Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HSzkQ7ik9Ckw8xiEypOkoAb8c_g.roa
File: HSzkQ7ik9Ckw8xiEypOkoAb8c_g.roa (raw, json)
Hash identifier: qEhHCFMWnqIv1173G2J37RSgbkrRoCM5TX64TB7XNNw=
Subject key identifier: 1D:2C:E4:43:B8:A4:F4:29:30:F3:18:84:CA:93:A4:A0:06:FC:73:F8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FBDA84CA651DD0907793265B524B9
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HSzkQ7ik9Ckw8xiEypOkoAb8c_g.roa
Signing time: Thu 02 Jan 2025 05:49:24 +0000
ROA not before: Thu 02 Jan 2025 05:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51812
IP address blocks: 92.38.20.0/23 maxlen: 24
92.38.88.0/23 maxlen: 24
92.38.90.0/23 maxlen: 24
92.253.216.0/23 maxlen: 24
93.170.32.0/23 maxlen: 24
93.170.50.0/23 maxlen: 24
93.170.104.0/23 maxlen: 24
93.170.120.0/23 maxlen: 24
93.170.138.0/23 maxlen: 24
93.170.172.0/23 maxlen: 24
93.171.14.0/23 maxlen: 24
93.171.98.0/23 maxlen: 24
93.171.216.0/23 maxlen: 24
95.46.12.0/23 maxlen: 24
95.46.14.0/23 maxlen: 24
95.46.38.0/23 maxlen: 24
95.46.98.0/23 maxlen: 24
95.46.152.0/23 maxlen: 24
95.47.184.0/23 maxlen: 24
95.47.198.0/23 maxlen: 24
95.47.202.0/23 maxlen: 24
146.120.98.0/23 maxlen: 24
146.120.114.0/23 maxlen: 24
146.120.156.0/23 maxlen: 24
146.120.186.0/23 maxlen: 24
146.158.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:bd:a8:4c:a6:51:dd:09:07:79:32:65:b5:24:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d2ce443b8a4f42930f31884ca93a4a006fc73f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:3c:bd:44:16:10:d3:f7:05:52:fa:bb:95:
47:93:b5:cf:54:44:8b:2f:f5:7f:40:56:f1:b7:c6:
db:2e:c6:d8:5e:d5:81:be:c9:e4:d8:ee:73:17:0c:
ae:51:97:6a:14:f0:ae:ec:12:d8:fa:93:1b:77:d3:
b9:48:b8:9d:e5:d8:6f:1a:30:ef:cc:9b:6f:f7:42:
01:3b:d7:ad:9b:d1:78:b9:e8:fc:e1:31:67:63:04:
8f:3d:6c:5d:72:be:3b:35:25:bc:9e:5d:43:8b:f0:
d3:31:b1:37:1c:00:91:aa:88:b2:95:d1:ce:a5:fd:
40:5c:d0:71:01:fc:61:d6:01:e1:36:ce:fb:a4:d8:
03:21:05:0a:a1:2c:a1:00:7c:ae:f3:36:d9:73:76:
08:95:e5:16:54:97:c4:f8:e0:d1:4f:76:a0:78:78:
65:f9:10:a9:24:77:4a:23:1a:0d:1a:f2:9c:dc:27:
6b:3e:f0:0a:47:3f:fd:dd:ec:e1:ee:da:cd:c1:99:
da:6f:ac:a7:eb:ef:59:9b:0f:6c:97:bf:4e:1f:e7:
cc:7d:59:80:bf:56:26:40:9b:51:4b:68:15:af:a4:
f5:1a:c4:e5:8c:dd:e1:bc:e7:2b:7b:aa:ca:40:89:
7b:07:65:4b:ca:47:99:ae:fd:e7:88:f1:b2:50:ed:
aa:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:E4:43:B8:A4:F4:29:30:F3:18:84:CA:93:A4:A0:06:FC:73:F8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HSzkQ7ik9Ckw8xiEypOkoAb8c_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.20.0/23
92.38.88.0/22
92.253.216.0/23
93.170.32.0/23
93.170.50.0/23
93.170.104.0/23
93.170.120.0/23
93.170.138.0/23
93.170.172.0/23
93.171.14.0/23
93.171.98.0/23
93.171.216.0/23
95.46.12.0/22
95.46.38.0/23
95.46.98.0/23
95.46.152.0/23
95.47.184.0/23
95.47.198.0/23
95.47.202.0/23
146.120.98.0/23
146.120.114.0/23
146.120.156.0/23
146.120.186.0/23
146.158.10.0/23
Signature Algorithm: sha256WithRSAEncryption
79:04:dc:43:b8:74:57:9a:75:e1:f7:9f:e6:11:da:a5:15:a2:
29:f3:cd:1d:24:96:53:04:1e:b9:02:b3:8f:73:df:2b:07:3c:
2f:12:29:91:43:39:2f:a0:ca:84:a5:0f:55:40:4e:26:7f:3a:
f4:fe:36:20:48:f1:75:a0:e7:71:86:b2:29:fe:0f:9b:f7:4f:
01:f1:81:7b:35:6d:6c:6f:79:64:28:e4:d9:61:9f:a8:42:88:
84:56:8c:7f:3e:f8:d6:e4:78:64:fc:82:53:ba:bf:b6:19:2d:
01:6c:f7:87:11:3c:f6:9d:65:3f:1e:11:44:ae:12:5b:e9:16:
58:3f:f0:06:3b:34:d7:48:3c:71:27:35:f8:ad:64:80:2e:49:
15:db:e8:0f:2a:e3:14:d1:50:20:c3:bf:f7:3c:76:5a:40:da:
96:4d:3d:fd:1a:37:ae:2d:19:ff:7b:79:6a:81:30:57:ec:8a:
3c:0d:d1:e3:5d:eb:74:ef:e1:ce:58:25:cb:63:81:fb:34:4f:
00:9d:e4:f2:ae:88:c7:9e:26:0d:38:56:36:2f:60:c5:00:69:
9b:4d:f2:e9:c1:e4:6f:8b:70:59:53:4a:33:e0:41:d2:9f:16:
a7:2f:39:66:70:25:2d:82:ef:8d:63:58:83:c8:4c:b9:79:76:
88:e0:ad:01
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZQlj72oTKZR3QkHeTJltSS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjZTQ0M2I4YTRmNDI5MzBmMzE4ODRjYTkzYTRhMDA2ZmM3M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp48vUQWENP3BVL6u5VHk7XPVESL
L/V/QFbxt8bbLsbYXtWBvsnk2O5zFwyuUZdqFPCu7BLY+pMbd9O5SLid5dhvGjDv
zJtv90IBO9etm9F4uej84TFnYwSPPWxdcr47NSW8nl1Di/DTMbE3HACRqoiyldHO
pf1AXNBxAfxh1gHhNs77pNgDIQUKoSyhAHyu8zbZc3YIleUWVJfE+ODRT3ageHhl
+RCpJHdKIxoNGvKc3CdrPvAKRz/93ezh7trNwZnab6yn6+9Zmw9sl79OH+fMfVmA
v1YmQJtRS2gVr6T1GsTljN3hvOcre6rKQIl7B2VLykeZrv3niPGyUO2qoQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFB0s5EO4pPQpMPMYhMqTpKAG/HP4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSFN6a1E3aWs5Q2t3OHhpRXlwT2tvQWI4Y19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAFc
JhQDBAJcJlgDBAFc/dgDBAFdqiADBAFdqjIDBAFdqmgDBAFdqngDBAFdqooDBAFd
qqwDBAFdqw4DBAFdq2IDBAFdq9gDBAJfLgwDBAFfLiYDBAFfLmIDBAFfLpgDBAFf
L7gDBAFfL8YDBAFfL8oDBAGSeGIDBAGSeHIDBAGSeJwDBAGSeLoDBAGSngowDQYJ
KoZIhvcNAQELBQADggEBAHkE3EO4dFeadeH3n+YR2qUVoinzzR0kllMEHrkCs49z
3ysHPC8SKZFDOS+gyoSlD1VATiZ/OvT+NiBI8XWg53GGsin+D5v3TwHxgXs1bWxv
eWQo5Nlhn6hCiIRWjH8++NbkeGT8glO6v7YZLQFs94cRPPadZT8eEUSuElvpFlg/
8AY7NNdIPHEnNfitZIAuSRXb6A8q4xTRUCDDv/c8dlpA2pZNPf0aN64tGf97eWqB
MFfsijwN0eNd63Tv4c5YJctjgfs0TwCd5PKuiMeeJg04VjYvYMUAaZtN8unB5G+L
cFlTSjPgQdKfFqcvOWZwJS2C741jWIPITLl5dojgrQE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:26 2025 by rpki-client