Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/hOu0RIEKB2ppqE90CKomzj_fPaU.roa
File: hOu0RIEKB2ppqE90CKomzj_fPaU.roa (raw, json)
Hash identifier: 5puJ0YRx40NGpD/EpFU4mHjPixkjg4PxMixsFx+pf6M=
Subject key identifier: 84:EB:B4:44:81:0A:07:6A:69:A8:4F:74:08:AA:26:CE:3F:DF:3D:A5
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0194282394B86F7A3DED192F2BD279FF3C59
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/hOu0RIEKB2ppqE90CKomzj_fPaU.roa
Signing time: Thu 02 Jan 2025 17:50:07 +0000
ROA not before: Thu 02 Jan 2025 17:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197727
IP address blocks: 185.15.164.0/22 maxlen: 22
185.15.165.0/24 maxlen: 24
185.15.167.0/24 maxlen: 24
194.151.12.0/24 maxlen: 24
194.151.85.0/24 maxlen: 24
194.151.86.0/24 maxlen: 24
2001:67c:21ac::/48 maxlen: 48
2a03:ca40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:94:b8:6f:7a:3d:ed:19:2f:2b:d2:79:ff:3c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 17:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84ebb444810a076a69a84f7408aa26ce3fdf3da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a7:b5:05:d3:ff:c1:13:17:f1:90:dc:a7:a9:
18:10:fc:02:d4:0b:c8:14:a7:8f:ed:9f:8f:6d:37:
82:96:1d:7d:6c:9e:84:8f:46:9c:53:9a:f4:a1:29:
38:4b:ed:3e:0e:52:05:62:3e:05:ad:f9:a2:1d:71:
b6:58:04:15:3b:b7:35:ab:d7:d6:52:56:03:a6:16:
1e:f4:71:78:5f:90:d5:81:8a:c7:44:fe:ed:5b:1f:
52:bf:95:96:1e:b7:0e:08:d3:0d:38:a7:61:e9:59:
35:0f:c5:51:d7:f2:67:4a:41:3d:dd:76:21:8a:1e:
61:4c:f2:d0:79:68:ad:59:d5:71:1f:68:96:76:2b:
ea:a9:6b:4b:08:59:e7:8f:1e:79:b4:39:dd:e3:72:
66:38:39:d1:89:09:28:bb:44:40:e6:96:27:d6:de:
8f:5e:71:8b:ce:d3:7d:99:cf:fb:c3:56:62:94:2a:
ad:d1:b7:ca:84:81:f6:c9:e5:59:19:f2:ef:05:7a:
bf:b3:45:02:99:14:ed:d1:15:62:bc:bf:90:49:57:
d3:ea:fe:0e:5e:d3:54:b8:bb:42:3c:7e:c3:fb:df:
74:ad:13:ca:3e:8e:41:75:81:d3:65:ae:c6:d9:ca:
de:8e:20:15:ec:fa:a0:53:f4:26:a8:5a:76:d5:64:
d6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EB:B4:44:81:0A:07:6A:69:A8:4F:74:08:AA:26:CE:3F:DF:3D:A5
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/hOu0RIEKB2ppqE90CKomzj_fPaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.164.0/22
194.151.12.0/24
194.151.85.0-194.151.86.255
IPv6:
2001:67c:21ac::/48
2a03:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
1f:12:ef:61:87:2c:b5:ba:11:0b:ab:f7:d5:ab:da:09:86:d0:
b0:7d:c1:03:f2:40:24:21:ac:c1:89:4e:bc:1e:bb:8f:46:3f:
db:d2:72:bc:89:9e:71:f0:92:fa:e3:fa:58:e6:52:c5:58:95:
fb:e0:60:4c:44:37:06:8d:dd:63:3f:96:0d:e6:00:96:29:72:
b2:be:bf:0a:0c:7e:f7:b2:0d:67:c2:71:97:20:78:7b:63:98:
32:df:a9:cc:8f:14:25:bc:3d:c0:6a:a8:d7:07:b8:2d:6e:bd:
ee:7d:ab:c1:88:2f:1c:79:73:d0:cb:80:91:06:2d:f1:e2:18:
02:06:2e:0c:f6:33:66:fc:71:4a:8d:a8:fa:b9:ca:f8:da:83:
59:77:2c:ed:45:a1:cd:de:8f:a4:c8:ff:0b:37:52:3b:04:66:
8d:57:68:46:2d:29:53:b3:16:e2:ca:75:a5:c0:9c:33:d7:5f:
50:b9:b2:9d:11:03:2a:5f:26:5e:7a:c4:cf:fc:fb:be:b1:c8:
5f:89:84:c4:f7:41:10:ab:68:85:ed:21:07:65:08:9b:62:7e:
d0:37:33:6c:fa:44:70:2e:a5:09:ae:c6:38:d5:01:0f:8b:41:
69:86:49:5c:3b:0b:19:d5:95:0d:d0:d3:0f:c9:6e:a0:64:cf:
22:50:94:c2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQoI5S4b3o97RkvK9J5/zxZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjUwMTAyMTc1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGViYjQ0NDgxMGEwNzZhNjlhODRmNzQwOGFhMjZjZTNmZGYzZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ae1BdP/wRMX8ZDcp6kYEPwC1AvI
FKeP7Z+PbTeClh19bJ6Ej0acU5r0oSk4S+0+DlIFYj4FrfmiHXG2WAQVO7c1q9fW
UlYDphYe9HF4X5DVgYrHRP7tWx9Sv5WWHrcOCNMNOKdh6Vk1D8VR1/JnSkE93XYh
ih5hTPLQeWitWdVxH2iWdivqqWtLCFnnjx55tDnd43JmODnRiQkou0RA5pYn1t6P
XnGLztN9mc/7w1ZilCqt0bfKhIH2yeVZGfLvBXq/s0UCmRTt0RVivL+QSVfT6v4O
XtNUuLtCPH7D+990rRPKPo5BdYHTZa7G2crejiAV7PqgU/QmqFp21WTW9wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFITrtESBCgdqaahPdAiqJs4/3z2lMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvaE91MFJJRUtCMnBwcUU5MENLb216al9mUGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAgBAIAATAaAwQCuQ+kAwQA
wpcMMAwDBADCl1UDBADCl1YwFgQCAAIwEAMHACABBnwhrAMFACoDykAwDQYJKoZI
hvcNAQELBQADggEBAB8S72GHLLW6EQur99Wr2gmG0LB9wQPyQCQhrMGJTrweu49G
P9vScryJnnHwkvrj+ljmUsVYlfvgYExENwaN3WM/lg3mAJYpcrK+vwoMfveyDWfC
cZcgeHtjmDLfqcyPFCW8PcBqqNcHuC1uve59q8GILxx5c9DLgJEGLfHiGAIGLgz2
M2b8cUqNqPq5yvjag1l3LO1Foc3ej6TI/ws3UjsEZo1XaEYtKVOzFuLKdaXAnDPX
X1C5sp0RAypfJl56xM/8+76xyF+JhMT3QRCraIXtIQdlCJtiftA3M2z6RHAupQmu
xjjVAQ+LQWmGSVw7CxnVlQ3Q0w/JbqBkzyJQlMI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:43 2025 by rpki-client