Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/h_ISqfLip0HBjZrqefrLbw1u9Qo.roa
File: h_ISqfLip0HBjZrqefrLbw1u9Qo.roa (raw, json)
Hash identifier: C++Jh843tmFk3SPjLWZKi19wFJNEgD8xbR+oyUwhKMk=
Subject key identifier: 87:F2:12:A9:F2:E2:A7:41:C1:8D:9A:EA:79:FA:CB:6F:0D:6E:F5:0A
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194221FFF7E19A3F63FAAB561DB00E68CE4
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/h_ISqfLip0HBjZrqefrLbw1u9Qo.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 185.71.146.0/24 maxlen: 24
185.71.147.0/24 maxlen: 24
185.73.216.0/24 maxlen: 24
185.73.217.0/24 maxlen: 24
213.170.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ff:7e:19:a3:f6:3f:aa:b5:61:db:00:e6:8c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87f212a9f2e2a741c18d9aea79facb6f0d6ef50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ff:c3:4f:ff:73:60:d2:f5:ef:ce:93:8c:0f:
fe:6b:a4:93:00:a6:bc:fa:b3:dc:55:f0:60:68:7a:
2b:ca:e9:44:4d:50:cc:66:fd:7f:ad:db:f8:b0:12:
b9:61:51:2f:8d:3a:61:2f:2b:ec:d7:62:8a:bd:98:
a2:fc:50:47:61:17:5a:6a:4f:17:4e:80:8b:77:97:
ce:39:74:aa:91:8e:51:3a:8f:14:62:8f:f6:41:ea:
84:f0:61:a7:6a:4e:26:d9:da:10:15:27:db:c3:60:
ce:45:e4:89:83:5f:31:ff:69:76:7e:11:43:3d:8e:
f6:42:2d:77:c5:59:bf:1c:aa:d0:d8:4e:f4:c0:26:
4a:62:21:e9:58:c8:f2:f6:75:43:a9:3b:99:5f:57:
6d:39:4b:2d:40:f9:13:da:57:f8:5d:1a:78:1c:84:
7e:ff:98:1f:92:fa:c9:7a:05:74:0c:2d:56:53:db:
bd:d0:e0:6a:1e:b7:fa:dd:b5:92:bf:26:55:ce:2c:
d5:58:56:08:4a:41:a1:98:a5:f9:08:8a:0f:0a:26:
f9:3b:2a:c5:ae:e3:08:24:00:cc:64:5f:e6:c2:6f:
09:65:ec:a6:ad:9d:be:f1:8a:8b:32:55:8b:f4:39:
e2:de:93:e1:35:6a:4d:5f:53:09:1f:cb:5d:7e:8b:
df:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F2:12:A9:F2:E2:A7:41:C1:8D:9A:EA:79:FA:CB:6F:0D:6E:F5:0A
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/h_ISqfLip0HBjZrqefrLbw1u9Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.146.0/23
185.73.216.0/23
213.170.222.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:85:74:b4:8a:8f:ca:1a:55:6c:00:fe:94:c4:ef:e3:55:05:
de:c9:10:d4:70:67:c5:1c:1c:2f:a8:9c:a6:73:e5:ba:76:90:
72:a6:02:5f:9a:2d:03:ed:d5:56:66:15:15:f1:47:96:6e:1d:
07:c4:52:16:c6:2b:ff:ce:96:bf:7c:22:96:ce:dc:96:2b:5e:
97:04:74:b9:f5:5d:fc:d4:3d:d5:fc:38:35:ad:27:28:f1:8f:
5c:e2:da:38:84:61:3c:a0:db:76:17:0b:8b:53:ab:98:13:ba:
d8:bd:5d:98:02:ba:11:dd:ab:41:2b:7b:d0:05:d1:9d:f4:7d:
6f:c2:b0:01:ca:8a:03:7f:ce:80:a5:c6:7e:b9:6f:14:fc:fb:
81:62:e2:02:d6:a2:11:4e:da:ca:d8:7a:95:b0:b3:13:bf:ab:
4c:5d:0e:17:d0:8e:31:6e:15:36:f5:7a:64:d6:36:cf:71:1e:
49:54:5a:c0:ce:3b:95:17:16:45:d8:a4:7a:a4:c5:06:ec:f5:
0d:81:a5:7a:07:35:aa:42:d6:5a:47:29:bc:a1:49:8b:03:85:
66:35:ce:06:37:17:f4:48:7b:87:30:8d:2b:de:6b:74:a2:0d:
af:a9:fe:b3:86:46:3b:96:16:25:21:5c:eb:48:46:eb:dd:fd:
19:f1:4d:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH/9+GaP2P6q1YdsA5ozkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2YyMTJhOWYyZTJhNzQxYzE4ZDlhZWE3OWZhY2I2ZjBkNmVmNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0f/DT/9zYNL1786TjA/+a6STAKa8
+rPcVfBgaHoryulETVDMZv1/rdv4sBK5YVEvjTphLyvs12KKvZii/FBHYRdaak8X
ToCLd5fOOXSqkY5ROo8UYo/2QeqE8GGnak4m2doQFSfbw2DOReSJg18x/2l2fhFD
PY72Qi13xVm/HKrQ2E70wCZKYiHpWMjy9nVDqTuZX1dtOUstQPkT2lf4XRp4HIR+
/5gfkvrJegV0DC1WU9u90OBqHrf63bWSvyZVzizVWFYISkGhmKX5CIoPCib5OyrF
ruMIJADMZF/mwm8JZeymrZ2+8YqLMlWL9Dni3pPhNWpNX1MJH8tdfovfPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfyEqny4qdBwY2a6nn6y28NbvUKMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvaF9JU3FmTGlwMEhCalpycWVmckxidzF1OVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUeSAwQB
uUnYAwQA1areMA0GCSqGSIb3DQEBCwUAA4IBAQB7hXS0io/KGlVsAP6UxO/jVQXe
yRDUcGfFHBwvqJymc+W6dpBypgJfmi0D7dVWZhUV8UeWbh0HxFIWxiv/zpa/fCKW
ztyWK16XBHS59V381D3V/Dg1rSco8Y9c4to4hGE8oNt2FwuLU6uYE7rYvV2YAroR
3atBK3vQBdGd9H1vwrAByooDf86ApcZ+uW8U/PuBYuIC1qIRTtrK2HqVsLMTv6tM
XQ4X0I4xbhU29Xpk1jbPcR5JVFrAzjuVFxZF2KR6pMUG7PUNgaV6BzWqQtZaRym8
oUmLA4VmNc4GNxf0SHuHMI0r3mt0og2vqf6zhkY7lhYlIVzrSEbr3f0Z8U1s
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:58:52 2025 by rpki-client