Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/HqsZJgL9LBUTcewanQzxQHLDph8.roa
File: HqsZJgL9LBUTcewanQzxQHLDph8.roa (raw, json)
Hash identifier: UQ79eEyJ8LyCIFyjDtOvtd/bCzwLuuC1qKDG3mAmlzU=
Subject key identifier: 1E:AB:19:26:02:FD:2C:15:13:71:EC:1A:9D:0C:F1:40:72:C3:A6:1F
Certificate issuer: /CN=30e6a5c3136bd2fdd36c84a0cc725bf7cb0feab5
Certificate serial: 019423D77A3041E0CF390811F62FC1C8DD7F
Authority key identifier: 30:E6:A5:C3:13:6B:D2:FD:D3:6C:84:A0:CC:72:5B:F7:CB:0F:EA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MOalwxNr0v3TbISgzHJb98sP6rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/HqsZJgL9LBUTcewanQzxQHLDph8.roa
Signing time: Wed 01 Jan 2025 21:48:31 +0000
ROA not before: Wed 01 Jan 2025 21:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211625
IP address blocks: 185.75.4.0/22 maxlen: 22
185.235.9.0/24 maxlen: 24
2a10:b7c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/MOalwxNr0v3TbISgzHJb98sP6rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/MOalwxNr0v3TbISgzHJb98sP6rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/MOalwxNr0v3TbISgzHJb98sP6rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:7a:30:41:e0:cf:39:08:11:f6:2f:c1:c8:dd:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30e6a5c3136bd2fdd36c84a0cc725bf7cb0feab5
Validity
Not Before: Jan 1 21:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1eab192602fd2c151371ec1a9d0cf14072c3a61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b7:b7:d6:b1:8f:30:5a:c0:85:0e:16:73:cb:
50:e8:c3:92:8a:70:d7:46:83:48:62:24:fb:af:ac:
77:3f:ad:49:b5:40:0b:5e:df:6f:77:d6:0d:45:bd:
52:e1:ad:30:b6:f6:c6:39:9f:f1:f1:f0:f8:05:f6:
bf:a0:79:3d:84:68:29:5a:3a:94:cc:6d:13:2c:3b:
72:70:15:60:f1:5b:b3:5c:13:19:68:a4:f7:02:04:
cd:5f:49:67:bc:42:8b:3c:2f:67:2c:0e:41:a9:62:
7c:59:cf:4e:ac:7e:ff:bf:cd:c4:91:98:1d:54:c0:
2a:0d:f9:89:71:b4:cf:7d:aa:b7:07:9e:cd:91:61:
6d:75:b8:64:9c:32:fd:e3:37:45:60:58:af:01:76:
f4:5e:97:5f:72:1b:fb:b0:5a:b4:cf:8b:f1:02:64:
8b:a1:c8:b7:6a:c7:9d:bb:ea:65:88:1a:ea:4c:0f:
11:ff:97:4c:28:d1:a8:16:c3:94:24:4e:7d:e0:4a:
3d:35:1f:aa:e9:75:57:e0:b5:c3:0e:6e:04:54:45:
7f:71:7a:c9:9f:c3:61:2f:5a:28:e9:85:b3:8e:00:
7c:6f:aa:1b:1a:1b:81:d5:93:2b:d3:35:62:90:57:
a7:98:3d:54:a7:e6:91:67:65:61:92:bb:10:7d:c5:
4d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AB:19:26:02:FD:2C:15:13:71:EC:1A:9D:0C:F1:40:72:C3:A6:1F
X509v3 Authority Key Identifier:
keyid:30:E6:A5:C3:13:6B:D2:FD:D3:6C:84:A0:CC:72:5B:F7:CB:0F:EA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MOalwxNr0v3TbISgzHJb98sP6rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/HqsZJgL9LBUTcewanQzxQHLDph8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/febeb6-79e6-4d97-9c92-b79968e0e174/1/MOalwxNr0v3TbISgzHJb98sP6rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.4.0/22
185.235.9.0/24
IPv6:
2a10:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
54:77:e4:eb:8c:2a:98:b1:a2:41:7a:4c:85:a6:ed:cb:14:a6:
4c:02:c1:88:b5:d1:d7:4c:64:43:b2:24:c3:c7:31:4d:54:37:
c3:09:7f:72:49:41:a0:29:20:b5:57:40:5e:b6:7c:6b:ec:12:
8d:1d:c6:31:26:88:d7:d7:ba:7e:ce:9c:61:87:e0:6f:08:12:
ae:5f:65:62:6b:ca:af:80:5b:63:7e:87:80:c3:0a:73:81:5a:
cc:33:c1:eb:85:2c:06:22:43:0a:87:3c:6d:00:01:50:c2:6c:
af:7e:f5:5e:d0:7d:08:3d:2c:57:8b:90:96:c8:30:ad:d1:f4:
6a:f0:3a:7b:da:72:97:45:f6:01:02:e5:9f:5e:ae:29:fd:6e:
de:78:04:28:40:2d:02:a4:40:5f:2e:38:e2:98:24:ff:ed:23:
25:ca:80:8f:53:08:90:76:37:b7:03:09:d6:93:2e:e5:47:47:
25:7b:47:3b:7d:ea:1f:d0:df:de:dd:79:38:53:9b:00:1c:0d:
17:89:f4:eb:e8:00:83:65:0b:e1:6c:71:6a:e2:b9:9b:dc:1b:
00:7f:d6:51:a5:8d:7a:3c:36:b4:34:15:15:8e:3d:ab:d4:39:
c0:8d:de:83:a4:26:de:c0:44:59:1d:53:e2:19:e2:d0:d6:e1:
34:24:4b:5d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj13owQeDPOQgR9i/ByN1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZTZhNWMzMTM2YmQyZmRkMzZjODRhMGNjNzI1YmY3Y2Iw
ZmVhYjUwHhcNMjUwMTAxMjE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFiMTkyNjAyZmQyYzE1MTM3MWVjMWE5ZDBjZjE0MDcyYzNhNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbe31rGPMFrAhQ4Wc8tQ6MOSinDX
RoNIYiT7r6x3P61JtUALXt9vd9YNRb1S4a0wtvbGOZ/x8fD4Bfa/oHk9hGgpWjqU
zG0TLDtycBVg8VuzXBMZaKT3AgTNX0lnvEKLPC9nLA5BqWJ8Wc9OrH7/v83EkZgd
VMAqDfmJcbTPfaq3B57NkWFtdbhknDL94zdFYFivAXb0Xpdfchv7sFq0z4vxAmSL
oci3asedu+pliBrqTA8R/5dMKNGoFsOUJE594Eo9NR+q6XVX4LXDDm4EVEV/cXrJ
n8NhL1oo6YWzjgB8b6obGhuB1ZMr0zVikFenmD1Up+aRZ2VhkrsQfcVNcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB6rGSYC/SwVE3HsGp0M8UByw6YfMB8GA1UdIwQY
MBaAFDDmpcMTa9L902yEoMxyW/fLD+q1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU9hbHd4TnIwdjNUYklTZ3pISmI5OHNQNnJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mZWJlYjYtNzllNi00ZDk3LTljOTIt
Yjc5OTY4ZTBlMTc0LzEvSHFzWkpnTDlMQlVUY2V3YW5RenhRSExEcGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mZWJlYjYtNzllNi00ZDk3LTljOTItYjc5OTY4ZTBlMTc0
LzEvTU9hbHd4TnIwdjNUYklTZ3pISmI5OHNQNnJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUsEAwQA
uesJMA0EAgACMAcDBQMqELfAMA0GCSqGSIb3DQEBCwUAA4IBAQBUd+TrjCqYsaJB
ekyFpu3LFKZMAsGItdHXTGRDsiTDxzFNVDfDCX9ySUGgKSC1V0Betnxr7BKNHcYx
JojX17p+zpxhh+BvCBKuX2Via8qvgFtjfoeAwwpzgVrMM8HrhSwGIkMKhzxtAAFQ
wmyvfvVe0H0IPSxXi5CWyDCt0fRq8Dp72nKXRfYBAuWfXq4p/W7eeAQoQC0CpEBf
LjjimCT/7SMlyoCPUwiQdje3AwnWky7lR0cle0c7feof0N/e3Xk4U5sAHA0XifTr
6ACDZQvhbHFq4rmb3BsAf9ZRpY16PDa0NBUVjj2r1DnAjd6DpCbewERZHVPiGeLQ
1uE0JEtd
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:55:03 2025 by rpki-client