Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DRAzDA2vgEaiM5RUOX074m9AtAk.roa
File: DRAzDA2vgEaiM5RUOX074m9AtAk.roa (raw, json)
Hash identifier: b17cUe8b1KGzAYHt+JmGZn90RCYEfEgnyjtke4m04uI=
Subject key identifier: 0D:10:33:0C:0D:AF:80:46:A2:33:94:54:39:7D:3B:E2:6F:40:B4:09
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194F11F31490995182B28B7080EFE1FADB5
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DRAzDA2vgEaiM5RUOX074m9AtAk.roa
Signing time: Mon 10 Feb 2025 18:29:00 +0000
ROA not before: Mon 10 Feb 2025 18:29:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6939
IP address blocks: 64.188.76.0/22 maxlen: 24
64.188.88.0/22 maxlen: 24
64.188.108.0/22 maxlen: 24
64.188.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f1:1f:31:49:09:95:18:2b:28:b7:08:0e:fe:1f:ad:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 10 18:29:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d10330c0daf8046a2339454397d3be26f40b409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:41:96:13:90:1a:38:0a:30:87:51:ea:97:
f1:35:ac:0e:56:e7:5c:40:43:29:ad:33:73:e1:a3:
9c:70:80:c2:0f:4d:f4:ca:12:5f:d3:5a:2a:ce:d7:
7a:70:0d:a8:66:bd:ce:a0:e8:35:48:2b:b5:b9:3c:
cc:c8:f1:8a:94:99:ea:33:99:56:69:dc:2a:98:0f:
1b:29:08:39:27:48:e0:25:83:46:c5:a8:18:e6:a9:
da:ef:1c:23:db:39:17:ce:d4:18:8a:8a:32:6c:ac:
12:15:af:df:a1:d1:01:45:da:da:77:2e:d5:1e:fc:
c0:d2:ec:30:07:92:ab:d4:5b:0f:36:84:6a:a7:4e:
76:f0:d8:ae:87:af:fa:76:a7:1a:41:63:35:13:13:
aa:7e:2c:7e:27:93:68:a6:17:3f:2a:5a:4e:8c:85:
94:7f:81:8e:69:b3:fd:4f:7b:99:63:6b:ed:ec:d8:
21:d4:45:ba:cf:2b:78:8e:d1:6c:81:7f:67:02:b4:
b6:0b:20:81:fb:1e:4e:80:8c:16:b5:3e:bc:16:f6:
f9:0a:16:39:fd:61:9a:ab:0a:df:36:ed:c9:ec:11:
8a:0b:a9:d3:15:19:29:84:11:dc:75:ea:c5:c9:fa:
e1:9e:02:05:cd:51:1c:f5:44:59:ee:9d:99:02:c9:
43:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:10:33:0C:0D:AF:80:46:A2:33:94:54:39:7D:3B:E2:6F:40:B4:09
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DRAzDA2vgEaiM5RUOX074m9AtAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.76.0/22
64.188.88.0/22
64.188.108.0/22
64.188.116.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:99:db:a8:70:63:e8:7f:b6:e0:6b:36:98:b0:16:fc:0e:56:
90:d9:b5:a4:9b:36:ec:cd:3d:5e:7a:03:de:84:2e:cd:14:2b:
c2:cc:6a:45:71:d5:b0:3d:fb:f8:c3:18:82:11:00:a5:36:be:
9a:96:ee:16:08:d6:e6:fc:e6:8e:f5:ca:a6:81:8c:3e:fc:70:
49:95:70:6c:20:f4:9d:2e:8a:c6:d0:d1:14:7f:58:07:64:d0:
aa:e0:de:91:08:b7:32:6d:4a:71:f4:46:ff:cf:c9:9b:cf:72:
05:a4:0f:51:be:ca:1f:06:d9:67:3c:b0:e3:c8:fb:66:3b:61:
c2:f1:06:45:82:1b:ca:f5:54:f5:21:18:27:fa:87:34:ef:e0:
a6:e0:98:21:12:2c:45:4a:a7:82:51:0d:e5:44:f0:7e:1f:cb:
83:e8:29:6a:26:b8:63:b4:3e:2a:27:69:46:a2:9c:94:4a:22:
28:2b:eb:ce:ac:65:66:46:b5:ba:b1:5e:a0:f1:2e:0d:51:71:
2b:46:96:77:61:2c:08:cc:cb:1d:a1:02:90:39:04:72:db:2d:
d4:f1:b9:ba:6d:4d:c2:ea:55:3d:00:6f:ec:58:ba:83:d4:62:
fb:fa:c1:61:2b:d6:37:5a:9c:84:18:04:0c:46:06:28:9e:58:
8c:f8:7a:bc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZTxHzFJCZUYKyi3CA7+H621MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjEwMTgyOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDEwMzMwYzBkYWY4MDQ2YTIzMzk0NTQzOTdkM2JlMjZmNDBiNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbdBlhOQGjgKMIdR6pfxNawOVudc
QEMprTNz4aOccIDCD030yhJf01oqztd6cA2oZr3OoOg1SCu1uTzMyPGKlJnqM5lW
adwqmA8bKQg5J0jgJYNGxagY5qna7xwj2zkXztQYiooybKwSFa/fodEBRdrady7V
HvzA0uwwB5Kr1FsPNoRqp0528Niuh6/6dqcaQWM1ExOqfix+J5Nophc/KlpOjIWU
f4GOabP9T3uZY2vt7Ngh1EW6zyt4jtFsgX9nArS2CyCB+x5OgIwWtT68Fvb5ChY5
/WGaqwrfNu3J7BGKC6nTFRkphBHcderFyfrhngIFzVEc9URZ7p2ZAslDIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA0QMwwNr4BGojOUVDl9O+JvQLQJMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvRFJBekRBMnZnRWFpTTVSVU9YMDc0bTlBdEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQLxMAwQC
QLxYAwQCQLxsAwQCQLx0MA0GCSqGSIb3DQEBCwUAA4IBAQAumduocGPof7bgazaY
sBb8DlaQ2bWkmzbszT1eegPehC7NFCvCzGpFcdWwPfv4wxiCEQClNr6alu4WCNbm
/OaO9cqmgYw+/HBJlXBsIPSdLorG0NEUf1gHZNCq4N6RCLcybUpx9Eb/z8mbz3IF
pA9RvsofBtlnPLDjyPtmO2HC8QZFghvK9VT1IRgn+oc07+Cm4JghEixFSqeCUQ3l
RPB+H8uD6ClqJrhjtD4qJ2lGopyUSiIoK+vOrGVmRrW6sV6g8S4NUXErRpZ3YSwI
zMsdoQKQOQRy2y3U8bm6bU3C6lU9AG/sWLqD1GL7+sFhK9Y3WpyEGAQMRgYonliM
+Hq8
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:55:20 2025 by rpki-client