Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/H1xZrK8BzhRwkTkCMVhmcve9QBM.roa
File: H1xZrK8BzhRwkTkCMVhmcve9QBM.roa (raw, json)
Hash identifier: Ikkhh1Z73FpF6J184UPhQAhV8U+jJLMRcZ3g/9Cu0hA=
Subject key identifier: 1F:5C:59:AC:AF:01:CE:14:70:91:39:02:31:58:66:72:F7:BD:40:13
Certificate issuer: /CN=9d69b6b2a0a72818d1fa9a46ef2ad7812b95bcc0
Certificate serial: 01952E4B50D28DB648F03ACF66EF65912D2C
Authority key identifier: 9D:69:B6:B2:A0:A7:28:18:D1:FA:9A:46:EF:2A:D7:81:2B:95:BC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nWm2sqCnKBjR-ppG7yrXgSuVvMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/H1xZrK8BzhRwkTkCMVhmcve9QBM.roa
Signing time: Sat 22 Feb 2025 15:34:02 +0000
ROA not before: Sat 22 Feb 2025 15:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48847
IP address blocks: 185.176.208.0/22 maxlen: 22
185.176.208.0/24 maxlen: 24
185.176.209.0/24 maxlen: 24
185.176.210.0/24 maxlen: 24
185.176.210.48/29 maxlen: 29
185.176.210.104/29 maxlen: 29
185.176.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/nWm2sqCnKBjR-ppG7yrXgSuVvMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/nWm2sqCnKBjR-ppG7yrXgSuVvMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nWm2sqCnKBjR-ppG7yrXgSuVvMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2e:4b:50:d2:8d:b6:48:f0:3a:cf:66:ef:65:91:2d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d69b6b2a0a72818d1fa9a46ef2ad7812b95bcc0
Validity
Not Before: Feb 22 15:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f5c59acaf01ce147091390231586672f7bd4013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4d:cc:a4:81:54:f3:4a:da:3a:c3:83:0d:6b:
d7:5f:ac:e1:83:67:fc:cb:b5:fa:2f:db:1a:1e:49:
5e:6b:e3:80:71:56:8f:51:92:a7:4f:8e:6c:80:86:
8a:a6:20:45:8b:04:45:bd:18:41:32:df:2d:35:b5:
3a:1e:b8:dd:5f:21:a2:4f:0d:40:c8:eb:8b:fb:96:
b6:39:39:fa:24:52:3c:8a:78:65:35:da:1e:73:47:
b0:5b:34:fa:14:63:71:78:3a:85:39:bc:a7:74:01:
87:8c:75:77:de:8b:61:21:8e:e5:2b:cc:32:cd:d9:
a4:14:ee:79:36:ba:75:db:b9:54:d5:ee:e9:e8:f2:
b9:c2:e2:5e:5b:f1:dd:d9:c7:63:68:f9:67:88:75:
c4:30:bd:7f:c1:cd:c1:6d:1e:2f:c0:a2:d2:61:b9:
0d:be:18:67:fc:76:40:9d:0b:53:5e:90:2c:64:9c:
60:9a:50:fc:89:7b:42:89:7b:20:89:6c:af:7f:ae:
ca:2d:35:23:0f:5c:19:1b:9f:57:52:6a:d5:3e:b8:
96:1b:59:74:ee:cc:73:a0:87:63:6a:80:b2:ac:9b:
9c:ff:31:c9:77:1a:a7:b1:b7:9b:be:e3:45:9b:4a:
9d:5f:2b:8e:7b:a8:c0:73:bb:1d:f4:ec:2a:d7:f1:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5C:59:AC:AF:01:CE:14:70:91:39:02:31:58:66:72:F7:BD:40:13
X509v3 Authority Key Identifier:
keyid:9D:69:B6:B2:A0:A7:28:18:D1:FA:9A:46:EF:2A:D7:81:2B:95:BC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWm2sqCnKBjR-ppG7yrXgSuVvMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/H1xZrK8BzhRwkTkCMVhmcve9QBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/633af2-5b4e-4a4c-b139-39607821a09a/1/nWm2sqCnKBjR-ppG7yrXgSuVvMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.208.0/22
Signature Algorithm: sha256WithRSAEncryption
75:37:7a:35:cd:96:25:5b:fa:65:7e:56:d7:b4:c5:68:4a:cb:
9c:17:50:3d:29:52:b8:36:ae:1e:e5:20:74:18:8d:ff:13:8f:
40:fb:c4:ab:68:69:11:3e:98:09:97:79:64:23:80:0a:e7:6c:
c4:cd:8a:84:d7:58:51:c3:1d:f4:e0:1e:14:d3:81:8f:9b:8d:
c8:18:4e:ca:42:73:67:14:dd:21:f5:39:2d:5f:4a:21:e3:2a:
57:73:18:7b:a1:3b:cb:7b:0a:18:07:7b:a7:fb:ab:d8:a5:d0:
28:79:69:21:ee:e2:87:3a:b6:b6:15:da:5f:ce:5b:e2:4d:dc:
be:5a:55:b0:59:3c:2b:da:08:c5:f7:53:4e:b4:ac:28:e8:24:
62:47:ac:e1:3a:fd:2e:44:7f:87:60:55:86:13:e5:1b:27:7f:
cb:0e:05:b8:eb:d2:87:de:bd:5c:28:22:a7:b1:7f:02:33:4a:
6a:6f:ff:30:90:cf:f9:58:ef:1d:2f:eb:ec:64:63:88:67:76:
ab:a2:23:be:c2:de:1c:9e:78:cc:da:d4:86:a1:41:cd:b0:9f:
a8:4d:8b:91:2b:53:ef:8a:0c:59:b8:19:e6:3a:8c:f3:c9:98:
bb:49:68:4c:9a:6c:d6:60:78:28:74:a3:35:56:fd:ca:82:6d:
ed:30:5a:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUuS1DSjbZI8DrPZu9lkS0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNjliNmIyYTBhNzI4MThkMWZhOWE0NmVmMmFkNzgxMmI5
NWJjYzAwHhcNMjUwMjIyMTUzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjVjNTlhY2FmMDFjZTE0NzA5MTM5MDIzMTU4NjY3MmY3YmQ0MDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U3MpIFU80raOsODDWvXX6zhg2f8
y7X6L9saHklea+OAcVaPUZKnT45sgIaKpiBFiwRFvRhBMt8tNbU6HrjdXyGiTw1A
yOuL+5a2OTn6JFI8inhlNdoec0ewWzT6FGNxeDqFObyndAGHjHV33othIY7lK8wy
zdmkFO55Nrp127lU1e7p6PK5wuJeW/Hd2cdjaPlniHXEML1/wc3BbR4vwKLSYbkN
vhhn/HZAnQtTXpAsZJxgmlD8iXtCiXsgiWyvf67KLTUjD1wZG59XUmrVPriWG1l0
7sxzoIdjaoCyrJuc/zHJdxqnsbebvuNFm0qdXyuOe6jAc7sd9Owq1/FXawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9cWayvAc4UcJE5AjFYZnL3vUATMB8GA1UdIwQY
MBaAFJ1ptrKgpygY0fqaRu8q14ErlbzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbldtMnNxQ25LQmpSLXBwRzd5clhnU3VWdk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS82MzNhZjItNWI0ZS00YTRjLWIxMzkt
Mzk2MDc4MjFhMDlhLzEvSDF4WnJLOEJ6aFJ3a1RrQ01WaG1jdmU5UUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS82MzNhZjItNWI0ZS00YTRjLWIxMzktMzk2MDc4MjFhMDlh
LzEvbldtMnNxQ25LQmpSLXBwRzd5clhnU3VWdk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubDQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1N3o1zZYlW/plflbXtMVoSsucF1A9KVK4Nq4e5SB0
GI3/E49A+8SraGkRPpgJl3lkI4AK52zEzYqE11hRwx304B4U04GPm43IGE7KQnNn
FN0h9TktX0oh4ypXcxh7oTvLewoYB3un+6vYpdAoeWkh7uKHOra2FdpfzlviTdy+
WlWwWTwr2gjF91NOtKwo6CRiR6zhOv0uRH+HYFWGE+UbJ3/LDgW469KH3r1cKCKn
sX8CM0pqb/8wkM/5WO8dL+vsZGOIZ3aroiO+wt4cnnjM2tSGoUHNsJ+oTYuRK1Pv
igxZuBnmOozzyZi7SWhMmmzWYHgodKM1Vv3Kgm3tMFpF
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:58 2025 by rpki-client