Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/hsXTdDwIDQeR8Y4thDk7zd5XS_E.roa
File: hsXTdDwIDQeR8Y4thDk7zd5XS_E.roa (raw, json)
Hash identifier: WxjjzedasgKM79/0bmtsmVyW63ILl73WxBDKWi3e8Sw=
Subject key identifier: 86:C5:D3:74:3C:08:0D:07:91:F1:8E:2D:84:39:3B:CD:DE:57:4B:F1
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01941F8C48245436D221DF98FC1AE468442C
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/hsXTdDwIDQeR8Y4thDk7zd5XS_E.roa
Signing time: Wed 01 Jan 2025 01:47:54 +0000
ROA not before: Wed 01 Jan 2025 01:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47376
IP address blocks: 85.9.86.0/23 maxlen: 23
85.9.116.0/22 maxlen: 22
85.9.116.0/24 maxlen: 24
85.9.117.0/24 maxlen: 24
85.9.119.0/24 maxlen: 24
185.131.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:48:24:54:36:d2:21:df:98:fc:1a:e4:68:44:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 01:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86c5d3743c080d0791f18e2d84393bcdde574bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a6:93:ad:29:ba:78:45:12:a0:eb:dd:3a:ed:
6d:fd:1d:48:83:a8:d2:d5:4c:1a:d2:eb:e5:25:ad:
cf:7a:54:52:47:03:ce:2b:4f:cd:68:e3:e4:35:8e:
d5:19:78:6d:88:57:02:95:2f:7c:98:02:7d:96:6e:
8d:e5:bb:88:14:e1:63:a8:ef:26:be:b9:27:13:9f:
6d:c5:91:a0:15:0a:a4:28:50:1a:6e:8d:f4:27:5f:
01:4a:a7:42:fc:0d:94:a3:b4:7e:d6:6c:e9:bf:f2:
fe:a0:61:65:43:f2:93:fd:aa:cd:11:ae:f1:cc:6a:
3f:2e:01:51:fd:ca:6c:b1:96:17:65:fd:b0:74:a4:
97:7c:7c:40:fb:11:24:e9:b8:c3:ce:4a:70:c8:dc:
fb:73:2e:49:f9:88:3c:12:fb:80:4d:1c:2f:fb:89:
a5:94:b7:50:ac:6f:f3:ae:01:74:58:0d:43:10:ce:
cb:24:80:ee:8d:57:36:6a:fd:9d:06:5f:9e:03:9d:
a8:af:4e:c6:af:61:d3:44:e7:75:36:9a:5a:ee:f3:
c6:c9:b3:a6:3b:4b:93:54:de:e2:f9:12:26:0f:16:
44:ca:3a:af:fc:ed:11:7e:90:a6:c9:32:8f:d2:aa:
c3:f1:5e:95:07:c5:44:f7:53:d6:92:b6:84:72:fa:
a7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C5:D3:74:3C:08:0D:07:91:F1:8E:2D:84:39:3B:CD:DE:57:4B:F1
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/hsXTdDwIDQeR8Y4thDk7zd5XS_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.86.0/23
85.9.116.0/22
185.131.29.0/24
Signature Algorithm: sha256WithRSAEncryption
24:e3:6d:3a:1e:0f:0d:92:1b:13:24:94:da:e4:e1:9e:c8:d0:
8c:4c:db:8b:df:f1:5b:fd:98:eb:23:cc:41:88:8c:97:75:2e:
7a:d5:6d:d1:ab:3d:79:7a:77:1e:12:ff:42:01:2a:e7:43:a3:
ad:5f:5b:88:78:c4:15:a2:46:1c:3a:88:1e:10:5a:19:ae:fe:
06:69:e5:8c:b4:eb:01:c4:99:7a:78:1d:9a:46:dc:f6:e1:74:
74:b9:04:26:40:cb:57:c8:5a:d6:aa:64:7c:0b:3a:c5:82:af:
ea:00:70:da:58:b1:f5:a8:60:ff:ec:f7:35:e4:91:eb:71:19:
ec:d2:e1:19:11:92:f1:4d:3f:2f:00:f5:39:2b:11:b6:70:d9:
67:d3:7b:1f:d7:9c:1b:5d:fd:70:a2:75:d9:32:54:2b:95:9f:
dd:a5:cd:b2:15:05:82:a1:b7:9c:8a:8c:a0:83:e8:77:d9:03:
6e:1d:20:e8:11:17:e1:52:8d:15:b4:1e:a4:0f:d1:c7:57:1c:
7c:53:d1:43:3e:d7:76:1e:9a:39:b2:75:f4:87:a2:59:f6:24:
48:bc:ac:a1:44:29:d8:6e:5c:6c:0a:0b:6f:8d:88:96:14:d9:
33:0b:47:80:83:74:c0:6e:f2:a3:27:1a:22:60:ee:e6:74:a0:
bd:7f:12:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjEgkVDbSId+Y/BrkaEQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjUwMTAxMDE0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM1ZDM3NDNjMDgwZDA3OTFmMThlMmQ4NDM5M2JjZGRlNTc0YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqaTrSm6eEUSoOvdOu1t/R1Ig6jS
1Uwa0uvlJa3PelRSRwPOK0/NaOPkNY7VGXhtiFcClS98mAJ9lm6N5buIFOFjqO8m
vrknE59txZGgFQqkKFAabo30J18BSqdC/A2Uo7R+1mzpv/L+oGFlQ/KT/arNEa7x
zGo/LgFR/cpssZYXZf2wdKSXfHxA+xEk6bjDzkpwyNz7cy5J+Yg8EvuATRwv+4ml
lLdQrG/zrgF0WA1DEM7LJIDujVc2av2dBl+eA52or07Gr2HTROd1Nppa7vPGybOm
O0uTVN7i+RImDxZEyjqv/O0RfpCmyTKP0qrD8V6VB8VE91PWkraEcvqnlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIbF03Q8CA0HkfGOLYQ5O83eV0vxMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvaHNYVGREd0lEUWVSOFk0dGhEazd6ZDVYU19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVQlWAwQC
VQl0AwQAuYMdMA0GCSqGSIb3DQEBCwUAA4IBAQAk4206Hg8NkhsTJJTa5OGeyNCM
TNuL3/Fb/ZjrI8xBiIyXdS561W3Rqz15enceEv9CASrnQ6OtX1uIeMQVokYcOoge
EFoZrv4GaeWMtOsBxJl6eB2aRtz24XR0uQQmQMtXyFrWqmR8CzrFgq/qAHDaWLH1
qGD/7Pc15JHrcRns0uEZEZLxTT8vAPU5KxG2cNln03sf15wbXf1wonXZMlQrlZ/d
pc2yFQWCobecioygg+h32QNuHSDoERfhUo0VtB6kD9HHVxx8U9FDPtd2Hpo5snX0
h6JZ9iRIvKyhRCnYblxsCgtvjYiWFNkzC0eAg3TAbvKjJxoiYO7mdKC9fxKQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:35:55 2025 by rpki-client