Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/HF0LqW6Nn7yrC4zWZGNegGbZJQI.roa
File: HF0LqW6Nn7yrC4zWZGNegGbZJQI.roa (raw, json)
Hash identifier: ZufShUH8VmdZ1SaW4ZA1zfhMayCSiwCUVqOn6kPrIf0=
Subject key identifier: 1C:5D:0B:A9:6E:8D:9F:BC:AB:0B:8C:D6:64:63:5E:80:66:D9:25:02
Certificate issuer: /CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Certificate serial: 0195F34AF18F9C5C0633FD5E3855B08161EE
Authority key identifier: 42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/HF0LqW6Nn7yrC4zWZGNegGbZJQI.roa
Signing time: Tue 01 Apr 2025 21:38:49 +0000
ROA not before: Tue 01 Apr 2025 21:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206260
IP address blocks: 83.223.208.0/20 maxlen: 24
141.0.128.0/20 maxlen: 24
143.110.96.0/19 maxlen: 24
185.13.124.0/22 maxlen: 24
2a02:f300::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 12:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f3:4a:f1:8f:9c:5c:06:33:fd:5e:38:55:b0:81:61:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f9a96952777f1074338303ecb65025c4e2b8b5
Validity
Not Before: Apr 1 21:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c5d0ba96e8d9fbcab0b8cd664635e8066d92502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ab:be:95:35:7f:b5:58:96:1e:03:87:26:a9:
78:5b:ad:5d:d9:8d:a0:17:4d:c8:5e:12:f7:3f:74:
a0:4a:0b:40:2d:0d:ea:68:ab:ed:d8:b6:c5:97:21:
95:ae:4f:94:79:35:89:a3:0e:2d:b6:4d:28:db:a1:
d9:e4:f6:90:27:76:e6:b4:4f:54:fe:d0:12:f1:39:
7c:1a:1e:ba:bd:8c:28:29:56:f3:8f:e3:c1:5a:a6:
7f:05:d9:14:02:0e:c6:68:cd:07:a1:23:8a:85:d3:
a9:d4:56:ec:0b:41:09:cb:95:df:cf:98:c2:d1:6a:
1f:b8:7d:e9:5e:89:50:31:92:f5:be:61:22:b8:cc:
3d:ec:46:e1:1b:db:b0:32:02:20:10:11:0f:25:25:
c1:9f:48:da:1b:b2:1a:e2:79:9b:74:08:54:3c:bd:
51:cc:08:0c:e3:7f:94:25:1d:3c:0a:da:5f:61:06:
08:b5:d4:ab:e2:57:ef:16:db:e0:bb:c2:e9:37:64:
39:e6:f5:73:87:5e:5c:af:44:ef:42:da:57:b8:ae:
a4:4d:ff:3a:f0:30:09:45:af:e1:b6:a2:49:98:50:
dc:e7:c3:28:fc:13:03:ee:57:2d:9e:66:5e:97:65:
90:b1:79:be:51:c1:0e:b3:a8:df:ab:7a:76:e1:8f:
ce:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5D:0B:A9:6E:8D:9F:BC:AB:0B:8C:D6:64:63:5E:80:66:D9:25:02
X509v3 Authority Key Identifier:
keyid:42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/HF0LqW6Nn7yrC4zWZGNegGbZJQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.208.0/20
141.0.128.0/20
143.110.96.0/19
185.13.124.0/22
IPv6:
2a02:f300::/29
Signature Algorithm: sha256WithRSAEncryption
90:e2:94:1e:df:1f:c1:af:8c:4e:12:3c:95:6c:cd:2a:f2:21:
9a:63:4a:c0:41:89:02:0e:6a:cc:56:a8:82:c7:4b:d6:d3:34:
15:bd:77:06:4f:5c:b1:a7:d0:fe:63:d5:99:26:6a:da:c1:43:
8b:7e:9e:ed:a7:82:f9:04:b6:3d:58:57:e1:5c:2f:f7:32:13:
3f:28:c2:a8:e8:93:2e:89:16:4b:68:d3:f4:f5:6e:65:3c:29:
4d:7d:96:a4:16:16:3c:88:e5:5e:7e:5a:4a:ef:53:48:c8:c4:
7f:d0:90:55:be:71:e9:af:19:b8:50:fe:65:4d:8c:6a:c3:69:
d3:9f:92:30:7d:33:1f:55:e0:56:03:65:9e:15:ff:30:89:8f:
26:ce:36:07:ec:00:18:15:43:76:23:53:13:1b:e9:26:6c:7b:
60:6a:7d:03:0a:94:a2:84:65:65:7c:9f:90:bc:dd:61:99:2e:
f6:1d:8f:d0:01:ab:64:f5:76:97:37:f9:b5:8f:0f:3c:5c:be:
8b:41:e1:10:50:a9:96:3a:69:80:ef:0c:f6:f8:45:f4:6c:29:
52:85:c3:bb:fe:a6:e0:dd:1f:92:45:ab:f5:ed:76:55:63:bd:
75:5a:ea:c7:c7:e5:19:25:00:1e:5d:06:4e:4b:2e:2d:79:1d:
fa:19:7e:03
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZXzSvGPnFwGM/1eOFWwgWHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjlhOTY5NTI3NzdmMTA3NDMzODMwM2VjYjY1MDI1YzRl
MmI4YjUwHhcNMjUwNDAxMjEzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVkMGJhOTZlOGQ5ZmJjYWIwYjhjZDY2NDYzNWU4MDY2ZDkyNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06u+lTV/tViWHgOHJql4W61d2Y2g
F03IXhL3P3SgSgtALQ3qaKvt2LbFlyGVrk+UeTWJow4ttk0o26HZ5PaQJ3bmtE9U
/tAS8Tl8Gh66vYwoKVbzj+PBWqZ/BdkUAg7GaM0HoSOKhdOp1FbsC0EJy5Xfz5jC
0WofuH3pXolQMZL1vmEiuMw97EbhG9uwMgIgEBEPJSXBn0jaG7Ia4nmbdAhUPL1R
zAgM43+UJR08CtpfYQYItdSr4lfvFtvgu8LpN2Q55vVzh15cr0TvQtpXuK6kTf86
8DAJRa/htqJJmFDc58Mo/BMD7lctnmZel2WQsXm+UcEOs6jfq3p24Y/ORwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBxdC6lujZ+8qwuM1mRjXoBm2SUCMB8GA1UdIwQY
MBaAFEL5qWlSd38QdDODA+y2UCXE4ri1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUt
NzdmYTI5MTI5OTRkLzEvSEYwTHFXNk5uN3lyQzR6V1pHTmVnR2JaSlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUtNzdmYTI5MTI5OTRk
LzEvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEU9/QAwQE
jQCAAwQFj25gAwQCuQ18MA0EAgACMAcDBQMqAvMAMA0GCSqGSIb3DQEBCwUAA4IB
AQCQ4pQe3x/Br4xOEjyVbM0q8iGaY0rAQYkCDmrMVqiCx0vW0zQVvXcGT1yxp9D+
Y9WZJmrawUOLfp7tp4L5BLY9WFfhXC/3MhM/KMKo6JMuiRZLaNP09W5lPClNfZak
FhY8iOVeflpK71NIyMR/0JBVvnHprxm4UP5lTYxqw2nTn5IwfTMfVeBWA2WeFf8w
iY8mzjYH7AAYFUN2I1MTG+kmbHtgan0DCpSihGVlfJ+QvN1hmS72HY/QAatk9XaX
N/m1jw88XL6LQeEQUKmWOmmA7wz2+EX0bClShcO7/qbg3R+SRav17XZVY711WurH
x+UZJQAeXQZOSy4teR36GX4D
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:04:10 2025 by rpki-client