Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/HWRfwwUHGiCsW4ujivKMbl64CMo.roa
File: HWRfwwUHGiCsW4ujivKMbl64CMo.roa (raw, json)
Hash identifier: OUqr53FPdKu/lL3SlbD2T0S6JtdXcVU9Yi+hFo6WAmM=
Subject key identifier: 1D:64:5F:C3:05:07:1A:20:AC:5B:8B:A3:8A:F2:8C:6E:5E:B8:08:CA
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0194274849EB2E0E38F5E95B244BDABBBBE5
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/HWRfwwUHGiCsW4ujivKMbl64CMo.roa
Signing time: Thu 02 Jan 2025 13:50:36 +0000
ROA not before: Thu 02 Jan 2025 13:50:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 85.203.9.0/24 maxlen: 24
85.203.16.0/24 maxlen: 24
85.203.25.0/24 maxlen: 24
85.203.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:49:eb:2e:0e:38:f5:e9:5b:24:4b:da:bb:bb:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d645fc305071a20ac5b8ba38af28c6e5eb808ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:66:3c:7d:ae:08:3c:27:cb:f1:99:cd:ff:b8:
bc:67:35:5e:5a:24:34:73:dc:14:aa:57:e2:dc:3c:
0c:70:8b:16:13:1e:27:cf:87:5f:ca:aa:17:0e:4e:
ec:19:b5:84:a0:7b:6c:99:29:15:84:6a:e2:d7:1d:
fd:72:18:67:9e:25:52:37:57:e4:9a:f5:e6:b5:1d:
9f:75:5c:98:d5:77:5c:7c:43:7e:0f:17:10:a7:09:
37:76:fd:86:2a:1e:78:01:ab:b0:00:bf:21:bd:30:
98:3a:5d:ab:ea:7f:08:55:ca:f8:95:e4:f8:f7:46:
11:d6:f7:a7:e0:ed:69:ff:97:08:8d:45:5b:e7:bb:
a2:91:14:21:f6:72:9a:2c:d2:72:c4:bc:37:fc:b1:
f3:a7:bf:79:15:00:56:e3:bd:7a:52:0a:50:80:01:
e4:c7:8e:70:a2:4b:cb:1d:ac:85:a9:37:43:a0:ad:
ca:c8:62:04:2a:be:e4:31:54:4b:34:17:96:bc:69:
4d:ee:d3:33:37:f3:df:c5:8b:eb:78:19:79:7a:c1:
c7:39:07:3a:e2:a1:ea:46:f3:89:54:9f:48:6d:3a:
58:83:3d:d2:72:a9:3d:0e:90:7a:44:2d:85:54:5e:
cb:6e:07:87:6d:7e:5a:69:5f:73:5f:b1:37:41:12:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:64:5F:C3:05:07:1A:20:AC:5B:8B:A3:8A:F2:8C:6E:5E:B8:08:CA
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/HWRfwwUHGiCsW4ujivKMbl64CMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.9.0/24
85.203.16.0/24
85.203.25.0/24
85.203.38.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fa:8b:99:d8:b8:2a:52:8f:ac:b9:60:c2:0f:6f:a5:e5:c6:
47:94:ec:14:1a:90:ef:8f:7f:e2:a9:d6:d6:ce:b2:2a:3a:16:
cb:0c:e5:b0:47:78:19:05:39:04:12:21:b8:6d:00:a7:d1:d3:
77:b9:d4:46:79:6d:bf:99:16:ff:52:71:d1:78:c0:af:cc:11:
56:e7:90:96:1c:8a:db:6a:05:cf:62:18:e3:5b:4b:2c:0a:80:
22:42:90:f7:00:34:d0:e4:cc:c2:af:4a:fe:07:c6:dc:27:c0:
13:00:b4:ef:23:78:9d:9a:5d:3b:8f:a4:17:aa:ef:6a:cb:b3:
26:6a:78:d5:ec:80:b3:90:7a:ab:a9:9b:91:b0:3e:f6:e5:db:
9e:13:46:5f:6c:d1:ee:6b:a4:47:a8:91:cd:58:47:0e:6c:fb:
a4:7b:65:04:d2:0d:2d:f6:0c:8c:51:79:ae:2d:09:15:5d:d0:
11:46:9b:6a:54:1e:ca:1e:15:64:c1:8a:42:4b:0d:3c:ed:26:
c7:03:5d:16:9c:f0:2c:1d:aa:8e:57:14:e9:16:ad:d8:35:3f:
df:8c:a6:47:02:51:ff:c1:69:58:8b:8b:b7:4e:87:0a:b0:f4:
03:b4:80:44:cf:4a:cf:bf:22:bd:35:fb:e7:51:25:d7:38:d4:
23:6e:2a:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQnSEnrLg449elbJEvau7vlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDY0NWZjMzA1MDcxYTIwYWM1YjhiYTM4YWYyOGM2ZTVlYjgwOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumY8fa4IPCfL8ZnN/7i8ZzVeWiQ0
c9wUqlfi3DwMcIsWEx4nz4dfyqoXDk7sGbWEoHtsmSkVhGri1x39chhnniVSN1fk
mvXmtR2fdVyY1XdcfEN+DxcQpwk3dv2GKh54AauwAL8hvTCYOl2r6n8IVcr4leT4
90YR1ven4O1p/5cIjUVb57uikRQh9nKaLNJyxLw3/LHzp795FQBW4716UgpQgAHk
x45wokvLHayFqTdDoK3KyGIEKr7kMVRLNBeWvGlN7tMzN/PfxYvreBl5esHHOQc6
4qHqRvOJVJ9IbTpYgz3Scqk9DpB6RC2FVF7LbgeHbX5aaV9zX7E3QRKeiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB1kX8MFBxogrFuLo4ryjG5euAjKMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvSFdSZnd3VUhHaUNzVzR1aml2S01ibDY0Q01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcsJAwQA
VcsQAwQAVcsZAwQAVcsmMA0GCSqGSIb3DQEBCwUAA4IBAQA6+ouZ2LgqUo+suWDC
D2+l5cZHlOwUGpDvj3/iqdbWzrIqOhbLDOWwR3gZBTkEEiG4bQCn0dN3udRGeW2/
mRb/UnHReMCvzBFW55CWHIrbagXPYhjjW0ssCoAiQpD3ADTQ5MzCr0r+B8bcJ8AT
ALTvI3idml07j6QXqu9qy7MmanjV7ICzkHqrqZuRsD725dueE0ZfbNHua6RHqJHN
WEcObPuke2UE0g0t9gyMUXmuLQkVXdARRptqVB7KHhVkwYpCSw087SbHA10WnPAs
HaqOVxTpFq3YNT/fjKZHAlH/wWlYi4u3TocKsPQDtIBEz0rPvyK9NfvnUSXXONQj
biqc
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:09:36 2025 by rpki-client