Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/64c4a7-361a-4829-a462-6924257530b0/1/iM-HUbcoELfWgS-lPVnMpAjn2tU.roa
File: iM-HUbcoELfWgS-lPVnMpAjn2tU.roa (raw, json)
Hash identifier: FOA+HRQLHHEYU2ci+E8byaoG9+so0NlIhMx5zOmbRnU=
Subject key identifier: 88:CF:87:51:B7:28:10:B7:D6:81:2F:A5:3D:59:CC:A4:08:E7:DA:D5
Certificate issuer: /CN=45e6985c8dac8cc6772b7fd39c3a75644c25a25a
Certificate serial: 019425FCBD94544DF5A988CB191411E3A023
Authority key identifier: 45:E6:98:5C:8D:AC:8C:C6:77:2B:7F:D3:9C:3A:75:64:4C:25:A2:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ReaYXI2sjMZ3K3_TnDp1ZEwlolo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/64c4a7-361a-4829-a462-6924257530b0/1/iM-HUbcoELfWgS-lPVnMpAjn2tU.roa
Signing time: Thu 02 Jan 2025 07:48:28 +0000
ROA not before: Thu 02 Jan 2025 07:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16086
IP address blocks: 185.174.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/64c4a7-361a-4829-a462-6924257530b0/1/ReaYXI2sjMZ3K3_TnDp1ZEwlolo.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/64c4a7-361a-4829-a462-6924257530b0/1/ReaYXI2sjMZ3K3_TnDp1ZEwlolo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ReaYXI2sjMZ3K3_TnDp1ZEwlolo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:bd:94:54:4d:f5:a9:88:cb:19:14:11:e3:a0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e6985c8dac8cc6772b7fd39c3a75644c25a25a
Validity
Not Before: Jan 2 07:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88cf8751b72810b7d6812fa53d59cca408e7dad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9c:62:8a:f7:51:89:e3:9c:0b:94:0d:e4:fc:
7e:a8:36:3b:28:ef:bd:7a:5e:05:d5:42:0a:5e:af:
0d:af:86:fa:26:69:be:1c:8d:de:64:a7:89:79:ba:
ad:ed:3b:5e:87:da:3a:3a:c7:18:20:cd:e4:a6:05:
c9:f3:dd:a4:dd:22:db:de:bf:4c:af:0d:c6:09:3a:
fa:10:be:48:c7:c4:95:14:f0:71:3b:a9:4a:56:fc:
e8:d1:76:3d:83:13:f8:97:b2:3d:82:0d:e0:fd:09:
d4:ea:1f:26:e0:67:9b:13:8f:79:5a:46:97:fe:0a:
62:8a:54:f7:2e:6a:c6:01:80:ef:99:f1:b8:48:1a:
73:00:79:31:70:c1:2b:67:f9:3f:ff:c0:ee:2c:93:
7a:35:a4:d2:02:19:41:99:6f:e3:ff:df:99:9c:b5:
fe:ac:55:60:15:c3:94:e2:8e:39:bc:0c:e0:aa:d8:
8a:3b:46:63:84:a1:9c:8a:b2:d9:09:bd:31:08:e9:
4d:f4:39:27:80:b1:cb:66:cc:2a:09:a8:af:7b:d3:
7c:58:63:3d:97:c6:85:54:18:42:01:09:82:bc:59:
26:b3:ba:e0:fd:10:12:bb:a3:e1:27:a7:f6:f1:70:
e7:5d:ef:65:65:58:aa:57:55:ad:3a:93:da:15:33:
6a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:CF:87:51:B7:28:10:B7:D6:81:2F:A5:3D:59:CC:A4:08:E7:DA:D5
X509v3 Authority Key Identifier:
keyid:45:E6:98:5C:8D:AC:8C:C6:77:2B:7F:D3:9C:3A:75:64:4C:25:A2:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ReaYXI2sjMZ3K3_TnDp1ZEwlolo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/64c4a7-361a-4829-a462-6924257530b0/1/iM-HUbcoELfWgS-lPVnMpAjn2tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/64c4a7-361a-4829-a462-6924257530b0/1/ReaYXI2sjMZ3K3_TnDp1ZEwlolo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:96:1e:3a:56:bb:c1:72:64:ea:13:21:47:54:3f:da:2a:ee:
19:6b:12:72:6a:11:cc:c3:fb:13:c9:1c:9d:30:81:3a:62:12:
4b:35:46:c8:03:2d:0d:e9:97:bc:4d:6d:30:e2:16:2f:13:0c:
21:45:1e:1c:43:ac:e6:52:1d:d0:11:94:ef:50:cb:fd:53:8a:
86:92:0a:5b:04:bd:61:82:e3:df:d2:12:5c:92:8f:81:e3:2f:
0a:fb:c8:9a:69:68:94:b2:5d:d2:d5:8f:e3:1c:5f:8f:52:f0:
f9:6d:2a:b7:b1:bd:ed:e9:89:22:9f:20:d2:15:20:90:16:fe:
9c:22:98:01:8b:06:5a:14:f0:60:4b:03:ad:84:e1:aa:ea:af:
28:14:cd:1b:80:13:89:9f:a1:16:5f:86:be:1b:ae:68:a2:ee:
3d:fe:12:a6:d0:08:73:99:7a:09:8f:af:f3:3a:be:6b:13:d2:
21:a8:6f:b5:38:b3:51:41:d1:3b:1c:db:54:c9:0e:eb:ea:13:
73:14:bd:1a:a0:23:9c:88:f0:a1:42:7e:ec:87:e8:4d:fe:a5:
cd:44:69:ce:92:c7:7c:5f:a4:79:de:52:5a:20:4c:ba:cf:a5:
09:24:6a:ed:45:a5:a8:76:c3:f0:89:d2:06:6c:9f:28:bb:63:
87:06:24:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/L2UVE31qYjLGRQR46AjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZTY5ODVjOGRhYzhjYzY3NzJiN2ZkMzljM2E3NTY0NGMy
NWEyNWEwHhcNMjUwMTAyMDc0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGNmODc1MWI3MjgxMGI3ZDY4MTJmYTUzZDU5Y2NhNDA4ZTdkYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZxiivdRieOcC5QN5Px+qDY7KO+9
el4F1UIKXq8Nr4b6Jmm+HI3eZKeJebqt7Tteh9o6OscYIM3kpgXJ892k3SLb3r9M
rw3GCTr6EL5Ix8SVFPBxO6lKVvzo0XY9gxP4l7I9gg3g/QnU6h8m4GebE495WkaX
/gpiilT3LmrGAYDvmfG4SBpzAHkxcMErZ/k//8DuLJN6NaTSAhlBmW/j/9+ZnLX+
rFVgFcOU4o45vAzgqtiKO0ZjhKGcirLZCb0xCOlN9DkngLHLZswqCaive9N8WGM9
l8aFVBhCAQmCvFkms7rg/RASu6PhJ6f28XDnXe9lZViqV1WtOpPaFTNqgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjPh1G3KBC31oEvpT1ZzKQI59rVMB8GA1UdIwQY
MBaAFEXmmFyNrIzGdyt/05w6dWRMJaJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmVhWVhJMnNqTVozSzNfVG5EcDFaRXdsb2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NGM0YTctMzYxYS00ODI5LWE0NjIt
NjkyNDI1NzUzMGIwLzEvaU0tSFViY29FTGZXZ1MtbFBWbk1wQWpuMnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82NGM0YTctMzYxYS00ODI5LWE0NjItNjkyNDI1NzUzMGIw
LzEvUmVhWVhJMnNqTVozSzNfVG5EcDFaRXdsb2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua4YMA0G
CSqGSIb3DQEBCwUAA4IBAQChlh46VrvBcmTqEyFHVD/aKu4ZaxJyahHMw/sTyRyd
MIE6YhJLNUbIAy0N6Ze8TW0w4hYvEwwhRR4cQ6zmUh3QEZTvUMv9U4qGkgpbBL1h
guPf0hJcko+B4y8K+8iaaWiUsl3S1Y/jHF+PUvD5bSq3sb3t6YkinyDSFSCQFv6c
IpgBiwZaFPBgSwOthOGq6q8oFM0bgBOJn6EWX4a+G65oou49/hKm0AhzmXoJj6/z
Or5rE9IhqG+1OLNRQdE7HNtUyQ7r6hNzFL0aoCOciPChQn7sh+hN/qXNRGnOksd8
X6R53lJaIEy6z6UJJGrtRaWodsPwidIGbJ8ou2OHBiTT
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:32 2025 by rpki-client