Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa
File: hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa (raw, json)
Hash identifier: c9xr2QPdOJHBS76dYaN+BTyMMmlA60SbcteFKaCmJMA=
Subject key identifier: 84:F0:57:BC:A4:1D:6A:A9:55:53:89:D0:FB:64:DE:EE:F6:9A:F0:1A
Certificate issuer: /CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Certificate serial: 01942444BE8E4C30A8E441CCB77EF9CA205D
Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa
Signing time: Wed 01 Jan 2025 23:47:52 +0000
ROA not before: Wed 01 Jan 2025 23:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31742
IP address blocks: 45.14.228.0/22 maxlen: 22
46.255.248.0/21 maxlen: 21
83.137.224.0/21 maxlen: 21
93.191.24.0/21 maxlen: 21
185.119.20.0/22 maxlen: 22
212.85.252.0/22 maxlen: 22
2a00:d300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:be:8e:4c:30:a8:e4:41:cc:b7:7e:f9:ca:20:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Validity
Not Before: Jan 1 23:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84f057bca41d6aa9555389d0fb64deeef69af01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:65:ae:00:62:34:a4:56:ef:c5:3d:44:00:ce:
8d:44:06:a4:8b:70:b1:a6:5a:d8:7f:33:b5:d3:be:
24:c9:9f:2a:21:c2:0b:1e:7a:26:da:d0:2d:d7:95:
ba:1f:85:c3:89:61:fb:6f:94:25:28:c0:83:f2:26:
32:d8:5b:86:4c:f7:83:a1:a6:49:0d:97:51:a6:b8:
bf:04:39:83:d1:fc:0f:d7:13:cf:00:1d:9d:ad:40:
23:43:ee:e9:68:85:db:d7:94:f9:dd:6c:16:3a:f8:
4f:c5:44:e4:a7:32:93:33:dd:d8:44:cf:f9:95:ac:
5d:1f:18:6d:b8:d8:50:8d:fe:1f:51:ff:d1:b0:c1:
a8:7c:42:b6:77:10:2c:b9:d0:f0:e2:2c:82:0a:8d:
40:2d:f4:43:f2:a3:92:b9:d6:bc:ae:40:b1:8a:02:
fd:9b:91:a8:0d:ad:ac:5e:84:da:ce:06:54:bd:49:
87:e4:80:42:c8:03:db:a7:e9:23:8f:2e:f1:3c:30:
53:20:8e:ad:f8:d3:f8:cf:39:3e:5f:a4:b6:c5:8b:
fb:a7:c8:5b:3a:28:c7:3e:aa:75:26:a4:31:d8:d8:
cd:6d:2e:20:58:fe:ee:47:bf:f4:e8:52:e4:c3:ed:
cc:b9:7c:1e:e0:86:e4:53:34:96:c1:a2:f8:a8:94:
08:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F0:57:BC:A4:1D:6A:A9:55:53:89:D0:FB:64:DE:EE:F6:9A:F0:1A
X509v3 Authority Key Identifier:
keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.228.0/22
46.255.248.0/21
83.137.224.0/21
93.191.24.0/21
185.119.20.0/22
212.85.252.0/22
IPv6:
2a00:d300::/32
Signature Algorithm: sha256WithRSAEncryption
58:ae:80:02:88:51:68:6d:df:98:38:6d:7d:49:e9:8b:11:b1:
75:a7:ec:1a:8c:75:af:e0:90:2f:97:81:15:f5:d5:b1:de:d3:
e5:48:d3:be:20:e3:8c:d2:bf:5c:d0:90:f8:43:9d:b9:47:fb:
ae:bf:ee:e5:23:10:4e:22:15:89:b8:9b:4f:2e:59:cd:eb:2e:
12:6b:2b:ac:75:a0:5b:0b:7b:d5:25:b9:d9:d9:84:0d:d0:a5:
e4:d5:3c:0b:90:94:bb:18:4e:5f:a5:f7:45:05:4d:2d:8d:86:
b3:81:ba:21:e5:53:05:b3:e3:c2:26:1c:90:a9:f1:4c:8b:6e:
0e:86:46:4f:30:91:6d:f7:68:69:fe:92:a2:4a:b0:47:fd:bd:
25:26:dc:cd:ad:0c:f3:5c:79:a0:c1:4a:f2:f0:93:a7:3e:67:
da:ad:a5:72:47:37:c8:16:76:cc:6c:59:14:7b:c0:5b:8b:d5:
9a:16:27:4d:b1:57:ef:bf:7a:bb:bc:4a:c3:a6:87:5d:b1:ae:
19:a4:02:89:b5:c4:30:59:35:0c:36:5f:d1:86:6c:44:f2:5c:
18:61:df:95:dc:47:e8:91:f7:41:47:f0:8b:c7:bd:9e:19:b2:
62:de:7a:b8:36:5a:0d:c1:49:a2:3b:62:6d:f6:06:c5:d5:aa:
7b:6e:ef:64
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQkRL6OTDCo5EHMt375yiBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5
NzQ2MTEwHhcNMjUwMTAxMjM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYwNTdiY2E0MWQ2YWE5NTU1Mzg5ZDBmYjY0ZGVlZWY2OWFmMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WWuAGI0pFbvxT1EAM6NRAaki3Cx
plrYfzO1074kyZ8qIcILHnom2tAt15W6H4XDiWH7b5QlKMCD8iYy2FuGTPeDoaZJ
DZdRpri/BDmD0fwP1xPPAB2drUAjQ+7paIXb15T53WwWOvhPxUTkpzKTM93YRM/5
laxdHxhtuNhQjf4fUf/RsMGofEK2dxAsudDw4iyCCo1ALfRD8qOSuda8rkCxigL9
m5GoDa2sXoTazgZUvUmH5IBCyAPbp+kjjy7xPDBTII6t+NP4zzk+X6S2xYv7p8hb
OijHPqp1JqQx2NjNbS4gWP7uR7/06FLkw+3MuXwe4IbkUzSWwaL4qJQIdwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFITwV7ykHWqpVVOJ0Ptk3u72mvAaMB8GA1UdIwQY
MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt
Yjk1NGM1MGZkYmIwLzEvaFBCWHZLUWRhcWxWVTRuUS0yVGU3dmFhOEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw
LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLQ7kAwQD
Lv/4AwQDU4ngAwQDXb8YAwQCuXcUAwQC1FX8MA0EAgACMAcDBQAqANMAMA0GCSqG
SIb3DQEBCwUAA4IBAQBYroACiFFobd+YOG19SemLEbF1p+wajHWv4JAvl4EV9dWx
3tPlSNO+IOOM0r9c0JD4Q525R/uuv+7lIxBOIhWJuJtPLlnN6y4SayusdaBbC3vV
JbnZ2YQN0KXk1TwLkJS7GE5fpfdFBU0tjYazgboh5VMFs+PCJhyQqfFMi24OhkZP
MJFt92hp/pKiSrBH/b0lJtzNrQzzXHmgwUry8JOnPmfaraVyRzfIFnbMbFkUe8Bb
i9WaFidNsVfvv3q7vErDpoddsa4ZpAKJtcQwWTUMNl/RhmxE8lwYYd+V3EfokfdB
R/CLx72eGbJi3nq4NloNwUmiO2Jt9gbF1ap7bu9k
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:18:52 2025 by rpki-client