Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/HabUl_PN48YzZNEWtBkjKb82MF0.roa
File: HabUl_PN48YzZNEWtBkjKb82MF0.roa (raw, json)
Hash identifier: 0wbJ0AQU5TxqX4mMc5xSS1a+CKR/ct/c7MrrwJkkz0M=
Subject key identifier: 1D:A6:D4:97:F3:CD:E3:C6:33:64:D1:16:B4:19:23:29:BF:36:30:5D
Certificate issuer: /CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Certificate serial: 0194B5A17B4AA4F05FB2DEDD676B20E45A53
Authority key identifier: 3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/HabUl_PN48YzZNEWtBkjKb82MF0.roa
Signing time: Thu 30 Jan 2025 05:14:06 +0000
ROA not before: Thu 30 Jan 2025 05:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25019
IP address blocks: 159.0.0.0/16 maxlen: 16
159.0.0.0/20 maxlen: 20
159.0.16.0/20 maxlen: 20
159.0.32.0/20 maxlen: 20
159.0.48.0/20 maxlen: 20
159.0.64.0/20 maxlen: 20
159.0.80.0/20 maxlen: 20
159.0.96.0/20 maxlen: 20
159.0.112.0/20 maxlen: 20
159.0.160.0/20 maxlen: 20
159.0.192.0/20 maxlen: 20
159.0.208.0/20 maxlen: 20
159.0.224.0/20 maxlen: 20
159.0.240.0/20 maxlen: 20
185.139.8.0/22 maxlen: 22
212.215.128.0/17 maxlen: 17
212.215.128.0/18 maxlen: 18
212.215.136.0/21 maxlen: 21
212.215.137.0/24 maxlen: 24
212.215.144.0/20 maxlen: 20
212.215.160.0/20 maxlen: 20
212.215.176.0/20 maxlen: 20
212.215.192.0/20 maxlen: 20
212.215.224.0/21 maxlen: 21
212.215.240.0/22 maxlen: 22
212.215.244.0/22 maxlen: 22
212.215.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.mft
rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b5:a1:7b:4a:a4:f0:5f:b2:de:dd:67:6b:20:e4:5a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Validity
Not Before: Jan 30 05:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1da6d497f3cde3c63364d116b4192329bf36305d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e3:b2:37:14:3b:5d:1f:12:99:73:d4:f6:e9:
59:fd:b1:3a:d7:93:74:c9:e0:bc:77:f5:74:fb:07:
36:e8:9d:f5:6f:c5:56:87:ad:94:27:88:20:18:fe:
c5:c4:a8:9f:d7:e8:41:7c:07:ff:d1:3f:44:e3:78:
a3:cc:19:a6:b4:d4:4d:06:6f:8d:61:ae:7c:4b:4b:
04:fe:df:a6:ec:75:37:dd:f0:a1:93:1b:32:d2:65:
46:57:4a:53:ac:c6:3c:5b:96:ad:80:fc:3a:f1:66:
a4:fa:29:10:e7:a2:15:49:b1:d6:42:dd:f5:6e:9c:
36:0a:13:3c:88:5e:5c:c1:a5:33:2c:4e:0f:d5:ad:
00:81:b1:09:8d:a8:17:65:15:02:d8:45:a2:4a:8d:
28:50:1b:f9:fb:be:63:60:4b:44:e4:00:59:9e:f8:
73:9a:c1:d7:d7:5b:be:9a:2e:8b:8b:88:6b:0f:89:
42:b0:5e:43:a4:6d:5d:0c:11:65:ff:8f:ff:3a:55:
20:1a:8e:f3:67:cb:8e:b3:8d:40:e7:aa:2b:b0:fe:
06:1f:3a:43:99:a2:0c:41:28:2d:34:3a:ee:f2:96:
39:68:20:5e:3d:dc:3d:28:62:c0:8c:8f:eb:ce:bb:
48:7a:22:76:7e:43:dc:f1:b2:fb:87:a9:bc:bd:88:
82:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A6:D4:97:F3:CD:E3:C6:33:64:D1:16:B4:19:23:29:BF:36:30:5D
X509v3 Authority Key Identifier:
keyid:3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/HabUl_PN48YzZNEWtBkjKb82MF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.0.0.0/16
185.139.8.0/22
212.215.128.0/17
Signature Algorithm: sha256WithRSAEncryption
39:65:b0:e6:b2:16:03:a7:21:32:98:43:3c:46:8e:6d:e4:4d:
96:c9:7e:74:07:42:f3:2b:d1:e0:f1:a3:c3:94:6f:e3:0b:70:
b9:1e:fb:8f:dc:95:cc:4e:e9:01:ed:7f:45:9d:73:c1:25:64:
1d:34:42:6e:ec:94:a6:80:85:a2:48:fd:aa:ed:3b:42:a9:5d:
89:bd:c6:d9:de:9f:2d:0a:71:f4:30:ae:5b:32:cf:94:33:ef:
6c:ea:2b:6e:4d:d4:dc:36:3d:34:44:3e:06:10:61:e4:85:ca:
9e:95:d1:4c:d3:06:8c:7f:7c:51:08:22:bb:eb:cc:9d:86:6d:
f0:14:ed:84:f0:59:04:4f:31:ad:6e:0b:78:cc:b5:42:4a:51:
35:d9:e8:84:7b:75:39:7f:1e:53:d2:a9:32:7e:9f:dd:1f:d7:
bb:4e:22:2a:1b:a4:7b:79:bc:0c:d8:81:27:aa:ea:4a:5c:51:
aa:85:d4:c7:47:e2:5c:fd:55:e0:d3:56:6a:d6:b0:a2:6e:93:
2d:33:d0:f7:82:47:69:fe:21:a0:52:66:e5:ca:80:f7:a8:c5:
7d:9b:a2:24:54:cd:df:6c:5c:2a:0a:f8:9d:bd:4b:50:a0:19:
c8:6c:4f:d3:9d:72:cc:f1:24:cc:88:46:b8:4f:8f:1e:93:85:
86:62:c9:e6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZS1oXtKpPBfst7dZ2sg5FpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NiYzcwZTE4YjZjNjllNTNlZjUyYTVlOTI1ZTVmNGYw
Y2RjYzEwHhcNMjUwMTMwMDUxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE2ZDQ5N2YzY2RlM2M2MzM2NGQxMTZiNDE5MjMyOWJmMzYzMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eOyNxQ7XR8SmXPU9ulZ/bE615N0
yeC8d/V0+wc26J31b8VWh62UJ4ggGP7FxKif1+hBfAf/0T9E43ijzBmmtNRNBm+N
Ya58S0sE/t+m7HU33fChkxsy0mVGV0pTrMY8W5atgPw68Wak+ikQ56IVSbHWQt31
bpw2ChM8iF5cwaUzLE4P1a0AgbEJjagXZRUC2EWiSo0oUBv5+75jYEtE5ABZnvhz
msHX11u+mi6Li4hrD4lCsF5DpG1dDBFl/4//OlUgGo7zZ8uOs41A56orsP4GHzpD
maIMQSgtNDru8pY5aCBePdw9KGLAjI/rzrtIeiJ2fkPc8bL7h6m8vYiCiwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFB2m1JfzzePGM2TRFrQZIym/NjBdMB8GA1UdIwQY
MBaAFDvMvHDhi2xp5T71Kl6SXl9PDNzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgt
YmJlNjBlYTIyMmM1LzEvSGFiVWxfUE40OFl6Wk5FV3RCa2pLYjgyTUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgtYmJlNjBlYTIyMmM1
LzEvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAnwADBAK5
iwgDBAfU14AwDQYJKoZIhvcNAQELBQADggEBADllsOayFgOnITKYQzxGjm3kTZbJ
fnQHQvMr0eDxo8OUb+MLcLke+4/clcxO6QHtf0Wdc8ElZB00Qm7slKaAhaJI/art
O0KpXYm9xtneny0KcfQwrlsyz5Qz72zqK25N1Nw2PTREPgYQYeSFyp6V0UzTBox/
fFEIIrvrzJ2GbfAU7YTwWQRPMa1uC3jMtUJKUTXZ6IR7dTl/HlPSqTJ+n90f17tO
IiobpHt5vAzYgSeq6kpcUaqF1MdH4lz9VeDTVmrWsKJuky0z0PeCR2n+IaBSZuXK
gPeoxX2boiRUzd9sXCoK+J29S1CgGchsT9OdcszxJMyIRrhPjx6ThYZiyeY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:57:36 2025 by rpki-client