Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/rhaUzcqQYW4tC3EdQCdaNLWOPbA.roa
File: rhaUzcqQYW4tC3EdQCdaNLWOPbA.roa (raw, json)
Hash identifier: PvCUNKVTR3gGQiqq6yWqtNwJ314FXo4VLynnYKTFbJo=
Subject key identifier: AE:16:94:CD:CA:90:61:6E:2D:0B:71:1D:40:27:5A:34:B5:8E:3D:B0
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 0195F6ADF42CD8402E2E8FF8528B42C5D4CD
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/rhaUzcqQYW4tC3EdQCdaNLWOPbA.roa
Signing time: Wed 02 Apr 2025 13:25:49 +0000
ROA not before: Wed 02 Apr 2025 13:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206273
IP address blocks: 31.130.244.0/22 maxlen: 22
31.130.246.0/23 maxlen: 23
91.218.154.0/23 maxlen: 23
185.198.60.0/23 maxlen: 23
185.198.62.0/23 maxlen: 23
2a0a:15c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:ad:f4:2c:d8:40:2e:2e:8f:f8:52:8b:42:c5:d4:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Apr 2 13:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae1694cdca90616e2d0b711d40275a34b58e3db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bb:86:a6:7e:83:a3:dc:a8:a4:13:62:ef:5c:
aa:0a:9b:46:90:24:c5:3c:c8:2d:4b:34:e7:22:06:
ad:6e:e7:04:94:46:58:2c:31:ab:49:f9:14:5f:1f:
fb:57:bb:9f:f3:6a:b5:33:24:64:be:23:c4:dc:7f:
60:23:d5:43:04:4a:8e:81:50:97:9d:b8:19:8d:2b:
16:82:9d:5e:2d:50:8e:cd:11:15:81:4e:36:bc:99:
7f:33:ea:95:7f:be:56:f9:05:7c:5e:3c:7f:61:12:
7e:21:f2:c0:48:37:ed:61:c2:a3:23:28:be:c2:a9:
5f:cd:60:30:eb:78:17:16:91:e8:84:29:b5:f3:1d:
8b:eb:09:96:0d:b3:86:38:6b:78:b2:8a:ee:13:b5:
e9:02:b3:fd:b3:1f:19:80:8b:ea:8f:d2:e8:3a:e5:
e8:e2:26:4c:c4:53:b1:b0:f4:7b:0c:f6:4e:79:73:
c7:69:97:29:90:8b:c7:01:43:79:6f:0a:e4:7e:45:
4e:a0:6d:9d:dd:de:52:f0:59:b1:ea:a3:d4:70:41:
98:28:7a:ee:58:cf:15:ed:0a:98:e4:c5:a3:1d:10:
d8:a2:11:c1:85:aa:8b:c1:5f:0e:8f:2f:ca:3b:45:
5f:a9:18:a7:a5:02:d6:e0:14:a4:14:88:fe:32:70:
fb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:16:94:CD:CA:90:61:6E:2D:0B:71:1D:40:27:5A:34:B5:8E:3D:B0
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/rhaUzcqQYW4tC3EdQCdaNLWOPbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.244.0/22
91.218.154.0/23
185.198.60.0/22
IPv6:
2a0a:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:6e:b4:80:4d:e5:49:8b:90:57:d8:e8:30:28:19:27:e1:63:
57:46:88:1a:5b:f7:9c:72:ce:ac:01:9b:7b:40:f8:ef:6f:5e:
ee:0c:10:d7:a1:0d:dc:3b:38:c2:2f:9c:a0:24:60:6b:47:31:
1a:ae:28:b4:a4:a5:9a:e6:35:b6:5a:11:22:29:17:e8:6e:68:
76:aa:d6:72:04:2f:8e:39:83:b2:c0:24:48:7b:99:b8:20:98:
be:45:d0:30:fe:f5:5c:08:5e:0c:d5:90:03:4e:96:89:20:0d:
81:97:23:9e:58:20:70:b6:98:ff:6f:61:19:25:07:66:ea:e0:
ea:e8:b7:c4:b4:79:c4:31:c0:14:40:91:00:2f:e0:e1:ca:0b:
21:4e:bf:24:d1:34:53:45:7e:bd:69:03:50:fb:e5:0d:2c:8a:
d3:04:f1:d8:ca:6d:07:68:31:e8:80:dc:00:c0:11:f0:b7:59:
42:1c:1f:d9:40:34:d9:d8:61:b4:72:8a:16:60:8b:93:a7:df:
d9:d8:29:f2:38:4c:2a:ab:3c:fb:b3:df:46:9d:59:49:b0:a1:
ea:ca:d1:59:6a:72:bf:b9:aa:ae:ed:d0:11:bf:da:ab:7c:99:
64:c3:76:8c:bf:5a:c0:a7:01:2c:26:27:1e:82:33:65:db:91:
d5:d1:61:18
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZX2rfQs2EAuLo/4UotCxdTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjUwNDAyMTMyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE2OTRjZGNhOTA2MTZlMmQwYjcxMWQ0MDI3NWEzNGI1OGUzZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LuGpn6Do9yopBNi71yqCptGkCTF
PMgtSzTnIgatbucElEZYLDGrSfkUXx/7V7uf82q1MyRkviPE3H9gI9VDBEqOgVCX
nbgZjSsWgp1eLVCOzREVgU42vJl/M+qVf75W+QV8Xjx/YRJ+IfLASDftYcKjIyi+
wqlfzWAw63gXFpHohCm18x2L6wmWDbOGOGt4soruE7XpArP9sx8ZgIvqj9LoOuXo
4iZMxFOxsPR7DPZOeXPHaZcpkIvHAUN5bwrkfkVOoG2d3d5S8Fmx6qPUcEGYKHru
WM8V7QqY5MWjHRDYohHBhaqLwV8Ojy/KO0VfqRinpQLW4BSkFIj+MnD7KwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK4WlM3KkGFuLQtxHUAnWjS1jj2wMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvcmhhVXpjcVFZVzR0QzNFZFFDZGFOTFdPUGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCH4L0AwQB
W9qaAwQCucY8MA0EAgACMAcDBQMqChXAMA0GCSqGSIb3DQEBCwUAA4IBAQCfbrSA
TeVJi5BX2OgwKBkn4WNXRogaW/eccs6sAZt7QPjvb17uDBDXoQ3cOzjCL5ygJGBr
RzEarii0pKWa5jW2WhEiKRfobmh2qtZyBC+OOYOywCRIe5m4IJi+RdAw/vVcCF4M
1ZADTpaJIA2BlyOeWCBwtpj/b2EZJQdm6uDq6LfEtHnEMcAUQJEAL+DhygshTr8k
0TRTRX69aQNQ++UNLIrTBPHYym0HaDHogNwAwBHwt1lCHB/ZQDTZ2GG0cooWYIuT
p9/Z2CnyOEwqqzz7s99GnVlJsKHqytFZanK/uaqu7dARv9qrfJlkw3aMv1rApwEs
JicegjNl25HV0WEY
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:03:49 2025 by rpki-client