Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/hJ65MMDojFDsHhCTcDOo1v7Rf3A.roa
File: hJ65MMDojFDsHhCTcDOo1v7Rf3A.roa (raw, json)
Hash identifier: dQwJBW4cKzk1hx9pc72XUta4ephdfERO34h+ezvshhM=
Subject key identifier: 84:9E:B9:30:C0:E8:8C:50:EC:1E:10:93:70:33:A8:D6:FE:D1:7F:70
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 019426D99C72DFDBA020A94251A71F580F14
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/hJ65MMDojFDsHhCTcDOo1v7Rf3A.roa
Signing time: Thu 02 Jan 2025 11:49:42 +0000
ROA not before: Thu 02 Jan 2025 11:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15782
IP address blocks: 81.88.0.0/20 maxlen: 20
81.186.240.0/20 maxlen: 20
85.235.16.0/20 maxlen: 20
89.236.0.0/18 maxlen: 18
94.245.0.0/18 maxlen: 18
213.185.0.0/19 maxlen: 19
217.72.48.0/20 maxlen: 20
2001:7a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9c:72:df:db:a0:20:a9:42:51:a7:1f:58:0f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jan 2 11:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=849eb930c0e88c50ec1e10937033a8d6fed17f70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:dc:2c:44:d8:0c:03:22:d1:01:62:30:9e:81:
2b:99:f2:34:43:f8:a1:e2:ed:4c:0f:3a:25:eb:22:
07:a0:ce:37:84:ac:8a:c3:af:31:3b:2b:37:c6:ea:
a9:fb:ae:b3:21:9c:ff:05:bc:2c:04:81:e6:a2:bf:
d3:ab:dd:42:e0:45:40:00:86:a8:0d:b3:d7:48:17:
13:f5:2a:79:d2:36:ac:e5:e9:c9:87:d8:51:17:bc:
a2:93:42:57:a9:90:15:46:5a:4e:1d:c1:ff:51:85:
72:bc:87:48:44:1d:40:ee:64:9b:33:37:be:9c:ea:
44:50:7d:95:9c:0a:2d:04:0c:1a:03:24:06:3f:02:
9c:69:34:1e:f8:0f:a3:b7:39:9c:88:b2:b7:a0:8a:
16:52:ac:19:1d:da:16:52:c5:a5:43:b9:02:24:93:
62:ef:96:8c:e6:70:4a:ec:f7:54:9e:3c:45:1b:7f:
46:ed:2c:0f:08:3c:1b:dd:5a:47:35:83:17:67:20:
ef:2b:d6:8d:3b:9d:a1:66:3f:69:e4:1e:2d:d1:29:
0f:65:ff:89:ed:ab:79:fc:b8:19:d2:ea:61:7b:cd:
64:1e:e4:a3:81:42:a9:7e:c3:a5:78:28:4c:83:8e:
bb:15:86:d6:03:fb:c7:58:20:f0:58:14:09:90:66:
a3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:9E:B9:30:C0:E8:8C:50:EC:1E:10:93:70:33:A8:D6:FE:D1:7F:70
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/hJ65MMDojFDsHhCTcDOo1v7Rf3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.0.0/20
81.186.240.0/20
85.235.16.0/20
89.236.0.0/18
94.245.0.0/18
213.185.0.0/19
217.72.48.0/20
IPv6:
2001:7a0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:fc:57:b2:fd:5e:17:16:6e:6c:87:7b:22:af:34:86:ea:8e:
78:ed:77:20:23:ea:3e:31:77:c7:7f:f3:4d:3a:5f:a7:64:07:
4f:ec:a1:28:17:29:0d:44:3d:72:b3:a1:87:14:a4:c6:db:b1:
e5:0d:b8:b2:63:70:97:c4:04:33:d5:d2:f4:78:b6:82:7c:5c:
2e:53:c4:5d:fd:85:26:2a:d2:9c:46:a0:ce:ea:13:57:f0:1b:
f4:e8:69:9f:30:d2:ed:6d:bb:c5:92:21:bb:47:1b:81:a7:80:
c6:de:76:41:5c:ff:f0:78:91:88:06:6a:7d:c6:3d:b2:27:39:
38:f7:48:c5:4a:d2:33:80:ed:2b:60:e0:e8:9c:ca:60:a4:de:
1b:38:3d:7a:2f:59:06:46:b8:bf:cf:72:a4:98:b3:45:fc:2c:
79:a9:20:4d:d4:d2:63:96:e1:6e:c8:82:f8:5a:4e:01:18:19:
c8:4f:fe:6f:20:23:f1:16:2a:a7:19:04:f5:ac:5f:3a:65:66:
99:c8:9b:75:fd:df:57:7c:9b:c1:07:5b:b9:f2:05:d6:29:b3:
f0:e6:c5:ea:e0:51:f1:70:c9:18:89:18:e6:b0:33:7c:83:4c:
a1:51:cc:b8:b9:f0:1f:2b:6e:8b:36:87:1a:49:98:f6:10:5d:
48:7d:eb:0a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQm2Zxy39ugIKlCUacfWA8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwMTAyMTE0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDllYjkzMGMwZTg4YzUwZWMxZTEwOTM3MDMzYThkNmZlZDE3ZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNwsRNgMAyLRAWIwnoErmfI0Q/ih
4u1MDzol6yIHoM43hKyKw68xOys3xuqp+66zIZz/BbwsBIHmor/Tq91C4EVAAIao
DbPXSBcT9Sp50jas5enJh9hRF7yik0JXqZAVRlpOHcH/UYVyvIdIRB1A7mSbMze+
nOpEUH2VnAotBAwaAyQGPwKcaTQe+A+jtzmciLK3oIoWUqwZHdoWUsWlQ7kCJJNi
75aM5nBK7PdUnjxFG39G7SwPCDwb3VpHNYMXZyDvK9aNO52hZj9p5B4t0SkPZf+J
7at5/LgZ0uphe81kHuSjgUKpfsOleChMg467FYbWA/vHWCDwWBQJkGaj8QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFISeuTDA6IxQ7B4Qk3AzqNb+0X9wMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvaEo2NU1NRG9qRkRzSGhDVGNET28xdjdSZjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEUVgAAwQE
UbrwAwQEVesQAwQGWewAAwQGXvUAAwQF1bkAAwQE2UgwMA0EAgACMAcDBQAgAQeg
MA0GCSqGSIb3DQEBCwUAA4IBAQA+/Fey/V4XFm5sh3sirzSG6o547XcgI+o+MXfH
f/NNOl+nZAdP7KEoFykNRD1ys6GHFKTG27HlDbiyY3CXxAQz1dL0eLaCfFwuU8Rd
/YUmKtKcRqDO6hNX8Bv06GmfMNLtbbvFkiG7RxuBp4DG3nZBXP/weJGIBmp9xj2y
Jzk490jFStIzgO0rYODonMpgpN4bOD16L1kGRri/z3KkmLNF/Cx5qSBN1NJjluFu
yIL4Wk4BGBnIT/5vICPxFiqnGQT1rF86ZWaZyJt1/d9XfJvBB1u58gXWKbPw5sXq
4FHxcMkYiRjmsDN8g0yhUcy4ufAfK26LNocaSZj2EF1IfesK
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:51:11 2025 by rpki-client