Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/HjBdGnhybid2C595W3x079_g4B4.roa
File: HjBdGnhybid2C595W3x079_g4B4.roa (raw, json)
Hash identifier: v+C23gu8k1/qt/3u1DnW05bxaSg0FPXYnyiIOMdSkro=
Subject key identifier: 1E:30:5D:1A:78:72:6E:27:76:0B:9F:79:5B:7C:74:EF:DF:E0:E0:1E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B392861D6EC5A531C048859B2F7894
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/HjBdGnhybid2C595W3x079_g4B4.roa
Signing time: Thu 02 Jan 2025 15:47:47 +0000
ROA not before: Thu 02 Jan 2025 15:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 45.128.198.0/24 maxlen: 24
136.144.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:92:86:1d:6e:c5:a5:31:c0:48:85:9b:2f:78:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e305d1a78726e27760b9f795b7c74efdfe0e01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ed:8a:bf:09:52:9e:f4:53:ee:be:a2:80:78:
9c:b4:f5:2e:46:de:5a:03:ef:f0:f3:34:0a:a3:22:
cc:2d:5a:95:cc:b3:32:75:36:59:fc:a3:76:da:5c:
76:8a:d8:de:10:f0:72:b2:97:38:95:45:3e:1b:9c:
39:6a:b9:8e:c4:a9:26:b1:b1:78:c7:ba:a7:e1:7e:
c0:04:58:48:54:62:b0:6b:8f:0b:64:1c:c2:3f:54:
69:55:ec:44:dd:1b:f9:8c:bd:ed:cf:d8:b3:64:32:
53:6e:3c:4d:5e:a9:a0:6e:28:ea:54:10:31:c3:c9:
9d:6a:01:4e:c8:e6:78:cd:c7:9d:49:b0:26:e5:32:
e7:a1:4f:44:3b:19:73:19:4d:d3:fb:65:bf:fa:bc:
70:a5:ba:c4:f8:fa:97:b6:45:99:ef:6b:57:eb:20:
90:42:29:97:8f:5a:14:0b:bc:90:8c:24:27:a3:b7:
64:56:c1:86:7c:06:45:74:69:8f:18:cc:54:50:98:
0b:a2:27:e7:86:c9:9b:10:14:77:b1:f8:20:4b:ab:
b2:f9:b0:a0:c5:58:83:a1:81:f5:88:48:c1:eb:c7:
26:4a:0b:89:43:8e:09:b2:a4:2e:40:c4:32:f1:92:
ce:ea:8c:6f:db:b5:74:2c:34:2b:78:01:10:b5:78:
17:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:30:5D:1A:78:72:6E:27:76:0B:9F:79:5B:7C:74:EF:DF:E0:E0:1E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/HjBdGnhybid2C595W3x079_g4B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.198.0/24
136.144.40.0/24
Signature Algorithm: sha256WithRSAEncryption
75:f8:88:c0:97:13:28:5e:90:0b:28:0e:b7:e0:c5:e5:0b:46:
7b:59:84:2f:b7:d8:6f:ff:85:23:ee:89:ce:83:86:2e:d4:1e:
7f:20:f6:4f:d8:ab:c0:fd:7a:07:47:17:dc:32:2e:91:90:bf:
82:80:af:06:fe:c7:b5:75:a9:be:67:c9:f2:98:9d:48:58:2a:
a0:e2:0e:a8:08:ef:d9:94:82:4b:f0:b8:42:74:0b:e9:56:a9:
db:ae:13:d7:3b:aa:37:c7:0c:3c:74:af:fb:84:9c:33:13:28:
a0:27:4b:90:f7:cb:4e:c3:e0:bc:53:7d:90:3e:89:f7:8e:30:
da:da:7f:88:a3:20:fb:52:63:c1:87:73:35:51:97:f7:db:29:
b6:69:e8:3e:d6:a3:c7:c3:b0:d1:ca:a1:e0:e8:1b:9a:d6:75:
ca:9b:7d:f9:7c:f1:a9:26:05:08:86:f9:a6:ac:d2:f9:59:85:
d6:d9:50:74:20:6c:25:d9:bc:5f:cb:97:4a:b6:1a:e1:90:84:
d1:2e:a3:e2:8b:4d:09:a0:42:5f:31:70:0b:86:ef:7d:ab:91:
ad:50:d2:fc:46:78:3f:ca:c7:e6:d6:d7:6e:91:04:5b:71:1b:
f4:f1:3a:51:83:a8:56:11:7a:67:12:80:a7:eb:d0:e1:00:0c:
2f:04:e7:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns5KGHW7FpTHASIWbL3iUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTMwNWQxYTc4NzI2ZTI3NzYwYjlmNzk1YjdjNzRlZmRmZTBlMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAye2KvwlSnvRT7r6igHictPUuRt5a
A+/w8zQKoyLMLVqVzLMydTZZ/KN22lx2itjeEPByspc4lUU+G5w5armOxKkmsbF4
x7qn4X7ABFhIVGKwa48LZBzCP1RpVexE3Rv5jL3tz9izZDJTbjxNXqmgbijqVBAx
w8mdagFOyOZ4zcedSbAm5TLnoU9EOxlzGU3T+2W/+rxwpbrE+PqXtkWZ72tX6yCQ
QimXj1oUC7yQjCQno7dkVsGGfAZFdGmPGMxUUJgLoifnhsmbEBR3sfggS6uy+bCg
xViDoYH1iEjB68cmSguJQ44JsqQuQMQy8ZLO6oxv27V0LDQreAEQtXgXJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4wXRp4cm4ndgufeVt8dO/f4OAeMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSGpCZEduaHliaWQyQzU5NVczeDA3OV9nNEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYDGAwQA
iJAoMA0GCSqGSIb3DQEBCwUAA4IBAQB1+IjAlxMoXpALKA634MXlC0Z7WYQvt9hv
/4Uj7onOg4Yu1B5/IPZP2KvA/XoHRxfcMi6RkL+CgK8G/se1dam+Z8nymJ1IWCqg
4g6oCO/ZlIJL8LhCdAvpVqnbrhPXO6o3xww8dK/7hJwzEyigJ0uQ98tOw+C8U32Q
Pon3jjDa2n+IoyD7UmPBh3M1UZf32ym2aeg+1qPHw7DRyqHg6Bua1nXKm335fPGp
JgUIhvmmrNL5WYXW2VB0IGwl2bxfy5dKthrhkITRLqPii00JoEJfMXALhu99q5Gt
UNL8Rng/ysfm1tdukQRbcRv08TpRg6hWEXpnEoCn69DhAAwvBOdC
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:37:32 2025 by rpki-client