Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/hOKIOJXT2E3DbSwvuh7nFyBTnb0.roa
File: hOKIOJXT2E3DbSwvuh7nFyBTnb0.roa (raw, json)
Hash identifier: NXMlFXhOgBWRY3xR5Bi4mf89F3EzIcOoVBW94WaNFKE=
Subject key identifier: 84:E2:88:38:95:D3:D8:4D:C3:6D:2C:2F:BA:1E:E7:17:20:53:9D:BD
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019718889A22340AAB246DEB25E8E722AD3C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/hOKIOJXT2E3DbSwvuh7nFyBTnb0.roa
Signing time: Wed 28 May 2025 20:14:54 +0000
ROA not before: Wed 28 May 2025 20:14:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21949
IP address blocks: 205.237.92.0/23 maxlen: 23
205.237.94.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:18:88:9a:22:34:0a:ab:24:6d:eb:25:e8:e7:22:ad:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: May 28 20:14:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84e2883895d3d84dc36d2c2fba1ee71720539dbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a5:a7:00:a7:7d:7b:75:ab:ab:ba:e0:b5:55:
5b:76:f3:72:f8:a3:21:98:99:f8:38:57:64:13:01:
48:e3:9d:57:a4:19:ce:af:f9:5f:e4:6d:f7:ed:8a:
0c:1e:5f:59:27:df:eb:cf:fb:fd:49:10:57:56:c0:
49:1e:4e:c7:52:2b:d4:d9:be:f0:6d:f7:c5:37:75:
8a:56:dd:52:0e:0f:ed:23:54:ea:88:51:d2:9c:df:
b0:bb:70:af:8e:bb:6e:3e:fd:8b:cc:d7:4e:6d:3e:
9a:15:f5:a8:82:e1:cd:18:c6:89:a6:39:d7:b9:d5:
d7:f8:11:7c:2c:2b:40:04:04:9b:88:75:dd:42:79:
6a:29:e2:e0:28:f4:65:34:eb:46:73:3d:d7:56:60:
e9:1c:0d:d1:86:2c:fe:6c:32:a5:1d:dd:3a:11:c2:
63:a8:3d:32:c0:fa:2e:9a:74:4e:47:be:53:86:f3:
ea:11:04:8b:de:9e:46:6a:b5:b1:2f:4d:c5:47:5d:
0d:50:e8:47:0d:03:f3:6e:8d:c7:70:70:08:b2:32:
6d:a7:78:08:ca:6d:a4:cc:33:53:9a:be:93:09:9c:
e7:b3:5c:78:1c:e5:a1:89:c0:d7:39:fc:a0:da:79:
48:18:fc:6f:b7:fd:17:23:79:9d:00:e0:b4:ec:4e:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E2:88:38:95:D3:D8:4D:C3:6D:2C:2F:BA:1E:E7:17:20:53:9D:BD
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/hOKIOJXT2E3DbSwvuh7nFyBTnb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
205.237.92.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:81:b5:eb:38:d8:0f:b4:e0:5a:62:26:a7:13:56:0d:b9:b1:
ac:c5:19:b2:c6:92:6a:60:cd:94:c1:4e:c4:d2:8a:3d:38:28:
61:9e:6c:03:78:72:c3:ac:d9:27:3e:5b:5a:48:49:d6:c8:fc:
ff:81:6e:98:c9:14:01:0c:d2:b1:c5:dc:43:96:f2:96:24:28:
19:e3:bf:53:ad:25:1b:26:cd:9e:86:d5:68:1f:12:bc:70:61:
9c:6a:63:a1:f0:38:21:97:26:06:d5:dc:f3:b1:8a:f2:06:d0:
48:39:02:a8:f8:79:81:c4:8a:04:d3:46:86:cd:97:f1:dd:30:
72:b3:81:c2:82:73:0f:bd:86:15:fd:7a:ea:bc:46:42:20:77:
f2:0a:17:d7:60:5f:1b:50:40:6b:d4:b1:0a:a8:f8:49:a5:b9:
7d:c9:b4:09:9a:2d:fa:bd:f3:88:d9:f2:a4:c0:2c:d7:6f:36:
01:f9:72:2d:87:b8:ac:81:2d:f8:a5:08:f4:c2:95:aa:2b:aa:
bb:65:1e:de:e6:11:1a:61:21:7d:b5:d1:cf:80:44:a7:e6:05:
d0:41:c2:56:63:b1:20:de:28:28:ed:58:9c:dd:24:6e:a6:d0:
7f:52:2c:5f:3e:fe:5d:51:75:de:da:6b:f9:e5:5c:47:85:fa:
c7:00:bd:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcYiJoiNAqrJG3rJejnIq08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNTI4MjAxNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUyODgzODk1ZDNkODRkYzM2ZDJjMmZiYTFlZTcxNzIwNTM5ZGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76WnAKd9e3Wrq7rgtVVbdvNy+KMh
mJn4OFdkEwFI451XpBnOr/lf5G337YoMHl9ZJ9/rz/v9SRBXVsBJHk7HUivU2b7w
bffFN3WKVt1SDg/tI1TqiFHSnN+wu3CvjrtuPv2LzNdObT6aFfWoguHNGMaJpjnX
udXX+BF8LCtABASbiHXdQnlqKeLgKPRlNOtGcz3XVmDpHA3Rhiz+bDKlHd06EcJj
qD0ywPoumnROR75ThvPqEQSL3p5GarWxL03FR10NUOhHDQPzbo3HcHAIsjJtp3gI
ym2kzDNTmr6TCZzns1x4HOWhicDXOfyg2nlIGPxvt/0XI3mdAOC07E7FKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITiiDiV09hNw20sL7oe5xcgU529MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvaE9LSU9KWFQyRTNEYlN3dnVoN25GeUJUbmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCze1cMA0G
CSqGSIb3DQEBCwUAA4IBAQCjgbXrONgPtOBaYianE1YNubGsxRmyxpJqYM2UwU7E
0oo9OChhnmwDeHLDrNknPltaSEnWyPz/gW6YyRQBDNKxxdxDlvKWJCgZ479TrSUb
Js2ehtVoHxK8cGGcamOh8DghlyYG1dzzsYryBtBIOQKo+HmBxIoE00aGzZfx3TBy
s4HCgnMPvYYV/XrqvEZCIHfyChfXYF8bUEBr1LEKqPhJpbl9ybQJmi36vfOI2fKk
wCzXbzYB+XIth7isgS34pQj0wpWqK6q7ZR7e5hEaYSF9tdHPgESn5gXQQcJWY7Eg
3igo7Vic3SRuptB/UixfPv5dUXXe2mv55VxHhfrHAL3j
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:21:52 2025 by rpki-client