Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/0HQu8Zx0bqoT8VblZx7T-KABTMs.roa
File: 0HQu8Zx0bqoT8VblZx7T-KABTMs.roa (raw, json)
Hash identifier: PMmgS2CzSt2RGIZOxQkouUiRA5CO+OAI06wmRBvm14c=
Subject key identifier: D0:74:2E:F1:9C:74:6E:AA:13:F1:56:E5:67:1E:D3:F8:A0:01:4C:CB
Certificate issuer: /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial: 01941F8BFF12A5E19ACFD7C0879171A99A50
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/0HQu8Zx0bqoT8VblZx7T-KABTMs.roa
Signing time: Wed 01 Jan 2025 01:47:36 +0000
ROA not before: Wed 01 Jan 2025 01:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 5.57.96.0/19 maxlen: 24
78.108.224.0/20 maxlen: 24
80.69.208.0/20 maxlen: 24
109.122.128.0/18 maxlen: 24
185.147.224.0/22 maxlen: 24
213.55.0.0/18 maxlen: 24
2a00:a080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.mft
rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:ff:12:a5:e1:9a:cf:d7:c0:87:91:71:a9:9a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Validity
Not Before: Jan 1 01:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0742ef19c746eaa13f156e5671ed3f8a0014ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:d3:af:be:f3:14:9d:90:14:e2:f4:66:e8:
37:aa:0b:35:f7:2b:e0:86:4b:1f:90:f2:fe:1b:69:
2d:1a:b7:ae:ed:28:38:16:1f:d4:16:18:bf:84:85:
f9:93:05:8a:77:ad:9e:a9:ed:2d:e1:2b:83:5a:68:
5d:80:4d:80:aa:52:1d:39:1b:30:23:1b:99:99:8c:
6e:1a:4d:8a:fc:0d:4d:9d:7f:ab:e3:ab:5b:ba:b2:
4a:e6:ae:fb:48:e0:db:db:db:d0:f1:0d:3d:be:24:
a9:12:a2:60:f2:2e:36:25:ff:a6:cb:14:36:99:97:
80:51:5b:0a:2d:c4:df:66:d8:2d:04:b0:18:6e:aa:
7e:a1:77:fd:30:77:15:e4:ea:1c:71:5e:77:14:86:
ae:7f:00:55:55:17:1c:dd:7e:89:15:20:da:d4:75:
a5:e6:0c:80:ea:77:f7:31:ce:ef:13:b8:8a:8e:b1:
3a:10:42:11:9e:b6:d6:81:4d:a8:d0:5b:c0:bf:74:
2e:b7:cc:b5:b7:79:f7:0d:1c:d9:44:7f:89:b0:1c:
82:c1:06:ca:46:2c:72:3a:c6:8c:13:4a:9f:6a:d5:
b1:7d:04:7f:ce:fe:76:83:88:18:10:98:67:0d:23:
7f:40:e8:de:33:c8:4b:4a:32:23:00:6c:4d:a1:b4:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:74:2E:F1:9C:74:6E:AA:13:F1:56:E5:67:1E:D3:F8:A0:01:4C:CB
X509v3 Authority Key Identifier:
keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/0HQu8Zx0bqoT8VblZx7T-KABTMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.96.0/19
78.108.224.0/20
80.69.208.0/20
109.122.128.0/18
185.147.224.0/22
213.55.0.0/18
IPv6:
2a00:a080::/32
Signature Algorithm: sha256WithRSAEncryption
38:66:6d:71:b1:a9:a7:c5:c0:5e:fc:b5:45:c9:25:3e:7a:d5:
cf:4f:a5:12:6b:83:99:f1:9a:65:af:e5:61:37:91:ae:e9:7d:
c1:89:a0:cf:ee:0b:45:aa:81:aa:cc:a6:2b:9d:a0:ee:64:cf:
20:f0:cf:5b:21:1a:5f:b0:a6:57:9b:c3:2a:a7:b2:f4:15:af:
b5:d5:4e:a9:84:9d:96:d7:64:f8:37:3e:ee:87:61:f3:73:7f:
44:2f:95:5e:11:1b:4f:ba:49:44:22:63:a9:84:71:47:1a:20:
d6:7e:ce:d2:c3:17:3a:a6:76:14:ba:90:c5:c7:d9:83:79:bb:
3b:40:f9:09:89:f5:43:d5:83:2d:c5:3d:9c:fe:b5:dc:28:4b:
59:2f:48:c9:5b:2b:70:2f:d5:b7:47:58:74:ad:2b:ae:62:13:
17:a8:5d:bc:fb:97:51:83:9a:03:01:08:5b:bf:af:74:12:4b:
a2:89:f9:f9:9f:5f:cb:fd:1c:04:70:ef:07:7b:6b:46:60:7d:
ad:b6:c7:02:cb:d5:07:0a:56:ab:55:c6:c7:cc:71:7d:72:11:
15:c4:a2:1c:fa:1e:2d:f9:a1:3d:c9:94:7a:ca:a0:45:ec:67:
1c:6c:ce:b1:b6:cd:b8:b3:26:fc:b1:4d:91:35:59:f4:44:34:
60:1e:a0:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQfi/8SpeGaz9fAh5FxqZpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgwZTYwYjVhZGY0NWFlYmE1YzBjOGFiY2NjNjM5OTdh
MGYxZGIwHhcNMjUwMTAxMDE0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc0MmVmMTljNzQ2ZWFhMTNmMTU2ZTU2NzFlZDNmOGEwMDE0Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaTTr77zFJ2QFOL0Zug3qgs19yvg
hksfkPL+G2ktGreu7Sg4Fh/UFhi/hIX5kwWKd62eqe0t4SuDWmhdgE2AqlIdORsw
IxuZmYxuGk2K/A1NnX+r46tburJK5q77SODb29vQ8Q09viSpEqJg8i42Jf+myxQ2
mZeAUVsKLcTfZtgtBLAYbqp+oXf9MHcV5OoccV53FIaufwBVVRcc3X6JFSDa1HWl
5gyA6nf3Mc7vE7iKjrE6EEIRnrbWgU2o0FvAv3Qut8y1t3n3DRzZRH+JsByCwQbK
RixyOsaME0qfatWxfQR/zv52g4gYEJhnDSN/QOjeM8hLSjIjAGxNobTDIQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNB0LvGcdG6qE/FW5Wce0/igAUzLMB8GA1UdIwQY
MBaAFFe4DmC1rfRa66XAyKvMxjmXoPHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMt
ZTZlOGFhZTM0ODI2LzEvMEhRdThaeDBicW9UOFZibFp4N1QtS0FCVE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMtZTZlOGFhZTM0ODI2
LzEvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFBTlgAwQE
TmzgAwQEUEXQAwQGbXqAAwQCuZPgAwQG1TcAMA0EAgACMAcDBQAqAKCAMA0GCSqG
SIb3DQEBCwUAA4IBAQA4Zm1xsamnxcBe/LVFySU+etXPT6USa4OZ8Zplr+VhN5Gu
6X3BiaDP7gtFqoGqzKYrnaDuZM8g8M9bIRpfsKZXm8Mqp7L0Fa+11U6phJ2W12T4
Nz7uh2Hzc39EL5VeERtPuklEImOphHFHGiDWfs7Swxc6pnYUupDFx9mDebs7QPkJ
ifVD1YMtxT2c/rXcKEtZL0jJWytwL9W3R1h0rSuuYhMXqF28+5dRg5oDAQhbv690
Ekuiifn5n1/L/RwEcO8He2tGYH2ttscCy9UHClarVcbHzHF9chEVxKIc+h4t+aE9
yZR6yqBF7GccbM6xts24syb8sU2RNVn0RDRgHqCg
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:37 2025 by rpki-client