Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/hV1kQUu8Pdq1hwLjpsPqwMqfj_U.roa
File: hV1kQUu8Pdq1hwLjpsPqwMqfj_U.roa (raw, json)
Hash identifier: N1eliwWO7Qtxwve5drBayNA7B9DMRJgSbxRNUu9dsfY=
Subject key identifier: 85:5D:64:41:4B:BC:3D:DA:B5:87:02:E3:A6:C3:EA:C0:CA:9F:8F:F5
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 019422FC425C69766E73DB9C246A24702DCF
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/hV1kQUu8Pdq1hwLjpsPqwMqfj_U.roa
Signing time: Wed 01 Jan 2025 17:49:04 +0000
ROA not before: Wed 01 Jan 2025 17:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211824
IP address blocks: 94.188.217.0/24 maxlen: 24
94.188.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:42:5c:69:76:6e:73:db:9c:24:6a:24:70:2d:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 1 17:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=855d64414bbc3ddab58702e3a6c3eac0ca9f8ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e0:e0:5f:15:56:ba:cc:cc:b9:77:47:cb:75:
2e:03:ff:dc:50:e2:e3:6b:9c:43:66:66:2b:1f:3e:
8e:83:82:c4:6b:51:e2:2e:0c:e2:c0:1a:38:36:d9:
00:5b:ee:88:ad:97:12:06:1c:87:f0:08:96:20:55:
f6:e2:67:9b:c0:b4:f6:ac:97:c0:cd:b1:dd:d5:78:
c5:34:ec:66:da:09:f0:ac:f3:9a:26:c1:67:10:87:
df:57:b5:10:ab:02:af:46:b9:b3:11:f3:93:a7:2f:
39:32:d2:c4:c3:3c:31:59:77:7c:9a:99:6b:24:16:
fa:ee:ca:e3:e5:35:ec:04:c0:3d:7d:6b:38:de:02:
52:aa:ba:65:70:40:b1:e5:34:68:fe:71:79:62:35:
1b:93:25:9a:2d:8b:7e:90:3c:0e:d3:4a:ba:04:56:
ff:5f:cd:dd:6a:3d:16:65:fa:9f:08:c5:eb:8c:b8:
5d:fa:a0:64:79:8e:0f:92:48:27:a8:f2:3f:64:e1:
d0:d1:eb:80:36:46:6a:04:30:6c:44:e7:1b:57:04:
ef:32:ab:b7:18:2e:ca:72:5a:0a:cb:71:b8:44:7b:
0f:ff:15:cc:7d:73:d7:1b:6f:2d:a6:8b:98:6e:7b:
c5:98:a9:5f:58:78:18:00:7b:9c:a3:a5:52:f1:93:
ca:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5D:64:41:4B:BC:3D:DA:B5:87:02:E3:A6:C3:EA:C0:CA:9F:8F:F5
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/hV1kQUu8Pdq1hwLjpsPqwMqfj_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.217.0-94.188.218.255
Signature Algorithm: sha256WithRSAEncryption
5d:03:5d:f0:e8:3a:a1:d2:1a:a9:75:c4:5c:30:e5:1e:2c:f8:
de:d7:46:a2:4a:87:52:ed:08:98:38:c6:91:e8:39:42:e6:83:
b5:1b:ff:44:f7:87:53:6e:06:91:2f:d9:11:d7:61:06:98:63:
36:8a:98:5c:45:f3:c5:8f:48:19:a7:5a:5d:65:d5:ab:70:97:
6f:48:f5:9b:71:ad:be:6b:89:1c:be:3c:fe:2b:6b:ed:92:95:
88:66:44:91:e1:e8:4d:fa:a0:f0:92:4f:92:a7:e6:fc:b0:82:
9d:f7:b0:a2:4b:d7:53:d3:1d:53:6a:45:c2:8c:68:02:e8:f3:
30:8d:c8:2e:c4:c2:c7:48:86:d6:10:53:1d:04:67:bd:93:ce:
ce:32:5d:5b:56:b7:06:82:3b:aa:cf:95:0b:a8:5e:e2:86:2b:
9c:4e:1e:ff:59:ed:34:f1:b5:76:df:ea:db:40:76:49:e1:5e:
ce:3f:37:46:08:85:dd:96:0e:fa:a6:8e:51:e3:83:6a:58:92:
e5:4d:a1:d7:d4:85:50:46:bd:0d:9b:1d:4e:7d:0a:52:9c:8b:
9e:01:89:8e:6a:22:6f:4a:1c:5d:0c:57:aa:64:e8:1a:42:5c:
ce:58:07:0c:de:ef:b1:78:b2:32:a7:84:ac:d9:b8:9a:18:36:
c2:e1:e6:af
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi/EJcaXZuc9ucJGokcC3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjUwMTAxMTc0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTVkNjQ0MTRiYmMzZGRhYjU4NzAyZTNhNmMzZWFjMGNhOWY4ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuDgXxVWuszMuXdHy3UuA//cUOLj
a5xDZmYrHz6Og4LEa1HiLgziwBo4NtkAW+6IrZcSBhyH8AiWIFX24mebwLT2rJfA
zbHd1XjFNOxm2gnwrPOaJsFnEIffV7UQqwKvRrmzEfOTpy85MtLEwzwxWXd8mplr
JBb67srj5TXsBMA9fWs43gJSqrplcECx5TRo/nF5YjUbkyWaLYt+kDwO00q6BFb/
X83daj0WZfqfCMXrjLhd+qBkeY4PkkgnqPI/ZOHQ0euANkZqBDBsROcbVwTvMqu3
GC7KcloKy3G4RHsP/xXMfXPXG28tpouYbnvFmKlfWHgYAHuco6VS8ZPKxwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIVdZEFLvD3atYcC46bD6sDKn4/1MB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvaFYxa1FVdThQZHExaHdManBzUHF3TXFmal9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABevNkD
BABevNowDQYJKoZIhvcNAQELBQADggEBAF0DXfDoOqHSGql1xFww5R4s+N7XRqJK
h1LtCJg4xpHoOULmg7Ub/0T3h1NuBpEv2RHXYQaYYzaKmFxF88WPSBmnWl1l1atw
l29I9Ztxrb5riRy+PP4ra+2SlYhmRJHh6E36oPCST5Kn5vywgp33sKJL11PTHVNq
RcKMaALo8zCNyC7EwsdIhtYQUx0EZ72Tzs4yXVtWtwaCO6rPlQuoXuKGK5xOHv9Z
7TTxtXbf6ttAdknhXs4/N0YIhd2WDvqmjlHjg2pYkuVNodfUhVBGvQ2bHU59ClKc
i54BiY5qIm9KHF0MV6pk6BpCXM5YBwze77F4sjKnhKzZuJoYNsLh5q8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:28 2025 by rpki-client