Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/HvvQQ4P4zfTIBBHttsccF48rodM.roa
File: HvvQQ4P4zfTIBBHttsccF48rodM.roa (raw, json)
Hash identifier: eIYcjO3+dzOi7TYY3sWHoKLhHWX9s3dv316lhoprHDg=
Subject key identifier: 1E:FB:D0:43:83:F8:CD:F4:C8:04:11:ED:B6:C7:1C:17:8F:2B:A1:D3
Certificate issuer: /CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Certificate serial: 01942521E21A7667F6F6A3548407A1C4FBE6
Authority key identifier: C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/HvvQQ4P4zfTIBBHttsccF48rodM.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43578
IP address blocks: 5.226.168.0/24 maxlen: 24
5.226.172.0/24 maxlen: 24
2a04:b880::/48 maxlen: 48
2a04:b880:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.mft
rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 03:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e2:1a:76:67:f6:f6:a3:54:84:07:a1:c4:fb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1efbd04383f8cdf4c80411edb6c71c178f2ba1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:05:3d:dc:d1:7d:7d:d6:9f:e5:e7:2f:af:8f:
b3:29:9d:29:2a:fa:bc:ec:68:0d:03:15:16:17:81:
4a:9a:83:ef:cf:af:4d:96:66:9c:19:5a:f8:a3:69:
25:64:35:43:59:cc:29:4e:e9:e9:8a:67:08:30:6e:
00:c1:4a:1e:e2:4a:6a:a0:e0:1c:08:c8:95:00:b6:
b1:e9:1a:cc:4c:d6:af:aa:74:3b:18:39:d9:ed:c1:
8e:48:ea:24:6e:1e:62:a9:c2:5b:35:ec:bf:20:7d:
d9:1d:8f:90:24:e7:59:d1:ca:f7:33:41:21:64:90:
69:d5:3a:97:82:e6:25:00:22:ba:4d:35:31:65:97:
e4:ad:87:5a:43:b5:54:b5:55:a4:bd:95:a3:c4:9f:
5d:30:9b:79:be:81:23:df:d7:00:de:81:f6:b3:ea:
ff:ed:e9:58:f8:b1:73:7f:1a:fb:e0:94:b3:b0:27:
18:bc:6b:34:59:51:df:11:58:e1:80:11:60:00:b0:
4d:61:38:74:da:a8:1e:8a:b8:66:71:65:e2:0b:4b:
d6:fd:6b:68:b9:49:56:4f:f7:9b:3d:36:30:77:f4:
3c:80:0a:15:16:23:16:83:09:e5:ab:40:28:ab:92:
f2:6a:61:8d:a1:19:bd:0e:74:c6:9b:0e:82:df:fb:
bb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FB:D0:43:83:F8:CD:F4:C8:04:11:ED:B6:C7:1C:17:8F:2B:A1:D3
X509v3 Authority Key Identifier:
keyid:C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/HvvQQ4P4zfTIBBHttsccF48rodM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.168.0/24
5.226.172.0/24
IPv6:
2a04:b880::/48
2a04:b880:5::/48
Signature Algorithm: sha256WithRSAEncryption
3e:8f:8f:7d:94:3e:9e:ff:ac:56:42:ec:b7:fd:68:f7:0a:87:
4f:f2:54:74:cf:25:da:b8:cf:fe:4f:26:31:a9:63:a0:75:78:
33:05:d3:f6:a7:75:9d:ed:85:45:c4:2e:88:25:1b:f6:b0:95:
19:fa:3f:0a:09:46:cc:e4:56:9a:20:23:91:a0:ea:7f:07:1c:
2c:08:4d:98:a0:96:40:ef:44:fe:76:e3:08:49:03:7d:ce:be:
0e:fd:61:69:9f:67:69:6d:9e:bc:12:82:68:6c:60:b4:e6:36:
7c:5a:ae:cc:2f:eb:2d:26:22:55:cc:bf:39:28:f9:bd:00:da:
ce:41:49:2a:80:f1:28:1a:8e:27:c2:bf:1a:f2:27:e4:a0:64:
90:d9:0d:62:14:e4:db:9b:fc:5a:57:0a:c5:5c:b2:b6:6f:8f:
a6:88:83:c6:0d:35:c5:bc:f8:e9:c9:67:45:9f:7b:64:6a:e8:
b2:90:80:f2:a2:5f:43:14:2b:dc:db:e2:97:52:ba:a9:52:40:
e3:5c:2c:b5:7b:22:66:62:3c:07:ed:5f:7f:3e:24:ea:0b:35:
cd:b8:9d:98:c8:f0:59:cf:c8:5b:77:fa:a5:d1:78:79:12:53:
de:a0:6e:47:08:59:e2:2f:84:b8:d4:a8:64:6d:6b:dc:1f:58:
f1:ac:cd:01
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQlIeIadmf29qNUhAehxPvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MzM0ODFkM2ZhNDg3MTBkY2I5NzNmZGNkMjkzNDBkZWRi
NjIyOWEwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZiZDA0MzgzZjhjZGY0YzgwNDExZWRiNmM3MWMxNzhmMmJhMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowU93NF9fdaf5ecvr4+zKZ0pKvq8
7GgNAxUWF4FKmoPvz69NlmacGVr4o2klZDVDWcwpTunpimcIMG4AwUoe4kpqoOAc
CMiVALax6RrMTNavqnQ7GDnZ7cGOSOokbh5iqcJbNey/IH3ZHY+QJOdZ0cr3M0Eh
ZJBp1TqXguYlACK6TTUxZZfkrYdaQ7VUtVWkvZWjxJ9dMJt5voEj39cA3oH2s+r/
7elY+LFzfxr74JSzsCcYvGs0WVHfEVjhgBFgALBNYTh02qgeirhmcWXiC0vW/Wto
uUlWT/ebPTYwd/Q8gAoVFiMWgwnlq0Aoq5LyamGNoRm9DnTGmw6C3/u7LwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB770EOD+M30yAQR7bbHHBePK6HTMB8GA1UdIwQY
MBaAFMkzSB0/pIcQ3Llz/c0pNA3ttiKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUt
ZmVmZDM3NjY2NzQxLzEvSHZ2UVE0UDR6ZlRJQkJIdHRzY2NGNDhyb2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUtZmVmZDM3NjY2NzQx
LzEveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABeKoAwQA
BeKsMBgEAgACMBIDBwAqBLiAAAADBwAqBLiAAAUwDQYJKoZIhvcNAQELBQADggEB
AD6Pj32UPp7/rFZC7Lf9aPcKh0/yVHTPJdq4z/5PJjGpY6B1eDMF0/andZ3thUXE
LoglG/awlRn6PwoJRszkVpogI5Gg6n8HHCwITZiglkDvRP524whJA33Ovg79YWmf
Z2ltnrwSgmhsYLTmNnxarswv6y0mIlXMvzko+b0A2s5BSSqA8SgajifCvxryJ+Sg
ZJDZDWIU5Nub/FpXCsVcsrZvj6aIg8YNNcW8+OnJZ0Wfe2Rq6LKQgPKiX0MUK9zb
4pdSuqlSQONcLLV7ImZiPAftX38+JOoLNc24nZjI8FnPyFt3+qXReHkSU96gbkcI
WeIvhLjUqGRta9wfWPGszQE=
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:18:23 2025 by rpki-client