Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/hKQ8LLa9--B-K86xayaw0kpiYWg.roa
File: hKQ8LLa9--B-K86xayaw0kpiYWg.roa (raw, json)
Hash identifier: d0JIaOsBs7E/BdBAQ915qmU5N9B7n1lC3k/0IYxFCFU=
Subject key identifier: 84:A4:3C:2C:B6:BD:FB:E0:7E:2B:CE:B1:6B:26:B0:D2:4A:62:61:68
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 01942522056DEC91CA0E708579AA52CBD7E7
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/hKQ8LLa9--B-K86xayaw0kpiYWg.roa
Signing time: Thu 02 Jan 2025 03:49:34 +0000
ROA not before: Thu 02 Jan 2025 03:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34403
IP address blocks: 85.158.96.0/21 maxlen: 21
85.158.96.0/22 maxlen: 22
85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.98.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:05:6d:ec:91:ca:0e:70:85:79:aa:52:cb:d7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 2 03:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84a43c2cb6bdfbe07e2bceb16b26b0d24a626168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:38:ad:a5:57:5b:50:a2:66:78:8e:f4:3c:14:
f1:15:20:d5:34:9e:88:bd:b8:e1:fe:20:67:fd:a3:
66:54:62:de:8c:d6:bb:90:64:e0:c4:82:a7:97:73:
4c:78:38:66:1b:24:42:94:36:44:3f:82:03:b2:77:
7f:f2:22:fd:1f:e9:48:c0:25:d2:86:c4:9b:49:87:
60:b3:bd:fd:e6:8a:18:97:c8:3f:10:dd:29:ef:4d:
e4:f5:c6:de:c5:66:c2:d1:90:aa:e4:a3:22:8a:5a:
37:0a:c2:c1:73:48:6d:8f:b0:ef:d7:ae:8c:bb:4f:
71:b1:ad:31:9f:0d:d3:98:8e:ec:0c:4f:8b:1a:99:
70:c6:62:85:04:e1:a1:e0:28:bd:1b:6f:a0:3d:76:
bc:44:ef:9f:77:4b:9a:fe:38:75:90:e5:ba:74:4f:
db:9d:ce:64:56:55:62:85:68:5d:dc:15:a3:74:6e:
e3:d6:ea:a7:17:33:ce:cc:29:a0:c8:a8:80:99:d4:
cd:84:2e:1d:2c:2b:96:21:8f:ec:59:c5:ca:57:86:
3c:22:20:c6:28:33:be:a1:7b:c3:bb:85:11:cb:27:
d2:1b:f6:90:66:3c:47:74:56:5a:04:08:d9:e1:fe:
66:74:87:30:2c:8f:8b:6f:a7:f1:ed:b9:96:67:6b:
ff:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A4:3C:2C:B6:BD:FB:E0:7E:2B:CE:B1:6B:26:B0:D2:4A:62:61:68
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/hKQ8LLa9--B-K86xayaw0kpiYWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
09:63:fc:05:ae:8c:e4:ec:72:14:b8:c2:8d:22:4c:fc:c3:4a:
92:e3:86:1b:72:87:fc:b1:54:1d:c1:60:ff:ad:fb:e0:1b:d6:
e7:97:a1:ec:5b:2c:2e:5e:36:27:80:26:c4:6e:e2:84:28:da:
df:b5:b5:26:67:d4:2b:7f:f0:27:39:4a:e2:21:ca:b1:a0:58:
9f:70:7c:3c:50:34:3c:a7:75:cd:bc:1f:1b:95:86:46:41:67:
2d:dd:89:d5:5d:99:e1:33:91:60:0f:28:6e:50:22:f2:0a:c9:
00:b6:68:8b:f0:a1:53:89:00:d5:38:58:e6:64:ec:9e:bd:ed:
94:17:5e:37:42:f4:06:eb:58:31:04:cf:d8:12:65:93:d4:2a:
1e:f7:3f:88:ac:a6:05:65:82:0b:af:44:71:27:e0:6b:1d:47:
14:40:a3:26:69:99:65:15:96:d4:30:97:61:7a:3d:97:c8:c4:
4d:c2:0c:48:8e:61:a0:25:d9:55:ca:5b:f0:f1:98:b5:38:de:
8b:27:63:2e:ff:1b:7a:c8:92:83:54:16:6a:ae:13:c6:33:ab:
8e:e1:fc:97:c7:30:33:78:f8:80:31:c6:62:25:7f:f6:89:51:
98:78:77:bd:a8:a9:a9:3f:a3:6d:ba:05:e6:f4:e0:29:42:c2:
2a:45:c4:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIgVt7JHKDnCFeapSy9fnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjUwMTAyMDM0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGE0M2MyY2I2YmRmYmUwN2UyYmNlYjE2YjI2YjBkMjRhNjI2MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTitpVdbUKJmeI70PBTxFSDVNJ6I
vbjh/iBn/aNmVGLejNa7kGTgxIKnl3NMeDhmGyRClDZEP4IDsnd/8iL9H+lIwCXS
hsSbSYdgs7395ooYl8g/EN0p703k9cbexWbC0ZCq5KMiilo3CsLBc0htj7Dv166M
u09xsa0xnw3TmI7sDE+LGplwxmKFBOGh4Ci9G2+gPXa8RO+fd0ua/jh1kOW6dE/b
nc5kVlVihWhd3BWjdG7j1uqnFzPOzCmgyKiAmdTNhC4dLCuWIY/sWcXKV4Y8IiDG
KDO+oXvDu4URyyfSG/aQZjxHdFZaBAjZ4f5mdIcwLI+Lb6fx7bmWZ2v/MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISkPCy2vfvgfivOsWsmsNJKYmFoMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvaEtROExMYTktLUItSzg2eGF5YXcwa3BpWVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQAJY/wFrozk7HIUuMKNIkz8w0qS44Ybcof8sVQdwWD/
rfvgG9bnl6HsWywuXjYngCbEbuKEKNrftbUmZ9Qrf/AnOUriIcqxoFifcHw8UDQ8
p3XNvB8blYZGQWct3YnVXZnhM5FgDyhuUCLyCskAtmiL8KFTiQDVOFjmZOyeve2U
F143QvQG61gxBM/YEmWT1Coe9z+IrKYFZYILr0RxJ+BrHUcUQKMmaZllFZbUMJdh
ej2XyMRNwgxIjmGgJdlVylvw8Zi1ON6LJ2Mu/xt6yJKDVBZqrhPGM6uO4fyXxzAz
ePiAMcZiJX/2iVGYeHe9qKmpP6NtugXm9OApQsIqRcSp
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:56:20 2025 by rpki-client