Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dHoLxhcoAEUuRvCDtuAMppchNpk.roa
File: dHoLxhcoAEUuRvCDtuAMppchNpk.roa (raw, json)
Hash identifier: u7XKc4RK1KVYd/fCuO1odA9687+dNJirNjEcVK4j3l0=
Subject key identifier: 74:7A:0B:C6:17:28:00:45:2E:46:F0:83:B6:E0:0C:A6:97:21:36:99
Certificate issuer: /CN=740f65f302335baa90ed81c05384d53f2332391a
Certificate serial: 01958F1A00D3D05E947A36E85E14C80071AA
Authority key identifier: 74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dHoLxhcoAEUuRvCDtuAMppchNpk.roa
Signing time: Thu 13 Mar 2025 10:43:20 +0000
ROA not before: Thu 13 Mar 2025 10:43:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206844
IP address blocks: 45.156.32.0/22 maxlen: 24
45.158.54.0/23 maxlen: 24
45.158.55.0/24 maxlen: 25
185.125.241.0/24 maxlen: 24
185.174.160.0/22 maxlen: 24
2a07:1280::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8f:1a:00:d3:d0:5e:94:7a:36:e8:5e:14:c8:00:71:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=740f65f302335baa90ed81c05384d53f2332391a
Validity
Not Before: Mar 13 10:43:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=747a0bc6172800452e46f083b6e00ca697213699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:52:a7:5a:5a:6b:82:16:9a:62:ca:a0:8f:6e:
50:5e:81:cf:c6:6b:d9:fa:35:82:84:30:ae:23:73:
98:04:84:00:46:d8:eb:50:08:6d:35:2c:be:7d:ea:
23:7d:b2:1d:3d:cb:44:21:33:25:35:99:23:1f:31:
0a:63:45:cc:7b:28:75:32:aa:01:36:48:aa:32:8b:
53:94:bc:fb:a1:f6:7e:e3:1a:15:f1:3b:c3:0f:d9:
b2:fe:82:d6:e0:47:df:22:42:58:22:1b:5d:e3:8a:
ee:d2:94:39:02:56:db:e2:6d:d8:64:e0:ac:31:44:
84:1d:56:14:f8:d4:bc:3b:9f:e0:eb:c6:db:69:1b:
19:25:67:94:b2:9f:7f:eb:d8:06:15:27:4a:ae:b1:
7c:59:aa:12:b4:da:2f:38:f3:e4:ef:1d:10:bd:08:
0c:3f:43:6d:d3:b4:1d:8a:a6:29:ab:ab:6e:71:5d:
b3:43:c7:cd:c5:1c:04:75:1a:10:96:10:1a:85:ff:
41:e8:a0:88:e3:ef:07:46:5d:e1:22:87:d7:66:49:
93:c3:73:ab:b6:e2:68:e8:e1:b1:bb:4c:4d:6e:7f:
32:2c:f6:f9:e2:24:9e:65:30:a4:45:6c:1d:b8:7d:
ba:03:2f:ee:89:a4:f0:fb:c4:22:99:97:36:f2:a4:
51:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7A:0B:C6:17:28:00:45:2E:46:F0:83:B6:E0:0C:A6:97:21:36:99
X509v3 Authority Key Identifier:
keyid:74:0F:65:F3:02:33:5B:AA:90:ED:81:C0:53:84:D5:3F:23:32:39:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dA9l8wIzW6qQ7YHAU4TVPyMyORo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dHoLxhcoAEUuRvCDtuAMppchNpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/3b1c1f-2d8c-4861-b71d-d03a2c435aec/1/dA9l8wIzW6qQ7YHAU4TVPyMyORo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.32.0/22
45.158.54.0/23
185.125.241.0/24
185.174.160.0/22
IPv6:
2a07:1280::/32
Signature Algorithm: sha256WithRSAEncryption
06:3c:30:3c:8a:48:2c:58:4a:cf:83:3a:9e:ed:53:d3:bd:21:
0f:f6:f7:0c:cd:42:c3:ad:e2:9d:ca:8d:2e:b8:d7:b3:75:61:
8e:00:71:0f:85:be:dc:c1:fa:6c:2e:e2:44:8d:aa:4b:57:b0:
14:11:85:2e:ce:12:f1:62:4f:d3:d5:0c:0b:93:1b:8e:13:15:
8d:f8:34:ed:e5:05:27:0f:84:d9:f5:5a:8d:f2:f8:90:fa:78:
df:59:43:cb:10:e0:97:c7:d4:d4:54:53:04:94:e6:23:17:5d:
42:c4:fe:3d:29:c4:36:e4:7d:a1:5e:dd:e6:9c:fd:b1:fa:f0:
6b:62:e7:0d:f1:60:9f:dc:5a:4b:74:de:51:3d:f3:4a:aa:10:
fb:df:e8:24:7e:78:0a:0e:78:bd:5f:c7:60:c4:7c:53:dc:a0:
c6:38:9c:9b:f2:1b:d2:56:11:bd:9b:92:82:9d:0f:f8:b8:03:
15:d3:26:72:ea:a8:2c:f3:e8:ed:7e:87:92:19:03:a6:39:28:
d9:3f:7d:02:c3:c7:89:53:b6:bd:59:ed:a3:d7:4b:80:f6:51:
a5:64:53:1d:57:ce:c1:02:55:04:28:70:01:d3:a4:77:b4:0a:
cf:c4:1f:f9:43:08:5b:62:e8:15:22:56:f0:c1:7b:f4:7a:2b:
74:4c:e2:be
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZWPGgDT0F6UejboXhTIAHGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MGY2NWYzMDIzMzViYWE5MGVkODFjMDUzODRkNTNmMjMz
MjM5MWEwHhcNMjUwMzEzMTA0MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdhMGJjNjE3MjgwMDQ1MmU0NmYwODNiNmUwMGNhNjk3MjEzNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11KnWlprghaaYsqgj25QXoHPxmvZ
+jWChDCuI3OYBIQARtjrUAhtNSy+feojfbIdPctEITMlNZkjHzEKY0XMeyh1MqoB
NkiqMotTlLz7ofZ+4xoV8TvDD9my/oLW4EffIkJYIhtd44ru0pQ5Albb4m3YZOCs
MUSEHVYU+NS8O5/g68bbaRsZJWeUsp9/69gGFSdKrrF8WaoStNovOPPk7x0QvQgM
P0Nt07QdiqYpq6tucV2zQ8fNxRwEdRoQlhAahf9B6KCI4+8HRl3hIofXZkmTw3Or
tuJo6OGxu0xNbn8yLPb54iSeZTCkRWwduH26Ay/uiaTw+8QimZc28qRRpQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHR6C8YXKABFLkbwg7bgDKaXITaZMB8GA1UdIwQY
MBaAFHQPZfMCM1uqkO2BwFOE1T8jMjkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQt
ZDAzYTJjNDM1YWVjLzEvZEhvTHhoY29BRVV1UnZDRHR1QU1wcGNoTnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zYjFjMWYtMmQ4Yy00ODYxLWI3MWQtZDAzYTJjNDM1YWVj
LzEvZEE5bDh3SXpXNnFRN1lIQVU0VFZQeU15T1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZwgAwQB
LZ42AwQAuX3xAwQCua6gMA0EAgACMAcDBQAqBxKAMA0GCSqGSIb3DQEBCwUAA4IB
AQAGPDA8ikgsWErPgzqe7VPTvSEP9vcMzULDreKdyo0uuNezdWGOAHEPhb7cwfps
LuJEjapLV7AUEYUuzhLxYk/T1QwLkxuOExWN+DTt5QUnD4TZ9VqN8viQ+njfWUPL
EOCXx9TUVFMElOYjF11CxP49KcQ25H2hXt3mnP2x+vBrYucN8WCf3FpLdN5RPfNK
qhD73+gkfngKDni9X8dgxHxT3KDGOJyb8hvSVhG9m5KCnQ/4uAMV0yZy6qgs8+jt
foeSGQOmOSjZP30Cw8eJU7a9We2j10uA9lGlZFMdV87BAlUEKHAB06R3tArPxB/5
QwhbYugVIlbwwXv0eit0TOK+
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:23:13 2025 by rpki-client