Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/0hshT3NJf3ZcExZUQYc5nmNlGaY.roa
File: 0hshT3NJf3ZcExZUQYc5nmNlGaY.roa (raw, json)
Hash identifier: JsM+BK5pxCs2yQ1uCb8EQL/4Y9VORNiVl/v1CM9RYLo=
Subject key identifier: D2:1B:21:4F:73:49:7F:76:5C:13:16:54:41:87:39:9E:63:65:19:A6
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019626173F19A41B527478929AE78218B411
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/0hshT3NJf3ZcExZUQYc5nmNlGaY.roa
Signing time: Fri 11 Apr 2025 18:22:59 +0000
ROA not before: Fri 11 Apr 2025 18:22:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395374
IP address blocks: 79.98.246.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 15:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:26:17:3f:19:a4:1b:52:74:78:92:9a:e7:82:18:b4:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 11 18:22:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d21b214f73497f765c1316544187399e636519a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6b:97:53:8a:9b:cd:3a:50:d2:9c:38:ec:7e:
e8:1d:5a:95:54:2b:11:6d:78:99:f6:ad:fa:fb:0c:
2b:5f:c9:2b:f0:c1:e1:07:7d:54:5a:0c:85:ef:b9:
bd:f4:7a:29:58:43:c1:23:55:c1:e7:a7:50:6b:66:
d2:fa:6d:d5:ba:7d:9b:ea:54:c2:db:e5:d4:4b:a9:
81:8d:f6:56:c4:98:6a:e7:b4:e4:d4:ff:5f:48:51:
33:78:e0:2b:50:97:bc:b9:31:4b:0f:60:b4:c2:99:
b9:a8:da:1e:e3:6c:70:b2:e1:2a:7b:6b:92:e3:a5:
c0:38:84:3a:93:26:ae:29:36:e3:03:14:03:5e:01:
e9:cc:0c:df:1a:24:b8:d2:a5:f1:45:d6:8c:6f:83:
60:eb:2c:54:20:f8:fc:c2:8a:de:8f:37:c6:b2:a2:
d5:67:81:ef:84:90:04:74:0c:ea:69:95:ff:c0:f3:
ea:af:be:56:a4:c4:8e:9c:5f:eb:16:b5:3b:97:2e:
19:4e:e1:a1:dc:5d:93:a7:45:31:35:bf:ac:7a:9c:
38:36:4e:e5:f2:cc:f1:34:88:b5:be:00:98:9e:6a:
65:0b:a8:9a:ad:94:3f:1f:36:4e:05:e0:48:b5:88:
31:0a:1d:be:b4:d9:9e:8e:ac:7a:4f:58:fb:a1:43:
2d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1B:21:4F:73:49:7F:76:5C:13:16:54:41:87:39:9E:63:65:19:A6
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/0hshT3NJf3ZcExZUQYc5nmNlGaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.246.0/24
176.125.251.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:4b:0a:ad:9f:73:e1:27:4a:b4:e1:40:a5:52:4b:d0:d2:50:
ca:ca:a2:6b:5e:cf:44:1a:b8:fa:a6:cb:62:8d:cd:94:6e:65:
73:1a:e1:24:94:7f:c9:59:9e:1a:69:c4:fd:09:81:d3:16:fd:
9c:56:8c:5e:f0:56:38:be:f5:b6:ea:de:54:e7:6b:b8:ad:97:
4c:a2:11:ee:81:94:8d:65:90:7b:1e:4b:5d:bf:7f:62:21:89:
d7:4e:e7:60:63:aa:e7:c0:58:90:64:35:cf:eb:9b:0c:b7:18:
15:36:69:b8:39:f2:75:e4:12:84:04:4c:70:a8:f4:60:e2:47:
d2:3c:56:7e:28:16:88:17:08:cd:25:66:34:7b:ee:67:e5:90:
91:c8:09:00:eb:f4:69:f7:b3:8d:1e:a4:0b:86:ed:8e:ae:b7:
c5:81:45:12:06:ab:df:0f:37:22:75:7e:23:af:05:7b:65:0b:
93:ba:a6:65:4b:31:c6:c7:17:fd:b0:ad:e3:fd:3c:c7:4c:96:
21:b8:d0:52:2a:63:0d:25:eb:89:2b:5e:f8:38:4e:50:d1:85:
bc:9c:4e:b5:5e:da:8c:d2:22:68:e4:45:56:bc:ae:25:4a:53:
e3:a5:3d:92:19:8e:14:1c:1b:54:36:6d:91:76:7a:a8:3d:1e:
49:2e:07:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYmFz8ZpBtSdHiSmueCGLQRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNDExMTgyMjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFiMjE0ZjczNDk3Zjc2NWMxMzE2NTQ0MTg3Mzk5ZTYzNjUxOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGuXU4qbzTpQ0pw47H7oHVqVVCsR
bXiZ9q36+wwrX8kr8MHhB31UWgyF77m99HopWEPBI1XB56dQa2bS+m3Vun2b6lTC
2+XUS6mBjfZWxJhq57Tk1P9fSFEzeOArUJe8uTFLD2C0wpm5qNoe42xwsuEqe2uS
46XAOIQ6kyauKTbjAxQDXgHpzAzfGiS40qXxRdaMb4Ng6yxUIPj8worejzfGsqLV
Z4HvhJAEdAzqaZX/wPPqr75WpMSOnF/rFrU7ly4ZTuGh3F2Tp0UxNb+sepw4Nk7l
8szxNIi1vgCYnmplC6iarZQ/HzZOBeBItYgxCh2+tNmejqx6T1j7oUMt3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNIbIU9zSX92XBMWVEGHOZ5jZRmmMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMGhzaFQzTkpmM1pjRXhaVVFZYzVubU5sR2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT2L2AwQA
sH37MA0GCSqGSIb3DQEBCwUAA4IBAQDMSwqtn3PhJ0q04UClUkvQ0lDKyqJrXs9E
Grj6pstijc2UbmVzGuEklH/JWZ4aacT9CYHTFv2cVoxe8FY4vvW26t5U52u4rZdM
ohHugZSNZZB7Hktdv39iIYnXTudgY6rnwFiQZDXP65sMtxgVNmm4OfJ15BKEBExw
qPRg4kfSPFZ+KBaIFwjNJWY0e+5n5ZCRyAkA6/Rp97ONHqQLhu2OrrfFgUUSBqvf
DzcidX4jrwV7ZQuTuqZlSzHGxxf9sK3j/TzHTJYhuNBSKmMNJeuJK174OE5Q0YW8
nE61XtqM0iJo5EVWvK4lSlPjpT2SGY4UHBtUNm2RdnqoPR5JLgdL
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:09:07 2025 by rpki-client