Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/7hm_KHqhJuMofuZish7Y5P9MWPY.roa
File: 7hm_KHqhJuMofuZish7Y5P9MWPY.roa (raw, json)
Hash identifier: c/wjMtOnBM+CzMEbufMPCuRYdfvoi8O1cMabJ+ZyFGg=
Subject key identifier: EE:19:BF:28:7A:A1:26:E3:28:7E:E6:62:B2:1E:D8:E4:FF:4C:58:F6
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 019424B33DC7BD21AF874823305715F16F3E
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/7hm_KHqhJuMofuZish7Y5P9MWPY.roa
Signing time: Thu 02 Jan 2025 01:48:34 +0000
ROA not before: Thu 02 Jan 2025 01:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42425
IP address blocks: 2.59.6.0/24 maxlen: 24
94.125.232.0/21 maxlen: 24
94.125.234.0/24 maxlen: 24
94.125.235.0/24 maxlen: 24
94.125.236.0/24 maxlen: 24
94.125.237.0/24 maxlen: 24
94.125.238.0/24 maxlen: 24
94.125.239.0/24 maxlen: 24
178.255.184.0/21 maxlen: 21
178.255.184.0/24 maxlen: 24
178.255.185.0/24 maxlen: 24
178.255.186.0/24 maxlen: 24
178.255.187.0/24 maxlen: 24
178.255.188.0/24 maxlen: 24
178.255.189.0/24 maxlen: 24
178.255.190.0/24 maxlen: 24
178.255.191.0/24 maxlen: 24
185.28.80.0/22 maxlen: 22
185.28.80.0/24 maxlen: 24
185.28.81.0/24 maxlen: 24
185.28.82.0/24 maxlen: 24
185.28.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:3d:c7:bd:21:af:87:48:23:30:57:15:f1:6f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Jan 2 01:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee19bf287aa126e3287ee662b21ed8e4ff4c58f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c5:07:bc:59:3b:46:c7:ef:5a:46:a0:3f:d6:
04:18:49:c5:31:6c:0f:55:29:a8:5d:4d:5c:7c:40:
87:a7:40:5e:d2:6e:dc:80:7a:7a:40:b1:66:ba:41:
aa:cc:f1:54:c3:69:51:39:b5:19:be:f7:69:d0:a8:
0b:8d:26:1d:57:43:69:39:d0:3f:0d:e2:06:f6:ff:
66:58:fc:5d:fc:70:69:62:34:97:af:23:e7:63:17:
2b:6c:04:f5:3d:9f:64:0e:ec:54:46:33:d8:52:55:
73:a7:ea:40:97:99:bf:d5:8c:a7:8a:4a:bf:d8:67:
eb:6e:63:d6:6e:24:42:c9:b0:db:dc:74:19:2b:35:
ad:92:ae:34:3f:e2:be:b4:d9:e2:53:60:a8:6f:e1:
f1:8f:8d:2c:32:a9:d9:96:c4:78:76:63:92:2c:c4:
97:3e:f9:86:08:9e:c9:57:6a:26:b7:72:57:6d:f9:
9e:87:2a:ee:ad:6e:c8:ec:a0:8e:60:43:a9:2a:2b:
c9:ba:fa:51:d0:74:4b:f8:e0:b5:3a:93:67:20:8d:
76:e0:fb:68:80:51:9c:4a:02:45:5e:22:2b:68:58:
da:21:ae:fd:b0:b2:84:cd:66:2c:e0:4e:07:fd:28:
42:e9:5d:3a:9a:b6:5c:dc:88:1f:36:1e:ab:32:3e:
e0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:19:BF:28:7A:A1:26:E3:28:7E:E6:62:B2:1E:D8:E4:FF:4C:58:F6
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/7hm_KHqhJuMofuZish7Y5P9MWPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.6.0/24
94.125.232.0/21
178.255.184.0/21
185.28.80.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:55:03:71:d3:eb:7c:71:16:e9:84:e6:ff:6d:3b:8f:a7:94:
35:2c:44:46:3b:b6:86:1b:4d:aa:55:af:92:6c:5b:fe:1b:33:
45:16:03:8f:b3:5b:f6:f2:9a:ad:93:d2:17:5b:fd:3b:3a:04:
e6:a8:8c:14:57:26:1f:ab:b7:2d:55:9f:28:72:b9:88:70:59:
51:17:e8:36:67:93:c4:6d:45:fd:22:de:a8:63:e2:ca:d5:e0:
bd:72:e1:7d:04:74:c3:59:67:5a:91:ca:28:69:28:f5:54:85:
1e:31:92:38:65:46:f5:27:bc:c0:14:84:29:7e:91:3f:c0:bd:
18:9c:63:5d:a1:1c:b1:79:7b:13:c4:f4:aa:8f:e7:59:3c:80:
76:95:0e:21:50:3d:87:9c:e0:57:26:64:ae:86:93:f0:05:63:
1b:05:4b:05:01:5b:8e:99:c4:59:6e:9a:3e:50:bb:48:c9:f4:
1e:c8:5f:0b:1f:95:ce:a6:5d:16:b3:a7:e2:f4:92:2b:95:ce:
08:f1:6b:a4:fd:02:7a:39:c5:f0:9b:0b:54:75:5d:aa:c1:2c:
ca:8e:13:95:34:cb:12:a5:4c:26:cd:3f:5d:1f:2b:24:f1:87:
24:48:e1:81:97:b8:27:90:e6:2f:84:f9:db:68:0e:88:c7:61:
69:88:80:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksz3HvSGvh0gjMFcV8W8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjUwMTAyMDE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTE5YmYyODdhYTEyNmUzMjg3ZWU2NjJiMjFlZDhlNGZmNGM1OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sUHvFk7RsfvWkagP9YEGEnFMWwP
VSmoXU1cfECHp0Be0m7cgHp6QLFmukGqzPFUw2lRObUZvvdp0KgLjSYdV0NpOdA/
DeIG9v9mWPxd/HBpYjSXryPnYxcrbAT1PZ9kDuxURjPYUlVzp+pAl5m/1Yynikq/
2GfrbmPWbiRCybDb3HQZKzWtkq40P+K+tNniU2Cob+Hxj40sMqnZlsR4dmOSLMSX
PvmGCJ7JV2omt3JXbfmehyrurW7I7KCOYEOpKivJuvpR0HRL+OC1OpNnII124Pto
gFGcSgJFXiIraFjaIa79sLKEzWYs4E4H/ShC6V06mrZc3IgfNh6rMj7gfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO4Zvyh6oSbjKH7mYrIe2OT/TFj2MB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvN2htX0tIcWhKdU1vZnVaaXNoN1k1UDlNV1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjsGAwQD
Xn3oAwQDsv+4AwQCuRxQMA0GCSqGSIb3DQEBCwUAA4IBAQBOVQNx0+t8cRbphOb/
bTuPp5Q1LERGO7aGG02qVa+SbFv+GzNFFgOPs1v28pqtk9IXW/07OgTmqIwUVyYf
q7ctVZ8ocrmIcFlRF+g2Z5PEbUX9It6oY+LK1eC9cuF9BHTDWWdakcooaSj1VIUe
MZI4ZUb1J7zAFIQpfpE/wL0YnGNdoRyxeXsTxPSqj+dZPIB2lQ4hUD2HnOBXJmSu
hpPwBWMbBUsFAVuOmcRZbpo+ULtIyfQeyF8LH5XOpl0Ws6fi9JIrlc4I8Wuk/QJ6
OcXwmwtUdV2qwSzKjhOVNMsSpUwmzT9dHysk8YckSOGBl7gnkOYvhPnbaA6Ix2Fp
iIAC
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:43:17 2025 by rpki-client