Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/HSuDnzcAlue63_e4y4OYNpRzfOM.roa
File: HSuDnzcAlue63_e4y4OYNpRzfOM.roa (raw, json)
Hash identifier: 2RMQVOMX9MWINnX100maYIWBBtnYRoQ7hW/UubkuFuk=
Subject key identifier: 1D:2B:83:9F:37:00:96:E7:BA:DF:F7:B8:CB:83:98:36:94:73:7C:E3
Certificate issuer: /CN=ebf760c05773c15d73676450344668fefb723447
Certificate serial: 0194258FC0FA5ECFFCC6371ECC5A3EF567B3
Authority key identifier: EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/HSuDnzcAlue63_e4y4OYNpRzfOM.roa
Signing time: Thu 02 Jan 2025 05:49:25 +0000
ROA not before: Thu 02 Jan 2025 05:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 37.98.224.0/21 maxlen: 24
85.113.90.0/23 maxlen: 24
85.194.196.0/22 maxlen: 24
109.205.112.0/21 maxlen: 24
185.76.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c0:fa:5e:cf:fc:c6:37:1e:cc:5a:3e:f5:67:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf760c05773c15d73676450344668fefb723447
Validity
Not Before: Jan 2 05:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d2b839f370096e7badff7b8cb83983694737ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c4:98:6a:65:c9:6e:93:33:e0:f9:f1:2c:5f:
8f:0f:f0:99:30:9b:14:52:1c:62:52:fc:3b:43:8b:
9c:76:ed:74:26:7e:34:df:a3:6e:7e:47:e0:54:de:
8a:4a:c1:bd:63:6a:1e:c9:08:a1:0b:4c:93:2f:31:
16:4b:2d:1d:df:ce:5d:c3:5a:90:68:1d:91:ed:cc:
de:91:f0:dc:d1:8a:55:b3:0e:41:86:5a:8b:54:19:
de:59:fd:6e:fa:b9:f1:cf:80:13:92:1c:16:0d:1d:
a7:de:28:ff:fc:58:ff:91:b8:19:6c:0e:97:c4:4e:
8e:98:de:98:7f:f1:96:f8:e0:38:e8:6b:c2:d8:32:
f5:1b:8a:41:2b:34:25:d3:ce:d0:3e:fe:17:b9:30:
2e:46:83:41:44:19:29:f9:1c:72:5e:3e:c1:56:c7:
93:bf:fc:e4:8f:67:8f:ee:4f:fb:f6:7a:6a:5b:a6:
ee:27:08:2b:58:ba:c2:6b:00:86:21:0d:7f:41:9b:
62:ca:0d:62:71:89:2b:1f:ba:1b:a8:d1:e9:b8:5a:
3c:ca:20:ed:a3:36:d0:89:16:7e:52:b4:7d:f2:49:
6f:f7:39:9e:81:46:ac:f6:58:08:c9:8d:ea:ff:6e:
bf:8b:1e:a3:6a:80:d3:d8:90:f0:01:69:2e:7c:2d:
81:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2B:83:9F:37:00:96:E7:BA:DF:F7:B8:CB:83:98:36:94:73:7C:E3
X509v3 Authority Key Identifier:
keyid:EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/HSuDnzcAlue63_e4y4OYNpRzfOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.224.0/21
85.113.90.0/23
85.194.196.0/22
109.205.112.0/21
185.76.32.0/22
Signature Algorithm: sha256WithRSAEncryption
11:6d:27:93:a9:50:59:27:fe:d9:0b:ba:8d:3d:c9:8a:75:7e:
84:fc:52:f4:cc:ff:38:c8:5c:48:fb:fc:6f:66:5c:ac:62:21:
6b:63:28:62:d8:92:02:89:54:8e:82:ba:26:41:ba:c8:01:06:
b6:be:1e:c6:a0:0f:3f:7e:86:85:20:01:87:52:cf:03:5b:85:
17:df:8c:1a:9c:bf:e0:e8:ea:29:90:3a:4b:5a:7b:d1:be:80:
14:8a:23:23:e4:1b:94:1f:63:6e:a9:69:cc:4d:f5:d3:94:0a:
2f:1c:f4:dc:d8:fb:97:a5:d9:57:70:1a:30:77:da:9a:c0:e0:
40:bf:bb:f9:cc:8f:ca:47:50:07:41:9a:b2:d0:00:1f:38:21:
54:61:4b:5b:0a:80:f8:42:f6:b7:e3:8e:f9:b2:30:31:b8:45:
46:57:32:25:2f:a7:f4:eb:d3:e9:e7:36:a0:e4:fc:8a:0f:c4:
07:a7:1a:91:1f:d0:a2:38:ca:8d:f5:eb:10:16:d5:89:79:1a:
c8:a5:13:2d:b5:7a:e6:3d:9b:2e:ef:9e:36:7b:1c:75:14:24:
a6:aa:95:89:10:98:e0:97:3d:0b:ea:43:7d:3c:f8:75:4c:b1:
e3:67:ce:1f:7f:ed:bd:4c:c9:3c:e4:c5:fd:41:71:6d:31:71:
0d:4b:1a:dc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlj8D6Xs/8xjcezFo+9WezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjc2MGMwNTc3M2MxNWQ3MzY3NjQ1MDM0NDY2OGZlZmI3
MjM0NDcwHhcNMjUwMTAyMDU0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJiODM5ZjM3MDA5NmU3YmFkZmY3YjhjYjgzOTgzNjk0NzM3Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisSYamXJbpMz4PnxLF+PD/CZMJsU
UhxiUvw7Q4ucdu10Jn4036NufkfgVN6KSsG9Y2oeyQihC0yTLzEWSy0d385dw1qQ
aB2R7czekfDc0YpVsw5BhlqLVBneWf1u+rnxz4ATkhwWDR2n3ij//Fj/kbgZbA6X
xE6OmN6Yf/GW+OA46GvC2DL1G4pBKzQl087QPv4XuTAuRoNBRBkp+RxyXj7BVseT
v/zkj2eP7k/79npqW6buJwgrWLrCawCGIQ1/QZtiyg1icYkrH7obqNHpuFo8yiDt
ozbQiRZ+UrR98klv9zmegUas9lgIyY3q/26/ix6jaoDT2JDwAWkufC2BgQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB0rg583AJbnut/3uMuDmDaUc3zjMB8GA1UdIwQY
MBaAFOv3YMBXc8Fdc2dkUDRGaP77cjRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYt
NDkwOTg4OTdlZTRhLzEvSFN1RG56Y0FsdWU2M19lNHk0T1lOcFJ6Zk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYtNDkwOTg4OTdlZTRh
LzEvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJWLgAwQB
VXFaAwQCVcLEAwQDbc1wAwQCuUwgMA0GCSqGSIb3DQEBCwUAA4IBAQARbSeTqVBZ
J/7ZC7qNPcmKdX6E/FL0zP84yFxI+/xvZlysYiFrYyhi2JICiVSOgromQbrIAQa2
vh7GoA8/foaFIAGHUs8DW4UX34wanL/g6OopkDpLWnvRvoAUiiMj5BuUH2NuqWnM
TfXTlAovHPTc2PuXpdlXcBowd9qawOBAv7v5zI/KR1AHQZqy0AAfOCFUYUtbCoD4
Qva34475sjAxuEVGVzIlL6f069Pp5zag5PyKD8QHpxqRH9CiOMqN9esQFtWJeRrI
pRMttXrmPZsu7542exx1FCSmqpWJEJjglz0L6kN9PPh1TLHjZ84ff+29TMk85MX9
QXFtMXENSxrc
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:08:09 2025 by rpki-client