Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/hC6THvKHe5uSDROMW6kLELYwxL0.roa
File: hC6THvKHe5uSDROMW6kLELYwxL0.roa (raw, json)
Hash identifier: WD5tslYZuls5xxVxHqrkg7m1jUZOFnnaeXM0AUBhaiI=
Subject key identifier: 84:2E:93:1E:F2:87:7B:9B:92:0D:13:8C:5B:A9:0B:10:B6:30:C4:BD
Certificate issuer: /CN=c1ae636549f56d84858ff96c8b1630e8cb8a48af
Certificate serial: 0194221F45C439AA78ED8C982A311C28DF27
Authority key identifier: C1:AE:63:65:49:F5:6D:84:85:8F:F9:6C:8B:16:30:E8:CB:8A:48:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/hC6THvKHe5uSDROMW6kLELYwxL0.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42176
IP address blocks: 92.42.80.0/22 maxlen: 22
92.42.80.0/24 maxlen: 24
92.42.81.0/24 maxlen: 24
92.42.82.0/24 maxlen: 24
92.42.83.0/24 maxlen: 24
92.42.84.0/23 maxlen: 23
92.42.84.0/24 maxlen: 24
92.42.85.0/24 maxlen: 24
92.42.86.0/24 maxlen: 24
92.42.87.0/24 maxlen: 24
2a10:8e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/wa5jZUn1bYSFj_lsixYw6MuKSK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/wa5jZUn1bYSFj_lsixYw6MuKSK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:45:c4:39:aa:78:ed:8c:98:2a:31:1c:28:df:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ae636549f56d84858ff96c8b1630e8cb8a48af
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=842e931ef2877b9b920d138c5ba90b10b630c4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9e:25:59:49:d2:8b:cd:65:a0:38:6a:55:f0:
01:1f:8c:32:fc:4e:67:e1:6d:5c:01:9b:62:7a:b2:
e9:70:8d:2d:66:09:5b:81:26:08:e2:f0:cc:b0:89:
b5:fa:09:1b:b7:e0:40:6a:eb:53:e8:69:18:72:d3:
0a:3c:bd:2c:4e:ba:54:c8:fc:e2:cb:d1:49:6a:39:
7c:69:66:e6:1a:4d:94:0b:b6:78:1c:aa:89:b3:f8:
b4:44:10:8e:39:89:3d:c7:b5:d4:c2:12:21:09:86:
21:3c:fd:00:02:e1:31:08:c3:79:8a:1e:45:6a:c8:
3c:30:b1:8b:97:c1:1e:96:6a:1e:f8:ac:b4:c9:20:
5d:05:39:82:0a:d5:56:4b:3a:cf:7a:9c:0a:ca:6b:
63:06:5b:9f:c3:e8:54:6e:cb:31:75:2e:e2:01:66:
59:b4:82:91:c4:8e:c7:88:a1:53:10:b7:f0:31:1f:
e7:57:78:5f:4c:17:d7:8f:f5:64:fa:ca:ed:82:b2:
12:6a:33:e4:01:1b:d8:09:38:c3:9b:8c:2f:c0:b9:
63:69:54:85:13:65:5e:8a:eb:6c:ea:f8:f0:ee:85:
09:40:d8:7b:41:2a:e0:06:64:07:2e:58:b3:3e:c1:
f9:39:30:70:27:9c:48:94:03:53:9e:69:2d:6a:56:
f8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2E:93:1E:F2:87:7B:9B:92:0D:13:8C:5B:A9:0B:10:B6:30:C4:BD
X509v3 Authority Key Identifier:
keyid:C1:AE:63:65:49:F5:6D:84:85:8F:F9:6C:8B:16:30:E8:CB:8A:48:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa5jZUn1bYSFj_lsixYw6MuKSK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/hC6THvKHe5uSDROMW6kLELYwxL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4b908d-f43a-4882-a66f-b216844ac1e4/1/wa5jZUn1bYSFj_lsixYw6MuKSK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.80.0/21
IPv6:
2a10:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
80:d9:df:b3:e5:bf:74:95:07:1c:76:ab:04:9e:6e:2d:d1:d7:
93:1c:15:d7:c8:e4:14:15:f7:2e:c8:a0:dd:db:20:2a:1f:a8:
2a:78:ba:d9:53:fe:96:ee:cc:42:38:dc:a4:ae:97:06:4e:da:
ef:b9:ec:76:cc:03:90:f1:87:bb:eb:80:2e:50:7b:c8:7c:70:
41:8a:3f:fb:06:ab:e1:f3:7a:22:db:29:15:03:50:44:c5:66:
9a:76:5a:35:bb:e7:30:54:32:65:dc:3e:7f:76:d6:b5:46:70:
e2:0d:7a:42:50:3c:22:14:2e:70:44:98:14:73:d2:33:60:1f:
e1:25:65:9c:b2:ce:d7:af:35:ee:37:75:96:77:35:1d:3e:ab:
8f:a6:99:a1:fe:0f:18:1f:b2:8c:0c:3d:79:f5:27:9a:cf:50:
c3:9d:f1:9e:bf:16:fb:cd:39:a7:29:4f:17:70:40:af:9b:73:
05:52:66:e3:02:e3:51:5b:f4:f3:26:f6:69:7f:15:b5:8f:8b:
cb:0f:3c:9f:e9:3c:de:38:4c:c2:69:89:1d:79:fd:88:41:20:
80:9d:d5:b6:82:3a:4a:0d:97:a5:73:31:43:27:2f:32:35:3d:
cc:8c:8a:23:fc:ec:53:67:49:aa:c1:2b:9b:a7:18:24:fd:ee:
fe:03:aa:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH0XEOap47YyYKjEcKN8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWU2MzY1NDlmNTZkODQ4NThmZjk2YzhiMTYzMGU4Y2I4
YTQ4YWYwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJlOTMxZWYyODc3YjliOTIwZDEzOGM1YmE5MGIxMGI2MzBjNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh54lWUnSi81loDhqVfABH4wy/E5n
4W1cAZtierLpcI0tZglbgSYI4vDMsIm1+gkbt+BAautT6GkYctMKPL0sTrpUyPzi
y9FJajl8aWbmGk2UC7Z4HKqJs/i0RBCOOYk9x7XUwhIhCYYhPP0AAuExCMN5ih5F
asg8MLGLl8Eelmoe+Ky0ySBdBTmCCtVWSzrPepwKymtjBlufw+hUbssxdS7iAWZZ
tIKRxI7HiKFTELfwMR/nV3hfTBfXj/Vk+srtgrISajPkARvYCTjDm4wvwLljaVSF
E2Veiuts6vjw7oUJQNh7QSrgBmQHLlizPsH5OTBwJ5xIlANTnmktalb4DQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIQukx7yh3ubkg0TjFupCxC2MMS9MB8GA1UdIwQY
MBaAFMGuY2VJ9W2EhY/5bIsWMOjLikivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2E1alpVbjFiWVNGal9sc2l4WXc2TXVLU0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80YjkwOGQtZjQzYS00ODgyLWE2NmYt
YjIxNjg0NGFjMWU0LzEvaEM2VEh2S0hlNXVTRFJPTVc2a0xFTFl3eEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80YjkwOGQtZjQzYS00ODgyLWE2NmYtYjIxNjg0NGFjMWU0
LzEvd2E1alpVbjFiWVNGal9sc2l4WXc2TXVLU0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXCpQMA0E
AgACMAcDBQMqEI5AMA0GCSqGSIb3DQEBCwUAA4IBAQCA2d+z5b90lQccdqsEnm4t
0deTHBXXyOQUFfcuyKDd2yAqH6gqeLrZU/6W7sxCONykrpcGTtrvuex2zAOQ8Ye7
64AuUHvIfHBBij/7Bqvh83oi2ykVA1BExWaadlo1u+cwVDJl3D5/dta1RnDiDXpC
UDwiFC5wRJgUc9IzYB/hJWWcss7XrzXuN3WWdzUdPquPppmh/g8YH7KMDD159Sea
z1DDnfGevxb7zTmnKU8XcECvm3MFUmbjAuNRW/TzJvZpfxW1j4vLDzyf6TzeOEzC
aYkdef2IQSCAndW2gjpKDZelczFDJy8yNT3MjIoj/OxTZ0mqwSubpxgk/e7+A6pF
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:10:45 2025 by rpki-client