Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/hyDMWUWDOwPLRhTXHqAvo0HE2Eg.roa
File: hyDMWUWDOwPLRhTXHqAvo0HE2Eg.roa (raw, json)
Hash identifier: qhk5EHJ02rRG0lhE9onju5bJfrP0rsBjK4tlKrdzuZc=
Subject key identifier: 87:20:CC:59:45:83:3B:03:CB:46:14:D7:1E:A0:2F:A3:41:C4:D8:48
Certificate issuer: /CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Certificate serial: 019422201E4CCC77D2ABE79B7F91B8F526CF
Authority key identifier: FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/hyDMWUWDOwPLRhTXHqAvo0HE2Eg.roa
Signing time: Wed 01 Jan 2025 13:48:37 +0000
ROA not before: Wed 01 Jan 2025 13:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57039
IP address blocks: 94.143.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1e:4c:cc:77:d2:ab:e7:9b:7f:91:b8:f5:26:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff56d837fe254fa92e1f3c2f861aa1e485521746
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8720cc5945833b03cb4614d71ea02fa341c4d848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:d6:85:f3:4a:07:8f:2e:26:7c:d9:94:8f:
e4:ca:e2:c8:95:3e:f6:7e:c4:d5:3c:c5:0c:3f:e6:
b8:fd:e7:68:5b:5d:42:c7:b3:84:68:cc:a5:03:31:
07:d1:bc:10:b5:68:c5:00:01:52:93:39:06:dc:05:
73:9d:80:85:2b:26:e0:d7:19:4d:31:9b:b2:13:64:
60:71:3b:6f:69:64:a6:e9:84:93:b7:5c:19:a6:c0:
d7:93:37:a7:5b:29:73:ab:7d:e5:cc:73:e2:76:cf:
75:74:69:a5:30:41:d2:a4:32:1a:00:0f:99:11:ef:
77:fa:92:97:ff:9b:dd:a5:41:31:1a:a3:20:a7:c7:
0c:61:19:c8:d1:6b:f1:df:66:12:a2:f8:ca:30:55:
3c:e5:51:56:c4:56:bb:36:6a:a9:e0:9a:57:17:de:
5e:da:3e:6b:5d:91:50:fd:b2:dc:59:a9:29:b6:80:
cc:27:30:3b:23:a6:a3:a1:70:2a:78:52:20:b0:60:
e2:95:15:81:eb:b5:5a:06:66:22:07:15:48:58:f2:
28:41:71:e0:f1:d7:32:93:ab:34:5c:c7:a1:db:8d:
0c:33:43:cc:fd:bf:b2:bf:ae:3d:08:dd:e9:c6:3b:
bb:ae:dd:4b:63:dc:07:bf:32:72:ee:e8:ea:a2:b3:
50:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:20:CC:59:45:83:3B:03:CB:46:14:D7:1E:A0:2F:A3:41:C4:D8:48
X509v3 Authority Key Identifier:
keyid:FF:56:D8:37:FE:25:4F:A9:2E:1F:3C:2F:86:1A:A1:E4:85:52:17:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/hyDMWUWDOwPLRhTXHqAvo0HE2Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1b3749-9673-412d-b348-50fc4d557d08/1/_1bYN_4lT6kuHzwvhhqh5IVSF0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.99.0/24
Signature Algorithm: sha256WithRSAEncryption
24:5c:70:7d:5a:28:f8:ea:2b:d8:e1:8a:15:5f:fd:6b:c4:ca:
40:2a:3a:2a:44:f4:0b:05:21:06:ea:1e:1d:61:90:b3:f6:86:
84:e8:02:67:d4:a1:a7:d6:21:96:19:19:ea:cb:8f:0e:2f:39:
3c:c8:5b:d8:aa:e9:bc:ce:77:da:e1:c4:8e:c0:d4:0f:7c:b6:
09:88:8a:61:89:c3:4d:69:54:52:df:cc:57:70:ee:13:38:78:
04:b2:6c:e2:64:aa:18:44:bd:5b:46:b7:7f:16:4e:4c:0e:e8:
3e:36:6f:bf:79:d9:8f:af:a0:ae:b8:40:2c:c2:7a:be:41:11:
a5:6d:6c:b2:4f:bd:4a:9c:d9:d0:6a:2a:8a:02:7d:ed:1d:55:
5e:bf:be:43:92:3c:37:87:89:a2:f0:e4:9f:f9:b8:d0:24:34:
e8:e1:9f:56:6c:c5:cc:8b:a3:15:d0:74:d0:59:e6:a7:eb:63:
e3:50:81:47:bb:c4:aa:00:e7:1c:ca:a7:4d:b5:71:1e:d5:4e:
6c:3e:d4:c7:a7:31:0b:f6:45:52:a7:7a:3b:73:22:7c:ac:4b:
65:69:4b:a0:40:b5:68:f0:3e:9a:39:70:c5:b6:96:ef:6d:ef:
8e:ea:94:0a:80:24:d3:7e:39:73:7c:e1:73:71:62:72:f4:22:
5e:60:a6:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIB5MzHfSq+ebf5G49SbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTZkODM3ZmUyNTRmYTkyZTFmM2MyZjg2MWFhMWU0ODU1
MjE3NDYwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzIwY2M1OTQ1ODMzYjAzY2I0NjE0ZDcxZWEwMmZhMzQxYzRkODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoITWhfNKB48uJnzZlI/kyuLIlT72
fsTVPMUMP+a4/edoW11Cx7OEaMylAzEH0bwQtWjFAAFSkzkG3AVznYCFKybg1xlN
MZuyE2RgcTtvaWSm6YSTt1wZpsDXkzenWylzq33lzHPids91dGmlMEHSpDIaAA+Z
Ee93+pKX/5vdpUExGqMgp8cMYRnI0Wvx32YSovjKMFU85VFWxFa7Nmqp4JpXF95e
2j5rXZFQ/bLcWakptoDMJzA7I6ajoXAqeFIgsGDilRWB67VaBmYiBxVIWPIoQXHg
8dcyk6s0XMeh240MM0PM/b+yv649CN3pxju7rt1LY9wHvzJy7ujqorNQbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcgzFlFgzsDy0YU1x6gL6NBxNhIMB8GA1UdIwQY
MBaAFP9W2Df+JU+pLh88L4YaoeSFUhdGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgt
NTBmYzRkNTU3ZDA4LzEvaHlETVdVV0RPd1BMUmhUWEhxQXZvMEhFMkVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xYjM3NDktOTY3My00MTJkLWIzNDgtNTBmYzRkNTU3ZDA4
LzEvXzFiWU5fNGxUNmt1SHp3dmhocWg1SVZTRjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo9jMA0G
CSqGSIb3DQEBCwUAA4IBAQAkXHB9Wij46ivY4YoVX/1rxMpAKjoqRPQLBSEG6h4d
YZCz9oaE6AJn1KGn1iGWGRnqy48OLzk8yFvYqum8znfa4cSOwNQPfLYJiIphicNN
aVRS38xXcO4TOHgEsmziZKoYRL1bRrd/Fk5MDug+Nm+/edmPr6CuuEAswnq+QRGl
bWyyT71KnNnQaiqKAn3tHVVev75Dkjw3h4mi8OSf+bjQJDTo4Z9WbMXMi6MV0HTQ
Wean62PjUIFHu8SqAOccyqdNtXEe1U5sPtTHpzEL9kVSp3o7cyJ8rEtlaUugQLVo
8D6aOXDFtpbvbe+O6pQKgCTTfjlzfOFzcWJy9CJeYKbn
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:49 2025 by rpki-client