Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/HXLS-XKu3_p7nhpZ2K8scEyS_rc.roa
File: HXLS-XKu3_p7nhpZ2K8scEyS_rc.roa (raw, json)
Hash identifier: 8XJ8ceqUC/FtGHEdtNIo+tnT3APlE19braxx2C56keI=
Subject key identifier: 1D:72:D2:F9:72:AE:DF:FA:7B:9E:1A:59:D8:AF:2C:70:4C:92:FE:B7
Certificate issuer: /CN=9d6b9774c94876c98321de3201b11b75a1358d19
Certificate serial: 0196066C19D0EB1186A3B85F4F92D036F8C0
Authority key identifier: 9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/HXLS-XKu3_p7nhpZ2K8scEyS_rc.roa
Signing time: Sat 05 Apr 2025 14:47:49 +0000
ROA not before: Sat 05 Apr 2025 14:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214402
IP address blocks: 2a0d:8140:5fff::/48 maxlen: 48
2a0d:8140:6000::/48 maxlen: 48
2a0d:8140:6fff::/48 maxlen: 48
2a0d:8140:7000::/48 maxlen: 48
2a0d:8140:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 17:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:06:6c:19:d0:eb:11:86:a3:b8:5f:4f:92:d0:36:f8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d6b9774c94876c98321de3201b11b75a1358d19
Validity
Not Before: Apr 5 14:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d72d2f972aedffa7b9e1a59d8af2c704c92feb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f3:f7:ab:ef:cf:ba:03:c2:3a:f2:f7:43:92:
a3:71:51:83:2b:0f:c3:6d:61:35:2c:e4:7b:68:6f:
c5:b0:96:f4:96:da:1a:01:e1:8e:08:b4:10:e9:0d:
0d:fe:80:c6:0b:f3:2b:18:8a:7a:94:1b:78:ac:1c:
92:d3:8c:00:83:60:79:7d:cf:8c:79:f2:fd:80:70:
21:31:3e:a6:54:0a:fa:d9:27:d5:69:36:6f:1c:a8:
8b:8a:60:3d:31:0b:d4:c4:56:f3:ff:e8:ec:f4:1a:
a8:ae:01:7c:00:61:01:8b:7f:e5:bd:fc:b8:9a:db:
0a:f3:76:96:c4:ee:47:72:9d:2a:c3:ee:07:2e:56:
07:aa:eb:0e:d0:17:b5:9d:38:f8:81:70:88:87:a4:
3c:d5:8b:34:cf:c2:91:dc:dc:8f:d4:15:76:60:92:
7d:df:44:a0:23:18:b8:64:ed:77:8a:da:3d:76:5f:
b6:73:04:f2:c9:69:36:a4:58:64:c7:be:84:b9:63:
b2:6d:f8:1c:23:03:51:77:9b:f9:5c:95:7c:44:8f:
07:2f:a5:a5:95:20:35:11:88:53:8e:2d:0f:ce:75:
e4:1e:72:04:be:3e:a4:5e:c7:0a:d1:a0:f3:e5:e2:
8e:3d:46:ba:e1:b8:0c:32:80:47:f3:e3:75:de:fc:
68:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:72:D2:F9:72:AE:DF:FA:7B:9E:1A:59:D8:AF:2C:70:4C:92:FE:B7
X509v3 Authority Key Identifier:
keyid:9D:6B:97:74:C9:48:76:C9:83:21:DE:32:01:B1:1B:75:A1:35:8D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWuXdMlIdsmDId4yAbEbdaE1jRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/HXLS-XKu3_p7nhpZ2K8scEyS_rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/40cb9c-c426-48ab-9968-a56bdfadb81e/1/nWuXdMlIdsmDId4yAbEbdaE1jRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8140:5fff::-2a0d:8140:6000:ffff:ffff:ffff:ffff:ffff
2a0d:8140:6fff::-2a0d:8140:7000:ffff:ffff:ffff:ffff:ffff
2a0d:8140:8000::/48
Signature Algorithm: sha256WithRSAEncryption
a5:96:2c:81:81:97:62:b8:21:bd:4e:08:6f:12:3a:07:7d:45:
8b:b2:6f:37:3f:82:77:56:f7:64:e0:29:6d:c6:9f:70:11:17:
6f:dd:69:90:cf:6d:cf:86:a0:65:1d:f5:d1:e2:82:ff:23:82:
14:b4:b8:9e:d4:3a:75:33:b2:8d:91:72:fc:13:c9:23:dc:dd:
0d:d6:11:97:a2:06:cf:95:0b:b4:0f:5f:bc:11:ac:e4:5d:b7:
6d:9a:74:6c:4d:3c:f1:06:c3:08:98:dd:5c:bc:f5:87:2e:62:
9a:29:62:af:ca:ce:ca:a4:41:17:68:34:00:d5:b7:73:15:9e:
1a:50:ac:4c:97:19:2a:d2:e0:3d:01:58:ed:54:5f:c4:d6:fa:
c2:ef:21:34:b8:a6:12:14:d4:72:d0:95:e2:96:f7:8a:18:64:
cf:c1:b9:ea:19:eb:a2:aa:29:0f:09:b1:85:58:81:94:cf:61:
af:01:9b:de:0f:7c:71:81:59:e5:ca:26:57:40:90:0b:3c:bf:
95:9d:56:2f:c5:eb:a5:f7:ed:71:43:77:e1:cd:b9:cf:7f:b9:
a2:ac:9a:d0:7e:c5:d8:31:05:18:a4:ee:d0:c1:1f:81:0f:0e:
86:08:b4:51:ed:1e:bd:2d:47:1e:4f:74:1d:85:2f:a1:54:3f:
27:44:c0:35
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZYGbBnQ6xGGo7hfT5LQNvjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNmI5Nzc0Yzk0ODc2Yzk4MzIxZGUzMjAxYjExYjc1YTEz
NThkMTkwHhcNMjUwNDA1MTQ0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDcyZDJmOTcyYWVkZmZhN2I5ZTFhNTlkOGFmMmM3MDRjOTJmZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vP3q+/PugPCOvL3Q5KjcVGDKw/D
bWE1LOR7aG/FsJb0ltoaAeGOCLQQ6Q0N/oDGC/MrGIp6lBt4rByS04wAg2B5fc+M
efL9gHAhMT6mVAr62SfVaTZvHKiLimA9MQvUxFbz/+js9BqorgF8AGEBi3/lvfy4
mtsK83aWxO5Hcp0qw+4HLlYHqusO0Be1nTj4gXCIh6Q81Ys0z8KR3NyP1BV2YJJ9
30SgIxi4ZO13ito9dl+2cwTyyWk2pFhkx76EuWOybfgcIwNRd5v5XJV8RI8HL6Wl
lSA1EYhTji0PznXkHnIEvj6kXscK0aDz5eKOPUa64bgMMoBH8+N13vxo7QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFB1y0vlyrt/6e54aWdivLHBMkv63MB8GA1UdIwQY
MBaAFJ1rl3TJSHbJgyHeMgGxG3WhNY0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5Njgt
YTU2YmRmYWRiODFlLzEvSFhMUy1YS3UzX3A3bmhwWjJLOHNjRXlTX3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80MGNiOWMtYzQyNi00OGFiLTk5NjgtYTU2YmRmYWRiODFl
LzEvbld1WGRNbElkc21ESWQ0eUFiRWJkYUUxalJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxMBIDBwAqDYFA
X/8DBwAqDYFAYAAwEgMHACoNgUBv/wMHACoNgUBwAAMHACoNgUCAADANBgkqhkiG
9w0BAQsFAAOCAQEApZYsgYGXYrghvU4IbxI6B31Fi7JvNz+Cd1b3ZOApbcafcBEX
b91pkM9tz4agZR310eKC/yOCFLS4ntQ6dTOyjZFy/BPJI9zdDdYRl6IGz5ULtA9f
vBGs5F23bZp0bE088QbDCJjdXLz1hy5imilir8rOyqRBF2g0ANW3cxWeGlCsTJcZ
KtLgPQFY7VRfxNb6wu8hNLimEhTUctCV4pb3ihhkz8G56hnroqopDwmxhViBlM9h
rwGb3g98cYFZ5comV0CQCzy/lZ1WL8XrpfftcUN34c25z3+5oqya0H7F2DEFGKTu
0MEfgQ8Ohgi0Ue0evS1HHk90HYUvoVQ/J0TANQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:46:38 2025 by rpki-client