Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/hJkdSoDXpzIKTUPp93OLm4_CfgM.roa
File: hJkdSoDXpzIKTUPp93OLm4_CfgM.roa (raw, json)
Hash identifier: GAALV0VthJPoxa0vb/cdFv6fAU1JjHbthL2uNWZeyCc=
Subject key identifier: 84:99:1D:4A:80:D7:A7:32:0A:4D:43:E9:F7:73:8B:9B:8F:C2:7E:03
Certificate issuer: /CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Certificate serial: 019420D65323CC396254A59B4ADFE8DC2BA1
Authority key identifier: B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/hJkdSoDXpzIKTUPp93OLm4_CfgM.roa
Signing time: Wed 01 Jan 2025 07:48:24 +0000
ROA not before: Wed 01 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15517
IP address blocks: 62.65.128.0/19 maxlen: 19
62.65.137.0/24 maxlen: 24
94.78.0.0/18 maxlen: 18
2a01:330::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:53:23:cc:39:62:54:a5:9b:4a:df:e8:dc:2b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b0d33432eca77c054e8fa8707248da4e47db0b
Validity
Not Before: Jan 1 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84991d4a80d7a7320a4d43e9f7738b9b8fc27e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:52:9d:33:e2:3f:16:92:2d:bb:cc:83:62:e1:
c8:d7:f4:1f:22:e0:68:23:2e:c2:3b:79:65:76:f1:
8d:6f:6d:32:57:76:83:60:7f:b4:e9:a3:1a:f0:3b:
9f:bb:9a:e1:b6:cd:1b:a4:fb:13:0e:7a:83:56:55:
a9:68:5e:1a:e0:05:1f:52:69:82:db:da:d0:47:96:
13:2e:19:46:93:6e:13:84:c9:1a:cd:10:cd:6a:e3:
56:b5:9c:70:d4:bb:df:d3:2a:06:e5:04:33:e0:38:
f3:ef:e3:99:ed:69:b5:2a:57:7e:22:72:ce:b8:1d:
0d:72:06:39:55:5f:e1:60:a2:8c:6f:2d:c9:f9:87:
3b:c9:38:36:a1:7b:e9:e2:3b:14:79:55:6d:b5:83:
9e:a2:41:38:93:b8:cc:0a:40:e5:fb:d4:49:02:1d:
f8:a8:2f:93:52:c4:c7:07:f9:19:aa:fa:dd:c2:e1:
f6:c9:06:38:36:82:12:64:fd:39:9e:18:74:ef:de:
26:34:1d:67:26:31:8a:b8:1b:5e:04:83:83:8f:8a:
fb:89:cf:8a:d6:3f:00:ba:09:02:c1:2a:1d:9a:66:
9a:e3:b3:c8:be:41:52:d1:ff:18:10:03:d7:f0:42:
d8:61:c8:d5:b1:58:2f:1e:4c:31:9f:3e:e1:0e:07:
ea:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:99:1D:4A:80:D7:A7:32:0A:4D:43:E9:F7:73:8B:9B:8F:C2:7E:03
X509v3 Authority Key Identifier:
keyid:B9:B0:D3:34:32:EC:A7:7C:05:4E:8F:A8:70:72:48:DA:4E:47:DB:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubDTNDLsp3wFTo-ocHJI2k5H2ws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/hJkdSoDXpzIKTUPp93OLm4_CfgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b431ca-5275-42b5-8d54-d196f9291732/1/ubDTNDLsp3wFTo-ocHJI2k5H2ws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.128.0/19
94.78.0.0/18
IPv6:
2a01:330::/32
Signature Algorithm: sha256WithRSAEncryption
00:5c:ab:da:17:91:86:76:21:a3:a3:67:47:8a:d4:7e:0d:6d:
fd:c4:89:8c:6a:72:e8:b3:6c:9a:b0:86:26:db:94:1a:d8:1f:
6d:a8:b2:bd:94:60:a9:02:5e:ad:c7:3e:fc:df:4a:39:1c:73:
f4:e8:81:ae:43:1b:c9:3d:49:d5:68:0a:70:d2:40:71:ea:00:
a8:d8:48:57:60:81:3f:b7:39:76:40:87:4e:0c:25:d4:13:8f:
8c:0d:5a:bb:e5:ed:5a:4b:be:20:b3:4d:91:ca:34:d7:6e:d9:
6a:fc:82:f9:2d:e6:20:f5:1b:ce:d4:09:02:4d:d2:87:e4:8a:
30:fb:63:d2:8a:40:ae:97:75:9d:1e:4f:1b:a7:08:ca:ea:9e:
38:1b:69:47:44:4a:32:ca:67:9c:d6:21:64:5b:34:39:91:db:
10:f8:6c:af:22:ae:b7:6e:4f:32:f9:d7:08:b3:73:12:29:b8:
80:ca:f8:e6:23:13:45:0d:8d:4d:c8:41:7d:81:b3:00:f1:83:
4c:cb:bd:5a:3b:e7:96:f7:d7:a1:7e:f3:2d:b4:37:ec:fe:b0:
e8:9a:0d:37:57:a9:e0:2a:62:8b:26:9a:58:e9:b3:77:20:20:
cc:12:8a:30:e5:fe:24:70:55:d1:d7:13:5e:41:df:a6:3f:b0:
26:3c:62:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1lMjzDliVKWbSt/o3CuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjBkMzM0MzJlY2E3N2MwNTRlOGZhODcwNzI0OGRhNGU0
N2RiMGIwHhcNMjUwMTAxMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDk5MWQ0YTgwZDdhNzMyMGE0ZDQzZTlmNzczOGI5YjhmYzI3ZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFKdM+I/FpItu8yDYuHI1/QfIuBo
Iy7CO3lldvGNb20yV3aDYH+06aMa8Dufu5rhts0bpPsTDnqDVlWpaF4a4AUfUmmC
29rQR5YTLhlGk24ThMkazRDNauNWtZxw1Lvf0yoG5QQz4Djz7+OZ7Wm1Kld+InLO
uB0NcgY5VV/hYKKMby3J+Yc7yTg2oXvp4jsUeVVttYOeokE4k7jMCkDl+9RJAh34
qC+TUsTHB/kZqvrdwuH2yQY4NoISZP05nhh0794mNB1nJjGKuBteBIODj4r7ic+K
1j8AugkCwSodmmaa47PIvkFS0f8YEAPX8ELYYcjVsVgvHkwxnz7hDgfqWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFISZHUqA16cyCk1D6fdzi5uPwn4DMB8GA1UdIwQY
MBaAFLmw0zQy7Kd8BU6PqHBySNpOR9sLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQt
ZDE5NmY5MjkxNzMyLzEvaEprZFNvRFhweklLVFVQcDkzT0xtNF9DZmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iNDMxY2EtNTI3NS00MmI1LThkNTQtZDE5NmY5MjkxNzMy
LzEvdWJEVE5ETHNwM3dGVG8tb2NISkkyazVIMndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPkGAAwQG
Xk4AMA0EAgACMAcDBQAqAQMwMA0GCSqGSIb3DQEBCwUAA4IBAQAAXKvaF5GGdiGj
o2dHitR+DW39xImManLos2yasIYm25Qa2B9tqLK9lGCpAl6txz7830o5HHP06IGu
QxvJPUnVaApw0kBx6gCo2EhXYIE/tzl2QIdODCXUE4+MDVq75e1aS74gs02RyjTX
btlq/IL5LeYg9RvO1AkCTdKH5Iow+2PSikCul3WdHk8bpwjK6p44G2lHREoyymec
1iFkWzQ5kdsQ+GyvIq63bk8y+dcIs3MSKbiAyvjmIxNFDY1NyEF9gbMA8YNMy71a
O+eW99ehfvMttDfs/rDomg03V6ngKmKLJppY6bN3ICDMEoow5f4kcFXR1xNeQd+m
P7AmPGKk
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:48:33 2025 by rpki-client