Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hy4cnX2avIWMTVaYTPnKQI8qwqI.roa
File: Hy4cnX2avIWMTVaYTPnKQI8qwqI.roa (raw, json)
Hash identifier: So1XxRV3jcj3jHk4kOURAqWUhnoWgID8zlNH96GfPdA=
Subject key identifier: 1F:2E:1C:9D:7D:9A:BC:85:8C:4D:56:98:4C:F9:CA:40:8F:2A:C2:A2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01957EBAB6D43E7FC6E233114209FBC75C87
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hy4cnX2avIWMTVaYTPnKQI8qwqI.roa
Signing time: Mon 10 Mar 2025 06:25:20 +0000
ROA not before: Mon 10 Mar 2025 06:25:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204902
IP address blocks: 194.50.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7e:ba:b6:d4:3e:7f:c6:e2:33:11:42:09:fb:c7:5c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 10 06:25:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f2e1c9d7d9abc858c4d56984cf9ca408f2ac2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ad:c9:5c:72:31:5e:bd:00:f5:5f:a7:f9:83:
7a:eb:00:9b:b3:4a:c7:ab:6f:08:a6:fc:3d:e7:35:
5e:a1:e8:ad:5d:75:a6:6b:8b:28:f9:34:16:68:4d:
cc:89:9e:11:cd:7a:71:84:07:48:7a:ca:fa:85:86:
d1:4d:be:2d:3f:b1:51:19:bc:2c:35:0b:0d:ae:32:
ae:07:1e:1e:08:f1:64:71:d5:ac:21:58:fc:0b:6b:
ee:aa:03:07:ca:1b:76:3b:40:56:8d:9f:bd:c1:75:
24:90:9f:78:ca:11:b0:97:2c:5e:e1:02:40:a6:fe:
66:89:66:0c:aa:69:2b:57:6c:45:2c:bb:df:ae:26:
ca:92:d4:43:65:49:05:23:a4:a3:de:3f:49:f8:94:
66:fe:20:04:b9:76:69:af:c7:dd:91:86:84:ed:bc:
6f:14:90:e6:9c:38:b2:20:5e:bb:b9:68:0a:8d:16:
05:d2:9d:76:ed:8b:44:77:24:d3:cc:36:30:80:e5:
16:f3:51:b9:90:8f:de:e2:27:16:bc:64:ea:4d:86:
ba:05:02:1f:f8:98:e5:eb:00:7b:34:f4:3f:d9:11:
47:a4:90:09:d9:0d:ea:8e:34:99:8b:19:35:5c:17:
59:6d:34:79:0f:10:d0:4e:6f:1b:db:fb:2c:66:17:
76:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:2E:1C:9D:7D:9A:BC:85:8C:4D:56:98:4C:F9:CA:40:8F:2A:C2:A2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Hy4cnX2avIWMTVaYTPnKQI8qwqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
Signature Algorithm: sha256WithRSAEncryption
01:a4:69:4c:b8:5c:9a:9f:0a:7a:b3:76:6d:ee:8b:9f:63:00:
af:16:e0:3e:6e:8d:19:5a:e6:ea:94:33:2f:f3:0c:50:2c:7f:
98:19:a0:d8:a7:e4:cf:54:6e:62:54:95:3d:5f:56:43:27:15:
a4:c9:ad:cb:3e:f1:66:58:0f:48:62:28:b0:ee:18:4d:c6:6c:
0e:e1:0b:83:13:0d:a4:aa:08:d7:07:ac:48:eb:2c:65:e5:a4:
12:b5:33:c7:dc:8a:3d:9c:62:b6:ab:74:d7:a8:d5:e1:b2:be:
d0:b7:eb:54:f6:b6:97:34:58:78:2f:1d:6c:f5:58:25:82:cb:
e9:0f:ae:0b:71:12:14:e5:dc:f0:a4:11:1f:1b:61:c1:7f:13:
00:37:45:2d:3a:9b:1d:58:ae:d7:31:18:18:b4:e6:86:2b:d9:
21:c3:09:b4:10:62:c7:fc:84:66:88:aa:fa:a1:dd:5d:89:35:
a1:12:fc:cc:3e:90:7f:66:65:44:a2:2a:e0:e5:dd:d3:f7:f7:
9b:9c:81:d3:be:98:ba:d9:9a:65:09:44:d9:fd:02:63:3c:04:
cf:f2:b5:d4:4b:55:f5:a4:88:79:2d:2a:72:db:3a:d0:3b:e1:
f9:77:fb:c6:40:95:d2:1f:5d:9d:be:5e:c6:7f:0f:de:62:70:
80:21:85:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV+urbUPn/G4jMRQgn7x1yHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzEwMDYyNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjJlMWM5ZDdkOWFiYzg1OGM0ZDU2OTg0Y2Y5Y2E0MDhmMmFjMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqK3JXHIxXr0A9V+n+YN66wCbs0rH
q28Ipvw95zVeoeitXXWma4so+TQWaE3MiZ4RzXpxhAdIesr6hYbRTb4tP7FRGbws
NQsNrjKuBx4eCPFkcdWsIVj8C2vuqgMHyht2O0BWjZ+9wXUkkJ94yhGwlyxe4QJA
pv5miWYMqmkrV2xFLLvfribKktRDZUkFI6Sj3j9J+JRm/iAEuXZpr8fdkYaE7bxv
FJDmnDiyIF67uWgKjRYF0p127YtEdyTTzDYwgOUW81G5kI/e4icWvGTqTYa6BQIf
+Jjl6wB7NPQ/2RFHpJAJ2Q3qjjSZixk1XBdZbTR5DxDQTm8b2/ssZhd27wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8uHJ19mryFjE1WmEz5ykCPKsKiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSHk0Y25YMmF2SVdNVFZhWVRQbktRSThxd3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjJvMA0G
CSqGSIb3DQEBCwUAA4IBAQABpGlMuFyanwp6s3Zt7oufYwCvFuA+bo0ZWubqlDMv
8wxQLH+YGaDYp+TPVG5iVJU9X1ZDJxWkya3LPvFmWA9IYiiw7hhNxmwO4QuDEw2k
qgjXB6xI6yxl5aQStTPH3Io9nGK2q3TXqNXhsr7Qt+tU9raXNFh4Lx1s9Vglgsvp
D64LcRIU5dzwpBEfG2HBfxMAN0UtOpsdWK7XMRgYtOaGK9khwwm0EGLH/IRmiKr6
od1diTWhEvzMPpB/ZmVEoirg5d3T9/ebnIHTvpi62ZplCUTZ/QJjPATP8rXUS1X1
pIh5LSpy2zrQO+H5d/vGQJXSH12dvl7Gfw/eYnCAIYVI
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:26:05 2025 by rpki-client