Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/hyGdIxYjhpqU0-02Qe9kMQYj3as.roa
File: hyGdIxYjhpqU0-02Qe9kMQYj3as.roa (raw, json)
Hash identifier: 9uhvciX7Lxjh2PeJ2H7HVv5jBuVg9P3AFweq88tYGFU=
Subject key identifier: 87:21:9D:23:16:23:86:9A:94:D3:ED:36:41:EF:64:31:06:23:DD:AB
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 019421B24D615E3B558DD0FB97FF34943542
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/hyGdIxYjhpqU0-02Qe9kMQYj3as.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16342
IP address blocks: 31.182.0.0/15 maxlen: 18
77.237.0.0/19 maxlen: 19
85.89.160.0/20 maxlen: 20
85.89.176.0/20 maxlen: 20
185.67.216.0/22 maxlen: 22
185.67.216.0/24 maxlen: 24
185.67.217.0/24 maxlen: 24
185.67.218.0/24 maxlen: 24
185.67.219.0/24 maxlen: 24
217.113.224.0/20 maxlen: 20
2a03:af80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.mft
rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4d:61:5e:3b:55:8d:d0:fb:97:ff:34:94:35:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87219d231623869a94d3ed3641ef64310623ddab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:d6:77:ff:c0:ef:35:77:38:a5:c1:62:e9:
23:c7:83:8a:65:fc:14:67:94:b7:7b:be:69:e1:9d:
53:15:7d:84:1e:f5:23:ed:4f:8c:29:33:12:67:4b:
c9:4a:b2:20:97:cd:86:f4:9d:df:0a:2c:5b:53:ab:
c5:07:e2:9d:01:4d:3f:ee:ab:86:25:67:04:4e:d7:
b7:8e:44:f6:a4:a0:2b:dc:ee:3c:51:e6:5f:84:29:
2b:df:ae:bc:6f:af:b2:a6:63:ea:f2:97:fd:1b:50:
5e:81:aa:63:d5:e9:3f:01:e9:19:c9:1f:43:00:70:
49:0e:25:80:31:ac:97:cb:e3:14:f9:50:56:1d:17:
19:a4:bf:b3:fb:6c:37:de:ed:da:52:f1:24:f6:db:
26:69:cc:4f:4f:71:81:6f:67:d6:87:7a:a2:08:1f:
ca:3e:cb:b8:7a:e3:57:97:77:13:6f:9a:86:e2:2a:
2a:c5:4b:ce:dd:9e:02:37:04:f8:fa:22:a8:a2:48:
b5:e4:3c:54:29:99:33:43:e8:2a:02:c8:f1:22:82:
0d:7d:0a:ce:73:41:39:e9:b4:70:98:65:5d:b9:b7:
4d:0b:e4:95:ea:a3:8e:a2:72:27:ed:41:49:3d:41:
d0:3a:f2:37:4f:8f:8e:4f:88:df:7b:5d:0a:89:39:
1f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:21:9D:23:16:23:86:9A:94:D3:ED:36:41:EF:64:31:06:23:DD:AB
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/hyGdIxYjhpqU0-02Qe9kMQYj3as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.182.0.0/15
77.237.0.0/19
85.89.160.0/19
185.67.216.0/22
217.113.224.0/20
IPv6:
2a03:af80::/29
Signature Algorithm: sha256WithRSAEncryption
4c:5c:2e:63:12:bf:1f:58:ab:db:24:b0:90:90:e8:43:5f:59:
a6:9c:9f:33:85:18:1a:08:4b:d1:a7:eb:dc:5d:cc:c5:2f:cc:
cb:40:6d:74:b2:2e:79:b2:f6:61:a4:26:5f:69:58:b3:77:c1:
d9:e7:bc:12:0e:b3:41:c3:63:32:55:1a:02:78:93:27:d9:aa:
35:3b:78:40:9f:41:05:17:19:c7:de:06:a3:03:71:16:4c:f7:
96:bf:a7:c8:ca:61:bb:8e:62:8b:32:bc:14:4a:36:6e:b4:4c:
10:c1:2c:9e:15:9b:38:a4:c3:cc:5b:c5:0a:e9:ae:3c:b9:22:
1f:1e:6f:56:03:96:e4:bb:20:13:34:38:e4:23:a3:38:a5:50:
f3:10:df:3b:f2:57:47:06:00:17:3f:2f:68:f1:33:1a:a3:f3:
a1:56:af:fc:f7:97:d5:8e:be:d2:d1:7d:62:ef:be:59:ec:3a:
d4:8b:ec:e8:2a:d1:de:35:a3:3d:be:13:da:ef:b8:89:61:45:
ec:2c:9f:9b:d5:89:a9:b4:fe:52:43:d8:9a:62:0a:c1:11:31:
23:32:4f:e6:97:fe:13:ac:40:af:a6:20:d7:58:d9:98:60:ab:
ad:20:1d:e7:7e:b3:7a:55:f0:44:1d:89:87:a9:50:c7:61:19:
38:ce:30:ae
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQhsk1hXjtVjdD7l/80lDVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzIxOWQyMzE2MjM4NjlhOTRkM2VkMzY0MWVmNjQzMTA2MjNkZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp73Wd//A7zV3OKXBYukjx4OKZfwU
Z5S3e75p4Z1TFX2EHvUj7U+MKTMSZ0vJSrIgl82G9J3fCixbU6vFB+KdAU0/7quG
JWcETte3jkT2pKAr3O48UeZfhCkr3668b6+ypmPq8pf9G1Begapj1ek/AekZyR9D
AHBJDiWAMayXy+MU+VBWHRcZpL+z+2w33u3aUvEk9tsmacxPT3GBb2fWh3qiCB/K
Psu4euNXl3cTb5qG4ioqxUvO3Z4CNwT4+iKooki15DxUKZkzQ+gqAsjxIoINfQrO
c0E56bRwmGVdubdNC+SV6qOOonIn7UFJPUHQOvI3T4+OT4jfe10KiTkfRQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIchnSMWI4aalNPtNkHvZDEGI92rMB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvaHlHZEl4WWpocHFVMC0wMlFlOWtNUVlqM2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMBH7YDBAVN
7QADBAVVWaADBAK5Q9gDBATZceAwDQQCAAIwBwMFAyoDr4AwDQYJKoZIhvcNAQEL
BQADggEBAExcLmMSvx9Yq9sksJCQ6ENfWaacnzOFGBoIS9Gn69xdzMUvzMtAbXSy
Lnmy9mGkJl9pWLN3wdnnvBIOs0HDYzJVGgJ4kyfZqjU7eECfQQUXGcfeBqMDcRZM
95a/p8jKYbuOYosyvBRKNm60TBDBLJ4Vmzikw8xbxQrprjy5Ih8eb1YDluS7IBM0
OOQjozilUPMQ3zvyV0cGABc/L2jxMxqj86FWr/z3l9WOvtLRfWLvvlnsOtSL7Ogq
0d41oz2+E9rvuIlhRewsn5vViam0/lJD2JpiCsERMSMyT+aX/hOsQK+mINdY2Zhg
q60gHed+s3pV8EQdiYepUMdhGTjOMK4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:45 2025 by rpki-client