Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/he1zzqscDQVrqbAH6ruuBRGptHQ.roa
File: he1zzqscDQVrqbAH6ruuBRGptHQ.roa (raw, json)
Hash identifier: pIEmG6D6JQGwEUn6Yp/QlQoXb08gkZ0Iha980hmaQQ8=
Subject key identifier: 85:ED:73:CE:AB:1C:0D:05:6B:A9:B0:07:EA:BB:AE:05:11:A9:B4:74
Certificate issuer: /CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Certificate serial: 01941FFA6FB11D146806A95BE59957DA5964
Authority key identifier: 3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/he1zzqscDQVrqbAH6ruuBRGptHQ.roa
Signing time: Wed 01 Jan 2025 03:48:13 +0000
ROA not before: Wed 01 Jan 2025 03:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49067
IP address blocks: 185.98.216.0/24 maxlen: 24
185.98.217.0/24 maxlen: 24
185.98.218.0/24 maxlen: 24
194.31.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:6f:b1:1d:14:68:06:a9:5b:e5:99:57:da:59:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Validity
Not Before: Jan 1 03:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85ed73ceab1c0d056ba9b007eabbae0511a9b474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:31:7a:34:64:f6:0b:ca:f2:c2:9d:db:86:c1:
92:08:8a:c4:b6:9b:d7:15:87:a9:dc:9e:ae:ff:24:
22:0a:38:75:da:8e:79:47:1b:31:3d:a5:ef:95:65:
65:d1:44:e7:a0:a3:39:3f:35:9f:ad:74:41:81:4f:
76:0d:cf:da:bb:1f:74:8b:87:d2:07:29:86:fc:39:
93:4e:44:80:16:37:0c:b6:66:f2:40:94:85:9f:10:
56:25:10:2b:d9:1d:98:04:b8:87:b1:21:1e:7e:bc:
1b:85:01:53:af:46:b3:c2:88:57:9f:96:79:bb:1f:
f7:f5:19:25:88:dc:d5:c2:af:45:5d:0d:d8:0d:29:
4b:71:56:93:f6:70:50:26:ba:8e:10:43:72:9b:1a:
2c:99:fa:29:1d:b9:5a:19:a8:8c:07:32:0b:71:a8:
58:02:bc:64:52:57:68:ca:12:32:83:54:cf:ad:61:
49:70:ea:25:80:1d:03:bc:34:5a:e7:66:00:f5:b5:
75:7b:ae:15:e3:e5:da:3e:7e:6c:65:85:64:cb:fe:
2d:88:6c:97:c1:21:d3:21:e9:cd:d0:95:4b:a6:44:
ec:12:9c:40:a1:b1:78:e6:48:4d:b4:d2:b6:f4:d1:
27:6f:49:79:70:02:00:6f:17:89:4f:37:a1:73:1d:
01:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:ED:73:CE:AB:1C:0D:05:6B:A9:B0:07:EA:BB:AE:05:11:A9:B4:74
X509v3 Authority Key Identifier:
keyid:3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/he1zzqscDQVrqbAH6ruuBRGptHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.216.0-185.98.218.255
194.31.11.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:55:3b:71:79:d2:ae:2f:0e:3f:92:ab:81:e6:a3:b1:f5:b6:
a2:36:95:53:a3:b3:d4:16:d7:44:a3:71:a5:f2:90:34:84:0b:
6d:38:41:83:24:08:71:05:05:46:ca:81:44:40:89:5b:39:1a:
40:af:9d:77:f3:1e:bb:b8:25:0e:19:e7:52:10:7f:13:d8:d2:
5a:54:04:95:6e:cd:f0:e4:79:b7:e2:c4:1c:34:66:5b:78:8f:
42:fe:cd:1b:cd:46:e2:73:f2:49:bd:ed:75:28:17:6c:1e:ec:
0c:c0:ae:d6:9f:bc:56:ff:99:6a:46:4b:b9:c4:d9:e6:f9:5d:
65:e6:96:4c:4e:84:4c:76:70:47:dc:be:ee:b3:5b:31:6f:a4:
6a:27:b5:1e:1c:2e:dc:9a:9d:7c:9f:6f:a4:68:25:23:c0:bb:
07:12:84:00:08:9f:0e:fb:ca:58:b4:cf:09:1d:a9:b3:fb:e9:
cc:2e:83:31:83:33:b8:2f:27:d8:47:55:8a:cb:4f:28:87:1d:
f0:df:a8:be:d9:e2:27:40:e9:61:30:67:c9:d6:2f:6e:d0:c3:
90:50:37:15:5a:09:8a:0c:90:cc:a1:a8:fc:ca:4f:ed:f7:12:
05:36:68:01:c0:8c:2e:c5:f6:f2:0f:30:bc:b8:d5:76:a5:e1:
de:7b:88:d2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQf+m+xHRRoBqlb5ZlX2llkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZlMjRjZmMwMGQyMmY0ZWZhMzlhNDIxZGFmYjdiYjFk
YTRiODMwHhcNMjUwMTAxMDM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVkNzNjZWFiMWMwZDA1NmJhOWIwMDdlYWJiYWUwNTExYTliNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDF6NGT2C8rywp3bhsGSCIrEtpvX
FYep3J6u/yQiCjh12o55RxsxPaXvlWVl0UTnoKM5PzWfrXRBgU92Dc/aux90i4fS
BymG/DmTTkSAFjcMtmbyQJSFnxBWJRAr2R2YBLiHsSEefrwbhQFTr0azwohXn5Z5
ux/39RkliNzVwq9FXQ3YDSlLcVaT9nBQJrqOEENymxosmfopHblaGaiMBzILcahY
ArxkUldoyhIyg1TPrWFJcOolgB0DvDRa52YA9bV1e64V4+XaPn5sZYVky/4tiGyX
wSHTIenN0JVLpkTsEpxAobF45khNtNK29NEnb0l5cAIAbxeJTzehcx0BjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIXtc86rHA0Fa6mwB+q7rgURqbR0MB8GA1UdIwQY
MBaAFD224kz8ANIvTvo5pCHa+3ux2kuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUt
OTM4MGU1Y2MwNTgwLzEvaGUxenpxc2NEUVZycWJBSDZydXVCUkdwdEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUtOTM4MGU1Y2MwNTgw
LzEvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAO5YtgD
BAC5YtoDBADCHwswDQYJKoZIhvcNAQELBQADggEBAL9VO3F50q4vDj+Sq4Hmo7H1
tqI2lVOjs9QW10SjcaXykDSEC204QYMkCHEFBUbKgURAiVs5GkCvnXfzHru4JQ4Z
51IQfxPY0lpUBJVuzfDkebfixBw0Zlt4j0L+zRvNRuJz8km97XUoF2we7AzArtaf
vFb/mWpGS7nE2eb5XWXmlkxOhEx2cEfcvu6zWzFvpGontR4cLtyanXyfb6RoJSPA
uwcShAAInw77yli0zwkdqbP76cwugzGDM7gvJ9hHVYrLTyiHHfDfqL7Z4idA6WEw
Z8nWL27Qw5BQNxVaCYoMkMyhqPzKT+33EgU2aAHAjC7F9vIPMLy41Xal4d57iNI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:12 2025 by rpki-client