Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/HTiETFMnseisEeoALFIWItsK6gc.roa
File: HTiETFMnseisEeoALFIWItsK6gc.roa (raw, json)
Hash identifier: iulklaFZv7FQZ4kyFEEaoOlUffIGv7CCXTbtxR93AS4=
Subject key identifier: 1D:38:84:4C:53:27:B1:E8:AC:11:EA:00:2C:52:16:22:DB:0A:EA:07
Certificate issuer: /CN=32b1b94b073c547991c20f842eadec167ec19e34
Certificate serial: 0194236A192FAD555272D29CACE388CEB00A
Authority key identifier: 32:B1:B9:4B:07:3C:54:79:91:C2:0F:84:2E:AD:EC:16:7E:C1:9E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/HTiETFMnseisEeoALFIWItsK6gc.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48555
IP address blocks: 176.56.144.0/24 maxlen: 24
176.56.146.0/24 maxlen: 24
176.56.148.0/24 maxlen: 24
176.56.150.0/24 maxlen: 24
185.63.236.0/24 maxlen: 24
185.63.237.0/24 maxlen: 24
185.63.238.0/24 maxlen: 24
185.63.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:19:2f:ad:55:52:72:d2:9c:ac:e3:88:ce:b0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32b1b94b073c547991c20f842eadec167ec19e34
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d38844c5327b1e8ac11ea002c521622db0aea07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:34:2d:de:1a:2e:4a:a8:6a:16:1f:97:ec:06:
97:b0:a6:8e:b9:7d:0f:b6:83:95:cd:c2:a1:5f:48:
89:31:9b:5a:cb:54:85:5d:42:69:9e:21:c6:45:d0:
40:61:cc:f6:9b:40:11:23:a5:ae:77:60:60:39:dc:
00:18:e7:e8:2d:2c:92:3e:11:92:ac:22:93:f3:6b:
14:56:4d:e4:be:a9:d0:81:67:79:23:27:7c:77:0a:
3a:7d:94:84:7a:aa:a3:2e:fa:49:01:43:b2:fe:7f:
06:c3:e8:62:e6:cd:fe:04:f6:61:b7:c6:17:66:96:
fa:ab:9c:e4:19:2e:8a:c5:5d:79:8a:8c:b9:dc:70:
f1:82:5b:06:76:27:d7:1f:b6:8b:2b:0a:a0:38:eb:
c8:9a:91:f8:42:73:9b:30:6b:70:66:52:d1:e0:4e:
65:56:5b:45:d6:4c:ae:57:b4:2c:80:d9:75:cb:b1:
65:d3:0d:a5:f4:6c:34:43:be:cb:19:42:3c:19:e6:
b1:f6:f0:46:5b:d1:21:79:95:1e:31:57:c2:56:68:
32:ae:d3:7d:34:84:86:84:11:61:8c:8e:43:8f:0e:
ad:a0:61:9c:a8:e1:f0:1f:62:a6:42:38:c9:21:e8:
f6:83:42:fc:25:6d:44:e9:50:e6:72:a6:0b:70:4b:
36:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:38:84:4C:53:27:B1:E8:AC:11:EA:00:2C:52:16:22:DB:0A:EA:07
X509v3 Authority Key Identifier:
keyid:32:B1:B9:4B:07:3C:54:79:91:C2:0F:84:2E:AD:EC:16:7E:C1:9E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/HTiETFMnseisEeoALFIWItsK6gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0a206e-1788-436b-9728-bed4b99a7bb4/1/MrG5Swc8VHmRwg-ELq3sFn7BnjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.56.144.0/24
176.56.146.0/24
176.56.148.0/24
176.56.150.0/24
185.63.236.0/22
Signature Algorithm: sha256WithRSAEncryption
09:e5:38:19:e9:ba:8f:4f:16:cc:68:81:65:02:ee:82:67:e1:
87:17:e8:c4:92:c5:17:3d:2a:51:b4:23:3d:11:15:4a:b7:ff:
6a:9d:6c:22:37:78:ad:0c:61:cc:69:2c:bd:fd:fe:12:ca:eb:
d9:c7:95:cc:81:56:88:53:85:8f:26:c0:30:37:8e:5f:09:82:
f2:15:e5:ff:f2:d6:44:0d:d1:39:99:43:22:ed:94:fd:db:f0:
69:c0:19:35:d6:a6:93:e6:f5:6c:32:b8:39:c6:4c:6f:2c:31:
4e:ad:c7:66:9c:33:23:d2:c2:cb:e7:18:46:89:e6:36:97:51:
2e:2b:64:96:52:58:6f:70:ec:7c:83:b7:7c:34:8e:2c:70:ea:
97:23:62:a5:d9:ff:7a:2a:f7:74:93:31:e0:2a:3b:f8:9d:32:
71:d0:c4:42:53:52:9c:63:2b:d3:95:c5:b6:16:46:b0:c9:b3:
74:bb:d1:c8:9e:61:9d:7e:ca:4f:15:72:94:07:dd:ec:af:aa:
c2:1e:18:65:aa:5f:46:d9:0f:f7:16:81:8a:40:76:67:67:cd:
b2:d4:b1:4b:ca:e3:bf:c9:84:8c:e6:a9:7f:0e:84:72:ba:dd:
2c:ad:4f:32:9d:12:c9:55:a1:5f:b2:14:37:23:50:d0:38:71:
33:a5:25:8a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQjahkvrVVSctKcrOOIzrAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYjFiOTRiMDczYzU0Nzk5MWMyMGY4NDJlYWRlYzE2N2Vj
MTllMzQwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM4ODQ0YzUzMjdiMWU4YWMxMWVhMDAyYzUyMTYyMmRiMGFlYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjQt3houSqhqFh+X7AaXsKaOuX0P
toOVzcKhX0iJMZtay1SFXUJpniHGRdBAYcz2m0ARI6Wud2BgOdwAGOfoLSySPhGS
rCKT82sUVk3kvqnQgWd5Iyd8dwo6fZSEeqqjLvpJAUOy/n8Gw+hi5s3+BPZht8YX
Zpb6q5zkGS6KxV15ioy53HDxglsGdifXH7aLKwqgOOvImpH4QnObMGtwZlLR4E5l
VltF1kyuV7QsgNl1y7Fl0w2l9Gw0Q77LGUI8Geax9vBGW9EheZUeMVfCVmgyrtN9
NISGhBFhjI5Djw6toGGcqOHwH2KmQjjJIej2g0L8JW1E6VDmcqYLcEs2/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB04hExTJ7HorBHqACxSFiLbCuoHMB8GA1UdIwQY
MBaAFDKxuUsHPFR5kcIPhC6t7BZ+wZ40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYTIwNmUtMTc4OC00MzZiLTk3Mjgt
YmVkNGI5OWE3YmI0LzEvSFRpRVRGTW5zZWlzRWVvQUxGSVdJdHNLNmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYTIwNmUtMTc4OC00MzZiLTk3MjgtYmVkNGI5OWE3YmI0
LzEvTXJHNVN3YzhWSG1Sd2ctRUxxM3NGbjdCbmpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsDiQAwQA
sDiSAwQAsDiUAwQAsDiWAwQCuT/sMA0GCSqGSIb3DQEBCwUAA4IBAQAJ5TgZ6bqP
TxbMaIFlAu6CZ+GHF+jEksUXPSpRtCM9ERVKt/9qnWwiN3itDGHMaSy9/f4SyuvZ
x5XMgVaIU4WPJsAwN45fCYLyFeX/8tZEDdE5mUMi7ZT92/BpwBk11qaT5vVsMrg5
xkxvLDFOrcdmnDMj0sLL5xhGieY2l1EuK2SWUlhvcOx8g7d8NI4scOqXI2Kl2f96
Kvd0kzHgKjv4nTJx0MRCU1KcYyvTlcW2FkawybN0u9HInmGdfspPFXKUB93sr6rC
Hhhlql9G2Q/3FoGKQHZnZ82y1LFLyuO/yYSM5ql/DoRyut0srU8ynRLJVaFfshQ3
I1DQOHEzpSWK
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:28 2025 by rpki-client