Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/c75642-172b-42c1-a1d1-d25466a1fa9f/1/HkPgyjtfc2I2XR8BvT3Oa9Siabg.roa
File: HkPgyjtfc2I2XR8BvT3Oa9Siabg.roa (raw, json)
Hash identifier: AzeYfXAKdYBKYZ/1I42CQO+bIphQdlonjepjXKZIBPs=
Subject key identifier: 1E:43:E0:CA:3B:5F:73:62:36:5D:1F:01:BD:3D:CE:6B:D4:A2:69:B8
Certificate issuer: /CN=782325321a302f0bac131bee11c9aea696e510ba
Certificate serial: 019422FB36407842C5EB279C5F6406771156
Authority key identifier: 78:23:25:32:1A:30:2F:0B:AC:13:1B:EE:11:C9:AE:A6:96:E5:10:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eCMlMhowLwusExvuEcmuppblELo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/c75642-172b-42c1-a1d1-d25466a1fa9f/1/HkPgyjtfc2I2XR8BvT3Oa9Siabg.roa
Signing time: Wed 01 Jan 2025 17:47:56 +0000
ROA not before: Wed 01 Jan 2025 17:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8867
IP address blocks: 147.237.0.0/16 maxlen: 16
147.237.0.0/24 maxlen: 24
147.237.1.0/24 maxlen: 24
147.237.2.0/24 maxlen: 24
147.237.3.0/24 maxlen: 24
147.237.4.0/24 maxlen: 24
147.237.5.0/24 maxlen: 24
147.237.6.0/24 maxlen: 24
147.237.7.0/24 maxlen: 24
147.237.8.0/24 maxlen: 24
147.237.9.0/24 maxlen: 24
147.237.10.0/24 maxlen: 24
147.237.11.0/24 maxlen: 24
147.237.12.0/24 maxlen: 24
147.237.13.0/24 maxlen: 24
147.237.14.0/24 maxlen: 24
147.237.15.0/24 maxlen: 24
147.237.69.0/24 maxlen: 24
147.237.70.0/24 maxlen: 24
147.237.71.0/24 maxlen: 24
147.237.72.0/24 maxlen: 24
147.237.73.0/24 maxlen: 24
147.237.74.0/24 maxlen: 24
147.237.76.0/24 maxlen: 24
147.237.77.0/24 maxlen: 24
147.237.80.0/24 maxlen: 24
147.237.248.0/24 maxlen: 24
2001:678:a3c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/c75642-172b-42c1-a1d1-d25466a1fa9f/1/eCMlMhowLwusExvuEcmuppblELo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/c75642-172b-42c1-a1d1-d25466a1fa9f/1/eCMlMhowLwusExvuEcmuppblELo.mft
rsync://rpki.ripe.net/repository/DEFAULT/eCMlMhowLwusExvuEcmuppblELo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:36:40:78:42:c5:eb:27:9c:5f:64:06:77:11:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=782325321a302f0bac131bee11c9aea696e510ba
Validity
Not Before: Jan 1 17:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e43e0ca3b5f7362365d1f01bd3dce6bd4a269b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:af:29:75:f4:8e:c9:9e:e2:1c:a2:79:2d:c1:
f3:ed:d1:df:70:e7:bf:9b:7f:4d:3a:c5:89:14:15:
9b:ea:6b:df:30:e8:0a:e0:42:24:c4:aa:7e:29:da:
97:d3:a3:9e:ff:2f:a6:ea:87:1d:89:ad:5a:23:86:
fc:47:91:b1:00:65:54:f1:d1:16:2d:22:d6:f9:bc:
66:aa:5b:7d:ab:29:8a:89:56:8e:07:fb:ac:3a:7a:
fd:7a:3e:41:56:8e:30:d2:65:17:03:ba:d1:73:d2:
a7:cd:2a:7d:59:ac:20:1b:9b:b1:ca:e0:05:d3:91:
65:7b:74:f2:d0:87:a1:85:e7:78:c9:49:5d:bd:6e:
d8:d4:09:ad:dd:75:b0:cc:34:b4:01:1a:d3:53:bf:
6c:dc:3e:fb:d7:5f:ec:aa:3b:0c:e0:be:68:15:a6:
04:33:81:b5:9e:91:c9:31:d0:b4:89:77:f2:f9:1a:
a5:12:16:d3:92:1e:b5:f8:67:e6:59:9d:e6:5f:d3:
e7:03:f1:12:ce:68:08:c5:9e:d9:8b:0b:71:c0:f2:
a2:cd:f0:28:a4:5d:8b:2a:38:ac:11:b9:31:2b:a3:
fd:ff:f5:ce:b8:c9:45:9b:9f:d3:72:83:8c:f3:2c:
f4:ca:de:fd:df:4b:ab:16:d9:20:a8:3d:b5:ee:44:
89:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:43:E0:CA:3B:5F:73:62:36:5D:1F:01:BD:3D:CE:6B:D4:A2:69:B8
X509v3 Authority Key Identifier:
keyid:78:23:25:32:1A:30:2F:0B:AC:13:1B:EE:11:C9:AE:A6:96:E5:10:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eCMlMhowLwusExvuEcmuppblELo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c75642-172b-42c1-a1d1-d25466a1fa9f/1/HkPgyjtfc2I2XR8BvT3Oa9Siabg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c75642-172b-42c1-a1d1-d25466a1fa9f/1/eCMlMhowLwusExvuEcmuppblELo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.237.0.0/16
IPv6:
2001:678:a3c::/48
Signature Algorithm: sha256WithRSAEncryption
79:c1:59:3c:b6:e5:2d:c3:36:de:6f:cf:46:3e:b9:3f:5f:3c:
f0:53:ea:49:ce:85:e0:c7:ef:16:12:df:4f:8d:19:0a:cd:f2:
02:32:9f:78:f0:f4:31:52:41:2f:16:5f:ee:c0:4e:7f:b2:ca:
09:1e:c5:3a:3c:ac:87:2c:e7:c0:fc:ef:cc:59:c1:22:99:4e:
e8:a1:94:f6:29:22:8c:4e:98:4f:58:8c:a5:80:e8:39:58:c7:
98:97:aa:37:fe:25:26:a5:45:0b:75:5f:be:45:91:57:76:f0:
da:a3:f4:fb:02:c6:a4:5a:95:8c:92:be:57:69:b2:84:96:af:
dd:8f:18:a7:f7:6d:d0:5f:a6:7e:7e:76:84:f2:76:aa:18:af:
9a:35:ce:0b:f5:37:e6:00:18:a6:62:42:09:bc:93:94:9c:fc:
76:f0:54:cf:f4:35:16:69:ba:b4:90:72:0a:a6:04:1e:1b:73:
55:e8:3d:90:3c:2b:1a:9f:22:c3:15:8a:35:11:78:4a:30:a8:
a8:3c:e9:52:d5:85:f1:96:02:a2:44:19:f7:f6:98:e3:0e:4f:
40:42:93:07:1c:0e:9e:fa:fc:e6:fd:98:b5:34:05:e4:ba:5c:
f4:d9:19:eb:2e:81:3e:a4:df:00:b2:3c:8d:3c:97:b1:be:6c:
63:2c:c6:e9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQi+zZAeELF6yecX2QGdxFWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MjMyNTMyMWEzMDJmMGJhYzEzMWJlZTExYzlhZWE2OTZl
NTEwYmEwHhcNMjUwMTAxMTc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQzZTBjYTNiNWY3MzYyMzY1ZDFmMDFiZDNkY2U2YmQ0YTI2OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK8pdfSOyZ7iHKJ5LcHz7dHfcOe/
m39NOsWJFBWb6mvfMOgK4EIkxKp+KdqX06Oe/y+m6ocdia1aI4b8R5GxAGVU8dEW
LSLW+bxmqlt9qymKiVaOB/usOnr9ej5BVo4w0mUXA7rRc9KnzSp9WawgG5uxyuAF
05Fle3Ty0Iehhed4yUldvW7Y1Amt3XWwzDS0ARrTU79s3D7711/sqjsM4L5oFaYE
M4G1npHJMdC0iXfy+RqlEhbTkh61+GfmWZ3mX9PnA/ESzmgIxZ7ZiwtxwPKizfAo
pF2LKjisEbkxK6P9//XOuMlFm5/TcoOM8yz0yt7930urFtkgqD217kSJyQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB5D4Mo7X3NiNl0fAb09zmvUomm4MB8GA1UdIwQY
MBaAFHgjJTIaMC8LrBMb7hHJrqaW5RC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUNNbE1ob3dMd3VzRXh2dUVjbXVwcGJsRUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jNzU2NDItMTcyYi00MmMxLWExZDEt
ZDI1NDY2YTFmYTlmLzEvSGtQZ3lqdGZjMkkyWFI4QnZUM09hOVNpYWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jNzU2NDItMTcyYi00MmMxLWExZDEtZDI1NDY2YTFmYTlm
LzEvZUNNbE1ob3dMd3VzRXh2dUVjbXVwcGJsRUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAk+0wDwQC
AAIwCQMHACABBngKPDANBgkqhkiG9w0BAQsFAAOCAQEAecFZPLblLcM23m/PRj65
P1888FPqSc6F4MfvFhLfT40ZCs3yAjKfePD0MVJBLxZf7sBOf7LKCR7FOjyshyzn
wPzvzFnBIplO6KGU9ikijE6YT1iMpYDoOVjHmJeqN/4lJqVFC3VfvkWRV3bw2qP0
+wLGpFqVjJK+V2myhJav3Y8Yp/dt0F+mfn52hPJ2qhivmjXOC/U35gAYpmJCCbyT
lJz8dvBUz/Q1Fmm6tJByCqYEHhtzVeg9kDwrGp8iwxWKNRF4SjCoqDzpUtWF8ZYC
okQZ9/aY4w5PQEKTBxwOnvr85v2YtTQF5Lpc9NkZ6y6BPqTfALI8jTyXsb5sYyzG
6Q==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:34 2025 by rpki-client