Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/bhwBYoazvA5A_Z_cE9R34ToOWGg.roa
File: bhwBYoazvA5A_Z_cE9R34ToOWGg.roa (raw, json)
Hash identifier: sma7MnYwGc+h3WkyXXW6543+L5js/BDpTSkKMtbWDZw=
Subject key identifier: 6E:1C:01:62:86:B3:BC:0E:40:FD:9F:DC:13:D4:77:E1:3A:0E:58:68
Certificate issuer: /CN=d9ad0d738c7af0359a0630365416440d01985ba2
Certificate serial: 0194252153B00F61171B7FFAF41B27D80B8C
Authority key identifier: D9:AD:0D:73:8C:7A:F0:35:9A:06:30:36:54:16:44:0D:01:98:5B:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/bhwBYoazvA5A_Z_cE9R34ToOWGg.roa
Signing time: Thu 02 Jan 2025 03:48:48 +0000
ROA not before: Thu 02 Jan 2025 03:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202877
IP address blocks: 185.251.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/2a0Nc4x68DWaBjA2VBZEDQGYW6I.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/2a0Nc4x68DWaBjA2VBZEDQGYW6I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:53:b0:0f:61:17:1b:7f:fa:f4:1b:27:d8:0b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ad0d738c7af0359a0630365416440d01985ba2
Validity
Not Before: Jan 2 03:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e1c016286b3bc0e40fd9fdc13d477e13a0e5868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:1b:27:ed:39:ab:f5:a8:b7:d7:4a:09:b3:
55:3c:05:72:28:d0:b1:ac:73:ed:ae:80:f2:11:07:
39:50:db:d7:ac:2f:df:68:e1:97:b9:74:be:86:66:
c0:32:19:77:d7:7b:23:46:a9:e2:3c:8c:20:d2:ba:
a3:45:81:8c:8d:93:bb:45:42:14:6f:83:26:30:6a:
b2:26:67:ef:ec:01:a2:e8:b6:62:70:5a:e1:b5:14:
4c:33:10:99:fe:25:af:17:29:3d:35:c8:7d:88:3a:
02:8c:94:39:a8:da:08:9d:ce:e1:1d:fc:30:4a:a1:
95:b9:30:5a:b8:0e:0e:d3:d9:d8:e0:4d:42:77:0b:
71:49:61:09:34:09:1c:0a:72:3c:18:1c:d6:cb:1b:
2b:43:ae:4f:da:39:37:42:34:56:a0:fa:82:5b:69:
67:6a:fb:eb:e4:3e:3f:ee:37:62:d4:c9:4c:1f:a0:
30:e6:25:b1:00:a9:fe:55:14:7f:48:99:8b:71:2e:
0c:0c:52:c5:37:af:0d:48:4f:ca:72:0d:98:2e:e3:
01:0b:84:23:95:a4:97:1a:e1:42:c1:05:b7:b7:ff:
c9:6e:4a:d9:1f:ec:81:de:0e:d7:f6:21:82:28:6a:
22:26:30:0a:b5:fe:18:15:59:39:0d:c9:3f:aa:1b:
b6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1C:01:62:86:B3:BC:0E:40:FD:9F:DC:13:D4:77:E1:3A:0E:58:68
X509v3 Authority Key Identifier:
keyid:D9:AD:0D:73:8C:7A:F0:35:9A:06:30:36:54:16:44:0D:01:98:5B:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a0Nc4x68DWaBjA2VBZEDQGYW6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/bhwBYoazvA5A_Z_cE9R34ToOWGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0dd80b-c5b4-4e6c-ba2e-b137cfb37463/1/2a0Nc4x68DWaBjA2VBZEDQGYW6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.14.0/24
Signature Algorithm: sha256WithRSAEncryption
25:35:d2:6a:2e:1b:32:8c:ec:9f:55:1d:40:76:bd:6e:9e:93:
9f:b5:99:81:1e:e9:9a:ce:59:40:50:4f:8c:f7:4d:fd:7b:13:
fd:b4:5d:e8:be:5c:d7:9d:d7:e4:9f:93:61:3d:d8:79:7b:8e:
4f:a7:83:a8:d6:0a:31:1e:8e:ce:bf:58:ef:b6:90:58:ea:17:
87:40:2f:25:8d:4c:3c:bc:55:01:14:f3:61:f8:4e:d8:83:f5:
0a:04:0b:e6:26:dd:78:70:fb:0a:34:20:07:a2:87:08:ec:20:
77:9e:e0:04:29:28:45:e3:c8:09:be:8c:57:bd:e8:37:aa:81:
aa:43:59:02:94:05:b4:38:31:e4:61:f8:4a:dc:59:42:38:90:
16:2a:61:be:80:92:7c:ad:fa:f3:0f:56:19:ec:ac:29:69:29:
2c:30:31:0d:25:35:42:6b:5a:96:ca:12:08:1e:be:94:f8:b0:
bf:25:99:fd:b3:8a:c4:42:ff:1a:8d:9b:14:7a:ad:31:a3:08:
82:53:ed:03:01:fe:3c:53:6a:6c:c7:2f:23:74:14:eb:ab:0e:
94:61:91:d2:d5:86:26:55:af:33:82:a9:4d:a8:4d:5a:4d:95:
33:8d:c6:d1:b9:92:7d:b7:27:ec:b3:7d:8f:f0:5d:29:cf:81:
66:fb:44:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIVOwD2EXG3/69Bsn2AuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWQwZDczOGM3YWYwMzU5YTA2MzAzNjU0MTY0NDBkMDE5
ODViYTIwHhcNMjUwMTAyMDM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFjMDE2Mjg2YjNiYzBlNDBmZDlmZGMxM2Q0NzdlMTNhMGU1ODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6IbJ+05q/Wot9dKCbNVPAVyKNCx
rHPtroDyEQc5UNvXrC/faOGXuXS+hmbAMhl313sjRqniPIwg0rqjRYGMjZO7RUIU
b4MmMGqyJmfv7AGi6LZicFrhtRRMMxCZ/iWvFyk9Nch9iDoCjJQ5qNoInc7hHfww
SqGVuTBauA4O09nY4E1CdwtxSWEJNAkcCnI8GBzWyxsrQ65P2jk3QjRWoPqCW2ln
avvr5D4/7jdi1MlMH6Aw5iWxAKn+VRR/SJmLcS4MDFLFN68NSE/Kcg2YLuMBC4Qj
laSXGuFCwQW3t//JbkrZH+yB3g7X9iGCKGoiJjAKtf4YFVk5Dck/qhu29QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4cAWKGs7wOQP2f3BPUd+E6DlhoMB8GA1UdIwQY
MBaAFNmtDXOMevA1mgYwNlQWRA0BmFuiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmEwTmM0eDY4RFdhQmpBMlZCWkVEUUdZVzZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZGQ4MGItYzViNC00ZTZjLWJhMmUt
YjEzN2NmYjM3NDYzLzEvYmh3QllvYXp2QTVBX1pfY0U5UjM0VG9PV0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZGQ4MGItYzViNC00ZTZjLWJhMmUtYjEzN2NmYjM3NDYz
LzEvMmEwTmM0eDY4RFdhQmpBMlZCWkVEUUdZVzZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufsOMA0G
CSqGSIb3DQEBCwUAA4IBAQAlNdJqLhsyjOyfVR1Adr1unpOftZmBHumazllAUE+M
9039exP9tF3ovlzXndfkn5NhPdh5e45Pp4Oo1goxHo7Ov1jvtpBY6heHQC8ljUw8
vFUBFPNh+E7Yg/UKBAvmJt14cPsKNCAHoocI7CB3nuAEKShF48gJvoxXveg3qoGq
Q1kClAW0ODHkYfhK3FlCOJAWKmG+gJJ8rfrzD1YZ7KwpaSksMDENJTVCa1qWyhII
Hr6U+LC/JZn9s4rEQv8ajZsUeq0xowiCU+0DAf48U2psxy8jdBTrqw6UYZHS1YYm
Va8zgqlNqE1aTZUzjcbRuZJ9tyfss32P8F0pz4Fm+0Si
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:57:06 2025 by rpki-client