Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hpxCRpKGwGpGhIqFX2g4sO7soH4.roa
File: hpxCRpKGwGpGhIqFX2g4sO7soH4.roa (raw, json)
Hash identifier: 1iugaM0HYiDAad8UWTYrAuAd/l9jFJFZy3UQke9tp8g=
Subject key identifier: 86:9C:42:46:92:86:C0:6A:46:84:8A:85:5F:68:38:B0:EE:EC:A0:7E
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFAAF0B050C6186D10B6FDBC436D2A3
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hpxCRpKGwGpGhIqFX2g4sO7soH4.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209026
IP address blocks: 188.72.120.0/22 maxlen: 22
188.72.120.0/24 maxlen: 24
188.72.121.0/24 maxlen: 24
188.72.122.0/24 maxlen: 24
188.72.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:af:0b:05:0c:61:86:d1:0b:6f:db:c4:36:d2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=869c42469286c06a46848a855f6838b0eeeca07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8f:86:6c:47:67:ad:a5:82:36:7a:11:4e:29:
77:74:9d:3e:4b:94:0a:73:f8:65:54:ff:7f:63:07:
bc:6d:19:22:12:fb:85:66:50:be:56:41:db:7e:bc:
56:3d:01:f4:38:3e:96:27:d2:fc:87:9b:c5:d6:1a:
06:04:e5:6d:09:99:1b:fd:59:f8:20:46:b4:d4:83:
65:37:ec:60:a4:74:0f:8a:db:81:14:5f:ea:fc:40:
e8:64:8e:53:a0:e8:2a:eb:12:2b:ab:27:77:3f:d4:
6b:7f:32:86:8d:a2:d3:40:60:ab:57:01:df:dd:19:
fa:e0:f2:c0:f8:92:d4:95:26:bf:e5:da:8e:52:a4:
da:61:09:00:8c:3a:5e:c0:d8:2a:d7:1f:61:36:66:
8f:bf:59:7c:46:5f:a7:6e:5b:e9:3a:f0:f4:7c:c4:
25:a6:26:42:7e:da:c3:71:72:10:09:0c:0e:f4:d7:
83:3d:2d:35:db:8a:fb:5f:4b:3f:57:1a:93:3c:48:
43:18:c5:bd:7b:3a:ad:02:c1:ff:cb:d3:da:0a:d8:
a0:1b:7d:4b:cb:5a:37:ae:97:eb:43:4e:36:34:47:
a8:38:5a:0b:7e:a4:72:59:fa:ad:be:8c:44:2e:e4:
b2:86:e6:25:30:e5:6b:c6:6d:5b:76:8d:01:48:b2:
52:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9C:42:46:92:86:C0:6A:46:84:8A:85:5F:68:38:B0:EE:EC:A0:7E
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hpxCRpKGwGpGhIqFX2g4sO7soH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.120.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:7b:a3:12:92:09:37:0b:0a:42:2a:6b:ea:3a:74:56:71:2d:
e7:6e:39:41:3d:37:c4:f5:5e:63:17:25:f8:f9:9b:b4:31:39:
3a:d7:96:e3:f1:6b:48:c4:c2:55:8d:a1:82:14:2b:5e:91:f2:
3b:ac:f8:b2:d2:fd:8c:91:57:29:e2:4f:24:b2:43:c4:63:6d:
5e:62:11:fb:d4:c1:8b:57:f8:19:57:0d:27:1c:e0:10:d2:8c:
ba:5a:7a:50:f5:5f:20:73:95:9f:51:c2:0e:fc:c5:76:32:eb:
34:7d:ab:2e:f5:56:eb:d3:75:06:2f:8c:35:eb:60:59:60:81:
c8:d8:b7:ab:34:45:50:5b:aa:2f:e5:54:8f:f3:d9:f2:1a:e8:
95:00:e6:ae:6f:e1:fc:90:72:20:48:04:45:ee:43:bc:db:a8:
31:2a:f6:25:b3:bd:69:d4:35:4c:56:53:16:80:48:6c:da:88:
02:80:80:e7:35:56:43:13:72:01:a8:1c:73:a0:9b:a9:6f:30:
cf:60:5d:01:3d:3b:62:32:6b:79:ec:1c:86:38:4f:11:a8:dc:
0a:ad:26:84:dd:ea:24:f2:32:58:d9:42:5b:5c:11:67:f6:65:
2e:fe:64:2c:5d:3c:39:89:ad:12:bc:84:88:b4:c3:8d:4f:61:
29:15:3f:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+q8LBQxhhtELb9vENtKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjljNDI0NjkyODZjMDZhNDY4NDhhODU1ZjY4MzhiMGVlZWNhMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI+GbEdnraWCNnoRTil3dJ0+S5QK
c/hlVP9/Ywe8bRkiEvuFZlC+VkHbfrxWPQH0OD6WJ9L8h5vF1hoGBOVtCZkb/Vn4
IEa01INlN+xgpHQPituBFF/q/EDoZI5ToOgq6xIrqyd3P9RrfzKGjaLTQGCrVwHf
3Rn64PLA+JLUlSa/5dqOUqTaYQkAjDpewNgq1x9hNmaPv1l8Rl+nblvpOvD0fMQl
piZCftrDcXIQCQwO9NeDPS0124r7X0s/VxqTPEhDGMW9ezqtAsH/y9PaCtigG31L
y1o3rpfrQ042NEeoOFoLfqRyWfqtvoxELuSyhuYlMOVrxm1bdo0BSLJS+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIacQkaShsBqRoSKhV9oOLDu7KB+MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvaHB4Q1JwS0d3R3BHaElxRlgyZzRzTzdzb0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEh4MA0G
CSqGSIb3DQEBCwUAA4IBAQAde6MSkgk3CwpCKmvqOnRWcS3nbjlBPTfE9V5jFyX4
+Zu0MTk615bj8WtIxMJVjaGCFCtekfI7rPiy0v2MkVcp4k8kskPEY21eYhH71MGL
V/gZVw0nHOAQ0oy6WnpQ9V8gc5WfUcIO/MV2Mus0fasu9Vbr03UGL4w162BZYIHI
2LerNEVQW6ov5VSP89nyGuiVAOaub+H8kHIgSARF7kO826gxKvYls71p1DVMVlMW
gEhs2ogCgIDnNVZDE3IBqBxzoJupbzDPYF0BPTtiMmt57ByGOE8RqNwKrSaE3eok
8jJY2UJbXBFn9mUu/mQsXTw5ia0SvISItMONT2EpFT/R
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:26:29 2025 by rpki-client