Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/DhpjYYnnQRX_gH1jOgohiF5w7_g.roa
File: DhpjYYnnQRX_gH1jOgohiF5w7_g.roa (raw, json)
Hash identifier: 6epCnUc7MHwWt7dT4YK5/Hy4X2KplE/XQWzoTMH6bb8=
Subject key identifier: 0E:1A:63:61:89:E7:41:15:FF:80:7D:63:3A:0A:21:88:5E:70:EF:F8
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 019422FC1517E9BF8F49FE50EE517B57D213
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/DhpjYYnnQRX_gH1jOgohiF5w7_g.roa
Signing time: Wed 01 Jan 2025 17:48:53 +0000
ROA not before: Wed 01 Jan 2025 17:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206037
IP address blocks: 185.14.176.0/24 maxlen: 24
185.14.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:15:17:e9:bf:8f:49:fe:50:ee:51:7b:57:d2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Jan 1 17:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e1a636189e74115ff807d633a0a21885e70eff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ab:61:97:c5:51:7a:aa:a8:50:17:de:65:cc:
5d:47:0d:2e:b2:0e:de:2f:6d:e2:b7:da:da:b1:85:
d5:0b:b1:1f:ea:f8:60:12:ae:4d:78:98:81:eb:c3:
cf:d9:a0:f5:99:54:15:94:fa:55:e4:2e:39:e3:da:
e7:11:4e:71:a5:04:46:4b:96:37:cd:b0:26:e1:3c:
fd:c2:9a:f2:0a:9d:0f:f0:bb:fc:26:07:5c:19:a3:
00:d3:e7:1f:97:53:a8:d5:0c:d0:28:3e:7e:2d:3e:
24:77:b4:00:ae:60:3f:e4:1c:28:d4:20:20:2b:f4:
d1:32:21:01:7d:59:3c:6e:cb:87:55:d5:68:0c:0e:
8d:54:00:07:74:cf:0c:12:46:fc:b2:85:33:bb:2a:
b3:ae:ae:f9:07:1d:1a:57:81:ce:cf:8b:c0:84:90:
42:26:4e:f3:cf:ba:9b:4d:8a:79:24:46:63:08:10:
bb:fa:8f:12:aa:36:1c:2c:33:15:3a:16:5e:76:c3:
7f:9a:18:0a:f5:3a:30:8a:2c:94:b4:b7:c5:9a:e2:
8c:4a:1d:2d:17:b0:9a:20:39:b1:b7:38:3f:7d:82:
31:f5:45:ef:21:42:24:05:fc:68:51:e8:4b:eb:58:
62:c8:f7:3e:b3:84:9d:69:f0:df:5c:86:0b:92:ba:
e6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1A:63:61:89:E7:41:15:FF:80:7D:63:3A:0A:21:88:5E:70:EF:F8
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/DhpjYYnnQRX_gH1jOgohiF5w7_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.176.0/24
185.14.178.0/24
Signature Algorithm: sha256WithRSAEncryption
67:b2:56:1f:e2:13:0d:b4:bf:5d:b5:d6:35:0a:ed:6e:93:74:
e1:48:0e:e0:a4:2e:35:31:7b:f7:4d:f3:c2:eb:9d:ac:fe:b9:
7d:c8:3d:31:6b:69:7c:ff:31:40:65:3b:34:8f:ad:3e:1b:19:
6e:c8:33:bc:e8:a3:b8:c4:37:5e:f9:48:56:8d:63:5c:c2:e1:
d6:5c:47:d8:81:5e:32:5d:5e:25:6f:91:fc:42:42:31:ce:83:
e8:5e:f4:e4:99:1e:05:db:2e:c6:b5:18:aa:2d:a4:0a:50:5d:
4d:de:ee:e7:67:14:19:d2:97:95:a0:04:04:e0:f3:c7:a4:5c:
00:f4:4c:9b:31:75:5c:5c:bb:45:c8:8f:96:88:65:1f:2c:4c:
1e:9f:a5:3e:08:1d:c0:e9:8d:64:68:37:09:1a:ad:ae:a9:3b:
aa:d1:5d:6e:a0:ab:d5:77:f8:b0:38:a9:9d:84:87:ff:f0:c2:
b9:67:37:2f:78:ad:6e:60:76:05:f8:5e:4d:4f:3d:b2:94:12:
87:5c:62:eb:88:b5:fc:08:46:25:b1:8e:68:d9:87:eb:a3:41:
84:53:a8:1f:5a:36:31:f0:ec:4b:bd:aa:a6:be:02:b3:b1:39:
84:d3:43:7f:7b:64:95:70:7b:e4:d8:e8:c1:01:7b:bb:4e:55:
ad:a6:70:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQi/BUX6b+PSf5Q7lF7V9ITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjUwMTAxMTc0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFhNjM2MTg5ZTc0MTE1ZmY4MDdkNjMzYTBhMjE4ODVlNzBlZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKthl8VReqqoUBfeZcxdRw0usg7e
L23it9rasYXVC7Ef6vhgEq5NeJiB68PP2aD1mVQVlPpV5C4549rnEU5xpQRGS5Y3
zbAm4Tz9wpryCp0P8Lv8JgdcGaMA0+cfl1Oo1QzQKD5+LT4kd7QArmA/5Bwo1CAg
K/TRMiEBfVk8bsuHVdVoDA6NVAAHdM8MEkb8soUzuyqzrq75Bx0aV4HOz4vAhJBC
Jk7zz7qbTYp5JEZjCBC7+o8SqjYcLDMVOhZedsN/mhgK9TowiiyUtLfFmuKMSh0t
F7CaIDmxtzg/fYIx9UXvIUIkBfxoUehL61hiyPc+s4SdafDfXIYLkrrmXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA4aY2GJ50EV/4B9YzoKIYhecO/4MB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvRGhwallZbm5RUlhfZ0gxak9nb2hpRjV3N19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ6wAwQA
uQ6yMA0GCSqGSIb3DQEBCwUAA4IBAQBnslYf4hMNtL9dtdY1Cu1uk3ThSA7gpC41
MXv3TfPC652s/rl9yD0xa2l8/zFAZTs0j60+GxluyDO86KO4xDde+UhWjWNcwuHW
XEfYgV4yXV4lb5H8QkIxzoPoXvTkmR4F2y7GtRiqLaQKUF1N3u7nZxQZ0peVoAQE
4PPHpFwA9EybMXVcXLtFyI+WiGUfLEwen6U+CB3A6Y1kaDcJGq2uqTuq0V1uoKvV
d/iwOKmdhIf/8MK5ZzcveK1uYHYF+F5NTz2ylBKHXGLriLX8CEYlsY5o2Yfro0GE
U6gfWjYx8OxLvaqmvgKzsTmE00N/e2SVcHvk2OjBAXu7TlWtpnCl
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:09 2025 by rpki-client