Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/dhax6YlGZdJ59Lja9mjH_mTZXS8.roa
File: dhax6YlGZdJ59Lja9mjH_mTZXS8.roa (raw, json)
Hash identifier: z4HlD8GeanPgFBicLk5Q3SISz2iD/qfFdvuzkfzBoxc=
Subject key identifier: 76:16:B1:E9:89:46:65:D2:79:F4:B8:DA:F6:68:C7:FE:64:D9:5D:2F
Certificate issuer: /CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Certificate serial: 019427B5E687FF7AD50160910EC148F33FFB
Authority key identifier: 18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/dhax6YlGZdJ59Lja9mjH_mTZXS8.roa
Signing time: Thu 02 Jan 2025 15:50:19 +0000
ROA not before: Thu 02 Jan 2025 15:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 192.251.230.0/24 maxlen: 24
193.0.129.0/24 maxlen: 24
193.0.184.0/24 maxlen: 24
193.0.212.0/24 maxlen: 24
2a0f:7ac0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:e6:87:ff:7a:d5:01:60:91:0e:c1:48:f3:3f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Validity
Not Before: Jan 2 15:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7616b1e9894665d279f4b8daf668c7fe64d95d2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c1:d3:4a:85:53:66:bf:ad:b3:42:99:dd:ad:
e9:5c:bd:d1:3d:88:70:67:40:4c:e3:8a:2d:57:c6:
7d:c5:34:39:38:2a:37:61:f6:b8:e9:e4:95:63:81:
8f:1f:43:91:bb:48:fc:f3:88:18:07:3b:86:87:df:
6b:2b:be:57:c3:66:1d:5b:73:85:03:f2:9f:07:a4:
0b:f9:28:f7:1d:ee:33:bb:be:7e:44:79:e8:9d:af:
b0:58:1f:ac:32:fb:75:64:1a:20:91:8a:20:fb:86:
ef:9b:73:3b:0e:25:82:a8:c2:ac:f5:86:69:6c:df:
3c:d2:9a:c6:6b:4c:aa:96:cb:9f:1f:d8:c0:f6:69:
e2:d6:4a:85:da:23:bb:69:75:8e:0f:d4:3a:74:47:
03:ca:63:91:c7:4a:05:56:9a:d6:97:9b:97:ae:cd:
fe:0b:4f:a4:8b:e1:20:aa:32:7b:c5:0c:5c:ed:2b:
8a:fc:e5:29:05:56:be:c3:9e:ed:a0:4a:75:25:f9:
e0:0c:b2:1a:ec:74:87:3f:89:58:b2:45:4e:34:50:
46:89:9b:61:cb:76:b3:c9:86:c0:3a:33:59:4a:bf:
e1:10:cd:8f:23:d1:c1:7c:dc:71:26:50:6b:86:2e:
20:40:11:45:01:7e:da:99:1a:e4:ca:99:4f:e4:bf:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:16:B1:E9:89:46:65:D2:79:F4:B8:DA:F6:68:C7:FE:64:D9:5D:2F
X509v3 Authority Key Identifier:
keyid:18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/dhax6YlGZdJ59Lja9mjH_mTZXS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.251.230.0/24
193.0.129.0/24
193.0.184.0/24
193.0.212.0/24
IPv6:
2a0f:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:ed:d2:02:b1:d4:fc:86:ee:f1:f8:0a:e4:48:92:48:b5:d1:
5d:77:b0:91:f6:95:a4:80:94:f8:f7:57:9b:42:ee:58:ac:0f:
94:00:08:d7:d5:04:05:17:c8:59:dd:1c:6f:46:33:c1:64:72:
a5:9e:46:a4:64:9e:b0:6f:68:f8:9a:df:4c:4c:6a:b1:ac:9f:
15:48:47:89:e4:95:7e:ad:a1:46:02:13:41:b4:2c:9b:55:81:
b1:7d:40:a4:85:e0:39:1f:c2:0b:83:21:0c:da:2f:e3:d7:2e:
ec:de:10:68:ea:05:d7:bd:06:dc:9f:6b:07:58:98:7f:09:a1:
29:a0:78:bd:91:be:30:46:3d:8c:6b:f6:7b:57:67:19:bd:0e:
a2:a8:15:c9:6b:9f:4f:ba:cd:f6:be:54:2b:3f:37:d7:eb:9e:
57:41:51:05:a1:df:f8:37:2f:10:88:f9:a1:a7:8f:4d:54:ea:
47:5a:4c:c8:5c:2b:6b:84:18:49:c3:a3:c3:3a:10:1f:5b:21:
95:2a:b7:b3:b3:96:2f:58:57:84:9c:4a:13:a9:5f:d8:90:0e:
8a:b6:e6:dd:66:06:e1:61:a2:20:04:10:16:f7:a5:96:5b:0e:
47:22:79:5f:d9:d8:05:c6:83:54:38:0c:97:5b:e1:27:88:ff:
13:de:f5:b5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQnteaH/3rVAWCRDsFI8z/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTdhNWVjMThjNGYyYzQ0Nzg0YWRjNTAzODM1NmJlNWFl
ODk0MjkwHhcNMjUwMTAyMTU1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjE2YjFlOTg5NDY2NWQyNzlmNGI4ZGFmNjY4YzdmZTY0ZDk1ZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMHTSoVTZr+ts0KZ3a3pXL3RPYhw
Z0BM44otV8Z9xTQ5OCo3Yfa46eSVY4GPH0ORu0j884gYBzuGh99rK75Xw2YdW3OF
A/KfB6QL+Sj3He4zu75+RHnona+wWB+sMvt1ZBogkYog+4bvm3M7DiWCqMKs9YZp
bN880prGa0yqlsufH9jA9mni1kqF2iO7aXWOD9Q6dEcDymORx0oFVprWl5uXrs3+
C0+ki+EgqjJ7xQxc7SuK/OUpBVa+w57toEp1JfngDLIa7HSHP4lYskVONFBGiZth
y3azyYbAOjNZSr/hEM2PI9HBfNxxJlBrhi4gQBFFAX7amRrkyplP5L+WpwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHYWsemJRmXSefS42vZox/5k2V0vMB8GA1UdIwQY
MBaAFBgXpewYxPLER4StxQODVr5a6JQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEt
NmJkODAyMmQyZWFlLzEvZGhheDZZbEdaZEo1OUxqYTltakhfbVRaWFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEtNmJkODAyMmQyZWFl
LzEvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwPvmAwQA
wQCBAwQAwQC4AwQAwQDUMA0EAgACMAcDBQMqD3rAMA0GCSqGSIb3DQEBCwUAA4IB
AQA+7dICsdT8hu7x+ArkSJJItdFdd7CR9pWkgJT491ebQu5YrA+UAAjX1QQFF8hZ
3RxvRjPBZHKlnkakZJ6wb2j4mt9MTGqxrJ8VSEeJ5JV+raFGAhNBtCybVYGxfUCk
heA5H8ILgyEM2i/j1y7s3hBo6gXXvQbcn2sHWJh/CaEpoHi9kb4wRj2Ma/Z7V2cZ
vQ6iqBXJa59Pus32vlQrPzfX655XQVEFod/4Ny8QiPmhp49NVOpHWkzIXCtrhBhJ
w6PDOhAfWyGVKrezs5YvWFeEnEoTqV/YkA6KtubdZgbhYaIgBBAW96WWWw5HInlf
2dgFxoNUOAyXW+EniP8T3vW1
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:33:59 2025 by rpki-client