Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/Hetd0acGcft4F4TkCZSRchEWHjU.roa
File: Hetd0acGcft4F4TkCZSRchEWHjU.roa (raw, json)
Hash identifier: DfxL/5EFMBfWrjWF+bprxAQN9pcVeRj5qm/6i9xfMgQ=
Subject key identifier: 1D:EB:5D:D1:A7:06:71:FB:78:17:84:E4:09:94:91:72:11:16:1E:35
Certificate issuer: /CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Certificate serial: 0194236A277DEF6819ACD9FAD26AAE66E6D9
Authority key identifier: 65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/Hetd0acGcft4F4TkCZSRchEWHjU.roa
Signing time: Wed 01 Jan 2025 19:49:06 +0000
ROA not before: Wed 01 Jan 2025 19:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205147
IP address blocks: 185.8.96.0/22 maxlen: 24
185.8.96.0/24 maxlen: 24
185.8.97.0/24 maxlen: 24
185.8.98.0/24 maxlen: 24
185.8.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:27:7d:ef:68:19:ac:d9:fa:d2:6a:ae:66:e6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Validity
Not Before: Jan 1 19:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1deb5dd1a70671fb781784e40994917211161e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:37:42:ec:6e:1e:2b:64:25:3e:8a:58:ba:03:
44:4f:b6:5a:32:df:47:39:fd:a2:66:f1:59:0c:45:
25:dc:1a:df:59:72:06:9d:12:41:fc:a6:74:ca:ca:
08:99:7d:52:02:f2:0e:aa:37:52:44:51:46:65:70:
de:7f:1c:62:5e:8b:b2:df:c8:e8:64:a0:06:f4:9d:
91:ed:f6:42:08:88:90:64:d9:1a:48:93:29:fb:d2:
99:11:e3:43:cb:52:72:9e:4e:9f:4a:cb:f2:24:b1:
b4:78:fa:ad:6a:51:ea:25:58:db:5b:94:de:3c:03:
43:76:e8:b3:73:0d:7e:fe:8c:2e:a2:42:e1:00:86:
c7:ab:16:1f:25:d3:b2:d0:19:53:3e:94:21:f5:31:
47:76:83:78:00:c6:cf:4b:c6:2d:e7:d3:cb:37:32:
7c:d4:12:dc:62:8e:45:5d:f5:23:a3:bf:d0:04:c1:
c8:c9:73:40:cb:cd:bb:e1:73:6a:b7:f5:68:f2:ca:
0e:d3:4d:52:8d:e1:1f:ec:4d:5b:e8:f2:23:7c:88:
b4:28:78:a3:db:ec:6c:b1:e4:b8:a3:a8:9a:70:fc:
39:5b:fe:f9:0e:69:c8:a9:a2:aa:2f:36:42:2d:86:
d0:de:fa:21:45:54:5c:e0:a4:36:3b:e1:0a:52:ab:
08:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EB:5D:D1:A7:06:71:FB:78:17:84:E4:09:94:91:72:11:16:1E:35
X509v3 Authority Key Identifier:
keyid:65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/Hetd0acGcft4F4TkCZSRchEWHjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.96.0/22
Signature Algorithm: sha256WithRSAEncryption
19:f3:84:2b:0e:8f:4f:2d:d5:e6:1a:58:37:40:a8:dd:95:13:
f4:db:14:c9:69:8d:be:c6:01:f4:10:c4:94:19:03:70:12:f0:
27:f8:2e:2f:23:5d:71:fe:ef:2a:67:6b:d0:7a:49:a3:ec:c8:
30:c2:2b:53:0c:47:bb:8e:24:c1:84:35:33:84:4b:0f:6d:eb:
4a:0f:63:b0:2f:06:93:5e:05:f3:32:67:07:37:fa:4a:8d:b6:
22:3b:03:15:7b:05:fa:2f:77:c7:64:e4:35:79:46:19:a0:06:
8b:e3:9d:17:0e:d8:9c:44:e1:fa:e0:67:7b:58:4b:ab:56:47:
f4:8c:77:7b:74:ee:c1:a2:1f:b4:0f:47:0f:9d:9d:34:db:bc:
3b:6f:e4:09:7c:5b:e9:1c:c5:94:08:a1:38:42:a2:25:bd:c4:
c4:06:28:fc:3b:fb:9b:19:bf:5b:7c:04:80:95:45:64:4f:1b:
98:de:c6:3a:88:c3:c0:52:97:93:12:4b:b5:b4:6d:0c:25:6a:
1e:0e:4e:6a:9b:1c:d6:d3:ca:57:6f:10:ca:47:74:85:24:d3:
0a:38:ab:63:e2:88:77:50:ee:39:1e:1d:cb:db:1e:a2:f1:d7:
d6:2f:eb:c5:ab:c7:83:7a:b0:0a:c2:ff:cd:31:43:7a:c5:55:
64:39:bd:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaid972gZrNn60mquZubZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGMwYzQ5OWE4ZTY5ZDk3OTVmNGJkMGI1YmYxNjgyYjFm
MDBmOWEwHhcNMjUwMTAxMTk0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGViNWRkMWE3MDY3MWZiNzgxNzg0ZTQwOTk0OTE3MjExMTYxZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTdC7G4eK2QlPopYugNET7ZaMt9H
Of2iZvFZDEUl3BrfWXIGnRJB/KZ0ysoImX1SAvIOqjdSRFFGZXDefxxiXouy38jo
ZKAG9J2R7fZCCIiQZNkaSJMp+9KZEeNDy1Jynk6fSsvyJLG0ePqtalHqJVjbW5Te
PANDduizcw1+/owuokLhAIbHqxYfJdOy0BlTPpQh9TFHdoN4AMbPS8Yt59PLNzJ8
1BLcYo5FXfUjo7/QBMHIyXNAy8274XNqt/Vo8soO001SjeEf7E1b6PIjfIi0KHij
2+xsseS4o6iacPw5W/75DmnIqaKqLzZCLYbQ3vohRVRc4KQ2O+EKUqsIvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3rXdGnBnH7eBeE5AmUkXIRFh41MB8GA1UdIwQY
MBaAFGWMDEmajmnZeV9L0LW/FoKx8A+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAt
MzJjMWIyY2VlNTkzLzEvSGV0ZDBhY0djZnQ0RjRUa0NaU1JjaEVXSGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAtMzJjMWIyY2VlNTkz
LzEvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQhgMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ84QrDo9PLdXmGlg3QKjdlRP02xTJaY2+xgH0EMSU
GQNwEvAn+C4vI11x/u8qZ2vQekmj7MgwwitTDEe7jiTBhDUzhEsPbetKD2OwLwaT
XgXzMmcHN/pKjbYiOwMVewX6L3fHZOQ1eUYZoAaL450XDticROH64Gd7WEurVkf0
jHd7dO7Boh+0D0cPnZ0027w7b+QJfFvpHMWUCKE4QqIlvcTEBij8O/ubGb9bfASA
lUVkTxuY3sY6iMPAUpeTEku1tG0MJWoeDk5qmxzW08pXbxDKR3SFJNMKOKtj4oh3
UO45Hh3L2x6i8dfWL+vFq8eDerAKwv/NMUN6xVVkOb0S
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:08 2025 by rpki-client