Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/HO4rdY3E48qrjdqnzlEZca_Yebs.roa
File: HO4rdY3E48qrjdqnzlEZca_Yebs.roa (raw, json)
Hash identifier: kWWt5WfRThziurqE+e5TqB208tDWvrvzVmVg4ZHkDjI=
Subject key identifier: 1C:EE:2B:75:8D:C4:E3:CA:AB:8D:DA:A7:CE:51:19:71:AF:D8:79:BB
Certificate issuer: /CN=011d88246ab57e204dea51e9243c67252dcba585
Certificate serial: 0194236A41F20116CF129E025AA1DB7354F6
Authority key identifier: 01:1D:88:24:6A:B5:7E:20:4D:EA:51:E9:24:3C:67:25:2D:CB:A5:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AR2IJGq1fiBN6lHpJDxnJS3LpYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/HO4rdY3E48qrjdqnzlEZca_Yebs.roa
Signing time: Wed 01 Jan 2025 19:49:13 +0000
ROA not before: Wed 01 Jan 2025 19:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206530
IP address blocks: 185.180.146.0/24 maxlen: 24
2a13:ab80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AR2IJGq1fiBN6lHpJDxnJS3LpYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:41:f2:01:16:cf:12:9e:02:5a:a1:db:73:54:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=011d88246ab57e204dea51e9243c67252dcba585
Validity
Not Before: Jan 1 19:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cee2b758dc4e3caab8ddaa7ce511971afd879bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1c:20:23:d6:ef:94:b1:d4:b5:49:13:52:32:
f4:d4:23:90:a8:24:8f:20:42:a9:ac:e9:02:07:b0:
83:bc:32:66:bf:bc:7f:68:4a:70:84:64:ae:43:86:
df:cd:95:f7:e2:5f:92:a9:e9:bc:e8:36:0c:e9:2f:
5e:74:3a:8b:be:8a:3e:48:0f:06:64:8f:ad:e1:c0:
26:20:94:f6:3c:36:5a:d1:b6:b1:d3:3d:18:68:89:
a5:6f:54:25:c0:da:c4:3e:c4:7b:35:14:ed:95:4d:
70:fc:56:f0:ab:73:fe:dc:28:06:64:d1:44:04:fe:
b7:21:e8:7b:ed:91:8e:8d:1e:57:0b:11:a8:dd:34:
08:5f:51:24:11:8c:84:4b:4e:45:7d:a9:a1:c3:d8:
1f:92:92:b0:ef:83:e4:63:6d:a7:9f:fb:c3:9d:db:
d9:9c:09:e4:93:19:f1:e3:17:1a:dc:e1:47:b5:19:
b1:d7:56:51:c1:dc:ff:1e:89:4c:16:51:6c:43:63:
11:0e:76:63:df:89:14:e3:c1:3d:18:04:35:cb:3a:
2c:0d:00:e0:2a:ab:53:7d:16:f5:59:af:82:f7:5d:
be:2c:96:0e:96:82:ca:69:f3:35:6b:af:27:94:17:
6d:1a:02:ae:f0:66:09:13:50:f7:03:cd:18:e8:60:
72:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EE:2B:75:8D:C4:E3:CA:AB:8D:DA:A7:CE:51:19:71:AF:D8:79:BB
X509v3 Authority Key Identifier:
keyid:01:1D:88:24:6A:B5:7E:20:4D:EA:51:E9:24:3C:67:25:2D:CB:A5:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AR2IJGq1fiBN6lHpJDxnJS3LpYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/HO4rdY3E48qrjdqnzlEZca_Yebs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.146.0/24
IPv6:
2a13:ab80::/32
Signature Algorithm: sha256WithRSAEncryption
a8:ad:53:ee:62:0a:67:0d:0c:a9:38:3a:41:19:36:66:eb:17:
5c:b7:96:12:4a:3d:af:0b:ce:89:a6:d8:04:3c:1c:26:48:96:
61:12:ff:a4:e4:e3:19:f6:01:6f:0d:e9:23:46:8c:61:dd:eb:
f9:f3:d6:2f:78:97:d3:c0:04:7e:76:4b:80:86:7d:9d:2d:b5:
bd:f2:ff:5e:59:3d:7c:8f:dc:fb:ee:88:0b:bf:d3:4b:78:65:
ee:39:56:49:99:27:d6:94:63:95:42:7c:3b:da:f6:e5:14:4b:
70:b4:a0:0b:ac:bc:aa:05:15:1d:f9:e5:50:a3:83:57:ae:b8:
cc:34:c7:da:88:e7:e6:99:90:3c:28:a0:bf:61:f8:96:d1:12:
9b:5a:50:58:2f:16:c1:1c:f8:1f:95:7d:b9:f7:60:7a:af:fc:
7d:e0:b9:0e:e8:de:0f:80:79:2b:76:e7:ea:8f:dd:06:29:c3:
cc:ed:8f:f0:8a:c0:6b:8e:b1:0a:55:f6:14:88:58:f8:2e:6e:
d7:7f:47:88:40:57:59:d4:ad:7d:d7:05:ed:d9:15:79:1d:6f:
5a:89:3f:32:b9:7a:0a:bd:2f:c5:3a:9b:65:36:62:40:a3:81:
0f:32:28:41:f2:d0:30:a9:d7:e4:f8:3c:b1:3c:b7:d6:46:d9:
6c:d2:7e:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjakHyARbPEp4CWqHbc1T2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMWQ4ODI0NmFiNTdlMjA0ZGVhNTFlOTI0M2M2NzI1MmRj
YmE1ODUwHhcNMjUwMTAxMTk0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2VlMmI3NThkYzRlM2NhYWI4ZGRhYTdjZTUxMTk3MWFmZDg3OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBwgI9bvlLHUtUkTUjL01COQqCSP
IEKprOkCB7CDvDJmv7x/aEpwhGSuQ4bfzZX34l+Sqem86DYM6S9edDqLvoo+SA8G
ZI+t4cAmIJT2PDZa0bax0z0YaImlb1QlwNrEPsR7NRTtlU1w/Fbwq3P+3CgGZNFE
BP63Ieh77ZGOjR5XCxGo3TQIX1EkEYyES05Ffamhw9gfkpKw74PkY22nn/vDndvZ
nAnkkxnx4xca3OFHtRmx11ZRwdz/HolMFlFsQ2MRDnZj34kU48E9GAQ1yzosDQDg
KqtTfRb1Wa+C912+LJYOloLKafM1a68nlBdtGgKu8GYJE1D3A80Y6GByLwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBzuK3WNxOPKq43ap85RGXGv2Hm7MB8GA1UdIwQY
MBaAFAEdiCRqtX4gTepR6SQ8ZyUty6WFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVIySUpHcTFmaUJONmxIcEpEeG5KUzNMcFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jZDk5NzYtMmNkMi00NjZmLWFiZTct
MDA4YTgwZjZmZjExLzEvSE80cmRZM0U0OHFyamRxbnpsRVpjYV9ZZWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jZDk5NzYtMmNkMi00NjZmLWFiZTctMDA4YTgwZjZmZjEx
LzEvQVIySUpHcTFmaUJONmxIcEpEeG5KUzNMcFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubSSMA0E
AgACMAcDBQAqE6uAMA0GCSqGSIb3DQEBCwUAA4IBAQCorVPuYgpnDQypODpBGTZm
6xdct5YSSj2vC86JptgEPBwmSJZhEv+k5OMZ9gFvDekjRoxh3ev589YveJfTwAR+
dkuAhn2dLbW98v9eWT18j9z77ogLv9NLeGXuOVZJmSfWlGOVQnw72vblFEtwtKAL
rLyqBRUd+eVQo4NXrrjMNMfaiOfmmZA8KKC/YfiW0RKbWlBYLxbBHPgflX2592B6
r/x94LkO6N4PgHkrdufqj90GKcPM7Y/wisBrjrEKVfYUiFj4Lm7Xf0eIQFdZ1K19
1wXt2RV5HW9aiT8yuXoKvS/FOptlNmJAo4EPMihB8tAwqdfk+DyxPLfWRtls0n5F
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:12:30 2025 by rpki-client