Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/hLakS4LRqtwndizOwv35_LPmSM8.roa
File: hLakS4LRqtwndizOwv35_LPmSM8.roa (raw, json)
Hash identifier: T21fBsQZHckhVR25IcmVqL7irT842KR48E+IblvWuLQ=
Subject key identifier: 84:B6:A4:4B:82:D1:AA:DC:27:76:2C:CE:C2:FD:F9:FC:B3:E6:48:CF
Certificate issuer: /CN=8a38d1191f66f1f0315de5f45cc194d1cd19d1fb
Certificate serial: 0194221FB2B57EC29E419CCB9EDBDD264104
Authority key identifier: 8A:38:D1:19:1F:66:F1:F0:31:5D:E5:F4:5C:C1:94:D1:CD:19:D1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/hLakS4LRqtwndizOwv35_LPmSM8.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198279
IP address blocks: 37.26.80.0/21 maxlen: 21
37.26.82.0/24 maxlen: 24
37.26.83.0/24 maxlen: 24
37.26.84.0/24 maxlen: 24
37.26.85.0/24 maxlen: 24
37.26.86.0/24 maxlen: 24
37.26.87.0/24 maxlen: 24
185.89.156.0/22 maxlen: 22
185.89.156.0/24 maxlen: 24
185.89.157.0/24 maxlen: 24
185.89.158.0/24 maxlen: 24
185.89.159.0/24 maxlen: 24
2a00:4940::/29 maxlen: 32
2a00:4940::/32 maxlen: 32
2a00:4940::/48 maxlen: 48
2a00:4940:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b2:b5:7e:c2:9e:41:9c:cb:9e:db:dd:26:41:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a38d1191f66f1f0315de5f45cc194d1cd19d1fb
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84b6a44b82d1aadc27762ccec2fdf9fcb3e648cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:f2:7c:20:59:f2:8e:f1:2b:26:67:f0:29:
9e:f3:c0:0d:a0:1c:4b:da:aa:b0:8e:e6:d8:a7:75:
3a:37:95:5d:12:33:33:32:b6:9d:51:59:cd:c1:89:
53:9d:95:d1:ae:b8:b1:b2:56:7e:3e:44:9b:9f:95:
e7:57:37:d9:8a:63:7a:4f:65:63:1a:ee:49:85:2d:
f8:08:61:6c:63:c0:1b:54:e4:89:55:24:c9:29:80:
97:4c:b8:48:c9:3d:00:8b:9e:ef:11:91:6b:02:f1:
00:8c:01:a0:3d:72:71:76:27:c7:32:c0:d0:dc:b7:
63:fb:9e:f9:f9:7b:b6:ba:2b:2e:f0:cc:bc:1b:21:
5d:ca:cb:e1:fc:a1:df:fd:69:32:30:e2:6e:e5:18:
6e:dc:e8:c9:f7:20:81:0f:37:91:80:81:18:7c:a9:
e8:61:4a:d3:d5:e1:85:9a:05:af:e3:07:c2:22:3c:
48:02:86:06:15:77:30:e5:0f:2b:ad:89:ce:83:89:
c7:c8:02:63:2a:8d:00:18:95:56:8a:d6:16:68:ed:
eb:e6:53:88:4a:13:87:92:13:a8:b8:0b:0d:25:32:
64:24:ab:99:35:89:56:ca:d3:ed:57:12:ff:b2:8d:
de:4c:aa:f1:0c:7a:5e:b3:c7:97:e4:a4:3f:eb:02:
7c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B6:A4:4B:82:D1:AA:DC:27:76:2C:CE:C2:FD:F9:FC:B3:E6:48:CF
X509v3 Authority Key Identifier:
keyid:8A:38:D1:19:1F:66:F1:F0:31:5D:E5:F4:5C:C1:94:D1:CD:19:D1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/hLakS4LRqtwndizOwv35_LPmSM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/87206f-33d0-4f33-b781-84f8fdc0c698/1/ijjRGR9m8fAxXeX0XMGU0c0Z0fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.80.0/21
185.89.156.0/22
IPv6:
2a00:4940::/29
Signature Algorithm: sha256WithRSAEncryption
98:37:e5:4f:fa:b5:11:6f:a7:18:00:3c:1f:b6:8d:bd:b1:d2:
de:b4:2d:5f:ee:dc:a7:65:24:80:05:d4:44:20:8b:2a:5e:96:
a3:bb:f2:7f:bb:8c:54:b8:64:5e:7a:2b:ed:ac:59:e0:48:63:
e0:67:de:2d:16:80:23:09:16:c9:21:4d:bd:3e:86:ee:15:a0:
55:5f:cf:dd:cb:92:09:83:7a:cc:0a:c5:6d:3b:df:8a:4a:ce:
bb:42:26:5c:34:a6:cb:11:b2:db:fd:b1:26:c8:19:14:c8:f7:
79:9d:23:ee:d0:c5:9e:8d:54:21:72:ae:84:be:18:72:07:01:
6a:e8:b5:16:c7:24:b4:2f:3b:67:5b:fa:54:41:de:15:31:28:
72:f6:47:eb:0f:7d:55:92:ba:45:e9:1c:e3:16:b0:94:1c:19:
00:fc:42:13:99:be:8a:47:ae:99:d0:62:3d:d7:bb:46:85:4d:
1f:6b:b6:97:43:8f:4c:1a:ef:82:75:88:6e:90:e4:77:26:8a:
28:3c:51:16:48:85:96:d5:b5:bf:15:4e:91:58:60:df:e5:c3:
19:29:c2:1f:5f:0f:ea:13:78:47:73:89:0c:97:6a:cc:cd:06:
5d:7e:ad:4b:57:81:b6:6a:79:57:77:60:4e:71:4e:9d:f8:7b:
02:b1:79:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH7K1fsKeQZzLntvdJkEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMzhkMTE5MWY2NmYxZjAzMTVkZTVmNDVjYzE5NGQxY2Qx
OWQxZmIwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGI2YTQ0YjgyZDFhYWRjMjc3NjJjY2VjMmZkZjlmY2IzZTY0OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLjyfCBZ8o7xKyZn8Cme88ANoBxL
2qqwjubYp3U6N5VdEjMzMradUVnNwYlTnZXRrrixslZ+PkSbn5XnVzfZimN6T2Vj
Gu5JhS34CGFsY8AbVOSJVSTJKYCXTLhIyT0Ai57vEZFrAvEAjAGgPXJxdifHMsDQ
3Ldj+575+Xu2uisu8My8GyFdysvh/KHf/WkyMOJu5Rhu3OjJ9yCBDzeRgIEYfKno
YUrT1eGFmgWv4wfCIjxIAoYGFXcw5Q8rrYnOg4nHyAJjKo0AGJVWitYWaO3r5lOI
ShOHkhOouAsNJTJkJKuZNYlWytPtVxL/so3eTKrxDHpes8eX5KQ/6wJ8nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIS2pEuC0arcJ3YszsL9+fyz5kjPMB8GA1UdIwQY
MBaAFIo40RkfZvHwMV3l9FzBlNHNGdH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpqUkdSOW04ZkF4WGVYMFhNR1UwYzBaMGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi84NzIwNmYtMzNkMC00ZjMzLWI3ODEt
ODRmOGZkYzBjNjk4LzEvaExha1M0TFJxdHduZGl6T3d2MzVfTFBtU004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi84NzIwNmYtMzNkMC00ZjMzLWI3ODEtODRmOGZkYzBjNjk4
LzEvaWpqUkdSOW04ZkF4WGVYMFhNR1UwYzBaMGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRpQAwQC
uVmcMA0EAgACMAcDBQMqAElAMA0GCSqGSIb3DQEBCwUAA4IBAQCYN+VP+rURb6cY
ADwfto29sdLetC1f7tynZSSABdREIIsqXpaju/J/u4xUuGReeivtrFngSGPgZ94t
FoAjCRbJIU29PobuFaBVX8/dy5IJg3rMCsVtO9+KSs67QiZcNKbLEbLb/bEmyBkU
yPd5nSPu0MWejVQhcq6EvhhyBwFq6LUWxyS0LztnW/pUQd4VMShy9kfrD31VkrpF
6RzjFrCUHBkA/EITmb6KR66Z0GI917tGhU0fa7aXQ49MGu+CdYhukOR3JoooPFEW
SIWW1bW/FU6RWGDf5cMZKcIfXw/qE3hHc4kMl2rMzQZdfq1LV4G2anlXd2BOcU6d
+HsCsXlj
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:15:21 2025 by rpki-client