Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/hywnu8WYT2nlwz43odSJDrRW-kI.roa
File: hywnu8WYT2nlwz43odSJDrRW-kI.roa (raw, json)
Hash identifier: fmRjbmK2i86QP0T+gwCHNnfXkIciPJ7caNHOaYsr8bQ=
Subject key identifier: 87:2C:27:BB:C5:98:4F:69:E5:C3:3E:37:A1:D4:89:0E:B4:56:FA:42
Certificate issuer: /CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Certificate serial: 0194221FCF8CD60B849B9C96C19F505EC88D
Authority key identifier: 67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/hywnu8WYT2nlwz43odSJDrRW-kI.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210512
IP address blocks: 81.161.63.0/24 maxlen: 24
91.195.125.0/24 maxlen: 24
91.229.112.0/23 maxlen: 23
193.9.17.0/24 maxlen: 24
213.108.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 14:41:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:cf:8c:d6:0b:84:9b:9c:96:c1:9f:50:5e:c8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67955b1aa1c0284d2843b96f26c5fe751e66946f
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=872c27bbc5984f69e5c33e37a1d4890eb456fa42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:77:70:8f:ac:6a:c3:b9:6a:c2:97:68:e6:15:
ad:20:60:b5:7e:ad:d1:c2:49:5e:e8:7e:af:37:a9:
5a:2e:37:05:30:2b:03:13:80:ec:e6:e1:fa:15:e5:
34:b7:21:31:a8:32:9b:6e:9b:df:e7:b1:4d:4e:11:
f1:8b:e0:28:8e:b0:51:9c:b2:8c:50:3f:2a:c4:28:
a9:e0:2e:b1:17:41:d7:5c:81:3b:13:cb:08:1a:55:
c9:45:3d:4e:5d:31:5d:38:a0:ae:86:ab:39:86:4e:
49:be:d7:93:51:0f:ed:d0:27:1d:97:2c:53:5b:ef:
31:e3:c0:c1:0d:fe:ba:02:f2:22:85:5f:13:12:2f:
50:51:b1:91:c7:7a:a7:08:6d:cc:6e:54:d5:79:f7:
b5:7e:22:da:34:9b:3a:47:da:b1:43:c2:8b:2c:21:
c6:d1:cb:a6:89:c3:0c:82:8f:f9:fe:ae:48:44:3f:
3c:f0:62:b3:ba:b3:4f:96:18:ff:bd:6c:cd:22:d7:
19:4e:28:b8:09:8a:d8:39:5a:64:ac:b2:91:be:6e:
d7:a2:80:83:35:c3:99:4e:b2:7f:30:dc:be:83:6c:
99:43:d4:37:71:e8:46:80:89:39:1b:a6:c7:be:9c:
24:95:e4:90:eb:c9:54:cf:75:30:b9:87:c4:b2:b6:
14:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:27:BB:C5:98:4F:69:E5:C3:3E:37:A1:D4:89:0E:B4:56:FA:42
X509v3 Authority Key Identifier:
keyid:67:95:5B:1A:A1:C0:28:4D:28:43:B9:6F:26:C5:FE:75:1E:66:94:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/hywnu8WYT2nlwz43odSJDrRW-kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/631925-6b0e-4ea5-91d7-08ad94101d7e/1/Z5VbGqHAKE0oQ7lvJsX-dR5mlG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.63.0/24
91.195.125.0/24
91.229.112.0/23
193.9.17.0/24
213.108.133.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:44:61:d2:ec:07:82:6c:f4:4b:2a:93:93:60:c4:47:a9:21:
49:31:e9:f0:8d:d0:99:1a:4e:bd:00:47:51:64:95:79:14:15:
d4:37:a8:6c:16:c0:c5:64:e4:db:c4:5b:9c:2f:42:05:8d:f8:
34:fb:63:27:4c:e7:36:2e:4e:96:6c:80:74:ac:df:f4:c4:a8:
11:e8:5b:41:8a:35:27:f5:17:e8:bf:b9:64:fc:b0:2b:7f:17:
84:35:9d:30:e9:7c:60:d0:2f:43:ad:92:d0:14:07:bd:ad:7d:
a2:b9:bd:8b:17:a1:32:b7:9e:53:cc:00:ca:66:62:f5:00:8e:
4a:2b:81:b8:ab:55:fc:47:16:e2:79:c2:01:cd:bc:f1:56:49:
f3:a8:91:16:20:71:10:7c:f0:46:7c:f4:0e:b6:5e:e4:27:9a:
69:e0:f4:ab:81:7b:62:6d:cb:7c:f9:e0:98:48:7b:94:47:0f:
f4:b6:44:e1:32:8c:a4:7d:1c:cd:62:ec:f3:83:8a:e0:8d:54:
dd:09:bb:88:92:53:20:a6:43:42:79:c0:d3:26:7e:5a:ff:1f:
d2:f2:72:1d:c0:06:d6:94:0c:b4:19:f5:b2:63:7a:ce:8c:89:
6b:4f:80:3d:39:1b:36:e4:73:d2:db:54:8b:76:36:13:80:aa:
d5:60:76:ee
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiH8+M1guEm5yWwZ9QXsiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTU1YjFhYTFjMDI4NGQyODQzYjk2ZjI2YzVmZTc1MWU2
Njk0NmYwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJjMjdiYmM1OTg0ZjY5ZTVjMzNlMzdhMWQ0ODkwZWI0NTZmYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXdwj6xqw7lqwpdo5hWtIGC1fq3R
wkle6H6vN6laLjcFMCsDE4Ds5uH6FeU0tyExqDKbbpvf57FNThHxi+AojrBRnLKM
UD8qxCip4C6xF0HXXIE7E8sIGlXJRT1OXTFdOKCuhqs5hk5JvteTUQ/t0CcdlyxT
W+8x48DBDf66AvIihV8TEi9QUbGRx3qnCG3MblTVefe1fiLaNJs6R9qxQ8KLLCHG
0cumicMMgo/5/q5IRD888GKzurNPlhj/vWzNItcZTii4CYrYOVpkrLKRvm7XooCD
NcOZTrJ/MNy+g2yZQ9Q3cehGgIk5G6bHvpwkleSQ68lUz3UwuYfEsrYU+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIcsJ7vFmE9p5cM+N6HUiQ60VvpCMB8GA1UdIwQY
MBaAFGeVWxqhwChNKEO5bybF/nUeZpRvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDct
MDhhZDk0MTAxZDdlLzEvaHl3bnU4V1lUMm5sd3o0M29kU0pEclJXLWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzE5MjUtNmIwZS00ZWE1LTkxZDctMDhhZDk0MTAxZDdl
LzEvWjVWYkdxSEFLRTBvUTdsdkpzWC1kUjVtbEc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUaE/AwQA
W8N9AwQBW+VwAwQAwQkRAwQA1WyFMA0GCSqGSIb3DQEBCwUAA4IBAQALRGHS7AeC
bPRLKpOTYMRHqSFJMenwjdCZGk69AEdRZJV5FBXUN6hsFsDFZOTbxFucL0IFjfg0
+2MnTOc2Lk6WbIB0rN/0xKgR6FtBijUn9Rfov7lk/LArfxeENZ0w6Xxg0C9DrZLQ
FAe9rX2iub2LF6Eyt55TzADKZmL1AI5KK4G4q1X8RxbiecIBzbzxVknzqJEWIHEQ
fPBGfPQOtl7kJ5pp4PSrgXtibct8+eCYSHuURw/0tkThMoykfRzNYuzzg4rgjVTd
CbuIklMgpkNCecDTJn5a/x/S8nIdwAbWlAy0GfWyY3rOjIlrT4A9ORs25HPS21SL
djYTgKrVYHbu
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:37:53 2025 by rpki-client