Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/hWX6adi1DHSjSUNi9HMTwr9YdEw.roa
File: hWX6adi1DHSjSUNi9HMTwr9YdEw.roa (raw, json)
Hash identifier: kJxS0MWK94QBq5QtXuWItPMzDt45pJLFeF1GUOWbjzs=
Subject key identifier: 85:65:FA:69:D8:B5:0C:74:A3:49:43:62:F4:73:13:C2:BF:58:74:4C
Certificate issuer: /CN=13ea78b28f054f72f5226ae3ec454980ed2a10c9
Certificate serial: 019420D662A739083E72C382CA49C8594F89
Authority key identifier: 13:EA:78:B2:8F:05:4F:72:F5:22:6A:E3:EC:45:49:80:ED:2A:10:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/hWX6adi1DHSjSUNi9HMTwr9YdEw.roa
Signing time: Wed 01 Jan 2025 07:48:28 +0000
ROA not before: Wed 01 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8678
IP address blocks: 161.9.152.0/21 maxlen: 21
161.9.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:62:a7:39:08:3e:72:c3:82:ca:49:c8:59:4f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13ea78b28f054f72f5226ae3ec454980ed2a10c9
Validity
Not Before: Jan 1 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8565fa69d8b50c74a3494362f47313c2bf58744c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:36:34:ae:7b:4a:79:09:13:f2:9c:f4:11:5e:
99:5c:57:b6:d1:a4:9e:e3:f9:d0:8f:19:b2:9e:d0:
03:8c:12:17:84:cb:54:91:c6:d1:4e:ff:5a:1f:3c:
0b:18:f0:e2:8c:5d:42:35:19:30:ad:c6:72:2b:d3:
8d:4c:2e:95:0f:ce:77:49:02:bb:51:3d:ca:e8:1a:
8a:6e:52:66:5a:4f:5d:1f:3c:69:39:99:c5:9c:3e:
b3:57:8b:db:e4:73:cd:64:c7:01:17:af:ae:83:0c:
22:f3:49:4a:de:41:d1:5a:87:65:69:c0:75:34:95:
d9:05:bb:eb:98:e8:19:9f:b2:3b:d8:30:33:99:07:
00:03:87:90:95:ea:6b:d8:69:77:8c:0d:0f:27:f2:
5b:14:e4:3e:b0:f9:cc:d2:c5:72:1c:65:20:ea:7e:
d9:6d:7a:96:bd:50:d2:cc:0a:b1:ad:e8:b9:7f:f7:
79:79:57:f5:23:e6:c0:c9:13:d5:fe:86:19:d7:1f:
03:9b:20:c9:c2:b9:a8:ab:51:f7:d9:d6:80:65:d8:
a5:cb:72:f3:a1:4e:5a:be:25:65:a9:62:7a:47:ea:
cb:c7:00:32:f9:df:16:61:cc:46:af:d4:69:fa:dd:
4a:44:58:29:a8:33:d5:5f:b2:fb:1a:04:87:9f:74:
0e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:65:FA:69:D8:B5:0C:74:A3:49:43:62:F4:73:13:C2:BF:58:74:4C
X509v3 Authority Key Identifier:
keyid:13:EA:78:B2:8F:05:4F:72:F5:22:6A:E3:EC:45:49:80:ED:2A:10:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-p4so8FT3L1Imrj7EVJgO0qEMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/hWX6adi1DHSjSUNi9HMTwr9YdEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b97294-2802-4d05-9155-1098d6d88de8/1/E-p4so8FT3L1Imrj7EVJgO0qEMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.9.152.0/21
161.9.180.0/22
Signature Algorithm: sha256WithRSAEncryption
08:bd:03:9d:4e:b4:d3:85:b3:6f:59:fd:4b:d0:be:e3:5d:3f:
6c:b8:4c:52:b2:40:13:a4:44:95:1c:0e:56:fd:4a:a0:d8:ba:
a9:2b:da:36:5a:97:cf:af:16:2d:da:a4:35:b3:44:85:68:99:
dd:6f:e7:4d:7f:a0:03:65:8b:bd:f1:39:42:bd:4c:1b:47:9b:
55:02:ad:fc:d6:e1:ff:19:ed:33:23:aa:1f:2b:54:aa:d3:04:
35:93:ba:5e:68:5a:75:3e:26:27:05:28:70:d3:75:e5:33:58:
89:26:52:e9:c6:a9:ec:08:17:42:03:14:39:ad:22:1e:82:ea:
fa:db:fb:05:d0:ad:fe:da:ed:d6:c8:f9:fc:cd:cb:63:b3:b4:
80:5e:84:4b:f1:d3:86:e2:ea:80:c3:3c:f3:fe:40:51:23:e3:
69:ea:83:d0:27:21:07:a0:ca:11:a5:1d:f2:3f:9b:dd:6e:ac:
b2:16:70:1b:ae:42:dd:19:f8:9b:ae:93:e8:4a:41:4e:2c:0c:
99:a9:7e:df:ff:2a:17:de:a4:49:83:cd:28:32:3c:9f:16:ee:
ab:e4:a4:4a:ef:9d:13:bb:d2:98:56:8e:43:9e:9e:59:60:e7:
ad:b2:ae:ee:38:06:2a:16:9e:4b:fd:9b:55:5b:66:80:bf:b7:
01:32:86:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1mKnOQg+csOCyknIWU+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZWE3OGIyOGYwNTRmNzJmNTIyNmFlM2VjNDU0OTgwZWQy
YTEwYzkwHhcNMjUwMTAxMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTY1ZmE2OWQ4YjUwYzc0YTM0OTQzNjJmNDczMTNjMmJmNTg3NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzY0rntKeQkT8pz0EV6ZXFe20aSe
4/nQjxmyntADjBIXhMtUkcbRTv9aHzwLGPDijF1CNRkwrcZyK9ONTC6VD853SQK7
UT3K6BqKblJmWk9dHzxpOZnFnD6zV4vb5HPNZMcBF6+ugwwi80lK3kHRWodlacB1
NJXZBbvrmOgZn7I72DAzmQcAA4eQlepr2Gl3jA0PJ/JbFOQ+sPnM0sVyHGUg6n7Z
bXqWvVDSzAqxrei5f/d5eVf1I+bAyRPV/oYZ1x8DmyDJwrmoq1H32daAZdily3Lz
oU5aviVlqWJ6R+rLxwAy+d8WYcxGr9Rp+t1KRFgpqDPVX7L7GgSHn3QOXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIVl+mnYtQx0o0lDYvRzE8K/WHRMMB8GA1UdIwQY
MBaAFBPqeLKPBU9y9SJq4+xFSYDtKhDJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS1wNHNvOEZUM0wxSW1yajdFVkpnTzBxRU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9iOTcyOTQtMjgwMi00ZDA1LTkxNTUt
MTA5OGQ2ZDg4ZGU4LzEvaFdYNmFkaTFESFNqU1VOaTlITVR3cjlZZEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9iOTcyOTQtMjgwMi00ZDA1LTkxNTUtMTA5OGQ2ZDg4ZGU4
LzEvRS1wNHNvOEZUM0wxSW1yajdFVkpnTzBxRU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDoQmYAwQC
oQm0MA0GCSqGSIb3DQEBCwUAA4IBAQAIvQOdTrTThbNvWf1L0L7jXT9suExSskAT
pESVHA5W/Uqg2LqpK9o2WpfPrxYt2qQ1s0SFaJndb+dNf6ADZYu98TlCvUwbR5tV
Aq381uH/Ge0zI6ofK1Sq0wQ1k7peaFp1PiYnBShw03XlM1iJJlLpxqnsCBdCAxQ5
rSIegur62/sF0K3+2u3WyPn8zctjs7SAXoRL8dOG4uqAwzzz/kBRI+Np6oPQJyEH
oMoRpR3yP5vdbqyyFnAbrkLdGfibrpPoSkFOLAyZqX7f/yoX3qRJg80oMjyfFu6r
5KRK750Tu9KYVo5Dnp5ZYOetsq7uOAYqFp5L/ZtVW2aAv7cBMoZL
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:19:40 2025 by rpki-client