Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4hx7X-qAofbTlhwwVV-AQ6KXp_w.roa
File: 4hx7X-qAofbTlhwwVV-AQ6KXp_w.roa (raw, json)
Hash identifier: OBb8406LAIV4rFPWUu9hOe5P2joW2t0g3DbKGweRhoQ=
Subject key identifier: E2:1C:7B:5F:EA:80:A1:F6:D3:96:1C:30:55:5F:80:43:A2:97:A7:FC
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195AA3626495B9312427DF6E23B7C5745B1
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4hx7X-qAofbTlhwwVV-AQ6KXp_w.roa
Signing time: Tue 18 Mar 2025 17:03:50 +0000
ROA not before: Tue 18 Mar 2025 17:03:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 64.188.80.0/22 maxlen: 24
64.188.92.0/22 maxlen: 24
193.23.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:aa:36:26:49:5b:93:12:42:7d:f6:e2:3b:7c:57:45:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 18 17:03:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e21c7b5fea80a1f6d3961c30555f8043a297a7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3c:02:90:23:c7:99:6a:79:4d:81:d8:d3:b0:
3e:a3:71:ac:79:c6:89:e2:67:dc:69:b4:4b:49:7f:
53:72:4c:81:af:95:5f:70:0d:00:1d:38:11:6f:9f:
5e:8a:86:96:2e:0d:af:d7:04:62:ed:cc:7d:23:b7:
11:b9:86:ce:46:d7:c3:46:d1:e8:ed:03:be:c8:db:
08:70:c0:21:4d:91:f3:1b:26:12:ac:35:bd:e5:17:
9d:80:d8:cd:56:0c:e3:a3:35:aa:c7:82:9a:01:0d:
00:63:45:60:2d:61:bb:43:08:45:06:4c:cd:90:08:
fd:62:f5:7b:b4:d0:b6:e0:43:ad:e8:07:30:11:20:
5b:b0:0a:8d:ef:d8:da:a6:e7:54:48:64:02:d4:c7:
1d:33:bc:37:35:ed:ae:ce:01:97:bc:9c:22:04:00:
1d:61:3c:83:17:b3:fc:98:5d:0b:46:da:f0:c9:1d:
75:e4:82:7e:d1:30:ee:76:4b:35:05:aa:3d:88:0f:
92:75:0e:0b:70:ac:8a:2f:dc:de:b4:ef:27:b2:fd:
49:d9:86:10:d2:6e:95:f6:f6:7a:b2:99:cd:d8:55:
be:a2:9a:8f:5a:9e:b0:09:24:27:77:82:c8:f3:61:
27:d3:d8:55:f5:95:76:c2:c0:3c:be:68:65:0e:54:
77:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1C:7B:5F:EA:80:A1:F6:D3:96:1C:30:55:5F:80:43:A2:97:A7:FC
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4hx7X-qAofbTlhwwVV-AQ6KXp_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.80.0/22
64.188.92.0/22
193.23.217.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f4:e0:e7:1b:58:30:1f:38:17:1a:5c:1b:eb:65:24:d4:1b:
01:20:20:38:32:ad:a3:96:81:07:e8:cf:46:bf:c9:fa:a9:b1:
7e:16:7b:db:40:8d:7e:fb:d7:c6:51:2f:8e:32:b6:7b:9e:15:
cf:81:70:ba:bf:e6:fd:a2:4d:9a:68:b6:14:98:ae:bc:71:bf:
85:c8:90:59:20:b0:8a:fc:34:83:6b:9b:0e:51:09:e8:df:61:
71:cc:24:52:6e:bf:9a:e1:da:ad:c9:5f:e7:eb:26:0b:5b:41:
9c:9a:97:06:43:a1:fc:c1:94:99:e3:cb:09:c9:f3:2e:65:fa:
aa:a4:4e:ad:e0:52:ca:e2:6e:e1:e3:3a:fe:2c:cc:0b:b3:11:
de:f2:d7:45:09:d0:d0:55:84:7e:b7:0a:69:db:12:36:ac:45:
9d:1f:b2:38:9b:b8:cd:a2:ec:51:5d:cd:54:28:3a:77:50:0c:
69:4c:e7:35:68:9c:77:25:60:f9:f3:48:c3:b6:c6:a7:9e:63:
80:02:6e:ec:66:f3:55:7a:e1:7f:02:d0:7e:e1:3c:c8:6b:21:
18:71:2b:10:c2:bd:29:70:ec:f4:b3:01:b6:0f:20:ea:7a:95:
75:1a:8a:66:0f:3f:fe:34:d4:87:79:f6:34:86:04:15:20:92:
aa:38:35:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZWqNiZJW5MSQn324jt8V0WxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMzE4MTcwMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFjN2I1ZmVhODBhMWY2ZDM5NjFjMzA1NTVmODA0M2EyOTdhN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DwCkCPHmWp5TYHY07A+o3GsecaJ
4mfcabRLSX9TckyBr5VfcA0AHTgRb59eioaWLg2v1wRi7cx9I7cRuYbORtfDRtHo
7QO+yNsIcMAhTZHzGyYSrDW95RedgNjNVgzjozWqx4KaAQ0AY0VgLWG7QwhFBkzN
kAj9YvV7tNC24EOt6AcwESBbsAqN79japudUSGQC1McdM7w3Ne2uzgGXvJwiBAAd
YTyDF7P8mF0LRtrwyR115IJ+0TDudks1Bao9iA+SdQ4LcKyKL9zetO8nsv1J2YYQ
0m6V9vZ6spnN2FW+opqPWp6wCSQnd4LI82En09hV9ZV2wsA8vmhlDlR39wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOIce1/qgKH205YcMFVfgEOil6f8MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNGh4N1gtcUFvZmJUbGh3d1ZWLUFRNktYcF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQLxQAwQC
QLxcAwQAwRfZMA0GCSqGSIb3DQEBCwUAA4IBAQBS9ODnG1gwHzgXGlwb62Uk1BsB
ICA4Mq2jloEH6M9Gv8n6qbF+FnvbQI1++9fGUS+OMrZ7nhXPgXC6v+b9ok2aaLYU
mK68cb+FyJBZILCK/DSDa5sOUQno32FxzCRSbr+a4dqtyV/n6yYLW0GcmpcGQ6H8
wZSZ48sJyfMuZfqqpE6t4FLK4m7h4zr+LMwLsxHe8tdFCdDQVYR+twpp2xI2rEWd
H7I4m7jNouxRXc1UKDp3UAxpTOc1aJx3JWD580jDtsannmOAAm7sZvNVeuF/AtB+
4TzIayEYcSsQwr0pcOz0swG2DyDqepV1GopmDz/+NNSHefY0hgQVIJKqODW9
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:08:16 2025 by rpki-client