Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/h4lmHtZmc-e8tzOKOXHK6w0H9vo.roa
File: h4lmHtZmc-e8tzOKOXHK6w0H9vo.roa (raw, json)
Hash identifier: RNI+7dl19mmJ+6ZDRRtmz8YHjJqtvZ2Bexxp/E4LF/Y=
Subject key identifier: 87:89:66:1E:D6:66:73:E7:BC:B7:33:8A:39:71:CA:EB:0D:07:F6:FA
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019424B37D613AAE66181B28FFE1073A14F1
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/h4lmHtZmc-e8tzOKOXHK6w0H9vo.roa
Signing time: Thu 02 Jan 2025 01:48:50 +0000
ROA not before: Thu 02 Jan 2025 01:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44090
IP address blocks: 62.60.147.0/24 maxlen: 24
213.176.2.0/24 maxlen: 24
213.176.7.0/24 maxlen: 24
213.176.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7d:61:3a:ae:66:18:1b:28:ff:e1:07:3a:14:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 01:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8789661ed66673e7bcb7338a3971caeb0d07f6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:98:25:13:47:1d:73:29:05:4e:a0:b3:6d:
1e:25:42:68:b4:b0:76:2b:0a:dc:b2:26:1f:db:eb:
df:2f:e8:7e:18:1c:25:d6:90:14:89:5b:2f:da:54:
76:31:1f:6b:79:00:4e:75:9d:bd:4e:b6:66:fd:38:
3b:92:a5:2c:75:02:c5:d5:b4:60:bc:89:b3:a8:c1:
af:9d:67:5a:fd:d5:2c:a5:89:0c:70:1b:eb:4a:ff:
d9:90:95:17:48:1f:ae:44:1a:84:a4:fe:c4:3f:f9:
aa:1a:7e:1c:30:a6:1b:5c:19:0b:d2:92:e0:bd:2b:
89:a4:19:58:7d:2e:9d:bd:7d:19:a9:9e:16:5a:e0:
c6:ac:91:de:0d:3f:5d:ce:0a:cb:0a:de:3f:99:51:
b7:f9:b1:ca:d1:60:67:59:65:f5:c5:6a:84:00:df:
be:20:bc:7f:61:8c:fc:c8:4a:a5:80:ce:75:05:a5:
c6:07:4b:3b:17:77:00:1a:c8:ad:b3:eb:75:86:6f:
72:96:6e:67:cb:23:a5:8a:4a:7f:44:cb:c3:19:bd:
89:50:39:8a:86:09:6e:fe:c0:dd:19:10:c1:e4:26:
c6:d2:80:3e:93:c6:78:95:ac:cd:8f:51:28:8b:bb:
8a:b2:3d:62:d8:07:db:e2:a7:5d:7f:54:47:91:0f:
23:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:89:66:1E:D6:66:73:E7:BC:B7:33:8A:39:71:CA:EB:0D:07:F6:FA
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/h4lmHtZmc-e8tzOKOXHK6w0H9vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.147.0/24
213.176.2.0/24
213.176.7.0/24
213.176.127.0/24
Signature Algorithm: sha256WithRSAEncryption
91:d8:6b:9c:82:d0:75:50:ec:23:a1:c9:ef:0c:2c:e0:1a:ef:
19:f9:45:53:6b:bd:3e:22:be:23:4f:2e:7a:68:f0:b3:4e:94:
bd:45:0b:31:9e:98:86:d9:af:d1:94:da:da:c0:15:8c:d2:71:
90:60:b4:c2:54:7a:86:6e:17:37:d0:ba:4b:e7:f4:58:74:6a:
8c:41:ad:88:a7:78:97:98:06:f5:af:ad:6f:95:05:a2:2c:81:
f8:3f:d0:9f:32:1d:9c:ab:b6:c3:86:f3:58:ea:57:bc:9b:1d:
f6:5f:c3:dd:99:82:c8:85:1c:63:9b:ae:5d:9f:f9:5c:e9:f5:
aa:4a:5f:e4:9e:a5:3d:b2:8a:5a:37:1c:bb:0b:1f:36:b9:95:
13:51:fd:a9:59:84:7c:2f:54:36:4a:a4:4d:3f:89:d0:c1:23:
cc:69:25:20:63:4f:04:a6:2d:48:05:f1:6b:0a:08:c9:02:07:
d4:ac:c4:f5:90:eb:57:07:64:4c:6f:82:61:90:7b:ab:e9:81:
a6:19:e2:0c:94:c9:59:63:bd:40:b6:1c:7a:90:54:38:98:9c:
38:7d:3c:16:77:f5:3f:7d:8e:70:57:6c:e6:db:21:e0:c2:02:
f8:93:5f:f3:48:4a:ea:2a:43:77:7c:c0:12:a1:82:57:be:57:
10:8c:26:0a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQks31hOq5mGBso/+EHOhTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwMTAyMDE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg5NjYxZWQ2NjY3M2U3YmNiNzMzOGEzOTcxY2FlYjBkMDdmNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kSYJRNHHXMpBU6gs20eJUJotLB2
KwrcsiYf2+vfL+h+GBwl1pAUiVsv2lR2MR9reQBOdZ29TrZm/Tg7kqUsdQLF1bRg
vImzqMGvnWda/dUspYkMcBvrSv/ZkJUXSB+uRBqEpP7EP/mqGn4cMKYbXBkL0pLg
vSuJpBlYfS6dvX0ZqZ4WWuDGrJHeDT9dzgrLCt4/mVG3+bHK0WBnWWX1xWqEAN++
ILx/YYz8yEqlgM51BaXGB0s7F3cAGsits+t1hm9ylm5nyyOlikp/RMvDGb2JUDmK
hglu/sDdGRDB5CbG0oA+k8Z4lazNj1Eoi7uKsj1i2Afb4qddf1RHkQ8j5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIeJZh7WZnPnvLczijlxyusNB/b6MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvaDRsbUh0Wm1jLWU4dHpPS09YSEs2dzBIOXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPjyTAwQA
1bACAwQA1bAHAwQA1bB/MA0GCSqGSIb3DQEBCwUAA4IBAQCR2GucgtB1UOwjocnv
DCzgGu8Z+UVTa70+Ir4jTy56aPCzTpS9RQsxnpiG2a/RlNrawBWM0nGQYLTCVHqG
bhc30LpL5/RYdGqMQa2Ip3iXmAb1r61vlQWiLIH4P9CfMh2cq7bDhvNY6le8mx32
X8PdmYLIhRxjm65dn/lc6fWqSl/knqU9sopaNxy7Cx82uZUTUf2pWYR8L1Q2SqRN
P4nQwSPMaSUgY08Epi1IBfFrCgjJAgfUrMT1kOtXB2RMb4JhkHur6YGmGeIMlMlZ
Y71Athx6kFQ4mJw4fTwWd/U/fY5wV2zm2yHgwgL4k1/zSErqKkN3fMASoYJXvlcQ
jCYK
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:25:22 2025 by rpki-client