Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/HC3yc0-5CpQrNBrATzfepdxNB7g.roa
File: HC3yc0-5CpQrNBrATzfepdxNB7g.roa (raw, json)
Hash identifier: +ZfEEq7+M14/ZIFMcZ/U9/JKHCV50W2/biRbK4DTsms=
Subject key identifier: 1C:2D:F2:73:4F:B9:0A:94:2B:34:1A:C0:4F:37:DE:A5:DC:4D:07:B8
Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Certificate serial: 01942826E5028BD8D5F368D09827B01AB931
Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/HC3yc0-5CpQrNBrATzfepdxNB7g.roa
Signing time: Thu 02 Jan 2025 17:53:45 +0000
ROA not before: Thu 02 Jan 2025 17:53:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
185.14.97.0/24 maxlen: 24
185.125.168.0/22 maxlen: 22
185.181.60.0/22 maxlen: 22
185.243.216.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
193.243.189.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
195.16.73.0/24 maxlen: 24
198.140.141.0/24 maxlen: 24
2a03:94e0::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.mft
rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:e5:02:8b:d8:d5:f3:68:d0:98:27:b0:1a:b9:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Validity
Not Before: Jan 2 17:53:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c2df2734fb90a942b341ac04f37dea5dc4d07b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:30:aa:30:95:21:a1:fe:26:ed:33:d8:cf:2c:
8a:01:84:af:48:3a:ff:18:bc:95:60:cd:72:be:c4:
b6:b8:c2:e2:3a:84:a6:7d:ec:97:90:92:60:38:8f:
26:44:cf:7e:fe:0f:83:61:ec:60:ce:00:48:5b:5d:
81:8e:c5:bc:9c:6b:31:ce:fc:49:aa:5d:9b:9d:df:
24:3d:a9:fe:90:88:b5:62:c1:98:dc:d6:72:ab:e4:
da:b8:ac:52:ab:64:5c:59:33:c7:a4:9c:73:ca:44:
23:a9:dd:94:37:22:a8:40:9a:aa:d4:2d:b7:dc:c8:
98:d1:39:b4:0a:80:35:09:6f:6f:96:9d:04:09:12:
71:9e:9e:e4:73:c1:6d:9b:8c:21:65:7f:23:11:93:
98:2b:32:d9:e4:06:86:72:98:bf:df:04:67:e7:d2:
87:20:b6:a1:40:04:d7:ea:67:1e:13:31:e0:25:b3:
3b:e6:ad:39:ba:97:0d:45:0e:d9:29:c1:1a:77:0b:
91:c5:f0:9f:d9:f4:91:28:10:4d:05:df:e8:41:c9:
97:f0:47:28:b1:cb:c6:80:31:8e:ae:a6:5f:fa:79:
49:6f:c0:93:5e:55:64:be:e6:34:05:0e:e7:23:3c:
97:29:71:b6:af:ee:4c:f4:c6:c1:3c:9e:74:09:1e:
f3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2D:F2:73:4F:B9:0A:94:2B:34:1A:C0:4F:37:DE:A5:DC:4D:07:B8
X509v3 Authority Key Identifier:
keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/HC3yc0-5CpQrNBrATzfepdxNB7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0/23
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
193.243.189.0/24
194.32.107.0/24
195.16.73.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
Signature Algorithm: sha256WithRSAEncryption
60:1f:fb:b5:25:75:71:8b:77:ae:33:60:5c:16:c1:3b:c3:d8:
94:01:48:d4:1d:71:00:3a:ee:f8:02:83:c8:13:9a:19:96:c9:
40:b8:35:16:7c:92:c6:75:5f:69:35:c1:37:17:1f:35:db:25:
b9:a6:4d:64:9b:01:d7:7b:fe:65:d2:52:6d:72:f0:11:ff:2a:
86:3e:20:d9:7b:c0:10:de:58:0b:19:78:75:82:f2:d5:22:0d:
f6:58:2b:8c:95:6d:98:a6:0e:63:23:fe:6a:ca:7a:94:bf:9d:
10:68:a5:62:f3:72:dc:2e:37:51:e5:4a:85:ae:ad:65:f1:2a:
c5:ae:e0:a8:a2:60:26:57:cd:b1:1c:d6:5a:8c:40:f3:5f:bf:
20:f7:9c:6a:9a:8b:70:e6:20:fb:5a:29:64:60:6d:b1:48:8c:
10:7e:1a:ba:9a:51:2d:01:f0:f7:bb:0b:70:93:64:57:d0:c7:
b2:07:2c:06:d8:07:47:b0:74:a3:de:ac:3b:84:6c:b7:b7:09:
e9:ea:23:ff:da:06:56:3e:3a:59:56:f7:23:eb:69:40:db:0f:
ba:bd:e3:58:62:3d:8b:35:34:41:55:eb:af:4e:62:f6:a5:a9:
21:b5:b1:ed:e3:58:8e:16:46:51:38:23:a2:22:af:39:cc:98:
3c:1b:fd:23
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQoJuUCi9jV82jQmCewGrkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj
ZmRiOGUwHhcNMjUwMTAyMTc1MzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJkZjI3MzRmYjkwYTk0MmIzNDFhYzA0ZjM3ZGVhNWRjNGQwN2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDCqMJUhof4m7TPYzyyKAYSvSDr/
GLyVYM1yvsS2uMLiOoSmfeyXkJJgOI8mRM9+/g+DYexgzgBIW12BjsW8nGsxzvxJ
ql2bnd8kPan+kIi1YsGY3NZyq+TauKxSq2RcWTPHpJxzykQjqd2UNyKoQJqq1C23
3MiY0Tm0CoA1CW9vlp0ECRJxnp7kc8Ftm4whZX8jEZOYKzLZ5AaGcpi/3wRn59KH
ILahQATX6mceEzHgJbM75q05upcNRQ7ZKcEadwuRxfCf2fSRKBBNBd/oQcmX8Eco
scvGgDGOrqZf+nlJb8CTXlVkvuY0BQ7nIzyXKXG2r+5M9MbBPJ50CR7z4wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBwt8nNPuQqUKzQawE833qXcTQe4MB8GA1UdIwQY
MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt
YzMxYmRlNTEwMDg1LzEvSEMzeWMwLTVDcFFyTkJyQVR6ZmVwZHhOQjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1
LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQBLVjIAwQA
uQ5hAwQCuX2oAwQCubU8MAwDBAO589gDBAC589oDBADB870DBADCIGsDBADDEEkD
BADGjI0wDQQCAAIwBwMFAioDlOAwDQYJKoZIhvcNAQELBQADggEBAGAf+7UldXGL
d64zYFwWwTvD2JQBSNQdcQA67vgCg8gTmhmWyUC4NRZ8ksZ1X2k1wTcXHzXbJbmm
TWSbAdd7/mXSUm1y8BH/KoY+INl7wBDeWAsZeHWC8tUiDfZYK4yVbZimDmMj/mrK
epS/nRBopWLzctwuN1HlSoWurWXxKsWu4KiiYCZXzbEc1lqMQPNfvyD3nGqai3Dm
IPtaKWRgbbFIjBB+GrqaUS0B8Pe7C3CTZFfQx7IHLAbYB0ewdKPerDuEbLe3Cenq
I//aBlY+OllW9yPraUDbD7q941hiPYs1NEFV669OYvalqSG1se3jWI4WRlE4I6Ii
rznMmDwb/SM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:14 2025 by rpki-client