Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1-hNQKqM3p5hU8SHeuYTnEfQwHfY.roa
File: 1-hNQKqM3p5hU8SHeuYTnEfQwHfY.roa (raw, json)
Hash identifier: EX1hFNLBx3xPiUsaeYnwTJoJXa0R6e5XBlNXZIr5rA4=
Subject key identifier: FA:13:50:2A:A3:37:A7:98:54:F1:21:DE:B9:84:E7:11:F4:30:1D:F6
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD5D15A9A25A82696DCDE8F8301867
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1-hNQKqM3p5hU8SHeuYTnEfQwHfY.roa
Signing time: Thu 02 Jan 2025 07:49:08 +0000
ROA not before: Thu 02 Jan 2025 07:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60544
IP address blocks: 62.76.205.0/24 maxlen: 32
194.226.244.0/23 maxlen: 32
195.209.149.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 02:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5d:15:a9:a2:5a:82:69:6d:cd:e8:f8:30:18:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa13502aa337a79854f121deb984e711f4301df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:46:67:e0:c6:29:2a:2e:71:f8:f9:0f:7e:e0:
71:f7:eb:11:32:6e:dc:4a:c9:e3:c5:9f:6b:3f:ad:
6e:54:9d:37:e6:70:6b:db:e1:21:8d:5c:39:ba:33:
90:f1:51:5e:89:66:3f:bf:62:3c:04:9c:2f:42:81:
68:8a:4d:10:05:1f:e9:17:83:04:f7:a6:2b:85:48:
b6:b5:dc:09:1c:93:67:27:d0:13:92:93:37:51:5c:
35:91:a5:1b:e6:5c:c0:83:c4:c4:ac:08:e0:0f:e2:
90:8b:22:48:98:c8:7d:54:43:0e:e7:1d:59:12:80:
99:92:e8:46:cc:d1:85:46:5e:a1:d2:4b:b9:1f:a1:
e6:ef:dd:8a:2c:df:fd:d8:7a:17:b9:83:2e:5b:82:
5c:ee:ca:37:4e:80:dd:7e:7c:54:e6:50:67:c0:f1:
2a:a8:05:22:f9:52:48:c6:85:4e:7f:e2:b9:79:d4:
e1:7e:fa:be:b6:e8:e0:37:94:1d:ae:bf:f1:a5:17:
df:56:a4:6b:ec:35:ac:fb:5a:5e:a0:ac:d9:dd:82:
80:e9:c4:13:d5:2f:30:ea:36:ea:9e:e9:8c:83:26:
6f:e4:23:27:e3:19:16:71:36:60:8c:c4:d9:aa:40:
8a:bf:ee:5f:02:8a:58:fc:08:e1:14:0e:db:7b:29:
83:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:13:50:2A:A3:37:A7:98:54:F1:21:DE:B9:84:E7:11:F4:30:1D:F6
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1-hNQKqM3p5hU8SHeuYTnEfQwHfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.205.0/24
194.226.244.0/23
195.209.149.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:18:9e:18:f3:39:b1:22:96:ea:94:ec:be:02:c6:d9:bb:42:
4a:8f:45:fe:6e:72:6a:0b:5e:6d:14:0f:89:64:92:62:6d:45:
e2:45:d7:2e:bd:f3:cc:c9:fe:7c:74:59:60:fd:05:fe:d4:41:
46:0b:ee:67:d9:58:14:6d:8e:b4:28:d5:a7:ea:a9:51:a6:b5:
37:7e:66:4d:11:d4:7f:33:d0:95:90:bf:a1:39:35:b6:2a:99:
45:bb:11:12:a1:9f:c8:a7:23:93:5e:63:df:04:9e:09:16:0c:
ec:14:13:22:e6:70:9c:6a:a6:83:d6:38:3b:13:14:05:d7:f6:
d5:42:25:e8:b7:ad:67:7e:4f:11:97:8a:d8:88:71:db:e5:97:
4c:6c:53:64:5c:40:23:9a:3e:9c:e8:46:46:58:c2:b5:bd:22:
b1:15:5d:2d:ff:4f:85:70:cb:de:aa:9a:4e:83:1f:2d:34:bb:
f8:21:f9:33:6f:b6:26:76:c4:3c:ff:b3:52:99:5b:fa:c7:4b:
ff:df:3b:a5:bc:42:82:be:91:a9:59:6a:7d:9c:20:b9:d1:d1:
6b:04:8b:0d:1c:59:9d:08:73:88:34:97:b0:ca:06:2f:e0:09:
92:62:70:7b:17:92:ae:ba:12:31:b7:e0:07:0b:d7:6e:b6:b7:
fd:45:f2:ed
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQl/V0VqaJagmltzej4MBhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTEzNTAyYWEzMzdhNzk4NTRmMTIxZGViOTg0ZTcxMWY0MzAxZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUZn4MYpKi5x+PkPfuBx9+sRMm7c
SsnjxZ9rP61uVJ035nBr2+EhjVw5ujOQ8VFeiWY/v2I8BJwvQoFoik0QBR/pF4ME
96YrhUi2tdwJHJNnJ9ATkpM3UVw1kaUb5lzAg8TErAjgD+KQiyJImMh9VEMO5x1Z
EoCZkuhGzNGFRl6h0ku5H6Hm792KLN/92HoXuYMuW4Jc7so3ToDdfnxU5lBnwPEq
qAUi+VJIxoVOf+K5edThfvq+tujgN5Qdrr/xpRffVqRr7DWs+1peoKzZ3YKA6cQT
1S8w6jbqnumMgyZv5CMn4xkWcTZgjMTZqkCKv+5fAopY/AjhFA7beymD5QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPoTUCqjN6eYVPEh3rmE5xH0MB32MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMS1oTlFLcU0zcDVoVThTSGV1WVRuRWZRd0hmWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTEvOTc0NzRjLTFkYzItNDYyYy1hYWRkLTllOWExZTAzNzM4
ZS8xL0pUbzdYMUdBZ1dqQ0VzQ1VvcnF2ODQ0V1Jrby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAD5MzQME
AcLi9AMEAMPRlTANBgkqhkiG9w0BAQsFAAOCAQEALxieGPM5sSKW6pTsvgLG2btC
So9F/m5yagtebRQPiWSSYm1F4kXXLr3zzMn+fHRZYP0F/tRBRgvuZ9lYFG2OtCjV
p+qpUaa1N35mTRHUfzPQlZC/oTk1tiqZRbsREqGfyKcjk15j3wSeCRYM7BQTIuZw
nGqmg9Y4OxMUBdf21UIl6LetZ35PEZeK2Ihx2+WXTGxTZFxAI5o+nOhGRljCtb0i
sRVdLf9PhXDL3qqaToMfLTS7+CH5M2+2JnbEPP+zUplb+sdL/987pbxCgr6RqVlq
fZwgudHRawSLDRxZnQhziDSXsMoGL+AJkmJwexeSrroSMbfgBwvXbra3/UXy7Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:54:15 2025 by rpki-client