Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/hqflcP10fGd_ugaqcibuFjfMGsQ.roa
File: hqflcP10fGd_ugaqcibuFjfMGsQ.roa (raw, json)
Hash identifier: Ko25/+lhloUhGb/yVx2/b28QF0QoFlF426ib4Pcz3zE=
Subject key identifier: 86:A7:E5:70:FD:74:7C:67:7F:BA:06:AA:72:26:EE:16:37:CC:1A:C4
Certificate issuer: /CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Certificate serial: 019581E2326EEF8D073634F2536637F43E7D
Authority key identifier: 09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/hqflcP10fGd_ugaqcibuFjfMGsQ.roa
Signing time: Mon 10 Mar 2025 21:07:19 +0000
ROA not before: Mon 10 Mar 2025 21:07:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214623
IP address blocks: 185.222.106.0/24 maxlen: 24
199.244.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:81:e2:32:6e:ef:8d:07:36:34:f2:53:66:37:f4:3e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090e592a2e0d427a09aa2de1b9baf08ccd14f0a0
Validity
Not Before: Mar 10 21:07:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a7e570fd747c677fba06aa7226ee1637cc1ac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:be:ea:01:fd:8e:93:55:c4:1c:6b:f0:b2:
50:bc:83:4c:6a:88:ec:a9:59:ab:b9:fe:41:63:7b:
79:41:20:f4:f6:81:b0:61:3d:58:d9:7d:d9:2c:fb:
16:f7:c2:47:16:00:dd:f1:72:ce:d9:b7:f1:77:00:
50:cb:4f:71:f7:8a:60:2d:80:49:8b:eb:39:64:22:
b6:a0:0f:60:36:6c:ea:be:cb:f6:a9:90:80:52:83:
7c:4f:93:1a:29:96:ad:ac:b0:5c:6d:b2:4a:de:f0:
87:bc:92:28:09:c6:9a:03:a5:62:71:73:75:a1:4f:
47:a5:71:fe:d5:c0:d2:46:4f:e3:4d:07:61:12:96:
80:ea:1e:60:5b:19:6b:f8:81:eb:a4:c2:ef:51:a2:
b9:7a:69:d6:95:be:67:ea:82:b7:6b:83:61:3f:c1:
b0:52:a5:86:ab:f2:e9:2f:ec:e6:46:bf:50:1f:76:
a1:0b:45:88:59:7d:d9:51:a4:2c:d5:6e:58:74:5a:
79:f2:4d:b7:da:b5:4d:d2:f4:04:5a:f7:ee:b0:7f:
74:7c:b5:60:7b:94:2b:d9:9b:44:c7:a7:d2:e8:d3:
12:18:48:b2:83:5e:98:f5:a8:0c:29:69:7d:b0:b3:
c3:1a:e9:31:9f:65:99:0b:79:dc:8e:4f:95:58:4e:
a2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A7:E5:70:FD:74:7C:67:7F:BA:06:AA:72:26:EE:16:37:CC:1A:C4
X509v3 Authority Key Identifier:
keyid:09:0E:59:2A:2E:0D:42:7A:09:AA:2D:E1:B9:BA:F0:8C:CD:14:F0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/hqflcP10fGd_ugaqcibuFjfMGsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/15f690-5add-470d-a286-33bdc73ed0ea/1/CQ5ZKi4NQnoJqi3hubrwjM0U8KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.106.0/24
199.244.103.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d2:ea:87:33:b6:b2:f8:77:4d:f1:3b:ef:d3:42:14:8b:10:
b6:15:e0:4b:36:84:f0:9b:d6:af:85:c5:2e:e0:17:63:19:ca:
fa:55:3d:64:f5:dc:bb:80:e4:80:8a:56:0b:87:3c:60:74:d9:
ea:9f:e2:d9:b7:e3:22:62:2a:b5:84:7f:a5:6e:be:7e:20:98:
9b:a2:40:bc:b2:b0:ac:65:db:b8:46:7a:60:eb:ba:a3:79:ca:
c4:14:93:10:3c:c9:df:af:0d:9c:22:93:f0:c4:71:54:49:c9:
ff:59:d8:ca:25:e6:7b:32:c0:21:1b:b3:28:a1:21:22:2b:eb:
36:37:24:43:33:2a:61:4c:36:36:ed:3a:46:48:f8:97:60:f5:
39:b9:b1:22:30:51:a3:51:7e:58:50:37:72:40:66:2a:9a:28:
1c:c9:21:ff:2c:51:3c:ba:75:7e:60:f2:66:de:46:31:44:0b:
9c:6c:22:ae:45:37:94:6e:8c:d2:ce:db:28:25:a4:3d:8e:f8:
1b:57:d3:f3:e6:73:10:d9:2c:29:76:a4:42:47:d8:78:e0:cc:
3d:83:e1:76:e5:62:28:b0:7b:1e:d2:70:99:6d:01:b7:b1:a5:
6a:c4:d9:3d:fd:35:87:f4:05:16:97:ad:a4:4b:fb:78:be:04:
6c:0b:c1:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWB4jJu740HNjTyU2Y39D59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGU1OTJhMmUwZDQyN2EwOWFhMmRlMWI5YmFmMDhjY2Qx
NGYwYTAwHhcNMjUwMzEwMjEwNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE3ZTU3MGZkNzQ3YzY3N2ZiYTA2YWE3MjI2ZWUxNjM3Y2MxYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTi+6gH9jpNVxBxr8LJQvINMaojs
qVmruf5BY3t5QSD09oGwYT1Y2X3ZLPsW98JHFgDd8XLO2bfxdwBQy09x94pgLYBJ
i+s5ZCK2oA9gNmzqvsv2qZCAUoN8T5MaKZatrLBcbbJK3vCHvJIoCcaaA6VicXN1
oU9HpXH+1cDSRk/jTQdhEpaA6h5gWxlr+IHrpMLvUaK5emnWlb5n6oK3a4NhP8Gw
UqWGq/LpL+zmRr9QH3ahC0WIWX3ZUaQs1W5YdFp58k232rVN0vQEWvfusH90fLVg
e5Qr2ZtEx6fS6NMSGEiyg16Y9agMKWl9sLPDGukxn2WZC3ncjk+VWE6i7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIan5XD9dHxnf7oGqnIm7hY3zBrEMB8GA1UdIwQY
MBaAFAkOWSouDUJ6Caot4bm68IzNFPCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYt
MzNiZGM3M2VkMGVhLzEvaHFmbGNQMTBmR2RfdWdhcWNpYnVGamZNR3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xNWY2OTAtNWFkZC00NzBkLWEyODYtMzNiZGM3M2VkMGVh
LzEvQ1E1WktpNE5Rbm9KcWkzaHVicndqTTBVOEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud5qAwQA
x/RnMA0GCSqGSIb3DQEBCwUAA4IBAQBT0uqHM7ay+HdN8Tvv00IUixC2FeBLNoTw
m9avhcUu4BdjGcr6VT1k9dy7gOSAilYLhzxgdNnqn+LZt+MiYiq1hH+lbr5+IJib
okC8srCsZdu4Rnpg67qjecrEFJMQPMnfrw2cIpPwxHFUScn/WdjKJeZ7MsAhG7Mo
oSEiK+s2NyRDMyphTDY27TpGSPiXYPU5ubEiMFGjUX5YUDdyQGYqmigcySH/LFE8
unV+YPJm3kYxRAucbCKuRTeUbozSztsoJaQ9jvgbV9Pz5nMQ2SwpdqRCR9h44Mw9
g+F25WIosHse0nCZbQG3saVqxNk9/TWH9AUWl62kS/t4vgRsC8ER
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:26:42 2025 by rpki-client