Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/HWzBieo8pIQmRXoRuWfRIehTEwE.roa
File: HWzBieo8pIQmRXoRuWfRIehTEwE.roa (raw, json)
Hash identifier: JynDcSW3QZoBehAT3uFmeO42DtekqQpNN7+NxcQtvOQ=
Subject key identifier: 1D:6C:C1:89:EA:3C:A4:84:26:45:7A:11:B9:67:D1:21:E8:53:13:01
Certificate issuer: /CN=97bf5be73f1823274498df52a37535d13da5be62
Certificate serial: 0194221FEDC0395C231F9588A1DC1D6D0210
Authority key identifier: 97:BF:5B:E7:3F:18:23:27:44:98:DF:52:A3:75:35:D1:3D:A5:BE:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/HWzBieo8pIQmRXoRuWfRIehTEwE.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20897
IP address blocks: 193.93.100.0/24 maxlen: 24
193.93.101.0/24 maxlen: 24
193.93.102.0/23 maxlen: 23
193.93.102.0/24 maxlen: 24
193.93.103.0/24 maxlen: 24
193.108.162.0/23 maxlen: 23
2001:67c:2380::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ed:c0:39:5c:23:1f:95:88:a1:dc:1d:6d:02:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bf5be73f1823274498df52a37535d13da5be62
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d6cc189ea3ca48426457a11b967d121e8531301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:22:3d:9f:6c:66:d0:8b:df:43:c2:49:05:65:
d9:a6:05:9d:64:17:80:4c:c9:a0:c2:54:4b:c4:20:
3b:39:7a:26:be:e2:f1:c5:e1:e2:ec:16:f5:14:c1:
f0:4f:ba:2e:19:b5:70:09:06:0a:60:fa:12:65:10:
1e:d0:0f:2a:4a:6c:19:53:27:85:3c:5e:d4:81:35:
07:c9:7f:54:6e:82:20:70:ae:73:2b:5b:61:9e:9e:
4d:fe:c4:a5:96:65:58:86:f8:7d:33:8c:18:b4:1a:
d1:53:f3:f4:28:67:7d:bc:78:39:ed:55:34:09:d9:
d4:0e:8e:7c:b4:f3:ef:f2:f2:99:87:ea:ea:fb:bb:
93:72:8c:7c:68:4d:15:cc:20:c2:02:bf:eb:79:cd:
84:be:f8:1c:ec:dd:af:b4:32:d7:95:fe:f2:cb:8d:
2e:f1:74:6a:67:27:6d:c1:38:25:f4:53:f2:1e:c7:
7f:fa:3c:14:4f:a7:24:69:22:26:67:e3:a6:61:28:
7a:d3:f0:25:85:36:59:b6:57:19:d9:29:a8:12:44:
c4:97:33:13:99:c1:c9:8d:71:d5:c6:8e:36:4f:8f:
48:a3:48:95:23:c1:e4:9f:d7:e3:7a:b4:1e:93:e1:
62:4b:d8:1c:8f:00:84:90:56:65:31:03:b1:39:cd:
81:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6C:C1:89:EA:3C:A4:84:26:45:7A:11:B9:67:D1:21:E8:53:13:01
X509v3 Authority Key Identifier:
keyid:97:BF:5B:E7:3F:18:23:27:44:98:DF:52:A3:75:35:D1:3D:A5:BE:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l79b5z8YIydEmN9So3U10T2lvmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/HWzBieo8pIQmRXoRuWfRIehTEwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/6090ab-b8fa-43d9-8d15-3f44519665ac/1/l79b5z8YIydEmN9So3U10T2lvmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.100.0/22
193.108.162.0/23
IPv6:
2001:67c:2380::/48
Signature Algorithm: sha256WithRSAEncryption
24:a9:77:15:aa:ce:68:36:5f:7e:be:11:99:40:c6:05:cd:6d:
c5:75:7c:9a:15:9d:d0:85:a2:e8:db:96:6f:19:55:70:40:58:
70:e6:e8:bb:f4:c7:56:7a:28:bb:8c:40:a5:8f:72:ee:29:b2:
d3:74:4a:77:aa:b3:9c:57:da:9a:2e:1e:32:b6:4a:ad:78:a5:
08:02:46:25:60:96:ab:54:f4:e2:0d:0f:f4:7d:07:ed:70:5d:
fa:ea:3c:f3:08:5c:0f:1a:3c:a5:cd:5b:af:8f:5f:97:72:8b:
54:ce:6b:53:ef:61:c2:ef:14:ad:25:e9:d8:2e:67:89:16:d4:
25:ae:37:69:0f:77:b1:ee:60:b8:c3:e6:d4:15:84:18:57:91:
05:a8:dd:14:2a:e3:3a:e1:53:6e:03:d0:4f:cd:e4:e7:e8:f9:
28:8b:97:0d:83:6b:9c:0f:7f:4b:c0:21:0d:e8:65:50:b4:be:
72:f5:ed:58:61:89:32:74:d5:d2:22:e3:78:46:b2:34:b5:39:
ab:ad:6a:0c:e0:2b:44:3c:97:1b:45:2c:bc:c1:ef:c8:d0:29:
33:44:77:fc:8b:ad:23:9f:6b:df:08:07:3a:27:9d:3a:04:73:
21:70:f7:3f:67:bf:5e:29:a6:85:cf:ba:e9:53:7c:af:35:8c:
23:44:76:73
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQiH+3AOVwjH5WIodwdbQIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3YmY1YmU3M2YxODIzMjc0NDk4ZGY1MmEzNzUzNWQxM2Rh
NWJlNjIwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZjYzE4OWVhM2NhNDg0MjY0NTdhMTFiOTY3ZDEyMWU4NTMxMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCI9n2xm0IvfQ8JJBWXZpgWdZBeA
TMmgwlRLxCA7OXomvuLxxeHi7Bb1FMHwT7ouGbVwCQYKYPoSZRAe0A8qSmwZUyeF
PF7UgTUHyX9UboIgcK5zK1thnp5N/sSllmVYhvh9M4wYtBrRU/P0KGd9vHg57VU0
CdnUDo58tPPv8vKZh+rq+7uTcox8aE0VzCDCAr/rec2Evvgc7N2vtDLXlf7yy40u
8XRqZydtwTgl9FPyHsd/+jwUT6ckaSImZ+OmYSh60/AlhTZZtlcZ2SmoEkTElzMT
mcHJjXHVxo42T49Io0iVI8Hkn9fjerQek+FiS9gcjwCEkFZlMQOxOc2BpQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB1swYnqPKSEJkV6Ebln0SHoUxMBMB8GA1UdIwQY
MBaAFJe/W+c/GCMnRJjfUqN1NdE9pb5iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDc5YjV6OFlJeWRFbU45U28zVTEwVDJsdm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82MDkwYWItYjhmYS00M2Q5LThkMTUt
M2Y0NDUxOTY2NWFjLzEvSFd6QmllbzhwSVFtUlhvUnVXZlJJZWhURXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82MDkwYWItYjhmYS00M2Q5LThkMTUtM2Y0NDUxOTY2NWFj
LzEvbDc5YjV6OFlJeWRFbU45U28zVTEwVDJsdm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCwV1kAwQB
wWyiMA8EAgACMAkDBwAgAQZ8I4AwDQYJKoZIhvcNAQELBQADggEBACSpdxWqzmg2
X36+EZlAxgXNbcV1fJoVndCFoujblm8ZVXBAWHDm6Lv0x1Z6KLuMQKWPcu4pstN0
Sneqs5xX2pouHjK2Sq14pQgCRiVglqtU9OIND/R9B+1wXfrqPPMIXA8aPKXNW6+P
X5dyi1TOa1PvYcLvFK0l6dguZ4kW1CWuN2kPd7HuYLjD5tQVhBhXkQWo3RQq4zrh
U24D0E/N5Ofo+SiLlw2Da5wPf0vAIQ3oZVC0vnL17VhhiTJ01dIi43hGsjS1Oaut
agzgK0Q8lxtFLLzB78jQKTNEd/yLrSOfa98IBzonnToEcyFw9z9nv14ppoXPuulT
fK81jCNEdnM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:03 2025 by rpki-client