0b:74:2b:ff:67:b2:1c:a8:eb:9a:2d:c6:10:ae:
3a:f4:44:16:80:a9:35:11:f6:ce:4a:7e:d5:69:a2:15:b3:fd:
a1:85:17:f0:72:14:3b:30:96:8a:f7:ec:28:33:71:50:b6:f2:
d9:2e:f0:7d:fc:26:99:aa:33:61:1e:2b:30:f6:70:e8:e0:3c:
87:5e:0a:88:31:35:9b:2b:70:10:2e:98:aa:4a:32:25:5b:bb:
7c:59:97:37:19:4c:2f:6b:ba:b3:47:56:6c:2f:c5:12:b2:7f:
44:e6:dd:7d:5b:3e:74:c5:dc:20:c2:5d:65:01:75:49:a1:b5:
d5:cc:b2:70:d0:7e:53:cf:b0:62:59:b7:f1:0c:e1:3d:e9:57:
24:7e:1f:b3:78:7d:70:6b:09:49:ae:b3:0c:77:d9:3d:b3:66:
a9:49:75:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijQ2aJHxrdOuwCQdqtOeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NzE3MjBhODg4NDE2N2ZlZjgyYTQ5MjY3NjYxZmIzNDZk
NzU2MWEwHhcNMjUwMTAxMTU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmUxZjUxZGE3ZWYxNTkxZWEwMTExMGUwYTU4NzcxM2QwMWM3MjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx792H0wwWI4mTJjsGlREhAmBCwY
OD2s6lapUMWLowcfvi0A8zS6CZPawdYZ24a7zS465BP3nEatmZYkKdkxkPahQeb9
Wto0w/BO9RZRsBn8ZyabUa/K6Lz3yP+Rwdy9LQ9k4AuqYk8f45iIjuhd+Scb+XHM
kNzx4fzqWfEVk8aqnX4gqlCROKNtCSFLUmdnhBFjVw+9IvtS0rAoQn3WnbVvb3zc
A741FpCmaM6g9a5s3C8Pop/CNmgEN4QM9sDPv9UOAUCNdohbsShmFzuLrzrv4YTc
Ss8GzpFkmp2E8h9dLoOn68MFSBXhQHK4uyUwJvuSqoDKngrFJ0xDbck/VwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/h9R2n7xWR6gERDgpYdxPQHHJlMB8GA1UdIwQY
MBaAFFhxcgqIhBZ/74KkkmdmH7NG11YaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0hGeUNvaUVGbl92Z3FTU1oyWWZzMGJYVmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wZmE2MDItZjZiOC00N2FlLWJmMDYt
N2RhODljZGE5ZjcxLzEvYi1IMUhhZnZGWkhxQVJFT0NsaDNFOUFjY21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wZmE2MDItZjZiOC00N2FlLWJmMDYtN2RhODljZGE5Zjcx
LzEvV0hGeUNvaUVGbl92Z3FTU1oyWWZzMGJYVmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ+oMA0E
AgACMAcDBQMqAfwAMA0GCSqGSIb3DQEBCwUAA4IBAQAlvBw8SZtGcNvGwdpE+Wts
wJAwmN8g+BlnTXl9bE+gG0Zbhg95xMBCo4QVllgNkuOl0unL3QKysMhanPKV1o/J
B7prhIIaPJbFXFTSax/AyqYK/mIce+Unpm1uDEk8C3Qr/2eyHKjrmi3GEK469EQW
gKk1EfbOSn7VaaIVs/2hhRfwchQ7MJaK9+woM3FQtvLZLvB9/CaZqjNhHisw9nDo
4DyHXgqIMTWbK3AQLpiqSjIlW7t8WZc3GUwva7qzR1ZsL8USsn9E5t19Wz50xdwg
wl1lAXVJobXVzLJw0H5Tz7BiWbfxDOE96Vckfh+zeH1wawlJrrMMd9k9s2apSXXQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:59 2025 by rpki-client