Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4UTVL84CluwofCyF3QbkXydXokM.roa
File: 4UTVL84CluwofCyF3QbkXydXokM.roa (raw, json)
Hash identifier: XooEuP7k7P1/pyb6Ciwpqw0HH6UX5hTa1/1P7c2BPEI=
Subject key identifier: E1:44:D5:2F:CE:02:96:EC:28:7C:2C:85:DD:06:E4:5F:27:57:A2:43
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0196CBA8A9733D41903F5C0EE9A1A6688A54
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4UTVL84CluwofCyF3QbkXydXokM.roa
Signing time: Tue 13 May 2025 21:59:10 +0000
ROA not before: Tue 13 May 2025 21:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7385
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.207.135.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cb:a8:a9:73:3d:41:90:3f:5c:0e:e9:a1:a6:68:8a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 13 21:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e144d52fce0296ec287c2c85dd06e45f2757a243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2e:8a:0f:5d:a7:4d:30:86:ab:61:ce:96:2f:
57:19:00:ad:92:8c:a6:93:cb:b0:5f:70:61:1e:2f:
62:cb:35:4f:54:a2:dc:3d:e8:1f:90:f5:9f:e7:6d:
77:7f:b0:be:57:e7:df:34:93:a3:fb:1a:c2:24:3e:
fe:8e:25:c4:7c:07:6b:18:0b:46:a1:58:8c:a3:9b:
f3:14:34:e4:ba:42:cd:43:b4:52:10:25:e6:76:fc:
19:db:29:85:32:b1:14:e4:20:d8:82:46:24:4a:61:
62:7d:a4:97:bd:1d:da:f5:1b:4d:24:bb:a5:61:87:
47:95:99:72:24:02:1e:3e:ee:2b:41:fd:38:58:b1:
1b:0d:7d:aa:41:7b:67:8c:5c:54:7f:91:78:08:15:
4e:0f:ef:89:80:c3:0a:a4:4b:7f:d8:ab:24:91:51:
a9:51:76:d4:aa:c3:f3:af:d8:d7:5c:d4:14:a1:8f:
54:35:f6:b1:5d:40:98:46:d7:b7:b8:c2:c6:60:c0:
14:47:d0:87:7a:e6:9a:b3:63:07:0e:a9:19:47:ff:
9e:cd:62:1f:f0:1f:b7:b6:a8:72:76:92:0e:8c:aa:
38:1c:67:2c:26:6c:8b:ad:24:bf:8a:dd:08:24:9e:
c6:47:76:5d:c5:96:69:72:51:fe:72:8c:c1:3d:7a:
9a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:44:D5:2F:CE:02:96:EC:28:7C:2C:85:DD:06:E4:5F:27:57:A2:43
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4UTVL84CluwofCyF3QbkXydXokM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.207.135.0/24
185.216.104.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:bf:d8:02:88:b4:96:34:fd:d9:b2:97:53:f7:7c:34:c5:d9:
69:a6:d6:bb:cb:3b:9b:99:4a:40:7c:b4:8c:ba:07:43:e9:60:
7c:9d:96:0b:9c:d5:36:8e:81:70:55:dc:1e:03:a0:d3:dd:9c:
dc:4b:b9:a0:d6:98:02:2f:c6:95:cc:6b:88:8f:89:60:67:e6:
b5:6a:db:30:a3:3c:2d:3a:2f:be:03:fa:bf:b2:6f:98:ad:b2:
fd:9e:c9:ca:e9:72:63:c5:12:88:db:de:4a:00:6d:a0:2d:8b:
24:f3:bb:b7:31:45:01:d5:87:27:f5:a1:e4:f4:18:65:07:0e:
d2:18:45:3f:cd:92:57:ad:91:a2:19:a7:3a:86:fc:e8:4e:ac:
b9:75:af:7a:57:da:4e:a8:aa:df:71:6b:69:fb:6d:98:83:4f:
f3:9c:56:3c:fc:ba:46:06:fb:4f:f6:25:20:1c:87:e0:79:2f:
98:80:a3:ec:f9:83:ed:7f:b7:a8:74:d9:3d:93:51:db:47:71:
1a:56:6e:ea:15:5c:3a:f1:7c:de:f9:8a:64:16:dc:db:2a:e3:
7e:d7:ab:96:72:90:66:be:24:98:7a:6d:e5:cd:4b:a6:dc:b4:
22:14:be:81:f5:8c:e6:3f:12:1d:9e:46:b8:37:50:52:3b:55:
f9:18:cf:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbLqKlzPUGQP1wO6aGmaIpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNTEzMjE1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTQ0ZDUyZmNlMDI5NmVjMjg3YzJjODVkZDA2ZTQ1ZjI3NTdhMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAni6KD12nTTCGq2HOli9XGQCtkoym
k8uwX3BhHi9iyzVPVKLcPegfkPWf5213f7C+V+ffNJOj+xrCJD7+jiXEfAdrGAtG
oViMo5vzFDTkukLNQ7RSECXmdvwZ2ymFMrEU5CDYgkYkSmFifaSXvR3a9RtNJLul
YYdHlZlyJAIePu4rQf04WLEbDX2qQXtnjFxUf5F4CBVOD++JgMMKpEt/2KskkVGp
UXbUqsPzr9jXXNQUoY9UNfaxXUCYRte3uMLGYMAUR9CHeuaas2MHDqkZR/+ezWIf
8B+3tqhydpIOjKo4HGcsJmyLrSS/it0IJJ7GR3ZdxZZpclH+cozBPXqaVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOFE1S/OApbsKHwshd0G5F8nV6JDMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNFVUVkw4NENsdXdvZkN5RjNRYmtYeWRYb2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQLx8AwQA
uc+HAwQCudhoMA0GCSqGSIb3DQEBCwUAA4IBAQBNv9gCiLSWNP3ZspdT93w0xdlp
pta7yzubmUpAfLSMugdD6WB8nZYLnNU2joFwVdweA6DT3ZzcS7mg1pgCL8aVzGuI
j4lgZ+a1atswozwtOi++A/q/sm+YrbL9nsnK6XJjxRKI295KAG2gLYsk87u3MUUB
1Ycn9aHk9BhlBw7SGEU/zZJXrZGiGac6hvzoTqy5da96V9pOqKrfcWtp+22Yg0/z
nFY8/LpGBvtP9iUgHIfgeS+YgKPs+YPtf7eodNk9k1HbR3EaVm7qFVw68Xze+Ypk
FtzbKuN+16uWcpBmviSYem3lzUum3LQiFL6B9YzmPxIdnka4N1BSO1X5GM8y
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:24:33 2025 by rpki-client