Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HoplqEj-n_AFspE4Wkk6llxhUjs.roa
File: HoplqEj-n_AFspE4Wkk6llxhUjs.roa (raw, json)
Hash identifier: XwYiYjxVBKz7NNA9iHsZMV69zxlIHiKWQZD6RKH52y0=
Subject key identifier: 1E:8A:65:A8:48:FE:9F:F0:05:B2:91:38:5A:49:3A:96:5C:61:52:3B
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0194458D0C982C6BAA445AD0A8526D43DC39
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HoplqEj-n_AFspE4Wkk6llxhUjs.roa
Signing time: Wed 08 Jan 2025 10:54:19 +0000
ROA not before: Wed 08 Jan 2025 10:54:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6461
IP address blocks: 176.46.143.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:8d:0c:98:2c:6b:aa:44:5a:d0:a8:52:6d:43:dc:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 8 10:54:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e8a65a848fe9ff005b291385a493a965c61523b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:8c:39:4f:a9:4b:34:78:62:9b:13:58:36:
44:71:80:c8:02:35:38:82:71:2c:c1:fe:c8:7e:9f:
0d:4c:63:5c:61:64:27:f9:e2:0b:46:0c:14:78:2d:
7c:b9:f1:6e:f0:fd:a6:5d:09:d2:7c:ca:96:dc:58:
27:0b:f9:d1:b5:28:2c:e0:a1:07:83:6c:b7:ed:ac:
a4:e3:6d:e3:76:13:3c:eb:c5:83:01:b2:66:55:0c:
a7:d1:5e:64:3b:c5:dd:70:05:21:07:1a:85:84:cc:
3a:cf:a4:e4:3c:64:96:84:5b:e3:b7:00:46:62:84:
04:02:19:87:30:2b:68:6b:cb:50:9a:1a:20:dc:16:
14:dc:8b:bd:5a:e0:ca:65:c3:2e:79:4f:a5:e2:a2:
1b:11:9f:f4:70:96:dc:c3:4c:43:d8:be:ce:43:72:
4c:79:16:ea:e4:0b:61:bc:6b:89:00:2c:3c:c3:3a:
7a:f0:9e:b9:fc:2f:5f:d1:30:65:30:34:d5:bc:98:
94:ed:49:25:d2:58:ee:f9:62:ce:61:ef:29:ce:f6:
1b:c2:f6:82:55:98:68:ea:3e:3f:6f:c3:5c:5e:3c:
03:f7:6b:fc:49:1f:72:ec:89:97:0a:5f:08:4b:47:
ed:ae:d3:54:84:70:7f:54:ad:b8:ea:96:b0:06:d5:
02:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8A:65:A8:48:FE:9F:F0:05:B2:91:38:5A:49:3A:96:5C:61:52:3B
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/HoplqEj-n_AFspE4Wkk6llxhUjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.143.0/24
176.46.146.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:d2:97:ba:d0:f6:55:43:23:b8:2b:9e:7d:d2:4a:39:8f:56:
d8:2d:2b:a4:8e:42:62:78:ae:84:4c:ad:f2:89:52:e9:05:9f:
48:44:74:be:5c:99:e1:75:cb:d8:2f:19:21:de:18:fb:aa:c8:
71:6f:50:cd:3a:e5:1f:f9:2c:56:f9:2a:95:a5:39:f8:62:53:
1a:ab:3e:45:01:a0:f2:76:42:ec:93:de:b7:58:2e:e9:47:02:
2b:da:32:66:26:1a:df:28:4a:9f:62:d1:a8:35:76:0a:85:e8:
e0:aa:86:ea:42:00:ed:da:52:1b:8d:d8:05:e0:4a:83:d4:33:
6e:d7:30:f9:bf:80:2b:d8:e0:02:0e:a6:bf:08:4a:55:59:31:
7a:0e:3d:29:03:84:ce:04:56:a1:0b:7d:9e:a6:83:d6:08:3e:
ef:9e:42:64:e4:92:1f:ee:81:23:12:e3:63:d9:02:59:80:2a:
e2:2e:e9:38:da:74:25:17:53:36:82:01:50:79:4e:c6:e0:ec:
46:d9:54:fd:c1:96:ab:1d:16:12:9c:23:8e:a8:2f:34:f0:5b:
37:ef:fb:c5:aa:b7:1c:d5:9c:c1:15:89:21:8e:be:34:c6:c1:
54:13:93:68:42:8b:ba:a8:42:87:28:0d:ef:6c:15:34:27:f2:
0f:a6:fa:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRFjQyYLGuqRFrQqFJtQ9w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMTA4MTA1NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThhNjVhODQ4ZmU5ZmYwMDViMjkxMzg1YTQ5M2E5NjVjNjE1MjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdmMOU+pSzR4YpsTWDZEcYDIAjU4
gnEswf7Ifp8NTGNcYWQn+eILRgwUeC18ufFu8P2mXQnSfMqW3FgnC/nRtSgs4KEH
g2y37ayk423jdhM868WDAbJmVQyn0V5kO8XdcAUhBxqFhMw6z6TkPGSWhFvjtwBG
YoQEAhmHMCtoa8tQmhog3BYU3Iu9WuDKZcMueU+l4qIbEZ/0cJbcw0xD2L7OQ3JM
eRbq5AthvGuJACw8wzp68J65/C9f0TBlMDTVvJiU7Ukl0lju+WLOYe8pzvYbwvaC
VZho6j4/b8NcXjwD92v8SR9y7ImXCl8IS0ftrtNUhHB/VK246pawBtUChQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6KZahI/p/wBbKROFpJOpZcYVI7MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSG9wbHFFai1uX0FGc3BFNFdrazZsbHhoVWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsC6PAwQA
sC6SMA0GCSqGSIb3DQEBCwUAA4IBAQB90pe60PZVQyO4K5590ko5j1bYLSukjkJi
eK6ETK3yiVLpBZ9IRHS+XJnhdcvYLxkh3hj7qshxb1DNOuUf+SxW+SqVpTn4YlMa
qz5FAaDydkLsk963WC7pRwIr2jJmJhrfKEqfYtGoNXYKhejgqobqQgDt2lIbjdgF
4EqD1DNu1zD5v4Ar2OACDqa/CEpVWTF6Dj0pA4TOBFahC32epoPWCD7vnkJk5JIf
7oEjEuNj2QJZgCriLuk42nQlF1M2ggFQeU7G4OxG2VT9wZarHRYSnCOOqC808Fs3
7/vFqrcc1ZzBFYkhjr40xsFUE5NoQou6qEKHKA3vbBU0J/IPpvoN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:44 2025 by rpki-client