Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/HMGH1OixlUbIZln6UuRHK_JoRTM.roa
File: HMGH1OixlUbIZln6UuRHK_JoRTM.roa (raw, json)
Hash identifier: hIobepQhJMDuyYwWr9rOBNqOIvasbF7MFvvQPTjZKdk=
Subject key identifier: 1C:C1:87:D4:E8:B1:95:46:C8:66:59:FA:52:E4:47:2B:F2:68:45:33
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 019425FDC01DF0DFED0EED297233945822C0
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/HMGH1OixlUbIZln6UuRHK_JoRTM.roa
Signing time: Thu 02 Jan 2025 07:49:34 +0000
ROA not before: Thu 02 Jan 2025 07:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42525
IP address blocks: 37.205.120.0/21 maxlen: 21
77.243.32.0/20 maxlen: 20
81.27.208.0/20 maxlen: 20
94.101.208.0/20 maxlen: 20
185.17.192.0/22 maxlen: 22
194.182.0.0/18 maxlen: 18
212.98.64.0/18 maxlen: 18
217.63.96.0/19 maxlen: 19
2a01:7e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c0:1d:f0:df:ed:0e:ed:29:72:33:94:58:22:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jan 2 07:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cc187d4e8b19546c86659fa52e4472bf2684533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:29:86:c6:d5:76:22:1e:63:0f:b1:0b:a8:d8:
b3:00:13:7e:26:5f:58:0a:83:33:a8:5c:75:56:bd:
56:52:3b:ab:b3:b1:2e:68:df:0a:12:96:d5:ad:93:
44:15:38:c3:79:58:34:f4:f0:d4:52:aa:b2:ac:50:
0b:a8:8e:45:37:21:3e:a7:60:9c:ca:c6:9d:17:db:
ab:66:34:11:88:6f:4a:83:50:f7:c8:ac:6b:c8:43:
95:66:be:1f:23:56:b6:f4:9f:c0:4f:17:4c:08:00:
95:d8:b8:40:f2:7d:fb:df:79:fd:80:e5:a5:88:2e:
68:78:38:c8:1e:82:7f:42:26:22:4a:55:cf:94:eb:
73:38:33:d3:73:6b:2d:bb:bf:d2:7b:3d:eb:ad:83:
d0:a9:13:b1:e7:4a:4a:f8:b0:53:96:63:5c:66:53:
5f:f9:93:ef:8a:e3:e8:22:88:60:0c:c5:fe:78:86:
d5:e3:a2:42:87:1b:9f:4d:73:fd:f6:7e:e2:ac:14:
89:8d:54:83:47:d8:5a:33:61:ad:2e:7b:39:ba:3f:
3c:4a:ab:02:76:79:14:bd:c8:2d:ec:a5:d1:4c:b3:
b1:80:ce:e5:03:44:22:29:7d:52:a2:4c:17:de:cc:
2d:94:da:3f:a1:fa:74:1c:6d:6b:3f:76:1b:cd:ed:
f5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C1:87:D4:E8:B1:95:46:C8:66:59:FA:52:E4:47:2B:F2:68:45:33
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/HMGH1OixlUbIZln6UuRHK_JoRTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.120.0/21
77.243.32.0/20
81.27.208.0/20
94.101.208.0/20
185.17.192.0/22
194.182.0.0/18
212.98.64.0/18
217.63.96.0/19
IPv6:
2a01:7e8::/32
Signature Algorithm: sha256WithRSAEncryption
4b:90:77:c0:9a:07:ac:9d:84:6c:cf:58:86:83:d4:98:9a:f1:
aa:09:28:db:8e:7c:6c:01:2b:79:c0:1f:32:4f:08:90:3c:03:
2a:56:22:be:a3:45:59:c9:1a:2b:1f:60:46:5a:13:65:70:ac:
f7:ba:d5:90:06:39:ba:1e:ed:83:88:d0:a5:b9:94:73:7b:10:
73:03:92:1f:f6:a0:49:ff:23:31:cc:10:f6:11:26:ce:75:22:
9c:73:63:3c:cc:02:58:dd:87:33:9d:8e:57:f6:d6:52:1c:8f:
94:c9:62:ec:27:3e:20:a2:22:26:46:f4:b2:2b:e4:6e:5b:97:
dd:33:a9:85:24:fd:70:2e:f8:94:62:d0:3d:62:37:a8:27:c2:
84:8c:c7:0b:6b:c3:67:9e:fd:bd:a0:47:8d:4e:ec:31:4a:de:
88:13:46:a0:b6:94:a5:f6:3b:4e:67:5a:79:e2:f9:52:c4:90:
18:68:ff:66:48:97:28:8c:92:78:78:74:24:3c:b8:53:d9:74:
d5:7a:9d:3c:14:8b:40:a5:d2:cb:50:63:e7:f4:e6:3b:3c:03:
89:6c:cb:cc:77:6a:e5:96:eb:15:27:82:ae:ad:99:da:46:fa:
72:05:d6:b2:72:fa:e2:84:a5:7f:3d:fe:71:73:93:89:44:10:
cd:f6:03:38
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQl/cAd8N/tDu0pcjOUWCLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjUwMTAyMDc0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MxODdkNGU4YjE5NTQ2Yzg2NjU5ZmE1MmU0NDcyYmYyNjg0NTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCmGxtV2Ih5jD7ELqNizABN+Jl9Y
CoMzqFx1Vr1WUjurs7EuaN8KEpbVrZNEFTjDeVg09PDUUqqyrFALqI5FNyE+p2Cc
ysadF9urZjQRiG9Kg1D3yKxryEOVZr4fI1a29J/ATxdMCACV2LhA8n3733n9gOWl
iC5oeDjIHoJ/QiYiSlXPlOtzODPTc2stu7/Sez3rrYPQqROx50pK+LBTlmNcZlNf
+ZPviuPoIohgDMX+eIbV46JChxufTXP99n7irBSJjVSDR9haM2GtLns5uj88SqsC
dnkUvcgt7KXRTLOxgM7lA0QiKX1SokwX3swtlNo/ofp0HG1rP3Ybze31IwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBzBh9TosZVGyGZZ+lLkRyvyaEUzMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvSE1HSDFPaXhsVWJJWmxuNlV1UkhLX0pvUlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJc14AwQE
TfMgAwQEURvQAwQEXmXQAwQCuRHAAwQGwrYAAwQG1GJAAwQF2T9gMA0EAgACMAcD
BQAqAQfoMA0GCSqGSIb3DQEBCwUAA4IBAQBLkHfAmgesnYRsz1iGg9SYmvGqCSjb
jnxsASt5wB8yTwiQPAMqViK+o0VZyRorH2BGWhNlcKz3utWQBjm6Hu2DiNCluZRz
exBzA5If9qBJ/yMxzBD2ESbOdSKcc2M8zAJY3YcznY5X9tZSHI+UyWLsJz4goiIm
RvSyK+RuW5fdM6mFJP1wLviUYtA9YjeoJ8KEjMcLa8Nnnv29oEeNTuwxSt6IE0ag
tpSl9jtOZ1p54vlSxJAYaP9mSJcojJJ4eHQkPLhT2XTVep08FItApdLLUGPn9OY7
PAOJbMvMd2rllusVJ4KurZnaRvpyBdaycvrihKV/Pf5xc5OJRBDN9gM4
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:55:03 2025 by rpki-client