Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/AhuxnBjbqBUXwIP5b21tGbis2HQ.roa
File: AhuxnBjbqBUXwIP5b21tGbis2HQ.roa (raw, json)
Hash identifier: tJKtPN8U0xHa3FJB8TQyW4B4Oecnb0IEKnN/jQHiCqc=
Subject key identifier: 02:1B:B1:9C:18:DB:A8:15:17:C0:83:F9:6F:6D:6D:19:B8:AC:D8:74
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 01954D373A459708913F7BBB1EAA8D821EB7
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/AhuxnBjbqBUXwIP5b21tGbis2HQ.roa
Signing time: Fri 28 Feb 2025 15:40:19 +0000
ROA not before: Fri 28 Feb 2025 15:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 83.147.192.0/24 maxlen: 24
83.147.216.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.253.0/24 maxlen: 24
83.147.254.0/24 maxlen: 24
91.186.212.0/24 maxlen: 24
91.186.213.0/24 maxlen: 24
178.253.31.0/24 maxlen: 24
178.253.38.0/24 maxlen: 24
178.253.39.0/24 maxlen: 24
178.253.44.0/24 maxlen: 24
178.253.45.0/24 maxlen: 24
178.253.52.0/24 maxlen: 24
178.253.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:37:3a:45:97:08:91:3f:7b:bb:1e:aa:8d:82:1e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Feb 28 15:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=021bb19c18dba81517c083f96f6d6d19b8acd874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:c5:06:91:af:09:9f:c9:4c:de:e4:21:ad:
3a:08:85:91:98:9d:c7:92:b4:e0:e5:c1:1c:41:f9:
35:e9:7e:cf:e6:ad:92:5c:d5:35:95:ef:97:99:15:
f2:a2:33:54:02:2a:f1:9d:19:60:a1:d1:fa:04:5b:
88:49:ab:39:1f:70:a5:f2:83:13:a0:f2:90:71:42:
a1:7a:33:68:45:45:ef:09:e2:05:89:8a:bf:71:8b:
ff:91:57:a3:fe:2f:b0:59:84:6c:0b:7a:92:43:6e:
99:c7:d8:40:61:23:fd:2a:9f:26:08:2f:b9:f3:bf:
7d:0e:92:1a:18:a1:5f:87:ce:c9:0d:94:13:51:62:
d8:ce:07:8b:5c:74:db:27:8c:9e:f8:3f:52:51:de:
32:43:d8:16:d1:8f:fd:78:30:7c:18:24:c1:fb:b8:
2e:84:ff:8e:b2:d4:fc:77:f9:fa:99:93:c5:19:2c:
5d:fa:8a:4a:31:3f:fc:1a:52:c6:68:33:e2:99:10:
81:42:4b:1e:ac:2e:68:8c:8d:54:cd:73:be:61:41:
bf:47:95:fc:1d:18:58:1e:79:ad:09:46:76:a9:c9:
5f:6d:13:d4:42:32:bd:1e:2c:46:52:f4:c8:80:d0:
3a:ee:44:02:35:2e:f9:8d:00:14:07:32:c2:60:35:
84:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:1B:B1:9C:18:DB:A8:15:17:C0:83:F9:6F:6D:6D:19:B8:AC:D8:74
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/AhuxnBjbqBUXwIP5b21tGbis2HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.192.0/24
83.147.216.0/24
83.147.222.0/24
83.147.253.0-83.147.254.255
91.186.212.0/23
178.253.31.0/24
178.253.38.0/23
178.253.44.0/23
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:20:f7:57:6c:a6:53:23:bd:cd:72:da:49:aa:46:e8:92:bb:
b3:82:bc:fc:eb:8c:8b:5c:2d:a4:9f:4d:24:da:d1:24:51:e2:
9a:ca:71:a9:52:34:36:d8:f0:ab:17:d2:7a:e7:cb:a5:63:7c:
9c:88:7a:31:50:93:9a:c2:6c:68:b7:53:4d:1b:5f:30:ef:07:
96:43:56:24:09:e2:e1:80:90:7c:ee:5f:1a:b2:dc:39:e1:1a:
97:fb:4a:b8:a1:2e:d6:11:88:ca:a7:4d:c5:4a:06:b1:8f:5c:
08:5e:8c:61:ed:3d:5f:4b:a0:f4:f6:f6:f8:68:bd:5a:5f:d5:
06:a5:90:5d:f5:0b:c3:d7:e1:08:d8:dc:4b:8d:83:8c:12:c4:
c1:11:55:6d:2b:ca:b4:0b:21:f4:f8:69:c1:09:7f:b6:64:28:
56:6c:75:33:af:66:16:80:a9:5e:33:8d:2a:0c:8f:bc:95:80:
e2:4c:56:2c:7c:82:83:12:b5:c8:bd:1c:42:eb:13:40:82:11:
e1:29:be:5f:46:99:e5:bb:6a:a8:2b:7b:7d:cb:73:bd:62:43:
5d:fe:43:0a:8b:37:9d:6b:7e:7f:34:54:49:66:e7:03:77:ff:
8a:3a:4a:e7:24:dc:fb:da:7f:3c:c7:60:e2:d3:46:e7:84:fb:
4e:97:95:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZVNNzpFlwiRP3u7HqqNgh63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjUwMjI4MTU0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjFiYjE5YzE4ZGJhODE1MTdjMDgzZjk2ZjZkNmQxOWI4YWNkODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlfFBpGvCZ/JTN7kIa06CIWRmJ3H
krTg5cEcQfk16X7P5q2SXNU1le+XmRXyojNUAirxnRlgodH6BFuISas5H3Cl8oMT
oPKQcUKhejNoRUXvCeIFiYq/cYv/kVej/i+wWYRsC3qSQ26Zx9hAYSP9Kp8mCC+5
8799DpIaGKFfh87JDZQTUWLYzgeLXHTbJ4ye+D9SUd4yQ9gW0Y/9eDB8GCTB+7gu
hP+OstT8d/n6mZPFGSxd+opKMT/8GlLGaDPimRCBQkserC5ojI1UzXO+YUG/R5X8
HRhYHnmtCUZ2qclfbRPUQjK9HixGUvTIgNA67kQCNS75jQAUBzLCYDWEKQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAIbsZwY26gVF8CD+W9tbRm4rNh0MB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvQWh1eG5CamJxQlVYd0lQNWIyMXRHYmlzMkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAU5PAAwQA
U5PYAwQAU5PeMAwDBABTk/0DBABTk/4DBAFbutQDBACy/R8DBAGy/SYDBAGy/SwD
BAGy/TQwDQYJKoZIhvcNAQELBQADggEBAH8g91dsplMjvc1y2kmqRuiSu7OCvPzr
jItcLaSfTSTa0SRR4prKcalSNDbY8KsX0nrny6VjfJyIejFQk5rCbGi3U00bXzDv
B5ZDViQJ4uGAkHzuXxqy3DnhGpf7SrihLtYRiMqnTcVKBrGPXAhejGHtPV9LoPT2
9vhovVpf1QalkF31C8PX4QjY3EuNg4wSxMERVW0ryrQLIfT4acEJf7ZkKFZsdTOv
ZhaAqV4zjSoMj7yVgOJMVix8goMStci9HELrE0CCEeEpvl9GmeW7aqgre33Lc71i
Q13+QwqLN51rfn80VElm5wN3/4o6Suck3PvafzzHYOLTRueE+06Xles=
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:57:33 2025 by rpki-client