Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/hvAcV0p--qlqSvXjrIPln93SWWk.roa
File: hvAcV0p--qlqSvXjrIPln93SWWk.roa (raw, json)
Hash identifier: TjRxZCcsv470SMx3GoJIYlzXG8w9x5IPVw3HcGg4jOI=
Subject key identifier: 86:F0:1C:57:4A:7E:FA:A9:6A:4A:F5:E3:AC:83:E5:9F:DD:D2:59:69
Certificate issuer: /CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Certificate serial: 019426D9609F5D3B47FCFCAF87886DDF0356
Authority key identifier: 3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/hvAcV0p--qlqSvXjrIPln93SWWk.roa
Signing time: Thu 02 Jan 2025 11:49:27 +0000
ROA not before: Thu 02 Jan 2025 11:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205049
IP address blocks: 185.230.40.0/22 maxlen: 22
185.230.40.0/24 maxlen: 24
185.230.41.0/24 maxlen: 24
185.230.42.0/24 maxlen: 24
185.230.43.0/24 maxlen: 24
2a13:3680::/29 maxlen: 29
2a13:3680::/32 maxlen: 32
2a13:3681::/32 maxlen: 32
2a13:3682::/32 maxlen: 32
2a13:3683::/32 maxlen: 32
2a13:3684::/32 maxlen: 32
2a13:3685::/32 maxlen: 32
2a13:3686::/32 maxlen: 32
2a13:3687::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.mft
rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:60:9f:5d:3b:47:fc:fc:af:87:88:6d:df:03:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Validity
Not Before: Jan 2 11:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86f01c574a7efaa96a4af5e3ac83e59fddd25969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:51:3a:ed:e8:6f:f2:53:76:c4:e0:4a:1b:3c:
80:59:df:45:9b:94:61:60:4d:b4:58:91:b7:76:63:
a4:22:6c:89:30:9f:97:60:ca:73:ac:8b:5f:ad:e6:
bb:fd:3d:ed:d6:ea:69:56:18:42:a5:47:93:22:c2:
c4:03:ed:f4:ea:67:a0:d1:0e:28:20:ae:59:c0:bb:
10:26:02:39:3e:e2:36:58:fe:65:30:4d:40:2f:03:
19:51:70:e3:6e:42:cc:b7:3c:41:53:3d:7b:d9:24:
33:45:92:7c:cd:7c:f1:b6:19:25:fe:c6:10:7d:79:
77:fa:f1:0a:7b:b2:a5:55:c3:72:96:d7:4b:03:10:
89:c3:54:0e:09:d9:dc:11:fe:35:02:6d:a2:86:17:
52:c0:e5:f7:00:fa:cd:98:98:f3:a7:8d:4a:28:47:
b7:45:82:b5:e4:3a:8d:fd:62:e6:46:d0:06:96:d4:
40:a7:4f:ce:7e:4c:27:93:cc:cf:b6:ac:30:c0:6f:
49:3f:1e:bf:c9:8c:b0:ec:1d:de:47:b0:bc:fe:ae:
0e:db:0a:61:43:7b:64:ff:c9:1c:fc:83:09:41:ce:
a5:97:a0:a2:63:9f:7a:de:b3:9c:2f:4c:54:3e:18:
15:2b:e9:b1:a5:a7:3c:b2:6c:23:c9:e3:99:36:be:
00:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F0:1C:57:4A:7E:FA:A9:6A:4A:F5:E3:AC:83:E5:9F:DD:D2:59:69
X509v3 Authority Key Identifier:
keyid:3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/hvAcV0p--qlqSvXjrIPln93SWWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.40.0/22
IPv6:
2a13:3680::/29
Signature Algorithm: sha256WithRSAEncryption
3f:d7:2d:44:4e:6d:08:86:50:4e:5f:cd:26:61:7f:e9:02:6c:
9b:0b:a2:19:5f:f5:c8:2d:c4:a9:88:09:f1:af:bf:e7:81:3c:
8a:ea:90:08:84:82:e8:00:94:61:9b:ba:13:aa:66:a1:5c:45:
76:e1:49:01:4f:a5:e3:35:c3:1e:18:35:25:33:86:6f:2f:57:
16:c0:dd:e0:b2:41:44:23:a2:47:12:5a:b5:c7:f7:0e:25:d5:
b6:93:2d:0c:99:89:7b:21:5c:83:ee:00:a9:6e:47:4b:ea:0f:
2d:51:ab:c6:33:e1:37:73:f2:e0:43:6b:aa:33:27:95:fc:5f:
ac:d3:e8:24:3c:11:be:4f:e1:6f:72:ca:9d:72:0f:bb:89:20:
29:82:34:ff:22:fe:c8:93:86:96:b5:e2:c7:51:d2:d7:b9:2a:
3b:a4:e1:40:5c:c6:a8:96:4f:e8:3e:5d:80:2a:cd:a9:14:40:
16:9e:c4:9e:87:da:89:3f:2b:d0:7b:6a:c8:c2:b7:93:15:0c:
e0:e6:22:07:4b:d9:33:18:84:4f:1a:c3:dc:93:51:91:08:cf:
35:f3:e7:8a:7e:e4:f4:61:23:7b:4b:17:be:6d:08:b1:80:1c:
de:8d:a7:c9:00:bb:c9:92:55:a7:f3:53:df:cc:ac:b2:1e:a2:
0e:91:74:13
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQm2WCfXTtH/Pyvh4ht3wNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzMyZGQyOTk0YzZlZTg5NDM2MTU4YTJlYWMxZjQ4Mjky
MmNkMmEwHhcNMjUwMTAyMTE0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmYwMWM1NzRhN2VmYWE5NmE0YWY1ZTNhYzgzZTU5ZmRkZDI1OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2FE67ehv8lN2xOBKGzyAWd9Fm5Rh
YE20WJG3dmOkImyJMJ+XYMpzrItfrea7/T3t1uppVhhCpUeTIsLEA+306meg0Q4o
IK5ZwLsQJgI5PuI2WP5lME1ALwMZUXDjbkLMtzxBUz172SQzRZJ8zXzxthkl/sYQ
fXl3+vEKe7KlVcNyltdLAxCJw1QOCdncEf41Am2ihhdSwOX3APrNmJjzp41KKEe3
RYK15DqN/WLmRtAGltRAp0/Ofkwnk8zPtqwwwG9JPx6/yYyw7B3eR7C8/q4O2wph
Q3tk/8kc/IMJQc6ll6CiY5963rOcL0xUPhgVK+mxpac8smwjyeOZNr4ATQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIbwHFdKfvqpakr146yD5Z/d0llpMB8GA1UdIwQY
MBaAFD4zLdKZTG7olDYVii6sH0gpIs0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMt
ZDAyNGFkNGI3YmViLzEvaHZBY1YwcC0tcWxxU3ZYanJJUGxuOTNTV1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMtZDAyNGFkNGI3YmVi
LzEvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueYoMA0E
AgACMAcDBQMqEzaAMA0GCSqGSIb3DQEBCwUAA4IBAQA/1y1ETm0IhlBOX80mYX/p
AmybC6IZX/XILcSpiAnxr7/ngTyK6pAIhILoAJRhm7oTqmahXEV24UkBT6XjNcMe
GDUlM4ZvL1cWwN3gskFEI6JHElq1x/cOJdW2ky0MmYl7IVyD7gCpbkdL6g8tUavG
M+E3c/LgQ2uqMyeV/F+s0+gkPBG+T+Fvcsqdcg+7iSApgjT/Iv7Ik4aWteLHUdLX
uSo7pOFAXMaolk/oPl2AKs2pFEAWnsSeh9qJPyvQe2rIwreTFQzg5iIHS9kzGIRP
GsPck1GRCM818+eKfuT0YSN7Sxe+bQixgBzejafJALvJklWn81PfzKyyHqIOkXQT
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:35:37 2025 by rpki-client