Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/hAOrJ7n2bun5jkQeVJ9u3pREyw0.roa
File: hAOrJ7n2bun5jkQeVJ9u3pREyw0.roa (raw, json)
Hash identifier: J5fmwTFLbZB76uCMtlFvn6lgAqKVEV1D5qVFE1f0+94=
Subject key identifier: 84:03:AB:27:B9:F6:6E:E9:F9:8E:44:1E:54:9F:6E:DE:94:44:CB:0D
Certificate issuer: /CN=b9af19f4a60daf15efb7ec41fc59f5da655972e6
Certificate serial: 0194206878A58DFBAEB35B88B7C1AB528C0D
Authority key identifier: B9:AF:19:F4:A6:0D:AF:15:EF:B7:EC:41:FC:59:F5:DA:65:59:72:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/hAOrJ7n2bun5jkQeVJ9u3pREyw0.roa
Signing time: Wed 01 Jan 2025 05:48:25 +0000
ROA not before: Wed 01 Jan 2025 05:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34946
IP address blocks: 94.126.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:78:a5:8d:fb:ae:b3:5b:88:b7:c1:ab:52:8c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9af19f4a60daf15efb7ec41fc59f5da655972e6
Validity
Not Before: Jan 1 05:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8403ab27b9f66ee9f98e441e549f6ede9444cb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:c7:05:54:60:a6:58:d3:68:09:6b:34:c5:
38:12:e2:f5:b9:59:33:f0:f6:ce:13:08:89:19:7c:
fc:5b:a2:c9:c8:f8:0b:6a:4d:78:0d:f3:d7:1c:62:
e0:01:6d:79:bd:83:0f:94:de:43:e4:28:88:3d:bd:
e4:21:69:d9:30:07:b1:c8:25:a8:37:7c:e7:62:bc:
a2:69:4e:ee:1a:19:0c:26:e3:c0:6a:c3:16:87:55:
f1:36:28:e8:29:43:83:d8:2a:b2:a3:ba:bb:00:c1:
f6:ee:8d:c2:b3:59:f1:79:b1:14:ac:3f:36:9c:7f:
c3:9f:2d:08:79:dd:a1:5d:46:34:05:e2:3d:1c:de:
19:b2:18:d0:99:46:09:68:c6:83:60:34:c0:7f:da:
ae:d1:6d:65:2f:9f:0f:4c:8b:cb:5b:46:2e:5d:d5:
56:a4:dc:0f:51:d9:c7:7e:34:94:28:ed:f8:71:ce:
c2:26:68:75:ae:dc:ee:b7:79:70:14:c5:ff:b6:90:
9a:03:05:ce:65:b1:99:80:83:31:01:e7:5d:b7:b8:
53:c1:9b:09:b3:50:2c:e8:8c:32:dd:4b:fa:7a:9d:
89:4f:81:53:03:d6:b0:1a:fc:52:5b:f2:b7:b8:5f:
c1:aa:9f:24:76:98:50:84:ab:67:2c:0c:7a:8a:8e:
fb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:03:AB:27:B9:F6:6E:E9:F9:8E:44:1E:54:9F:6E:DE:94:44:CB:0D
X509v3 Authority Key Identifier:
keyid:B9:AF:19:F4:A6:0D:AF:15:EF:B7:EC:41:FC:59:F5:DA:65:59:72:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/hAOrJ7n2bun5jkQeVJ9u3pREyw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/14f46c-0a36-4cc3-b091-7425b13d5cf8/1/ua8Z9KYNrxXvt-xB_Fn12mVZcuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.80.0/21
Signature Algorithm: sha256WithRSAEncryption
34:37:fd:a1:e7:39:c0:11:f6:14:e3:f7:e4:bd:4f:93:cf:b8:
a5:43:ef:0a:47:6d:a2:e6:4e:01:a4:f7:ce:3b:5b:72:59:82:
74:59:e4:ff:8c:b8:39:4d:64:0e:d2:8d:cc:81:17:fb:83:6a:
fa:84:65:e3:54:1a:88:84:73:da:fe:74:9b:5e:60:6e:81:5e:
ac:c2:32:0d:19:ee:0e:cc:04:03:68:a6:f6:25:b4:4e:06:cd:
fa:0e:d9:7d:bf:e9:b1:23:36:b5:06:bf:09:0d:fe:0e:44:41:
36:76:1f:11:2a:19:46:30:e0:c5:4a:fd:e4:47:11:fc:d2:1c:
4a:d1:d6:59:75:2f:bf:d5:1e:82:60:96:bf:bf:1e:46:51:64:
18:a1:38:44:23:6d:23:4e:7c:a6:1a:8a:cb:ca:99:26:2c:b2:
cf:73:89:49:63:2a:0e:6f:73:b1:b6:7a:52:6e:05:f3:d5:5a:
eb:93:93:2e:ec:5f:e9:c5:7f:d3:a6:a8:a0:0c:c4:ab:c4:58:
c2:c8:4e:c7:51:a5:a6:82:8a:08:f5:d3:3c:e6:0b:27:00:7e:
2a:d6:90:fd:2e:15:22:9c:d0:9f:fa:96:88:40:49:3a:86:f9:
76:5f:58:ee:7b:54:a8:d4:e8:f2:b1:49:89:e2:74:d2:a3:1e:
27:3e:30:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHiljfuus1uIt8GrUowNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YWYxOWY0YTYwZGFmMTVlZmI3ZWM0MWZjNTlmNWRhNjU1
OTcyZTYwHhcNMjUwMTAxMDU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDAzYWIyN2I5ZjY2ZWU5Zjk4ZTQ0MWU1NDlmNmVkZTk0NDRjYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmnHBVRgpljTaAlrNMU4EuL1uVkz
8PbOEwiJGXz8W6LJyPgLak14DfPXHGLgAW15vYMPlN5D5CiIPb3kIWnZMAexyCWo
N3znYryiaU7uGhkMJuPAasMWh1XxNijoKUOD2Cqyo7q7AMH27o3Cs1nxebEUrD82
nH/Dny0Ied2hXUY0BeI9HN4ZshjQmUYJaMaDYDTAf9qu0W1lL58PTIvLW0YuXdVW
pNwPUdnHfjSUKO34cc7CJmh1rtzut3lwFMX/tpCaAwXOZbGZgIMxAeddt7hTwZsJ
s1As6Iwy3Uv6ep2JT4FTA9awGvxSW/K3uF/Bqp8kdphQhKtnLAx6io774QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQDqye59m7p+Y5EHlSfbt6URMsNMB8GA1UdIwQY
MBaAFLmvGfSmDa8V77fsQfxZ9dplWXLmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWE4WjlLWU5yeFh2dC14Ql9GbjEybVZaY3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xNGY0NmMtMGEzNi00Y2MzLWIwOTEt
NzQyNWIxM2Q1Y2Y4LzEvaEFPcko3bjJidW41amtRZVZKOXUzcFJFeXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xNGY0NmMtMGEzNi00Y2MzLWIwOTEtNzQyNWIxM2Q1Y2Y4
LzEvdWE4WjlLWU5yeFh2dC14Ql9GbjEybVZaY3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn5QMA0G
CSqGSIb3DQEBCwUAA4IBAQA0N/2h5znAEfYU4/fkvU+Tz7ilQ+8KR22i5k4BpPfO
O1tyWYJ0WeT/jLg5TWQO0o3MgRf7g2r6hGXjVBqIhHPa/nSbXmBugV6swjINGe4O
zAQDaKb2JbROBs36Dtl9v+mxIza1Br8JDf4OREE2dh8RKhlGMODFSv3kRxH80hxK
0dZZdS+/1R6CYJa/vx5GUWQYoThEI20jTnymGorLypkmLLLPc4lJYyoOb3OxtnpS
bgXz1Vrrk5Mu7F/pxX/TpqigDMSrxFjCyE7HUaWmgooI9dM85gsnAH4q1pD9LhUi
nNCf+paIQEk6hvl2X1jue1So1OjysUmJ4nTSox4nPjCq
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:30:31 2025 by rpki-client