Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/hk7Zcb_ZvfQWRDY4fRe9DXiUweg.roa
File: hk7Zcb_ZvfQWRDY4fRe9DXiUweg.roa (raw, json)
Hash identifier: fltvYaRZ7mr1q9gGvd2bmlkOO/Gg3BH7WVe78pSz7SA=
Subject key identifier: 86:4E:D9:71:BF:D9:BD:F4:16:44:36:38:7D:17:BD:0D:78:94:C1:E8
Certificate issuer: /CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Certificate serial: 019585D558A5E72FF6730863DFA35ACAFB22
Authority key identifier: C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/hk7Zcb_ZvfQWRDY4fRe9DXiUweg.roa
Signing time: Tue 11 Mar 2025 15:31:46 +0000
ROA not before: Tue 11 Mar 2025 15:31:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44942
IP address blocks: 92.63.228.0/22 maxlen: 22
92.63.232.0/21 maxlen: 21
92.246.104.0/22 maxlen: 22
92.246.108.0/22 maxlen: 22
92.246.108.0/24 maxlen: 24
92.246.109.0/24 maxlen: 24
92.246.110.0/24 maxlen: 24
92.246.111.0/24 maxlen: 24
185.157.216.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:85:d5:58:a5:e7:2f:f6:73:08:63:df:a3:5a:ca:fb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Validity
Not Before: Mar 11 15:31:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=864ed971bfd9bdf4164436387d17bd0d7894c1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9e:2d:20:6d:c9:b2:42:11:b7:30:1e:80:15:
45:e7:60:a2:17:56:c7:8a:a4:31:c0:73:fb:70:70:
8f:00:65:f4:81:e1:ec:21:08:85:96:e5:6c:a7:8a:
ce:18:46:3f:bf:79:af:1b:73:d1:8c:31:11:70:39:
55:0b:a4:3b:35:70:40:dd:31:74:ae:dd:80:02:f1:
07:05:88:e5:2a:9e:65:1f:6a:d1:fb:e4:b4:07:4f:
58:31:73:51:50:c1:e0:25:5e:79:2f:d7:9a:06:9a:
9d:81:c1:af:eb:e2:43:03:5b:db:1c:39:6b:4f:aa:
b0:e3:5d:14:7b:ff:8f:54:ee:91:31:cc:07:13:b8:
cc:94:45:17:8b:94:0b:61:63:fd:2d:9b:37:cb:64:
20:30:07:a9:61:b1:20:4c:a3:6e:d0:3c:b0:64:e0:
ef:55:05:62:66:7f:e2:22:3d:91:b3:5b:71:4f:e7:
97:aa:fb:c9:8a:a7:19:93:b0:43:2e:02:2d:ff:da:
a4:67:94:ff:b3:5c:b5:5b:13:6e:0b:cd:cf:cb:74:
f7:6c:1f:65:5a:6c:a4:17:fd:cd:be:82:87:57:91:
6f:ea:be:27:56:fc:0c:2b:79:74:a2:d4:c4:c3:dc:
11:45:d0:01:f7:e9:5d:6e:f3:52:ee:07:05:e8:e3:
47:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4E:D9:71:BF:D9:BD:F4:16:44:36:38:7D:17:BD:0D:78:94:C1:E8
X509v3 Authority Key Identifier:
keyid:C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/hk7Zcb_ZvfQWRDY4fRe9DXiUweg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.228.0-92.63.239.255
92.246.104.0/21
185.157.216.0/22
Signature Algorithm: sha256WithRSAEncryption
62:6d:06:8e:b7:9c:0c:cb:c6:f0:8c:96:11:71:42:a9:af:24:
9b:9d:eb:a1:1a:16:e6:e4:3f:8e:cd:fd:6e:01:15:9f:29:33:
66:4d:db:13:8a:b3:de:e2:04:d8:b4:4f:0c:87:91:e6:a9:27:
eb:e1:a3:7c:2a:4f:0a:fd:33:0b:c0:67:e9:97:d4:66:09:23:
bb:a9:3d:9f:5d:c2:cc:30:c4:c7:b9:9e:6d:3f:c2:65:37:5f:
1d:10:a4:47:9b:05:18:82:50:7e:f9:02:7a:20:b4:c7:02:fa:
f0:b3:cf:cb:fa:f6:2d:7b:ca:44:41:9c:bc:3d:11:c6:0c:fb:
aa:d2:d0:2f:08:02:bf:c9:b6:b1:dc:9a:75:ee:eb:7e:ab:96:
71:8d:d2:18:f3:5b:fe:10:4a:4c:3d:1f:ee:7a:de:81:46:2d:
ac:27:3b:d0:51:26:6a:e3:03:45:62:e8:23:db:fb:e2:d6:78:
da:10:dc:f6:55:e1:50:d9:aa:61:d8:99:8d:87:7e:ed:51:33:
87:af:ad:7e:66:fe:c3:47:a0:a6:df:70:74:dd:42:38:81:c4:
a5:60:08:6c:41:7a:ed:50:7c:65:a4:10:e9:c8:a0:c3:d7:89:
39:34:ed:c6:56:f6:5d:dc:79:e0:fd:07:b9:8c:37:58:b5:e9:
79:07:c4:c0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZWF1Vil5y/2cwhj36NayvsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTZlMjJmNGUyMzk2NWY2YzRhMDI1YzZjOTJlZmMwYjY2
MmU3OTMwHhcNMjUwMzExMTUzMTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRlZDk3MWJmZDliZGY0MTY0NDM2Mzg3ZDE3YmQwZDc4OTRjMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA454tIG3JskIRtzAegBVF52CiF1bH
iqQxwHP7cHCPAGX0geHsIQiFluVsp4rOGEY/v3mvG3PRjDERcDlVC6Q7NXBA3TF0
rt2AAvEHBYjlKp5lH2rR++S0B09YMXNRUMHgJV55L9eaBpqdgcGv6+JDA1vbHDlr
T6qw410Ue/+PVO6RMcwHE7jMlEUXi5QLYWP9LZs3y2QgMAepYbEgTKNu0DywZODv
VQViZn/iIj2Rs1txT+eXqvvJiqcZk7BDLgIt/9qkZ5T/s1y1WxNuC83Py3T3bB9l
WmykF/3NvoKHV5Fv6r4nVvwMK3l0otTEw9wRRdAB9+ldbvNS7gcF6ONHKQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIZO2XG/2b30FkQ2OH0XvQ14lMHoMB8GA1UdIwQY
MBaAFMam4i9OI5ZfbEoCXGyS78C2YueTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYt
MDZhZjZkYmEzNGY3LzEvaGs3WmNiX1p2ZlFXUkRZNGZSZTlEWGlVd2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYtMDZhZjZkYmEzNGY3
LzEveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAJcP+QD
BARcP+ADBANc9mgDBAK5ndgwDQYJKoZIhvcNAQELBQADggEBAGJtBo63nAzLxvCM
lhFxQqmvJJud66EaFubkP47N/W4BFZ8pM2ZN2xOKs97iBNi0TwyHkeapJ+vho3wq
Twr9MwvAZ+mX1GYJI7upPZ9dwswwxMe5nm0/wmU3Xx0QpEebBRiCUH75AnogtMcC
+vCzz8v69i17ykRBnLw9EcYM+6rS0C8IAr/JtrHcmnXu636rlnGN0hjzW/4QSkw9
H+563oFGLawnO9BRJmrjA0Vi6CPb++LWeNoQ3PZV4VDZqmHYmY2Hfu1RM4evrX5m
/sNHoKbfcHTdQjiBxKVgCGxBeu1QfGWkEOnIoMPXiTk07cZW9l3ceeD9B7mMN1i1
6XkHxMA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:54:29 2025 by rpki-client