Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HCwKOlm4RuZNb7jRffozfS6Fjt8.roa
File: HCwKOlm4RuZNb7jRffozfS6Fjt8.roa (raw, json)
Hash identifier: rdgWtlPmE2Rxx3t4nZ0L1gY97rpu7D0Ef9l6ID86eAg=
Subject key identifier: 1C:2C:0A:3A:59:B8:46:E6:4D:6F:B8:D1:7D:FA:33:7D:2E:85:8E:DF
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067C36909B1554FD4B19C6D79BA0F3E
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HCwKOlm4RuZNb7jRffozfS6Fjt8.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 194.6.190.0/24 maxlen: 24
194.209.178.0/24 maxlen: 24
195.65.17.0/24 maxlen: 24
195.65.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c3:69:09:b1:55:4f:d4:b1:9c:6d:79:ba:0f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c2c0a3a59b846e64d6fb8d17dfa337d2e858edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1a:09:2f:f3:98:67:4a:33:a8:5a:b3:60:32:
f9:31:74:48:00:43:cd:cb:f8:e3:07:7e:d4:36:e6:
e7:b3:1d:d8:59:bb:e2:34:e1:3d:62:12:99:9e:4b:
f0:a9:8a:b9:f3:6a:47:c8:16:02:a1:3f:b2:f7:91:
77:9c:87:da:12:45:31:bb:5b:41:ab:e3:97:8d:73:
f1:27:e7:7c:a5:7a:c2:77:d4:48:ff:7b:11:8a:67:
6b:30:6c:01:65:3e:87:f1:ea:b9:ae:80:a1:53:52:
c6:a8:5f:5e:31:54:52:32:b5:f8:61:a6:4d:39:0e:
72:db:fe:6d:bf:83:d7:56:25:a1:96:e7:ed:63:a6:
92:3b:fe:68:06:54:51:4b:35:fa:57:83:2b:24:0c:
bd:60:ac:98:5f:8e:67:3e:2f:0c:0e:a4:b4:55:d6:
b3:a0:4a:3c:ad:79:40:5b:bd:9d:3e:50:c7:eb:a2:
44:90:7c:f0:eb:f5:93:e0:47:b4:96:f0:75:ef:bc:
a0:d6:3f:ac:2d:1d:74:28:c8:b3:8d:50:bb:64:7e:
d0:5a:d8:a7:ff:fe:d0:14:d9:6e:04:f6:25:8f:01:
35:81:ae:c3:7d:4f:3f:8c:14:4e:c6:a9:97:f5:0d:
09:37:3e:96:09:ab:d2:09:8b:ff:f8:62:38:db:68:
f9:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2C:0A:3A:59:B8:46:E6:4D:6F:B8:D1:7D:FA:33:7D:2E:85:8E:DF
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/HCwKOlm4RuZNb7jRffozfS6Fjt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.190.0/24
194.209.178.0/24
195.65.17.0/24
195.65.208.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:4e:7a:39:25:bb:24:b8:fd:f7:ec:5a:c8:de:7f:86:d6:6d:
09:26:96:11:f0:75:d4:d6:09:bd:05:46:67:17:ec:6b:5d:d5:
1c:11:60:eb:f8:f0:c0:21:1b:9d:c5:26:3a:ec:7f:75:af:d3:
78:83:0b:63:19:5c:5d:3d:ce:b5:84:06:3e:32:2c:b7:72:88:
d7:62:c6:9d:24:f6:33:4e:18:22:74:b5:d7:6a:1b:22:32:a5:
08:3b:03:03:94:46:90:e0:a5:5a:74:1e:1d:0b:ba:08:46:ea:
28:f2:1d:d9:1d:d4:1a:82:75:57:d5:df:de:65:22:3d:fb:d4:
a3:f3:8e:6e:bb:e1:b6:0f:b4:ff:13:89:9b:a1:23:ec:4d:0e:
93:9d:45:ba:06:b4:ce:10:51:85:d0:0b:94:74:82:8a:cc:21:
8a:c0:9c:ad:25:0d:9b:07:23:c8:c1:74:fd:51:3d:e7:40:8d:
08:75:d3:74:e7:ba:35:51:53:6f:ec:7d:7c:a7:ce:b3:16:8b:
4f:e1:27:90:fc:23:32:50:b1:90:78:4b:d1:0b:89:94:a2:ea:
6a:41:1f:8d:d7:79:08:ef:82:59:e1:00:00:3c:08:d1:d4:4b:
96:e9:48:d2:ca:f2:d8:c8:82:e2:47:df:ff:93:40:b6:fd:7e:
b5:f1:95:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgZ8NpCbFVT9SxnG15ug8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJjMGEzYTU5Yjg0NmU2NGQ2ZmI4ZDE3ZGZhMzM3ZDJlODU4ZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBoJL/OYZ0ozqFqzYDL5MXRIAEPN
y/jjB37UNubnsx3YWbviNOE9YhKZnkvwqYq582pHyBYCoT+y95F3nIfaEkUxu1tB
q+OXjXPxJ+d8pXrCd9RI/3sRimdrMGwBZT6H8eq5roChU1LGqF9eMVRSMrX4YaZN
OQ5y2/5tv4PXViWhluftY6aSO/5oBlRRSzX6V4MrJAy9YKyYX45nPi8MDqS0Vdaz
oEo8rXlAW72dPlDH66JEkHzw6/WT4Ee0lvB177yg1j+sLR10KMizjVC7ZH7QWtin
//7QFNluBPYljwE1ga7DfU8/jBROxqmX9Q0JNz6WCavSCYv/+GI422j53QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBwsCjpZuEbmTW+40X36M30uhY7fMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvSEN3S09sbTRSdVpOYjdqUmZmb3pmUzZGanQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwga+AwQA
wtGyAwQAw0ERAwQAw0HQMA0GCSqGSIb3DQEBCwUAA4IBAQBrTno5JbskuP337FrI
3n+G1m0JJpYR8HXU1gm9BUZnF+xrXdUcEWDr+PDAIRudxSY67H91r9N4gwtjGVxd
Pc61hAY+Miy3cojXYsadJPYzThgidLXXahsiMqUIOwMDlEaQ4KVadB4dC7oIRuoo
8h3ZHdQagnVX1d/eZSI9+9Sj845uu+G2D7T/E4mboSPsTQ6TnUW6BrTOEFGF0AuU
dIKKzCGKwJytJQ2bByPIwXT9UT3nQI0IddN057o1UVNv7H18p86zFotP4SeQ/CMy
ULGQeEvRC4mUoupqQR+N13kI74JZ4QAAPAjR1EuW6UjSyvLYyILiR9//k0C2/X61
8ZXC
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:44:11 2025 by rpki-client