Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/HaiHFPazwgQRJw4yytWvokUzRVs.roa
File: HaiHFPazwgQRJw4yytWvokUzRVs.roa (raw, json)
Hash identifier: Pe9HBJh+6DQK8Oywez23C2fyZVdlN/Z1EykYUUEzvY8=
Subject key identifier: 1D:A8:87:14:F6:B3:C2:04:11:27:0E:32:CA:D5:AF:A2:45:33:45:5B
Certificate issuer: /CN=191e27b29f65a24d9f94215715cd3671825a9eae
Certificate serial: 0194258F39552C7696CA93CEF760B817CE82
Authority key identifier: 19:1E:27:B2:9F:65:A2:4D:9F:94:21:57:15:CD:36:71:82:5A:9E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/HaiHFPazwgQRJw4yytWvokUzRVs.roa
Signing time: Thu 02 Jan 2025 05:48:50 +0000
ROA not before: Thu 02 Jan 2025 05:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208917
IP address blocks: 185.102.24.0/23 maxlen: 23
185.102.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:39:55:2c:76:96:ca:93:ce:f7:60:b8:17:ce:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191e27b29f65a24d9f94215715cd3671825a9eae
Validity
Not Before: Jan 2 05:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1da88714f6b3c20411270e32cad5afa24533455b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9f:34:85:39:50:c9:49:6c:87:02:bf:89:7d:
d0:44:04:df:c7:21:92:d0:d9:63:a5:14:4c:8b:29:
50:6a:58:24:17:21:1f:3a:c8:3c:74:ab:90:09:ca:
c1:ff:c3:00:46:eb:b8:ca:1a:0b:c5:84:e1:86:6c:
2e:21:42:ae:e3:2a:60:0f:76:7e:ec:8a:9a:b0:65:
2c:9b:8c:41:3d:94:36:da:aa:e0:20:dd:80:60:d5:
2e:c9:93:92:88:40:f5:b2:6a:5d:37:b9:92:ca:16:
62:7c:89:fe:47:de:5b:92:8a:55:fa:7b:48:ed:03:
0f:3f:3a:a8:89:4a:18:0e:a9:74:3b:28:26:f2:43:
02:04:24:d6:ae:b1:3d:e6:c0:2d:d4:26:78:4b:54:
b0:48:17:b7:44:03:ab:03:29:a5:e7:7b:bb:a4:bb:
3b:04:50:e0:db:b6:c6:a9:6b:ae:5a:ea:a6:5e:dc:
dc:68:8f:a1:10:7e:83:34:4f:9f:46:c2:36:09:13:
3b:fd:82:d7:0f:36:a1:77:b8:c9:96:c7:f4:90:e1:
32:ec:31:93:3d:0b:50:d5:27:5f:0a:65:56:d5:98:
41:8a:7e:a8:51:92:ef:27:b6:b3:94:9c:8d:7a:0c:
ab:08:65:0c:7a:69:f0:a1:d7:32:85:f9:20:03:54:
73:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A8:87:14:F6:B3:C2:04:11:27:0E:32:CA:D5:AF:A2:45:33:45:5B
X509v3 Authority Key Identifier:
keyid:19:1E:27:B2:9F:65:A2:4D:9F:94:21:57:15:CD:36:71:82:5A:9E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/HaiHFPazwgQRJw4yytWvokUzRVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.24.0-185.102.26.255
Signature Algorithm: sha256WithRSAEncryption
6c:5d:d5:ca:40:0f:2b:fb:96:9a:40:e5:45:d8:e6:80:dd:fd:
8b:9d:22:b3:b8:77:a5:a8:dd:bc:93:3a:3d:00:0c:b1:dd:1c:
e0:d6:66:09:7e:46:e0:eb:8d:94:0a:dd:27:7e:95:ab:57:a5:
db:97:3e:7f:00:66:d0:dc:2a:7d:fa:91:1f:5b:e2:0e:13:86:
ff:18:af:9a:ef:6d:84:02:4a:bb:c4:ed:c4:1e:3d:df:99:fb:
b3:12:10:24:2a:9b:f2:4e:a9:35:43:22:5b:ba:8a:1f:4a:04:
96:f5:be:07:c7:b8:5f:36:aa:4a:52:65:64:86:ec:e6:4f:c0:
07:b7:52:e1:0a:bd:35:ab:04:36:d9:81:c1:ec:91:29:39:f7:
4c:5f:62:e4:ad:0d:18:7f:4d:0a:60:9c:74:bb:26:c8:da:88:
f2:b4:44:61:0a:b8:42:e1:e5:4a:c9:dd:ea:cf:27:c0:bf:04:
bd:90:1d:7c:8d:c9:35:a8:53:7a:cb:d0:03:25:f9:31:f8:90:
79:43:06:5e:87:d7:1b:de:d2:cf:66:8b:d8:1f:5a:7a:0d:5f:
b4:1b:25:7c:70:66:85:74:10:d4:a1:aa:e6:5e:d4:ac:48:19:
e0:f3:f7:ae:1f:2d:94:17:2a:0a:c1:51:d1:74:68:2e:ac:c4:
48:c6:06:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQljzlVLHaWypPO92C4F86CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWUyN2IyOWY2NWEyNGQ5Zjk0MjE1NzE1Y2QzNjcxODI1
YTllYWUwHhcNMjUwMTAyMDU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE4ODcxNGY2YjNjMjA0MTEyNzBlMzJjYWQ1YWZhMjQ1MzM0NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ80hTlQyUlshwK/iX3QRATfxyGS
0NljpRRMiylQalgkFyEfOsg8dKuQCcrB/8MARuu4yhoLxYThhmwuIUKu4ypgD3Z+
7IqasGUsm4xBPZQ22qrgIN2AYNUuyZOSiED1smpdN7mSyhZifIn+R95bkopV+ntI
7QMPPzqoiUoYDql0Oygm8kMCBCTWrrE95sAt1CZ4S1SwSBe3RAOrAyml53u7pLs7
BFDg27bGqWuuWuqmXtzcaI+hEH6DNE+fRsI2CRM7/YLXDzahd7jJlsf0kOEy7DGT
PQtQ1SdfCmVW1ZhBin6oUZLvJ7azlJyNegyrCGUMemnwodcyhfkgA1Rz5wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB2ohxT2s8IEEScOMsrVr6JFM0VbMB8GA1UdIwQY
MBaAFBkeJ7KfZaJNn5QhVxXNNnGCWp6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I0bnNwOWxvazJmbENGWEZjMDJjWUphbnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hODk4MDEtYzcyMS00MWJiLWI1MTct
YjhjNjY2ZTZkMzUxLzEvSGFpSEZQYXp3Z1FSSnc0eXl0V3Zva1V6UlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hODk4MDEtYzcyMS00MWJiLWI1MTctYjhjNjY2ZTZkMzUx
LzEvR1I0bnNwOWxvazJmbENGWEZjMDJjWUphbnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5ZhgD
BAC5ZhowDQYJKoZIhvcNAQELBQADggEBAGxd1cpADyv7lppA5UXY5oDd/YudIrO4
d6Wo3byTOj0ADLHdHODWZgl+RuDrjZQK3Sd+latXpduXPn8AZtDcKn36kR9b4g4T
hv8Yr5rvbYQCSrvE7cQePd+Z+7MSECQqm/JOqTVDIlu6ih9KBJb1vgfHuF82qkpS
ZWSG7OZPwAe3UuEKvTWrBDbZgcHskSk590xfYuStDRh/TQpgnHS7JsjaiPK0RGEK
uELh5UrJ3erPJ8C/BL2QHXyNyTWoU3rL0AMl+TH4kHlDBl6H1xve0s9mi9gfWnoN
X7QbJXxwZoV0ENShquZe1KxIGeDz964fLZQXKgrBUdF0aC6sxEjGBm4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:19 2025 by rpki-client