Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/HIQgSnhii2MmaCB9iCEZZjQs0es.roa
File: HIQgSnhii2MmaCB9iCEZZjQs0es.roa (raw, json)
Hash identifier: ZmTRYjwIZuazrIV6CyDdqn6baHfY786spUlKnzCEtrI=
Subject key identifier: 1C:84:20:4A:78:62:8B:63:26:68:20:7D:88:21:19:66:34:2C:D1:EB
Certificate issuer: /CN=af6da9d56b42c2b816b1ae6b185125abf21593ef
Certificate serial: 0196FCEED39D519E25C560A56E682BC8C9A7
Authority key identifier: AF:6D:A9:D5:6B:42:C2:B8:16:B1:AE:6B:18:51:25:AB:F2:15:93:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r22p1WtCwrgWsa5rGFElq_IVk-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/HIQgSnhii2MmaCB9iCEZZjQs0es.roa
Signing time: Fri 23 May 2025 11:37:12 +0000
ROA not before: Fri 23 May 2025 11:37:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 194.56.96.0/22 maxlen: 22
194.56.104.0/22 maxlen: 22
194.56.112.0/22 maxlen: 22
194.56.116.0/22 maxlen: 22
194.56.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/r22p1WtCwrgWsa5rGFElq_IVk-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/r22p1WtCwrgWsa5rGFElq_IVk-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/r22p1WtCwrgWsa5rGFElq_IVk-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 09:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:ee:d3:9d:51:9e:25:c5:60:a5:6e:68:2b:c8:c9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af6da9d56b42c2b816b1ae6b185125abf21593ef
Validity
Not Before: May 23 11:37:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c84204a78628b632668207d88211966342cd1eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:85:97:77:0c:e2:17:fa:f8:d9:ab:65:bd:cc:
50:57:e9:22:6b:3c:12:8d:f8:ed:df:dc:a5:dc:09:
78:23:d6:6a:9c:91:80:82:72:81:ac:63:b4:cc:cb:
e0:ab:f8:a9:3f:9e:29:64:37:fe:b0:cc:70:3a:4c:
c1:57:81:2e:de:21:c8:33:fb:a8:62:d2:7e:4a:f1:
56:09:db:1f:09:24:ce:01:c7:97:ce:38:a4:44:a8:
68:d6:f8:da:a3:9f:15:1a:52:e4:a0:a5:0a:cd:1e:
c4:fb:d6:93:29:e2:36:90:8c:c3:85:de:b1:61:14:
a6:da:be:a3:89:81:92:26:b5:c0:da:1b:ca:6e:0c:
af:31:ed:00:f0:81:a6:a3:a7:30:7d:9b:20:2e:a3:
65:23:25:ca:cb:a2:cf:df:e2:85:95:de:26:ef:c5:
6b:2a:e3:fa:25:a3:d6:28:8a:64:ba:bf:45:41:17:
99:0b:8a:bc:0b:4d:73:a6:44:13:3e:0c:ee:88:eb:
a2:67:ad:78:af:6c:f0:a9:e7:72:dc:e4:e5:1b:d8:
02:58:48:b9:50:a5:8e:8c:e0:07:ff:63:68:69:3f:
c0:38:ac:7d:c6:cb:a5:ba:dc:c8:30:a2:2b:c3:66:
80:b2:37:d0:38:96:27:d3:2a:3c:ea:61:49:5d:6a:
09:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:84:20:4A:78:62:8B:63:26:68:20:7D:88:21:19:66:34:2C:D1:EB
X509v3 Authority Key Identifier:
keyid:AF:6D:A9:D5:6B:42:C2:B8:16:B1:AE:6B:18:51:25:AB:F2:15:93:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r22p1WtCwrgWsa5rGFElq_IVk-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/HIQgSnhii2MmaCB9iCEZZjQs0es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/897378-c556-4352-9a04-b10a832bca43/1/r22p1WtCwrgWsa5rGFElq_IVk-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.96.0/22
194.56.104.0/22
194.56.112.0-194.56.123.255
Signature Algorithm: sha256WithRSAEncryption
64:6c:d2:9e:35:91:aa:42:17:f5:55:67:3b:22:ae:59:56:59:
28:5e:9e:2d:5c:56:d4:0f:98:73:a0:51:8e:97:77:a2:5c:fd:
30:e2:b4:04:98:e4:bb:68:ab:3a:28:8c:12:59:56:e7:8a:bd:
61:b9:7d:e7:7b:67:a1:9b:58:77:fb:d7:bc:50:4b:1f:cb:3b:
8b:13:12:57:59:a3:79:02:96:c3:26:4b:06:fc:ba:33:11:d7:
c6:60:0f:95:6b:a9:55:b4:21:68:c7:88:77:19:b6:72:0a:d1:
6e:3a:1c:e6:42:b5:38:51:6e:e8:b9:21:1b:b5:a5:59:5a:c0:
47:bc:b5:47:e3:68:c5:d5:07:c0:77:b2:68:36:2e:fc:b4:35:
6a:d1:ad:9a:8b:50:a2:79:14:6a:75:a1:4d:e9:b5:6c:06:d1:
8b:8f:2e:65:d2:0a:87:01:ff:c9:b4:45:ce:e6:4e:73:e0:f1:
26:6f:6a:21:ce:38:91:75:65:8b:d2:5f:b5:3c:14:3a:94:5e:
99:77:10:4a:04:be:fb:41:55:29:3a:d6:3d:44:8e:c6:55:1e:
1c:7e:9b:d3:d5:8d:16:8a:7a:cb:9b:30:40:c6:0b:9d:9d:04:
5b:a0:c7:dd:c7:11:a2:2e:77:99:43:e6:e8:a5:d4:37:0a:17:
a3:6b:ec:1b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZb87tOdUZ4lxWClbmgryMmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmRhOWQ1NmI0MmMyYjgxNmIxYWU2YjE4NTEyNWFiZjIx
NTkzZWYwHhcNMjUwNTIzMTEzNzEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg0MjA0YTc4NjI4YjYzMjY2ODIwN2Q4ODIxMTk2NjM0MmNkMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoWXdwziF/r42atlvcxQV+kiazwS
jfjt39yl3Al4I9ZqnJGAgnKBrGO0zMvgq/ipP54pZDf+sMxwOkzBV4Eu3iHIM/uo
YtJ+SvFWCdsfCSTOAceXzjikRKho1vjao58VGlLkoKUKzR7E+9aTKeI2kIzDhd6x
YRSm2r6jiYGSJrXA2hvKbgyvMe0A8IGmo6cwfZsgLqNlIyXKy6LP3+KFld4m78Vr
KuP6JaPWKIpkur9FQReZC4q8C01zpkQTPgzuiOuiZ614r2zwqedy3OTlG9gCWEi5
UKWOjOAH/2NoaT/AOKx9xsulutzIMKIrw2aAsjfQOJYn0yo86mFJXWoJSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFByEIEp4YotjJmggfYghGWY0LNHrMB8GA1UdIwQY
MBaAFK9tqdVrQsK4FrGuaxhRJavyFZPvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjIycDFXdEN3cmdXc2E1ckdGRWxxX0lWay04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy84OTczNzgtYzU1Ni00MzUyLTlhMDQt
YjEwYTgzMmJjYTQzLzEvSElRZ1NuaGlpMk1tYUNCOWlDRVpaalFzMGVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy84OTczNzgtYzU1Ni00MzUyLTlhMDQtYjEwYTgzMmJjYTQz
LzEvcjIycDFXdEN3cmdXc2E1ckdGRWxxX0lWay04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCwjhgAwQC
wjhoMAwDBATCOHADBALCOHgwDQYJKoZIhvcNAQELBQADggEBAGRs0p41kapCF/VV
ZzsirllWWSheni1cVtQPmHOgUY6Xd6Jc/TDitASY5LtoqzoojBJZVueKvWG5fed7
Z6GbWHf717xQSx/LO4sTEldZo3kClsMmSwb8ujMR18ZgD5VrqVW0IWjHiHcZtnIK
0W46HOZCtThRbui5IRu1pVlawEe8tUfjaMXVB8B3smg2Lvy0NWrRrZqLUKJ5FGp1
oU3ptWwG0YuPLmXSCocB/8m0Rc7mTnPg8SZvaiHOOJF1ZYvSX7U8FDqUXpl3EEoE
vvtBVSk61j1EjsZVHhx+m9PVjRaKesubMEDGC52dBFugx93HEaIud5lD5uil1DcK
F6Nr7Bs=
-----END CERTIFICATE-----
Generated at Fri Jun 6 20:29:13 2025 by rpki-client