Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/rHF1daiHavMGYa0v18HeRyOPIy4.roa
File: rHF1daiHavMGYa0v18HeRyOPIy4.roa (raw, json)
Hash identifier: 2UkzQwhMHZ2kO8ZqSfqH6Gvo+L0wbAUFPUcHU8Sig88=
Subject key identifier: AC:71:75:75:A8:87:6A:F3:06:61:AD:2F:D7:C1:DE:47:23:8F:23:2E
Certificate issuer: /CN=965c5ab9c091ab3c4505068a92ffcb019849aa78
Certificate serial: 01941F8C39C060B6FC7D1F91AEA90D602D60
Authority key identifier: 96:5C:5A:B9:C0:91:AB:3C:45:05:06:8A:92:FF:CB:01:98:49:AA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llxaucCRqzxFBQaKkv_LAZhJqng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/rHF1daiHavMGYa0v18HeRyOPIy4.roa
Signing time: Wed 01 Jan 2025 01:47:51 +0000
ROA not before: Wed 01 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206920
IP address blocks: 82.134.128.0/18 maxlen: 18
94.126.0.0/21 maxlen: 24
145.255.56.0/21 maxlen: 24
185.56.100.0/22 maxlen: 24
2a03:fb80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/llxaucCRqzxFBQaKkv_LAZhJqng.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/llxaucCRqzxFBQaKkv_LAZhJqng.mft
rsync://rpki.ripe.net/repository/DEFAULT/llxaucCRqzxFBQaKkv_LAZhJqng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:39:c0:60:b6:fc:7d:1f:91:ae:a9:0d:60:2d:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=965c5ab9c091ab3c4505068a92ffcb019849aa78
Validity
Not Before: Jan 1 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac717575a8876af30661ad2fd7c1de47238f232e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d4:38:a4:7b:4a:86:f0:35:82:a3:15:77:01:
ad:8a:c6:5a:86:fd:e6:ba:74:57:fb:24:e5:0a:d3:
e3:55:d9:21:a1:da:bd:bc:c9:65:88:b8:54:6c:3a:
5f:10:9a:c8:17:8c:31:07:05:08:d6:04:a9:58:cf:
11:03:76:48:52:6a:a0:8f:7d:df:00:a6:0b:36:2a:
0f:d8:42:5c:b4:a1:bd:df:92:ae:cd:02:22:8d:6b:
f7:c9:ad:a2:77:19:2b:a8:80:21:55:05:b5:f7:56:
17:58:59:97:d6:7c:6c:a7:63:6c:12:ee:72:76:44:
cc:77:03:fb:c0:4d:20:68:89:d4:40:e5:5a:e0:c3:
3d:5b:6e:1c:8e:1b:a4:c5:29:7c:b9:da:a7:d9:22:
48:ca:c0:e8:29:79:73:4f:3e:14:8d:ab:1f:3f:12:
56:cb:01:c7:2e:e9:82:1c:41:64:8b:66:5f:20:d0:
fa:9d:5d:ac:66:90:ea:8c:e6:70:a9:2f:2f:aa:f0:
21:55:4f:73:80:2f:c9:b6:e2:0a:3a:74:55:82:27:
ef:9d:ac:bf:ae:3d:05:f9:18:e7:a8:44:7b:7d:27:
21:57:74:37:5e:f9:15:b0:cf:5f:64:57:ab:66:58:
66:f2:57:f1:6c:03:44:39:19:82:7a:25:3a:bd:7a:
d4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:71:75:75:A8:87:6A:F3:06:61:AD:2F:D7:C1:DE:47:23:8F:23:2E
X509v3 Authority Key Identifier:
keyid:96:5C:5A:B9:C0:91:AB:3C:45:05:06:8A:92:FF:CB:01:98:49:AA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llxaucCRqzxFBQaKkv_LAZhJqng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/rHF1daiHavMGYa0v18HeRyOPIy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c26261-e8ef-4fb7-8722-0ab475f9a9a3/1/llxaucCRqzxFBQaKkv_LAZhJqng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.134.128.0/18
94.126.0.0/21
145.255.56.0/21
185.56.100.0/22
IPv6:
2a03:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
3e:dd:22:76:13:e2:d3:10:a9:5b:ae:76:b0:63:83:88:22:bc:
9b:74:89:71:29:29:41:04:9c:97:b8:0d:11:f8:e7:4b:1c:91:
82:14:24:e4:b7:cb:7a:bd:ad:60:bb:ab:63:7a:9f:2b:c8:58:
53:48:ee:4c:36:fa:e5:70:9d:77:87:18:ab:d4:ba:15:7d:e8:
a9:93:ec:b2:ce:ff:d6:20:01:18:4b:40:36:f5:df:d2:da:2b:
bb:5a:2d:39:d4:58:8f:c2:8f:71:80:e2:8e:18:aa:d8:87:e8:
de:06:a2:fe:16:1c:4e:4a:16:5f:c0:4a:07:f7:85:09:75:87:
54:8e:0d:c6:14:06:0d:28:87:29:eb:81:85:be:59:a4:5d:0d:
ab:82:82:a0:6a:38:40:45:66:19:dd:d2:e6:78:07:44:a6:da:
56:6e:c8:60:6d:ff:cf:59:c4:a7:93:9e:26:09:23:b5:15:4d:
e3:11:b5:08:21:6f:8a:07:66:ce:3d:29:3b:3b:3d:78:36:78:
ad:1b:59:23:4b:21:64:3c:1f:44:07:ec:8c:cb:80:ba:d2:d0:
d7:07:e1:35:fb:07:e2:63:94:23:c9:68:0d:7d:61:e5:48:bd:
86:8c:ff:25:41:06:88:da:34:92:a1:de:bd:3c:78:46:6b:99:
06:5d:d5:cf
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjDnAYLb8fR+RrqkNYC1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NWM1YWI5YzA5MWFiM2M0NTA1MDY4YTkyZmZjYjAxOTg0
OWFhNzgwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzcxNzU3NWE4ODc2YWYzMDY2MWFkMmZkN2MxZGU0NzIzOGYyMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNQ4pHtKhvA1gqMVdwGtisZahv3m
unRX+yTlCtPjVdkhodq9vMlliLhUbDpfEJrIF4wxBwUI1gSpWM8RA3ZIUmqgj33f
AKYLNioP2EJctKG935KuzQIijWv3ya2idxkrqIAhVQW191YXWFmX1nxsp2NsEu5y
dkTMdwP7wE0gaInUQOVa4MM9W24cjhukxSl8udqn2SJIysDoKXlzTz4UjasfPxJW
ywHHLumCHEFki2ZfIND6nV2sZpDqjOZwqS8vqvAhVU9zgC/JtuIKOnRVgifvnay/
rj0F+RjnqER7fSchV3Q3XvkVsM9fZFerZlhm8lfxbANEORmCeiU6vXrUvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKxxdXWoh2rzBmGtL9fB3kcjjyMuMB8GA1UdIwQY
MBaAFJZcWrnAkas8RQUGipL/ywGYSap4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGx4YXVjQ1JxenhGQlFhS2t2X0xBWmhKcW5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMjYyNjEtZThlZi00ZmI3LTg3MjIt
MGFiNDc1ZjlhOWEzLzEvckhGMWRhaUhhdk1HWWEwdjE4SGVSeU9QSXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMjYyNjEtZThlZi00ZmI3LTg3MjItMGFiNDc1ZjlhOWEz
LzEvbGx4YXVjQ1JxenhGQlFhS2t2X0xBWmhKcW5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUoaAAwQD
Xn4AAwQDkf84AwQCuThkMA0EAgACMAcDBQAqA/uAMA0GCSqGSIb3DQEBCwUAA4IB
AQA+3SJ2E+LTEKlbrnawY4OIIrybdIlxKSlBBJyXuA0R+OdLHJGCFCTkt8t6va1g
u6tjep8ryFhTSO5MNvrlcJ13hxir1LoVfeipk+yyzv/WIAEYS0A29d/S2iu7Wi05
1FiPwo9xgOKOGKrYh+jeBqL+FhxOShZfwEoH94UJdYdUjg3GFAYNKIcp64GFvlmk
XQ2rgoKgajhARWYZ3dLmeAdEptpWbshgbf/PWcSnk54mCSO1FU3jEbUIIW+KB2bO
PSk7Oz14NnitG1kjSyFkPB9EB+yMy4C60tDXB+E1+wfiY5QjyWgNfWHlSL2GjP8l
QQaI2jSSod69PHhGa5kGXdXP
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:27 2025 by rpki-client