Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/HcDxgF3nqk8cgEWN2FjSYTqgWIU.roa
File: HcDxgF3nqk8cgEWN2FjSYTqgWIU.roa (raw, json)
Hash identifier: zRQPtKl4Mi8+zyT9yY1R1Qmmn1wM9W5eQbvQLliU+lY=
Subject key identifier: 1D:C0:F1:80:5D:E7:AA:4F:1C:80:45:8D:D8:58:D2:61:3A:A0:58:85
Certificate issuer: /CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Certificate serial: 0194222007D5EC0565891C4E92206FEDDCD7
Authority key identifier: D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/HcDxgF3nqk8cgEWN2FjSYTqgWIU.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59891
IP address blocks: 185.32.124.0/24 maxlen: 24
185.32.125.0/24 maxlen: 24
185.32.126.0/24 maxlen: 24
185.32.127.0/24 maxlen: 24
185.150.28.0/24 maxlen: 24
185.150.29.0/24 maxlen: 24
185.150.30.0/24 maxlen: 24
185.150.31.0/24 maxlen: 24
2a00:c1e0::/32 maxlen: 32
2a00:c1e1::/32 maxlen: 32
2a00:c1e2::/32 maxlen: 32
2a00:c1e3::/32 maxlen: 32
2a00:c1e4::/32 maxlen: 32
2a00:c1e5::/32 maxlen: 32
2a00:c1e6::/32 maxlen: 32
2a00:c1e7::/32 maxlen: 32
2a07:6d80::/32 maxlen: 32
2a07:6d81::/32 maxlen: 32
2a07:6d82::/32 maxlen: 32
2a07:6d83::/32 maxlen: 32
2a07:6d84::/32 maxlen: 32
2a07:6d85::/32 maxlen: 32
2a07:6d86::/32 maxlen: 32
2a07:6d87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:07:d5:ec:05:65:89:1c:4e:92:20:6f:ed:dc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d577ce1434232d808195d0ca70ab391dfb07af2d
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dc0f1805de7aa4f1c80458dd858d2613aa05885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:59:18:69:9a:14:30:69:4f:ad:54:de:9f:7a:
3b:83:0d:89:fc:80:1d:86:1e:72:e9:be:5f:27:3e:
69:1d:71:dc:4d:a9:44:bd:d7:e7:42:e3:47:6f:99:
29:d0:03:8a:a2:1d:d7:6d:47:98:2b:26:24:f0:30:
cb:48:3d:f9:34:31:f9:85:09:52:a9:7e:9a:4f:0f:
de:a8:5b:a4:30:64:0f:04:4d:5c:e0:e9:94:79:da:
9a:a9:6c:35:3e:a4:3b:50:ee:98:d0:73:36:e8:27:
da:48:99:e2:ca:f1:2e:47:ed:f1:90:5c:39:ad:20:
61:7d:3f:1f:14:2a:a8:fa:8b:52:1a:77:c9:95:56:
2f:a5:87:3b:d1:91:c1:83:8e:06:23:d0:58:25:fb:
a6:ba:e2:fd:0c:91:81:7d:4a:88:4e:c7:e0:36:1d:
9a:9d:70:c4:dd:0d:60:94:5f:9f:cd:c2:cb:27:09:
d7:5b:24:e2:12:34:e5:c6:97:7b:a5:2c:82:5a:59:
ca:01:06:37:d4:a3:cc:c4:05:3e:24:07:b3:87:20:
95:c1:2a:4f:f5:02:83:39:6e:79:0b:48:7c:86:6c:
25:08:07:6a:f6:4f:d5:82:2c:62:16:74:ed:83:d5:
83:69:5c:19:b4:d8:18:b1:ad:42:59:f7:f7:25:ba:
4b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C0:F1:80:5D:E7:AA:4F:1C:80:45:8D:D8:58:D2:61:3A:A0:58:85
X509v3 Authority Key Identifier:
keyid:D5:77:CE:14:34:23:2D:80:81:95:D0:CA:70:AB:39:1D:FB:07:AF:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1XfOFDQjLYCBldDKcKs5HfsHry0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/HcDxgF3nqk8cgEWN2FjSYTqgWIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/0d615e-24db-47ef-9aa3-60e6b148d28b/1/1XfOFDQjLYCBldDKcKs5HfsHry0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.124.0/22
185.150.28.0/22
IPv6:
2a00:c1e0::/29
2a07:6d80::/29
Signature Algorithm: sha256WithRSAEncryption
6d:14:9b:92:50:68:f6:13:ef:5a:ab:9d:b6:8c:ed:3b:45:9c:
17:77:f2:7f:fa:03:3b:87:92:c0:37:f1:1c:8d:1b:dd:3b:0b:
5f:75:27:f3:89:1e:95:fd:6a:d7:43:60:0e:96:2b:26:55:89:
a2:d2:4c:02:82:7b:c8:32:47:99:0f:ad:77:1c:9e:af:47:fc:
fe:e0:81:a2:ee:8e:75:f5:60:97:62:92:29:82:c0:58:04:33:
4a:8c:36:e7:b8:f3:0a:02:f3:15:67:4d:67:45:6f:86:ae:46:
e6:c7:98:4f:98:be:56:0c:c2:a4:62:70:11:aa:57:62:21:77:
41:ae:1f:f9:d6:db:c8:3d:14:d0:0b:43:6f:96:4b:29:6c:8d:
2d:3b:fe:a7:08:3a:65:09:7f:c7:79:ef:48:d7:56:e7:28:38:
a2:24:20:9f:34:6d:90:6f:99:23:43:f4:4c:64:16:8f:98:2d:
a6:8c:32:2c:76:27:3e:91:33:f9:a4:3a:bf:51:e3:69:5a:9a:
ba:05:fc:84:b3:4e:86:48:3e:14:d8:50:c1:dd:a8:2d:e7:73:
10:23:53:af:34:5b:11:3e:c7:f7:97:6a:5e:af:e7:5e:f1:34:
c8:ce:36:45:43:34:5b:0e:13:f4:00:3f:20:8b:15:ae:73:60:
8d:08:c5:40
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQiIAfV7AVliRxOkiBv7dzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NzdjZTE0MzQyMzJkODA4MTk1ZDBjYTcwYWIzOTFkZmIw
N2FmMmQwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGMwZjE4MDVkZTdhYTRmMWM4MDQ1OGRkODU4ZDI2MTNhYTA1ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVkYaZoUMGlPrVTen3o7gw2J/IAd
hh5y6b5fJz5pHXHcTalEvdfnQuNHb5kp0AOKoh3XbUeYKyYk8DDLSD35NDH5hQlS
qX6aTw/eqFukMGQPBE1c4OmUedqaqWw1PqQ7UO6Y0HM26CfaSJniyvEuR+3xkFw5
rSBhfT8fFCqo+otSGnfJlVYvpYc70ZHBg44GI9BYJfumuuL9DJGBfUqITsfgNh2a
nXDE3Q1glF+fzcLLJwnXWyTiEjTlxpd7pSyCWlnKAQY31KPMxAU+JAezhyCVwSpP
9QKDOW55C0h8hmwlCAdq9k/VgixiFnTtg9WDaVwZtNgYsa1CWff3JbpLnwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFB3A8YBd56pPHIBFjdhY0mE6oFiFMB8GA1UdIwQY
MBaAFNV3zhQ0Iy2AgZXQynCrOR37B68tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMt
NjBlNmIxNDhkMjhiLzEvSGNEeGdGM25xazhjZ0VXTjJGalNZVHFnV0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8wZDYxNWUtMjRkYi00N2VmLTlhYTMtNjBlNmIxNDhkMjhi
LzEvMVhmT0ZEUWpMWUNCbGRES2NLczVIZnNIcnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuSB8AwQC
uZYcMBQEAgACMA4DBQMqAMHgAwUDKgdtgDANBgkqhkiG9w0BAQsFAAOCAQEAbRSb
klBo9hPvWqudtoztO0WcF3fyf/oDO4eSwDfxHI0b3TsLX3Un84kelf1q10NgDpYr
JlWJotJMAoJ7yDJHmQ+tdxyer0f8/uCBou6OdfVgl2KSKYLAWAQzSow257jzCgLz
FWdNZ0Vvhq5G5seYT5i+VgzCpGJwEapXYiF3Qa4f+dbbyD0U0AtDb5ZLKWyNLTv+
pwg6ZQl/x3nvSNdW5yg4oiQgnzRtkG+ZI0P0TGQWj5gtpowyLHYnPpEz+aQ6v1Hj
aVqaugX8hLNOhkg+FNhQwd2oLedzECNTrzRbET7H95dqXq/nXvE0yM42RUM0Ww4T
9AA/IIsVrnNgjQjFQA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:03 2025 by rpki-client