Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/HWormeP5NTMFg9cNiU120qWb8MM.roa
File: HWormeP5NTMFg9cNiU120qWb8MM.roa (raw, json)
Hash identifier: 3Vx0k4vPLIVcmX2N61XugSe2WGxKb/dBPzzUHtK6wl4=
Subject key identifier: 1D:6A:2B:99:E3:F9:35:33:05:83:D7:0D:89:4D:76:D2:A5:9B:F0:C3
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0194244528DCE506E0B6235F297D4DAB89D0
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/HWormeP5NTMFg9cNiU120qWb8MM.roa
Signing time: Wed 01 Jan 2025 23:48:19 +0000
ROA not before: Wed 01 Jan 2025 23:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207713
IP address blocks: 87.251.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:28:dc:e5:06:e0:b6:23:5f:29:7d:4d:ab:89:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d6a2b99e3f935330583d70d894d76d2a59bf0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:33:11:ba:a1:7d:ed:94:3c:6c:70:48:0d:28:
e7:87:db:6b:3c:3e:c9:26:3a:ad:e5:8b:38:77:65:
ac:d5:b8:d6:1d:ca:ed:d1:d5:08:06:d0:c7:6c:0b:
4c:96:22:fb:38:5f:24:ba:d4:01:3b:0e:8f:43:5f:
34:02:da:26:5a:70:c2:12:c0:a6:db:4e:d6:6d:24:
92:6e:ff:bf:5d:cc:e8:44:e1:ad:aa:92:ef:4f:6f:
10:3b:44:74:8a:ec:ac:67:e2:12:f7:6e:0c:93:2e:
d4:8b:95:59:07:5c:96:53:8f:63:ab:f5:af:c9:ac:
a4:a9:b0:3f:ea:db:5b:a0:f6:4d:c9:1c:1d:16:38:
4a:85:60:d5:0d:7f:53:a6:52:7c:0f:7a:04:56:68:
f8:77:6b:90:e4:1a:57:cd:56:ef:a8:61:1b:39:bc:
7b:90:26:be:1e:59:d2:4b:a7:0b:ac:ad:78:78:2e:
f8:35:9d:6a:d7:7c:60:f7:aa:11:1c:92:ed:b4:f3:
36:2d:71:6a:35:10:3c:5d:96:fa:c2:e3:fe:b6:b7:
95:2b:55:17:24:e9:68:36:7a:c7:08:7f:be:33:99:
00:67:b8:8c:ba:63:cd:21:1e:8b:b0:84:6a:8c:95:
d4:83:11:0e:4f:82:91:7a:44:c6:89:09:1f:c3:ea:
a4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6A:2B:99:E3:F9:35:33:05:83:D7:0D:89:4D:76:D2:A5:9B:F0:C3
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/HWormeP5NTMFg9cNiU120qWb8MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.66.0/24
Signature Algorithm: sha256WithRSAEncryption
68:c7:85:50:de:ef:42:fb:18:39:d1:d8:41:6f:83:17:02:5b:
e6:f9:07:5c:db:89:37:9a:0e:26:39:96:17:81:3f:49:52:76:
ab:75:e9:bf:3b:61:ef:72:b7:c5:d0:1f:ff:1c:07:3f:e7:0c:
6d:ff:0e:a1:f1:06:9c:cf:0e:2e:62:4b:c5:b5:34:60:6b:f2:
fa:9f:91:9a:0a:4b:90:42:93:db:29:29:14:cc:6c:ea:d6:b5:
db:fa:d0:ea:13:88:8c:ac:79:48:6e:03:da:33:25:df:a8:ab:
28:2e:1c:96:ba:c1:df:4a:2d:c7:aa:cb:81:33:a5:69:ce:df:
27:a8:c6:eb:08:d4:e5:c5:11:c5:de:7d:d0:e7:fa:78:a3:f9:
78:ee:94:7e:6f:9b:31:5d:a1:b1:a1:1e:d4:f5:ba:74:42:b8:
1c:33:48:89:10:4b:3a:b8:57:cb:78:92:56:53:76:4d:19:21:
8c:e1:f4:21:8a:3b:f5:ad:ae:36:66:d8:30:b5:63:ea:12:01:
79:19:74:e3:33:3c:61:6b:f6:23:5d:11:5f:e3:25:a8:9f:83:
32:b5:17:e6:46:6c:f4:4e:21:fe:00:6d:26:eb:ba:63:bd:6a:
18:fb:2f:38:50:cd:56:4a:e9:f8:56:9a:15:d0:3f:36:6a:66:
dd:35:db:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRSjc5QbgtiNfKX1Nq4nQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZhMmI5OWUzZjkzNTMzMDU4M2Q3MGQ4OTRkNzZkMmE1OWJmMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TMRuqF97ZQ8bHBIDSjnh9trPD7J
Jjqt5Ys4d2Ws1bjWHcrt0dUIBtDHbAtMliL7OF8kutQBOw6PQ180AtomWnDCEsCm
207WbSSSbv+/XczoROGtqpLvT28QO0R0iuysZ+IS924Mky7Ui5VZB1yWU49jq/Wv
yaykqbA/6ttboPZNyRwdFjhKhWDVDX9TplJ8D3oEVmj4d2uQ5BpXzVbvqGEbObx7
kCa+HlnSS6cLrK14eC74NZ1q13xg96oRHJLttPM2LXFqNRA8XZb6wuP+treVK1UX
JOloNnrHCH++M5kAZ7iMumPNIR6LsIRqjJXUgxEOT4KRekTGiQkfw+qkDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1qK5nj+TUzBYPXDYlNdtKlm/DDMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvSFdvcm1lUDVOVE1GZzljTmlVMTIwcVdiOE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/tCMA0G
CSqGSIb3DQEBCwUAA4IBAQBox4VQ3u9C+xg50dhBb4MXAlvm+Qdc24k3mg4mOZYX
gT9JUnardem/O2HvcrfF0B//HAc/5wxt/w6h8Qaczw4uYkvFtTRga/L6n5GaCkuQ
QpPbKSkUzGzq1rXb+tDqE4iMrHlIbgPaMyXfqKsoLhyWusHfSi3HqsuBM6Vpzt8n
qMbrCNTlxRHF3n3Q5/p4o/l47pR+b5sxXaGxoR7U9bp0QrgcM0iJEEs6uFfLeJJW
U3ZNGSGM4fQhijv1ra42ZtgwtWPqEgF5GXTjMzxha/YjXRFf4yWon4MytRfmRmz0
TiH+AG0m67pjvWoY+y84UM1WSun4VpoV0D82ambdNdsI
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:58:36 2025 by rpki-client