Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/CUaurmrUXRej3Pwn1HUURICYmOI.roa
File: CUaurmrUXRej3Pwn1HUURICYmOI.roa (raw, json)
Hash identifier: OfWXfI+jbSYlxy3ezm+ckQ0xS/3XJKbeFPmrSGU8ZpE=
Subject key identifier: 09:46:AE:AE:6A:D4:5D:17:A3:DC:FC:27:D4:75:14:44:80:98:98:E2
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019571C5C097BA7B4ADD290E0ED063BBDE4A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/CUaurmrUXRej3Pwn1HUURICYmOI.roa
Signing time: Fri 07 Mar 2025 18:02:20 +0000
ROA not before: Fri 07 Mar 2025 18:02:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.100.0/22 maxlen: 24
64.188.120.0/22 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/21 maxlen: 24
193.23.200.0/22 maxlen: 24
193.23.204.0/22 maxlen: 24
193.23.208.0/22 maxlen: 24
193.23.212.0/22 maxlen: 24
193.23.216.0/23 maxlen: 24
193.23.218.0/23 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:c5:c0:97:ba:7b:4a:dd:29:0e:0e:d0:63:bb:de:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 7 18:02:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0946aeae6ad45d17a3dcfc27d4751444809898e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:67:4b:c5:60:24:80:22:f5:a0:57:7c:d1:98:
a2:79:39:bf:43:ef:50:14:dd:a2:9e:7f:46:12:86:
0d:76:a3:1b:af:c2:88:e2:76:84:d3:4e:d1:89:8d:
15:37:e0:54:f9:83:b1:98:db:ee:4f:89:eb:db:87:
c9:f1:99:0d:be:85:4e:31:99:6f:78:e8:93:5e:24:
55:20:7b:3a:2f:8c:6e:d9:fb:59:83:c2:9e:2d:63:
11:cd:e0:59:72:b0:1f:6d:30:24:86:5e:2e:27:79:
c3:25:c1:d0:fe:1c:67:24:66:b2:a5:37:8a:c8:0c:
cd:b2:ac:d3:48:28:d9:4a:ed:ba:27:bf:18:ff:f7:
c4:1c:7a:5d:c5:50:71:ca:45:f2:b3:33:40:60:07:
de:f2:26:13:0b:41:1c:de:13:8e:f0:3e:a9:56:b8:
36:f6:fc:c7:a8:a6:16:5d:56:3c:dc:e3:8f:bb:7e:
c1:d8:d7:97:1e:76:eb:b7:c6:d4:f2:b1:82:68:06:
4f:45:3a:07:da:0f:cd:88:3c:47:6f:dd:5f:be:8a:
91:69:5c:2d:8e:eb:ca:5e:0e:21:73:eb:91:eb:ba:
0d:87:90:8f:2b:f9:1d:a6:6b:83:6e:e4:17:4b:01:
c3:9b:1a:7b:a6:57:6e:99:64:54:84:a9:bc:e0:2b:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:46:AE:AE:6A:D4:5D:17:A3:DC:FC:27:D4:75:14:44:80:98:98:E2
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/CUaurmrUXRej3Pwn1HUURICYmOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.100.0/22
64.188.120.0/21
185.216.104.0/22
193.23.192.0-193.23.219.255
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
03:2a:f2:9c:e9:23:bd:15:6a:72:19:89:06:2b:91:15:61:66:
ad:13:62:cd:46:3b:5d:71:5d:3b:8e:0d:e0:ce:49:fa:10:09:
fe:18:6f:a4:d3:2a:7e:81:8a:f8:dd:f6:ad:21:5e:be:8a:80:
f1:8c:11:b7:48:5b:a5:64:8e:d3:3e:fd:51:bc:37:53:26:51:
9d:31:cb:8a:57:24:25:8f:cc:b2:ba:27:ab:e8:cd:14:1d:af:
1d:67:52:de:69:e2:8a:ca:2a:40:01:e0:f2:97:29:c5:8d:20:
b8:45:5d:dc:44:01:82:c1:ee:5f:90:c3:ba:23:d5:02:3a:75:
ef:e4:ca:c3:0e:ce:75:74:9b:10:c7:ae:ea:cc:8e:5e:26:50:
6f:d3:aa:e5:2f:9b:9f:46:6b:cc:36:e3:25:74:45:78:35:84:
79:cb:9b:6c:c2:50:fd:02:54:bd:78:87:f0:37:64:89:a6:04:
23:b3:f8:2d:30:1d:21:f9:7a:cb:b7:0b:7d:d7:8e:75:7c:6a:
6e:69:a5:f6:e8:af:7b:60:99:27:3e:a4:70:48:82:4a:88:77:
c3:ae:46:40:47:4a:6f:a6:03:31:a1:ca:25:1e:c8:09:05:30:
fa:c5:34:d3:91:b2:6a:c8:62:47:02:48:2f:28:f5:92:a9:c3:
d3:73:d0:0a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZVxxcCXuntK3SkODtBju95KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMzA3MTgwMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQ2YWVhZTZhZDQ1ZDE3YTNkY2ZjMjdkNDc1MTQ0NDgwOTg5OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWdLxWAkgCL1oFd80ZiieTm/Q+9Q
FN2inn9GEoYNdqMbr8KI4naE007RiY0VN+BU+YOxmNvuT4nr24fJ8ZkNvoVOMZlv
eOiTXiRVIHs6L4xu2ftZg8KeLWMRzeBZcrAfbTAkhl4uJ3nDJcHQ/hxnJGaypTeK
yAzNsqzTSCjZSu26J78Y//fEHHpdxVBxykXyszNAYAfe8iYTC0Ec3hOO8D6pVrg2
9vzHqKYWXVY83OOPu37B2NeXHnbrt8bU8rGCaAZPRToH2g/NiDxHb91fvoqRaVwt
juvKXg4hc+uR67oNh5CPK/kdpmuDbuQXSwHDmxp7pldumWRUhKm84CsQKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAlGrq5q1F0Xo9z8J9R1FESAmJjiMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvQ1VhdXJtclVYUmVqM1B3bjFIVVVSSUNZbU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCQLxkAwQD
QLx4AwQCudhoMAwDBAbBF8ADBALBF9gDBADBF90wDQYJKoZIhvcNAQELBQADggEB
AAMq8pzpI70VanIZiQYrkRVhZq0TYs1GO11xXTuODeDOSfoQCf4Yb6TTKn6Bivjd
9q0hXr6KgPGMEbdIW6VkjtM+/VG8N1MmUZ0xy4pXJCWPzLK6J6vozRQdrx1nUt5p
4orKKkAB4PKXKcWNILhFXdxEAYLB7l+Qw7oj1QI6de/kysMOznV0mxDHrurMjl4m
UG/TquUvm59Ga8w24yV0RXg1hHnLm2zCUP0CVL14h/A3ZImmBCOz+C0wHSH5esu3
C33XjnV8am5ppfbor3tgmSc+pHBIgkqId8OuRkBHSm+mAzGhyiUeyAkFMPrFNNOR
smrIYkcCSC8o9ZKpw9Nz0Ao=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:01:35 2025 by rpki-client