Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/hwkpF7GCiN1Fi1Bf-G_kcCT7lXg.roa
File: hwkpF7GCiN1Fi1Bf-G_kcCT7lXg.roa (raw, json)
Hash identifier: owUDYc5hXMNAaSpXWFyOh6YRLado21xVEXGeqVIdneY=
Subject key identifier: 87:09:29:17:B1:82:88:DD:45:8B:50:5F:F8:6F:E4:70:24:FB:95:78
Certificate issuer: /CN=3a0429b5aecac8364544bf623f94f163afdce561
Certificate serial: 019427B643E0992260A7D2CE51976FE5DB5B
Authority key identifier: 3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/hwkpF7GCiN1Fi1Bf-G_kcCT7lXg.roa
Signing time: Thu 02 Jan 2025 15:50:43 +0000
ROA not before: Thu 02 Jan 2025 15:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 146.0.0.0/24 maxlen: 24
146.0.1.0/24 maxlen: 24
146.0.2.0/24 maxlen: 24
146.0.5.0/24 maxlen: 24
146.0.8.0/24 maxlen: 24
146.0.9.0/24 maxlen: 24
146.0.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:43:e0:99:22:60:a7:d2:ce:51:97:6f:e5:db:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0429b5aecac8364544bf623f94f163afdce561
Validity
Not Before: Jan 2 15:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87092917b18288dd458b505ff86fe47024fb9578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f8:41:a8:11:ef:fa:13:8a:bd:e2:a4:9a:1e:
dc:73:7d:e4:0e:20:85:a5:1e:92:fd:4e:2a:38:b1:
0c:de:49:fa:87:b9:7e:bf:ab:b4:89:98:cd:2d:b8:
bc:44:08:e5:c8:bb:65:bb:1b:8d:5e:aa:c9:f7:6b:
f3:e4:83:c7:63:72:88:30:dc:96:e5:8d:05:da:b6:
46:c8:b8:53:e3:6b:63:90:c5:0d:4d:c7:8d:44:0c:
aa:c3:e5:1e:59:2c:b2:4f:c4:10:2e:e4:13:98:ff:
f1:4b:6b:aa:19:e1:6c:4a:05:c8:05:75:eb:94:fe:
31:c6:72:4c:77:fc:66:71:ce:48:b4:a2:e7:26:f7:
17:5d:1e:bc:eb:56:ce:e1:c5:ba:81:66:34:a8:81:
87:a2:fe:09:48:5b:54:c3:49:53:9c:4f:54:70:71:
92:6b:c9:b4:a2:4d:84:85:0c:8d:63:7c:68:0d:27:
81:9d:c9:2e:bd:f6:89:6e:07:21:c2:01:55:a4:d0:
22:07:66:e4:52:68:27:98:bd:62:be:2f:6a:fb:55:
94:13:ad:18:fd:ab:12:5a:f4:06:3e:9f:1c:9f:97:
13:86:71:80:d8:ec:00:56:8b:81:c0:db:0a:d3:ec:
27:e1:19:ad:42:02:7c:28:88:0a:2b:79:8b:c4:98:
3e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:09:29:17:B1:82:88:DD:45:8B:50:5F:F8:6F:E4:70:24:FB:95:78
X509v3 Authority Key Identifier:
keyid:3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/hwkpF7GCiN1Fi1Bf-G_kcCT7lXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.0.0-146.0.2.255
146.0.5.0/24
146.0.8.0/23
146.0.15.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:d6:6d:22:e8:ff:d1:35:1f:cf:23:ff:57:0d:8b:a0:52:01:
13:96:9f:c4:96:31:38:f5:f5:44:f5:6b:1e:db:03:56:5e:39:
99:a5:f4:35:a0:92:4c:e0:6e:66:b2:55:87:11:6c:ac:6f:d6:
4c:b3:49:61:d5:76:c2:8c:95:40:c2:77:69:d3:7a:c2:a7:ba:
50:6f:32:d6:8e:e1:74:4a:d3:8d:31:de:ed:cd:a5:fd:23:bf:
6e:94:cc:76:38:4c:d1:37:49:9b:12:06:ad:6c:9b:d2:60:7d:
db:17:3d:9b:dc:5d:df:65:e8:40:19:f2:db:53:98:c0:81:1a:
82:af:ad:3f:59:85:bd:e9:e0:44:0c:22:b0:e6:87:97:5c:bb:
e1:c1:e5:e3:af:f9:42:9f:79:34:9b:bd:f8:4f:5f:d5:e2:6d:
68:2c:40:45:4b:cb:b4:91:9d:8f:ba:93:16:55:98:f2:44:b5:
2b:e4:33:8b:c6:98:1c:a5:a6:b9:bd:ec:ef:13:ef:4d:bf:1a:
c6:b1:b7:c9:c0:1c:6c:30:61:ef:70:2f:a3:86:d7:ee:16:69:
16:f5:1b:81:c5:77:4a:a3:16:0a:17:89:58:1c:b4:29:aa:04:
fa:a0:bc:f5:58:1e:79:da:2a:1c:17:e1:be:9d:4e:c1:57:cb:
f9:13:d7:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQntkPgmSJgp9LOUZdv5dtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDQyOWI1YWVjYWM4MzY0NTQ0YmY2MjNmOTRmMTYzYWZk
Y2U1NjEwHhcNMjUwMTAyMTU1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA5MjkxN2IxODI4OGRkNDU4YjUwNWZmODZmZTQ3MDI0ZmI5NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PhBqBHv+hOKveKkmh7cc33kDiCF
pR6S/U4qOLEM3kn6h7l+v6u0iZjNLbi8RAjlyLtluxuNXqrJ92vz5IPHY3KIMNyW
5Y0F2rZGyLhT42tjkMUNTceNRAyqw+UeWSyyT8QQLuQTmP/xS2uqGeFsSgXIBXXr
lP4xxnJMd/xmcc5ItKLnJvcXXR6861bO4cW6gWY0qIGHov4JSFtUw0lTnE9UcHGS
a8m0ok2EhQyNY3xoDSeBnckuvfaJbgchwgFVpNAiB2bkUmgnmL1ivi9q+1WUE60Y
/asSWvQGPp8cn5cThnGA2OwAVouBwNsK0+wn4RmtQgJ8KIgKK3mLxJg+ZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIcJKRexgojdRYtQX/hv5HAk+5V4MB8GA1UdIwQY
MBaAFDoEKbWuysg2RUS/Yj+U8WOv3OVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEt
ODQ3MTJjOWYzNDY0LzEvaHdrcEY3R0NpTjFGaTFCZi1HX2tjQ1Q3bFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEtODQ3MTJjOWYzNDY0
LzEvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeMAoDAgGSAwQA
kgACAwQAkgAFAwQBkgAIAwQAkgAPMA0GCSqGSIb3DQEBCwUAA4IBAQDV1m0i6P/R
NR/PI/9XDYugUgETlp/EljE49fVE9Wse2wNWXjmZpfQ1oJJM4G5mslWHEWysb9ZM
s0lh1XbCjJVAwndp03rCp7pQbzLWjuF0StONMd7tzaX9I79ulMx2OEzRN0mbEgat
bJvSYH3bFz2b3F3fZehAGfLbU5jAgRqCr60/WYW96eBEDCKw5oeXXLvhweXjr/lC
n3k0m734T1/V4m1oLEBFS8u0kZ2PupMWVZjyRLUr5DOLxpgcpaa5vezvE+9NvxrG
sbfJwBxsMGHvcC+jhtfuFmkW9RuBxXdKoxYKF4lYHLQpqgT6oLz1WB552iocF+G+
nU7BV8v5E9cC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:19 2025 by rpki-client