Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hq66cY-KaAJMKDopjUfx8RB264A.roa
File: Hq66cY-KaAJMKDopjUfx8RB264A.roa (raw, json)
Hash identifier: dh/wAwRh+KKK0diX8ONWwD+NtJT1TQ7QJ7r0YsWQ2js=
Subject key identifier: 1E:AE:BA:71:8F:8A:68:02:4C:28:3A:29:8D:47:F1:F1:10:76:EB:80
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143EB7E83F33C76E274F6868E88ED90
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hq66cY-KaAJMKDopjUfx8RB264A.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 82.153.224.0/24 maxlen: 24
89.213.217.0/24 maxlen: 24
89.213.220.0/24 maxlen: 24
89.213.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:eb:7e:83:f3:3c:76:e2:74:f6:86:8e:88:ed:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1eaeba718f8a68024c283a298d47f1f11076eb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:63:2a:1c:8a:53:ec:3d:72:48:30:9e:eb:76:
50:80:db:7f:10:9d:98:7f:ac:f0:9c:d9:b4:2a:e1:
6b:5d:d2:82:f0:d8:5b:8d:fa:46:72:f3:cd:ca:7a:
a8:d1:48:75:07:7d:11:74:23:0e:42:c0:ae:6e:59:
0d:91:54:e8:65:95:b5:fa:d8:09:f8:85:c2:cd:27:
40:f4:76:18:4e:32:47:3d:cd:0c:40:16:75:39:93:
9d:43:85:0c:b9:d2:56:10:e4:03:21:5c:e3:a8:11:
c8:7f:07:1b:29:25:22:56:fb:e2:ed:14:40:d0:3f:
06:c3:b8:e4:5a:cd:94:b7:c5:71:d3:b4:ba:80:1b:
16:35:2c:1d:93:9d:fb:ee:21:04:60:f9:69:67:7a:
68:27:ef:39:5a:1c:58:09:71:b0:09:c4:d7:93:10:
09:b3:88:8e:3d:d7:d8:02:f7:ab:07:64:b8:7c:ce:
17:a3:4c:91:0d:49:75:af:2e:73:c4:78:3e:d8:06:
bf:2d:df:40:64:85:94:ca:17:dc:3a:4b:cc:d3:af:
60:91:cd:43:21:5f:b0:66:20:ae:84:7d:1f:bd:15:
1c:8c:83:7a:8b:84:d1:9f:a8:38:09:4a:f0:16:da:
f9:25:2d:87:37:e1:05:45:b7:1b:b9:aa:cf:d9:37:
fc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AE:BA:71:8F:8A:68:02:4C:28:3A:29:8D:47:F1:F1:10:76:EB:80
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hq66cY-KaAJMKDopjUfx8RB264A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.224.0/24
89.213.217.0/24
89.213.220.0/24
89.213.222.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:87:6b:95:64:fc:29:74:71:8b:14:28:91:a1:44:bf:31:e8:
d6:7d:d7:f6:7f:80:79:3f:84:6b:50:a9:1e:ea:af:a2:b1:3f:
9d:1a:da:2d:43:3d:9f:be:1f:0b:94:46:e0:1e:db:86:1b:4d:
59:a5:1b:c3:eb:79:b9:0b:da:06:f3:33:ab:c3:32:a7:85:55:
b8:a9:1e:d9:ef:16:0f:59:0d:62:76:bb:b6:1f:69:10:36:51:
2d:76:8d:5f:0c:c6:fa:8e:d3:b6:57:ae:16:fe:c2:de:56:5b:
e5:02:cb:3d:03:5b:a7:c1:ab:14:6f:7e:0c:fd:2d:b8:91:63:
4a:50:1f:52:f6:2b:dd:0f:98:8d:b8:10:9b:fc:03:4c:65:dc:
e5:de:cf:31:a4:2b:2c:3d:1d:05:cd:4b:59:99:9b:76:88:b9:
ba:b3:01:6b:e1:49:32:86:d2:dc:16:40:8d:14:c7:b3:52:a9:
42:f6:79:a4:48:2e:ab:c6:ce:89:a5:93:7c:d5:9a:ee:c1:06:
ce:da:a6:d2:62:0b:62:49:75:2f:79:24:78:e4:b5:e7:ef:5c:
a5:a2:6e:e1:77:6e:ae:ac:fd:bd:43:92:02:0b:aa:dc:9b:10:
e5:1e:6d:c9:fc:16:0e:03:5a:68:3d:c5:1c:fd:e4:40:8c:88:
4d:43:a3:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhQ+t+g/M8duJ09oaOiO2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFlYmE3MThmOGE2ODAyNGMyODNhMjk4ZDQ3ZjFmMTEwNzZlYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WMqHIpT7D1ySDCe63ZQgNt/EJ2Y
f6zwnNm0KuFrXdKC8NhbjfpGcvPNynqo0Uh1B30RdCMOQsCublkNkVToZZW1+tgJ
+IXCzSdA9HYYTjJHPc0MQBZ1OZOdQ4UMudJWEOQDIVzjqBHIfwcbKSUiVvvi7RRA
0D8Gw7jkWs2Ut8Vx07S6gBsWNSwdk5377iEEYPlpZ3poJ+85WhxYCXGwCcTXkxAJ
s4iOPdfYAverB2S4fM4Xo0yRDUl1ry5zxHg+2Aa/Ld9AZIWUyhfcOkvM069gkc1D
IV+wZiCuhH0fvRUcjIN6i4TRn6g4CUrwFtr5JS2HN+EFRbcbuarP2Tf8PwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB6uunGPimgCTCg6KY1H8fEQduuAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSHE2NmNZLUthQUpNS0RvcGpVZng4UkIyNjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpngAwQA
WdXZAwQAWdXcAwQAWdXeMA0GCSqGSIb3DQEBCwUAA4IBAQA6h2uVZPwpdHGLFCiR
oUS/MejWfdf2f4B5P4RrUKke6q+isT+dGtotQz2fvh8LlEbgHtuGG01ZpRvD63m5
C9oG8zOrwzKnhVW4qR7Z7xYPWQ1idru2H2kQNlEtdo1fDMb6jtO2V64W/sLeVlvl
Ass9A1unwasUb34M/S24kWNKUB9S9ivdD5iNuBCb/ANMZdzl3s8xpCssPR0FzUtZ
mZt2iLm6swFr4UkyhtLcFkCNFMezUqlC9nmkSC6rxs6JpZN81ZruwQbO2qbSYgti
SXUveSR45LXn71ylom7hd26urP29Q5ICC6rcmxDlHm3J/BYOA1poPcUc/eRAjIhN
Q6P7
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:39:21 2025 by rpki-client