Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H9DYFuzKrIiIQf9p4GBE3mq7fnE.roa
File: H9DYFuzKrIiIQf9p4GBE3mq7fnE.roa (raw, json)
Hash identifier: n6K0Vcugb/6zzQLN6on1UKPlFnc512TwBYrm8XGu3K8=
Subject key identifier: 1F:D0:D8:16:EC:CA:AC:88:88:41:FF:69:E0:60:44:DE:6A:BB:7E:71
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019445B64277BDF9404E7AC9C57C7F1DB047
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H9DYFuzKrIiIQf9p4GBE3mq7fnE.roa
Signing time: Wed 08 Jan 2025 11:39:20 +0000
ROA not before: Wed 08 Jan 2025 11:39:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142594
IP address blocks: 2.56.166.0/24 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
45.140.220.0/24 maxlen: 24
45.140.221.0/24 maxlen: 24
77.83.241.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.74.0/24 maxlen: 24
194.31.140.0/24 maxlen: 24
194.56.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 12:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:b6:42:77:bd:f9:40:4e:7a:c9:c5:7c:7f:1d:b0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 8 11:39:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fd0d816eccaac888841ff69e06044de6abb7e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:99:d8:12:d0:38:cb:2d:69:d0:6e:2a:17:e1:
f8:98:5e:cd:36:dc:f1:fd:a5:55:35:6e:77:9e:3a:
50:40:54:6a:00:6d:75:ca:19:91:81:60:91:e8:80:
38:9e:42:eb:b0:5d:61:35:85:34:89:15:c9:b7:ad:
51:34:12:a9:72:99:9d:af:e2:41:d1:ed:da:56:a6:
4c:d6:fd:8d:e3:8e:55:ff:f6:ca:fd:e7:fe:e5:08:
37:13:d3:f0:d5:77:49:20:e5:d0:eb:2c:38:88:c6:
85:0d:c8:17:91:7b:e4:bc:bf:d4:08:9f:65:16:7d:
19:a8:24:5b:db:57:b0:3f:76:2b:ee:4a:42:92:4b:
57:de:9b:a6:fc:9e:fb:4f:07:15:30:00:ab:fc:7b:
0b:eb:f7:4a:65:65:e7:37:81:0b:68:e4:6c:c6:12:
fb:e9:b1:4c:6b:ac:1e:1f:bc:f8:c6:1e:66:1f:eb:
37:9c:6f:df:78:00:50:af:89:c5:63:1d:e6:ae:dc:
f6:b7:5e:19:11:d2:28:7e:1a:4d:ec:4c:6d:d0:c7:
2f:dd:f5:d8:b8:83:4e:26:bb:ee:7b:ac:7e:2a:07:
3c:14:29:cf:85:78:43:4c:a4:7b:2a:75:f2:42:9a:
dd:4c:ab:8a:92:94:f8:39:a2:f0:6a:4b:ad:ff:4c:
bb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D0:D8:16:EC:CA:AC:88:88:41:FF:69:E0:60:44:DE:6A:BB:7E:71
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/H9DYFuzKrIiIQf9p4GBE3mq7fnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.166.0/24
45.90.145.0-45.90.146.255
45.140.220.0/23
77.83.241.0/24
185.227.71.0/24
185.234.74.0/24
194.31.140.0/24
194.56.225.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:08:3d:9c:86:88:65:da:f5:e4:03:ab:84:d3:2a:6b:ef:0f:
07:7f:97:0e:60:d8:92:dd:7f:9a:66:1a:3b:7b:2d:04:45:18:
e7:32:ba:2f:20:58:21:b1:b7:c9:0e:3d:75:86:7b:28:c4:a3:
fe:92:9a:9d:ab:9f:b4:8a:c5:81:33:e8:1b:54:39:d5:e5:03:
db:c1:8f:e0:c7:0c:3e:3e:0f:71:50:51:93:bc:8f:3e:27:8a:
a4:fc:b2:42:3f:31:ae:3d:c1:68:2f:5e:4e:6e:4b:3a:1f:a6:
d4:26:e6:68:d9:4b:31:29:87:7a:ed:68:a9:1b:01:2f:f7:39:
ee:64:a8:56:cf:60:14:af:6f:1a:37:75:be:38:70:bd:5d:1b:
c6:33:5e:39:fc:a4:f7:c1:4b:13:ff:97:95:d8:39:27:6d:e2:
8c:e1:a5:bf:f5:16:72:ef:f1:17:5f:60:8c:41:22:b3:4f:96:
a8:01:70:24:8c:f3:b5:01:f3:9f:64:85:62:5a:41:f6:14:7f:
b9:26:27:64:82:31:4c:2b:5a:ed:fd:d5:da:92:e7:0a:d1:68:
d9:72:1f:f1:f9:57:93:7b:c5:9c:02:e6:80:e4:2b:10:78:e9:
fb:d1:06:22:ae:e0:04:5d:8e:4a:ab:93:ba:85:b0:9e:14:0d:
a3:a7:ab:c6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZRFtkJ3vflATnrJxXx/HbBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTA4MTEzOTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmQwZDgxNmVjY2FhYzg4ODg0MWZmNjllMDYwNDRkZTZhYmI3ZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJnYEtA4yy1p0G4qF+H4mF7NNtzx
/aVVNW53njpQQFRqAG11yhmRgWCR6IA4nkLrsF1hNYU0iRXJt61RNBKpcpmdr+JB
0e3aVqZM1v2N445V//bK/ef+5Qg3E9Pw1XdJIOXQ6yw4iMaFDcgXkXvkvL/UCJ9l
Fn0ZqCRb21ewP3Yr7kpCkktX3pum/J77TwcVMACr/HsL6/dKZWXnN4ELaORsxhL7
6bFMa6weH7z4xh5mH+s3nG/feABQr4nFYx3mrtz2t14ZEdIofhpN7Ext0Mcv3fXY
uINOJrvue6x+Kgc8FCnPhXhDTKR7KnXyQprdTKuKkpT4OaLwakut/0y7ZwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFB/Q2BbsyqyIiEH/aeBgRN5qu35xMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSDlEWUZ1ektySWlJUWY5cDRHQkUzbXE3Zm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAAjimMAwD
BAAtWpEDBAAtWpIDBAEtjNwDBABNU/EDBAC540cDBAC56koDBADCH4wDBADCOOEw
DQYJKoZIhvcNAQELBQADggEBAF0IPZyGiGXa9eQDq4TTKmvvDwd/lw5g2JLdf5pm
Gjt7LQRFGOcyui8gWCGxt8kOPXWGeyjEo/6Smp2rn7SKxYEz6BtUOdXlA9vBj+DH
DD4+D3FQUZO8jz4niqT8skI/Ma49wWgvXk5uSzofptQm5mjZSzEph3rtaKkbAS/3
Oe5kqFbPYBSvbxo3db44cL1dG8YzXjn8pPfBSxP/l5XYOSdt4ozhpb/1FnLv8Rdf
YIxBIrNPlqgBcCSM87UB859khWJaQfYUf7kmJ2SCMUwrWu391dqS5wrRaNlyH/H5
V5N7xZwC5oDkKxB46fvRBiKu4ARdjkqrk7qFsJ4UDaOnq8Y=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:33:47 2025 by rpki-client