Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/h9ZHm6iijOLE1hURiKvmNTt6ch8.roa
File: h9ZHm6iijOLE1hURiKvmNTt6ch8.roa (raw, json)
Hash identifier: H21hU2yBrXT1TzHXxYlexjgXRRrD66fdVGibNF1cS04=
Subject key identifier: 87:D6:47:9B:A8:A2:8C:E2:C4:D6:15:11:88:AB:E6:35:3B:7A:72:1F
Certificate issuer: /CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Certificate serial: 019421B177258DB29C6AC40C592A8EE8E48C
Authority key identifier: 7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/h9ZHm6iijOLE1hURiKvmNTt6ch8.roa
Signing time: Wed 01 Jan 2025 11:47:46 +0000
ROA not before: Wed 01 Jan 2025 11:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.42.199.0/24 maxlen: 24
5.253.63.0/24 maxlen: 24
45.129.78.0/24 maxlen: 24
45.159.181.0/24 maxlen: 24
77.83.85.0/24 maxlen: 24
77.83.86.0/24 maxlen: 24
77.83.87.0/24 maxlen: 24
79.133.180.0/24 maxlen: 24
89.191.234.0/24 maxlen: 24
176.119.141.0/24 maxlen: 24
194.113.153.0/24 maxlen: 24
194.147.215.0/24 maxlen: 24
195.226.194.0/24 maxlen: 24
195.245.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:77:25:8d:b2:9c:6a:c4:0c:59:2a:8e:e8:e4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Validity
Not Before: Jan 1 11:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87d6479ba8a28ce2c4d6151188abe6353b7a721f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:88:45:1f:51:ba:c5:7c:66:bf:a6:aa:3d:20:
34:a2:af:1a:76:48:89:53:4e:55:92:b0:24:8d:cd:
cf:64:eb:e4:18:77:43:a0:30:bc:f2:c9:96:9d:47:
ec:21:90:f4:98:63:f5:b3:33:59:fa:86:6c:7b:13:
38:b6:29:ab:ea:13:cc:08:ca:66:93:5d:d1:44:74:
2c:8b:6b:7f:d9:f8:6a:f7:8a:a7:2a:d3:4e:dc:29:
fa:59:45:83:ef:a3:d9:d8:46:ae:e4:56:72:ec:8e:
7e:34:a5:76:a5:95:0a:df:f5:71:bd:da:29:da:59:
98:10:d4:ef:9c:f8:3b:b8:91:62:c0:ce:e3:51:ac:
46:7a:8d:3e:5e:37:ca:46:30:56:1e:fd:ca:e7:e0:
3d:ef:ed:b3:35:c9:8e:24:6b:89:f0:17:e4:ac:db:
7c:67:e1:09:44:9b:0f:00:68:03:1f:29:48:28:74:
a4:4c:d1:cb:6c:c6:62:17:32:32:4d:04:ec:25:ca:
1a:6e:2c:32:22:29:3b:f2:07:97:3e:86:eb:61:d9:
f7:52:71:9c:55:d9:16:cc:e6:6c:f8:d3:cf:33:e7:
ac:92:7f:7e:0c:56:c6:a3:79:2b:31:a5:27:73:c8:
a6:21:70:7b:33:d6:bb:9f:e7:cd:0e:36:7c:b7:21:
a1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D6:47:9B:A8:A2:8C:E2:C4:D6:15:11:88:AB:E6:35:3B:7A:72:1F
X509v3 Authority Key Identifier:
keyid:7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/h9ZHm6iijOLE1hURiKvmNTt6ch8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.199.0/24
5.253.63.0/24
45.129.78.0/24
45.159.181.0/24
77.83.85.0-77.83.87.255
79.133.180.0/24
89.191.234.0/24
176.119.141.0/24
194.113.153.0/24
194.147.215.0/24
195.226.194.0/24
195.245.239.0/24
Signature Algorithm: sha256WithRSAEncryption
45:42:db:4e:92:80:cf:3f:94:a2:32:39:49:e8:db:cd:98:b4:
ea:a7:7f:21:2e:95:41:ed:ac:ea:11:89:49:bc:c3:e1:e5:f0:
be:11:bd:14:0f:b5:56:84:7e:a9:94:89:69:a1:54:35:fa:de:
43:98:eb:03:d3:f1:4d:4f:e8:af:fe:22:fe:2f:90:15:41:52:
ee:fa:c5:d5:1c:bb:9d:a7:03:e4:1d:0f:59:90:98:17:a1:73:
91:2e:b6:0e:6d:b0:2d:a3:44:cf:e4:0c:60:f1:fd:26:c8:97:
0a:27:d0:96:7b:8e:c7:a8:e6:5b:86:75:92:9c:32:34:02:d1:
02:7b:b1:03:6f:6e:a7:64:6d:0b:48:5a:d2:09:d7:08:ec:ad:
c4:5f:26:26:10:ba:4d:62:c2:e6:6e:37:17:73:65:c6:ae:b2:
0f:f3:15:33:4b:5c:c2:cf:f5:fd:57:ec:64:80:06:ae:35:10:
5f:5e:4b:ea:98:24:ab:b6:15:cd:e0:53:cf:9b:cb:15:90:f3:
85:46:d4:e5:bc:f0:bf:35:05:af:7c:3a:6a:c4:87:df:7c:c6:
e3:7d:70:5e:42:ee:2e:73:d1:28:f9:41:de:ea:ff:b0:58:c1:
35:c9:96:0f:18:1f:c0:59:72:6a:39:47:91:0f:6a:69:28:cd:
a1:22:13:a0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQhsXcljbKcasQMWSqO6OSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmVhM2VjYWQ1YTQwMmI4ZmU1YTJhNjEzOGFmNjZhYWMy
NTdmZjkwHhcNMjUwMTAxMTE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Q2NDc5YmE4YTI4Y2UyYzRkNjE1MTE4OGFiZTYzNTNiN2E3MjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4hFH1G6xXxmv6aqPSA0oq8adkiJ
U05VkrAkjc3PZOvkGHdDoDC88smWnUfsIZD0mGP1szNZ+oZsexM4timr6hPMCMpm
k13RRHQsi2t/2fhq94qnKtNO3Cn6WUWD76PZ2Eau5FZy7I5+NKV2pZUK3/Vxvdop
2lmYENTvnPg7uJFiwM7jUaxGeo0+XjfKRjBWHv3K5+A97+2zNcmOJGuJ8BfkrNt8
Z+EJRJsPAGgDHylIKHSkTNHLbMZiFzIyTQTsJcoabiwyIik78geXPobrYdn3UnGc
VdkWzOZs+NPPM+eskn9+DFbGo3krMaUnc8imIXB7M9a7n+fNDjZ8tyGhcwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIfWR5uooozixNYVEYir5jU7enIfMB8GA1UdIwQY
MBaAFH0uo+ytWkArj+WiphOK9mqsJX/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgt
YjkxYjkyZDRkODAxLzEvaDlaSG02aWlqT0xFMWhVUmlLdm1OVHQ2Y2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgtYjkxYjkyZDRkODAx
LzEvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABSrHAwQA
Bf0/AwQALYFOAwQALZ+1MAwDBABNU1UDBANNU1ADBABPhbQDBABZv+oDBACwd40D
BADCcZkDBADCk9cDBADD4sIDBADD9e8wDQYJKoZIhvcNAQELBQADggEBAEVC206S
gM8/lKIyOUno282YtOqnfyEulUHtrOoRiUm8w+Hl8L4RvRQPtVaEfqmUiWmhVDX6
3kOY6wPT8U1P6K/+Iv4vkBVBUu76xdUcu52nA+QdD1mQmBehc5Eutg5tsC2jRM/k
DGDx/SbIlwon0JZ7jseo5luGdZKcMjQC0QJ7sQNvbqdkbQtIWtIJ1wjsrcRfJiYQ
uk1iwuZuNxdzZcausg/zFTNLXMLP9f1X7GSABq41EF9eS+qYJKu2Fc3gU8+byxWQ
84VG1OW88L81Ba98OmrEh998xuN9cF5C7i5z0Sj5Qd7q/7BYwTXJlg8YH8BZcmo5
R5EPamkozaEiE6A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:28 2025 by rpki-client