Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/HFN5MH980DuANiJdbkL6ohnJj_k.roa
File: HFN5MH980DuANiJdbkL6ohnJj_k.roa (raw, json)
Hash identifier: Em5iJ0QcHb70vMs6Q6eEnq42l8uUpkT28Ocl0kx6uPc=
Subject key identifier: 1C:53:79:30:7F:7C:D0:3B:80:36:22:5D:6E:42:FA:A2:19:C9:8F:F9
Certificate issuer: /CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Certificate serial: 019420D5FE8096790A65449F0FA79C2A001F
Authority key identifier: 66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/HFN5MH980DuANiJdbkL6ohnJj_k.roa
Signing time: Wed 01 Jan 2025 07:48:02 +0000
ROA not before: Wed 01 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200435
IP address blocks: 185.63.172.0/22 maxlen: 24
185.63.172.0/24 maxlen: 24
185.63.173.0/24 maxlen: 24
185.63.174.0/24 maxlen: 24
185.63.175.0/24 maxlen: 24
2a04:f600::/29 maxlen: 48
2a04:f600:4454::/48 maxlen: 48
2a04:f600:4455::/48 maxlen: 48
2a04:f600:4456::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:fe:80:96:79:0a:65:44:9f:0f:a7:9c:2a:00:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Validity
Not Before: Jan 1 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c5379307f7cd03b8036225d6e42faa219c98ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1f:dd:a9:58:fc:75:79:f5:f8:e8:65:b6:c5:
9b:a3:cb:4f:77:07:19:33:53:f7:e3:d9:7a:21:9f:
f2:da:c8:7f:97:bf:20:0f:99:da:9c:6d:a1:34:b1:
ba:0f:a0:ff:0d:c3:b7:f3:af:ff:f0:29:bf:90:5f:
5e:8c:f4:cd:38:5e:05:22:21:47:42:ca:3a:e8:23:
33:08:d3:5a:1a:89:29:35:e3:a5:08:66:22:aa:ce:
46:27:84:04:0b:38:a8:43:76:e9:be:fb:f5:03:a3:
07:89:d8:6d:f1:f1:d4:13:df:b6:40:9d:5f:f7:c4:
9c:2b:67:f0:f9:cb:11:09:1c:a3:25:d2:c4:1f:80:
21:14:b3:aa:18:d4:20:50:dd:66:3b:11:0c:44:b4:
10:da:5e:31:67:f8:0a:b7:91:92:87:6c:02:ef:ea:
c3:7b:74:26:da:e2:f5:01:4c:cb:cb:1b:af:f2:0c:
62:19:bd:7a:0a:c2:e9:4a:f8:06:81:ce:3f:56:08:
6e:f6:b1:15:5b:96:ed:2a:37:7b:ef:ac:09:bc:88:
71:c9:91:69:df:6c:2f:17:96:14:38:09:7a:95:6c:
d6:84:26:14:5e:b4:70:3a:47:02:c6:97:68:72:82:
02:ee:a3:c0:bc:c0:5a:4a:7c:b2:da:49:82:dd:2a:
b1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:53:79:30:7F:7C:D0:3B:80:36:22:5D:6E:42:FA:A2:19:C9:8F:F9
X509v3 Authority Key Identifier:
keyid:66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/HFN5MH980DuANiJdbkL6ohnJj_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.172.0/22
IPv6:
2a04:f600::/29
Signature Algorithm: sha256WithRSAEncryption
57:7c:2f:07:50:87:10:27:c8:33:60:c2:97:33:14:04:81:e1:
86:1d:53:f1:85:85:2a:8a:60:33:5b:1c:94:bb:b8:b1:36:a6:
f0:27:4d:ac:87:29:f9:26:92:74:00:86:48:96:8f:e1:87:78:
d7:3a:a4:d9:cc:06:d8:78:81:d8:3d:da:42:65:17:13:14:11:
14:df:e1:c7:c6:a6:d6:e5:2b:6a:2b:56:64:50:7e:11:a4:dd:
2e:8b:1a:b4:b7:91:32:29:89:15:91:94:68:fd:d7:4d:7f:f4:
8d:57:5a:4d:9e:30:3c:a4:7d:32:f0:d7:96:4d:6a:0a:96:47:
fe:1b:90:c1:97:cd:ba:1c:62:02:a1:6a:f7:23:e6:b5:0b:11:
b6:45:7e:86:76:12:e6:0e:3a:e4:66:f4:9f:82:f6:35:fc:79:
62:b8:6d:72:58:03:a7:f3:72:b8:9d:6e:ce:17:cb:13:8a:52:
cf:db:b2:69:40:e7:0e:0d:ea:a3:d0:25:14:8d:0d:f6:49:c7:
3f:ed:fb:53:99:6d:21:e6:e6:53:0d:22:c7:65:50:bc:22:fa:
33:0d:b4:f9:98:1a:2a:e5:f9:c3:29:bc:9c:8c:86:31:75:83:
65:af:70:73:da:80:ec:6f:35:85:a9:3f:0d:7e:b2:06:dc:ef:
30:5f:24:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1f6AlnkKZUSfD6ecKgAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDA1ODBlMTcyNWY0NWRlMTA2Yjk3Zjc3ZDljZDc2YmM0
ZGY4MDYwHhcNMjUwMTAxMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzUzNzkzMDdmN2NkMDNiODAzNjIyNWQ2ZTQyZmFhMjE5Yzk4ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR/dqVj8dXn1+OhltsWbo8tPdwcZ
M1P349l6IZ/y2sh/l78gD5nanG2hNLG6D6D/DcO386//8Cm/kF9ejPTNOF4FIiFH
Qso66CMzCNNaGokpNeOlCGYiqs5GJ4QECzioQ3bpvvv1A6MHidht8fHUE9+2QJ1f
98ScK2fw+csRCRyjJdLEH4AhFLOqGNQgUN1mOxEMRLQQ2l4xZ/gKt5GSh2wC7+rD
e3Qm2uL1AUzLyxuv8gxiGb16CsLpSvgGgc4/Vghu9rEVW5btKjd776wJvIhxyZFp
32wvF5YUOAl6lWzWhCYUXrRwOkcCxpdocoIC7qPAvMBaSnyy2kmC3SqxlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBxTeTB/fNA7gDYiXW5C+qIZyY/5MB8GA1UdIwQY
MBaAFGbQWA4XJfRd4Qa5f3fZzXa8TfgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMt
OTVkOTVhY2U4MjgxLzEvSEZONU1IOTgwRHVBTmlKZGJrTDZvaG5Kal9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMtOTVkOTVhY2U4Mjgx
LzEvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT+sMA0E
AgACMAcDBQMqBPYAMA0GCSqGSIb3DQEBCwUAA4IBAQBXfC8HUIcQJ8gzYMKXMxQE
geGGHVPxhYUqimAzWxyUu7ixNqbwJ02shyn5JpJ0AIZIlo/hh3jXOqTZzAbYeIHY
PdpCZRcTFBEU3+HHxqbW5StqK1ZkUH4RpN0uixq0t5EyKYkVkZRo/ddNf/SNV1pN
njA8pH0y8NeWTWoKlkf+G5DBl826HGICoWr3I+a1CxG2RX6GdhLmDjrkZvSfgvY1
/HliuG1yWAOn83K4nW7OF8sTilLP27JpQOcODeqj0CUUjQ32Scc/7ftTmW0h5uZT
DSLHZVC8IvozDbT5mBoq5fnDKbycjIYxdYNlr3Bz2oDsbzWFqT8NfrIG3O8wXyRu
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:18 2025 by rpki-client