Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/HyczfulBdiGXqNt52BO2o4LV9yU.roa
File: HyczfulBdiGXqNt52BO2o4LV9yU.roa (raw, json)
Hash identifier: x9uCEMOnws5vMXyPMhg97WPs5qUhjuF314Fl6KzRZMY=
Subject key identifier: 1F:27:33:7E:E9:41:76:21:97:A8:DB:79:D8:13:B6:A3:82:D5:F7:25
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 019420681F6890411D555992A4351A65BB48
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/HyczfulBdiGXqNt52BO2o4LV9yU.roa
Signing time: Wed 01 Jan 2025 05:48:02 +0000
ROA not before: Wed 01 Jan 2025 05:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29512
IP address blocks: 79.110.0.0/20 maxlen: 24
94.231.224.0/20 maxlen: 24
195.140.236.0/22 maxlen: 24
2a00:fbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:1f:68:90:41:1d:55:59:92:a4:35:1a:65:bb:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Jan 1 05:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f27337ee941762197a8db79d813b6a382d5f725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:af:49:4d:c4:f7:c9:df:bb:c2:29:a4:12:e1:
86:48:8e:33:64:9d:85:88:0f:22:c8:50:01:f1:50:
39:54:a4:87:4f:f4:49:8e:d1:af:07:76:11:35:dc:
b9:07:cf:37:0b:52:ca:31:d7:75:1d:aa:c6:35:4d:
98:b5:5c:40:39:f1:25:26:c4:58:90:f7:8d:bf:cf:
82:89:04:3c:9e:84:5e:cf:d0:03:66:b4:d6:39:7c:
d5:f9:b6:bc:7a:f5:bf:2b:b5:36:b8:c7:e6:10:0c:
d7:d1:1c:82:75:45:7d:2b:42:3d:ed:43:af:e6:91:
07:45:72:ce:ae:9d:3f:f5:c5:dc:0c:e0:5d:c6:9b:
4d:b9:c5:19:7e:db:46:4b:07:a5:61:7b:15:9b:66:
1d:c8:8e:48:66:b7:c8:84:d8:06:69:35:7e:c4:b0:
a7:9a:22:e4:d0:00:29:9e:1f:6e:fc:7d:ba:bc:c0:
db:d4:d9:bb:db:c1:30:38:d9:f6:4b:13:1f:9f:09:
a4:32:78:ba:39:7c:84:a8:4d:28:d3:19:4e:f2:00:
a5:bf:02:4a:f3:39:dd:ac:97:4e:3c:dd:2d:67:59:
f1:66:2b:a5:00:0e:78:26:9a:be:e3:86:06:0c:1b:
48:c0:10:58:de:6e:a8:d6:dd:be:9b:7b:8c:7b:5a:
4b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:27:33:7E:E9:41:76:21:97:A8:DB:79:D8:13:B6:A3:82:D5:F7:25
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/HyczfulBdiGXqNt52BO2o4LV9yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.0.0/20
94.231.224.0/20
195.140.236.0/22
IPv6:
2a00:fbc0::/29
Signature Algorithm: sha256WithRSAEncryption
a8:13:83:00:51:49:3d:4b:86:bb:ee:07:d1:55:ee:09:e2:56:
4e:82:96:50:40:96:c1:a1:82:36:cc:65:53:f6:67:e6:15:71:
03:4f:0e:8a:4e:5c:1a:fb:c8:97:e6:a6:56:92:b6:27:c5:2b:
e8:3d:54:72:bd:76:ea:8e:13:61:58:6d:91:d8:c5:d6:ee:74:
fd:13:b7:7b:e6:0d:c3:c6:b6:5c:88:7d:2e:0e:fb:cf:13:48:
25:03:90:35:d9:83:78:8a:43:fe:c9:10:4e:a4:15:64:9d:7a:
a9:55:b7:17:87:de:b0:d3:c3:77:fc:06:c6:69:df:36:85:bd:
78:2e:6b:ca:eb:5e:b8:f3:11:0d:6e:64:f6:a7:71:32:21:6e:
8e:8c:79:1e:77:53:2e:66:48:10:49:fa:70:d4:40:55:b1:79:
2e:45:b6:51:2a:9a:70:50:64:70:92:8a:fc:cd:45:0a:61:8e:
7c:11:9d:e7:49:22:bb:16:b5:56:ea:4b:44:bc:7a:eb:4a:77:
d9:e1:94:86:19:50:99:59:e9:c4:3a:80:a4:53:9b:c4:80:98:
ec:7f:d1:5a:64:6b:4a:ac:a4:bd:1e:46:73:0c:78:39:91:a7:
a2:b7:6a:d0:a8:5c:1b:3e:50:56:3c:d8:d3:25:09:7c:ce:f2:
d4:23:a4:8b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQgaB9okEEdVVmSpDUaZbtIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Yzg2ZGEzZjQ4MzI0NjUxOGQzNjgwMzRiYzg2MTEzOTA2
YTU1YTMwHhcNMjUwMTAxMDU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI3MzM3ZWU5NDE3NjIxOTdhOGRiNzlkODEzYjZhMzgyZDVmNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo69JTcT3yd+7wimkEuGGSI4zZJ2F
iA8iyFAB8VA5VKSHT/RJjtGvB3YRNdy5B883C1LKMdd1HarGNU2YtVxAOfElJsRY
kPeNv8+CiQQ8noRez9ADZrTWOXzV+ba8evW/K7U2uMfmEAzX0RyCdUV9K0I97UOv
5pEHRXLOrp0/9cXcDOBdxptNucUZfttGSwelYXsVm2YdyI5IZrfIhNgGaTV+xLCn
miLk0AApnh9u/H26vMDb1Nm728EwONn2SxMfnwmkMni6OXyEqE0o0xlO8gClvwJK
8zndrJdOPN0tZ1nxZiulAA54Jpq+44YGDBtIwBBY3m6o1t2+m3uMe1pLuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB8nM37pQXYhl6jbedgTtqOC1fclMB8GA1UdIwQY
MBaAFOTIbaP0gyRlGNNoA0vIYROQalWjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTct
YzUxMWEzZTkxMmI2LzEvSHljemZ1bEJkaUdYcU50NTJCTzJvNExWOXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNGU1MDMtNTc0Yi00NTY1LTkyMTctYzUxMWEzZTkxMmI2
LzEvNU1odG9fU0RKR1VZMDJnRFM4aGhFNUJxVmFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQET24AAwQE
XufgAwQCw4zsMA0EAgACMAcDBQMqAPvAMA0GCSqGSIb3DQEBCwUAA4IBAQCoE4MA
UUk9S4a77gfRVe4J4lZOgpZQQJbBoYI2zGVT9mfmFXEDTw6KTlwa+8iX5qZWkrYn
xSvoPVRyvXbqjhNhWG2R2MXW7nT9E7d75g3DxrZciH0uDvvPE0glA5A12YN4ikP+
yRBOpBVknXqpVbcXh96w08N3/AbGad82hb14LmvK61648xENbmT2p3EyIW6OjHke
d1MuZkgQSfpw1EBVsXkuRbZRKppwUGRwkor8zUUKYY58EZ3nSSK7FrVW6ktEvHrr
SnfZ4ZSGGVCZWenEOoCkU5vEgJjsf9FaZGtKrKS9HkZzDHg5kaeit2rQqFwbPlBW
PNjTJQl8zvLUI6SL
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:39:08 2025 by rpki-client