Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/HOd_7gkMD71lgJAYRouYjfdJR2o.roa
File: HOd_7gkMD71lgJAYRouYjfdJR2o.roa (raw, json)
Hash identifier: eoERniyjDubhiHlo0OsKO3zBjLTknWkDJ5g5VLMYEDQ=
Subject key identifier: 1C:E7:7F:EE:09:0C:0F:BD:65:80:90:18:46:8B:98:8D:F7:49:47:6A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01973C204A3EBDBBE147ADCF1E33167EAEFA
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/HOd_7gkMD71lgJAYRouYjfdJR2o.roa
Signing time: Wed 04 Jun 2025 18:07:18 +0000
ROA not before: Wed 04 Jun 2025 18:07:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 66.56.83.0/24 maxlen: 24
124.198.134.0/24 maxlen: 24
155.2.193.0/24 maxlen: 24
155.2.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 21:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:20:4a:3e:bd:bb:e1:47:ad:cf:1e:33:16:7e:ae:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 4 18:07:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ce77fee090c0fbd65809018468b988df749476a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bc:00:96:5e:af:5a:56:c5:91:b8:0f:55:90:
73:a9:95:40:86:54:81:25:11:10:f4:4a:0e:13:4f:
f7:66:91:1e:cf:1d:54:9c:9a:58:16:71:57:a0:92:
10:a4:d5:58:1b:bf:98:d6:2e:cc:3d:86:8c:71:bc:
6f:1f:45:f2:0f:0a:b2:39:70:d2:6a:21:00:1e:90:
b5:f8:44:52:0a:3d:03:a6:ee:4d:f1:1c:ab:e1:33:
14:d7:d6:06:df:aa:5b:e1:09:96:6c:86:6b:e5:ad:
16:2f:c2:3e:c9:71:bf:45:54:e4:6f:d2:eb:e0:45:
f4:2f:76:19:d9:46:b5:6c:00:5e:b6:cf:31:d4:e7:
ac:2c:57:b9:01:07:12:12:36:55:1d:98:bf:60:61:
6c:4e:72:26:15:82:3a:7a:51:82:23:e5:b8:77:e2:
a4:6c:0e:a1:6a:05:9f:40:89:e8:d5:90:cb:a6:db:
59:e3:c1:e9:66:6f:86:53:ad:57:a3:3e:ef:2f:96:
2a:5a:eb:1f:e7:93:50:36:47:a1:ce:14:ca:33:91:
4d:a1:16:13:62:72:4b:ce:62:a8:08:82:1b:2e:da:
05:84:77:11:bd:48:52:98:fd:7f:b1:f6:7f:b2:32:
12:ec:80:8e:10:56:35:71:1c:7d:be:c2:2b:69:83:
54:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E7:7F:EE:09:0C:0F:BD:65:80:90:18:46:8B:98:8D:F7:49:47:6A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/HOd_7gkMD71lgJAYRouYjfdJR2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.56.83.0/24
124.198.134.0/24
155.2.193.0/24
155.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
83:64:fb:84:a4:6a:ad:55:97:d7:19:f9:5d:97:7b:a2:96:aa:
8c:0f:d3:2f:55:fd:20:5e:b0:cc:e4:3d:03:f1:22:be:dd:59:
3a:93:5f:94:2c:a6:78:3a:af:cb:e6:9f:18:26:a0:04:ac:da:
eb:80:e5:42:a7:55:a9:48:88:1b:2d:28:db:9b:32:c7:25:b2:
b4:2f:46:63:fc:12:f3:93:b3:57:df:bc:ab:99:3d:cd:95:15:
24:c2:cc:ad:be:90:e2:d6:e6:59:b9:61:6c:f4:c8:1f:fd:c8:
3c:39:ef:e8:bd:bb:0b:e3:ce:bc:9b:cb:22:b7:12:13:dd:61:
32:58:fc:cf:29:c4:60:30:c9:b0:f2:b4:73:10:77:82:e6:7c:
13:a8:b6:f5:93:4e:2a:4d:c1:0d:2f:9e:56:67:13:d7:7b:1f:
86:e1:b6:78:7c:73:79:a9:e0:04:c2:fe:48:cc:0f:ec:0f:0c:
3b:0c:7e:49:db:19:82:10:11:0f:32:63:dc:25:1a:8c:98:fd:
ed:f6:2b:5c:46:03:2e:a7:16:03:5c:84:82:81:6b:5a:0b:1d:
9f:04:b0:cf:58:b3:7a:86:a4:16:a9:23:86:80:15:fd:8d:5f:
a3:24:ea:0a:36:ff:0c:2d:29:c6:34:6c:08:07:4c:b8:1c:7c:
37:d2:c1:5e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZc8IEo+vbvhR63PHjMWfq76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA0MTgwNzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2U3N2ZlZTA5MGMwZmJkNjU4MDkwMTg0NjhiOTg4ZGY3NDk0NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrwAll6vWlbFkbgPVZBzqZVAhlSB
JREQ9EoOE0/3ZpEezx1UnJpYFnFXoJIQpNVYG7+Y1i7MPYaMcbxvH0XyDwqyOXDS
aiEAHpC1+ERSCj0Dpu5N8Ryr4TMU19YG36pb4QmWbIZr5a0WL8I+yXG/RVTkb9Lr
4EX0L3YZ2Ua1bABets8x1OesLFe5AQcSEjZVHZi/YGFsTnImFYI6elGCI+W4d+Kk
bA6hagWfQIno1ZDLpttZ48HpZm+GU61Xoz7vL5YqWusf55NQNkehzhTKM5FNoRYT
YnJLzmKoCIIbLtoFhHcRvUhSmP1/sfZ/sjIS7ICOEFY1cRx9vsIraYNU6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBznf+4JDA+9ZYCQGEaLmI33SUdqMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSE9kXzdna01ENzFsZ0pBWVJvdVlqZmRKUjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQjhTAwQA
fMaGAwQAmwLBAwQAmwLcMA0GCSqGSIb3DQEBCwUAA4IBAQCDZPuEpGqtVZfXGfld
l3uilqqMD9MvVf0gXrDM5D0D8SK+3Vk6k1+ULKZ4Oq/L5p8YJqAErNrrgOVCp1Wp
SIgbLSjbmzLHJbK0L0Zj/BLzk7NX37yrmT3NlRUkwsytvpDi1uZZuWFs9Mgf/cg8
Oe/ovbsL4868m8sitxIT3WEyWPzPKcRgMMmw8rRzEHeC5nwTqLb1k04qTcENL55W
ZxPXex+G4bZ4fHN5qeAEwv5IzA/sDww7DH5J2xmCEBEPMmPcJRqMmP3t9itcRgMu
pxYDXISCgWtaCx2fBLDPWLN6hqQWqSOGgBX9jV+jJOoKNv8MLSnGNGwIB0y4HHw3
0sFe
-----END CERTIFICATE-----
Generated at Sat Jun 7 01:53:38 2025 by rpki-client