Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/HkpMpgcE2miG9qn79yi3XbK_pOE.roa
File: HkpMpgcE2miG9qn79yi3XbK_pOE.roa (raw, json)
Hash identifier: 0Rr449PN12HQpu7nIek/UBDMZP0dQl1SRcWWzh64TnM=
Subject key identifier: 1E:4A:4C:A6:07:04:DA:68:86:F6:A9:FB:F7:28:B7:5D:B2:BF:A4:E1
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D7576140D2F50545CDE6B09636BA5F
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/HkpMpgcE2miG9qn79yi3XbK_pOE.roa
Signing time: Wed 01 Jan 2025 21:48:22 +0000
ROA not before: Wed 01 Jan 2025 21:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211699
IP address blocks: 62.82.151.0/24 maxlen: 24
82.159.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:57:61:40:d2:f5:05:45:cd:e6:b0:96:36:ba:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e4a4ca60704da6886f6a9fbf728b75db2bfa4e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b2:42:bf:b8:d9:aa:a5:64:4e:36:52:99:4d:
bb:42:76:d4:c5:6b:4e:79:ed:da:39:39:48:20:48:
04:4d:43:d5:8e:92:f3:ff:67:35:65:c2:02:a3:6f:
80:9b:3e:a1:a8:8f:fd:27:14:64:42:5e:72:36:f1:
b3:43:71:f7:84:40:fb:71:1d:a4:75:a6:42:9b:91:
d4:93:4a:6c:33:0f:91:c8:02:16:b2:00:c7:f1:65:
23:8f:1f:62:18:fb:59:bc:c3:50:92:18:36:2c:ca:
21:2a:f4:f1:c4:47:5e:4c:15:55:e6:d3:e0:a7:03:
27:e2:8d:a1:fd:18:be:d3:aa:16:09:f7:6f:39:d0:
8e:b6:45:ce:96:42:76:44:f0:ab:13:46:45:f4:ad:
4d:01:6e:ad:38:71:60:04:f7:ac:4f:05:b3:56:c9:
a3:7f:6b:2e:b8:da:3b:f4:e4:7f:0f:0a:5e:1f:dd:
2f:ed:05:c2:f8:0e:53:8c:1b:60:2b:14:16:47:6a:
fa:c0:58:c9:fb:96:8c:3d:45:b9:c6:7c:84:cd:d0:
a2:14:4d:ba:9a:02:eb:d5:9c:a7:26:03:9b:d1:55:
c7:bc:cd:26:81:85:dd:36:53:b8:64:96:60:b2:38:
bb:3e:61:b3:00:d0:d3:09:57:65:52:0b:63:23:fe:
90:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4A:4C:A6:07:04:DA:68:86:F6:A9:FB:F7:28:B7:5D:B2:BF:A4:E1
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/HkpMpgcE2miG9qn79yi3XbK_pOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.82.151.0/24
82.159.144.0/24
Signature Algorithm: sha256WithRSAEncryption
56:dc:ea:63:e4:17:62:7a:67:29:77:49:30:1b:af:c1:ed:fc:
0e:de:7b:14:06:d2:9d:ba:11:fd:7b:75:d7:7f:1d:9c:b7:0e:
35:e3:12:02:a3:ba:10:ca:43:13:5e:5e:d8:80:c9:00:6b:da:
f6:94:00:97:e9:82:36:6e:3f:82:49:98:01:00:b8:bd:d9:4b:
4c:37:24:4f:81:e8:47:f1:66:5c:a4:2c:cb:2f:f0:7c:55:73:
35:1f:fb:ad:3c:40:e8:6c:a6:c9:b2:2e:17:a9:a1:a8:33:79:
8e:2d:f1:04:19:f3:bd:e7:88:e9:e4:e4:3c:2b:65:87:0d:03:
dd:e1:15:57:01:f4:8c:8d:10:33:0a:54:78:05:2f:98:12:62:
40:7d:5e:6c:79:d8:ec:f5:c9:a8:e8:32:3d:2b:d4:6b:b5:6f:
32:27:6d:f3:65:fa:ac:41:03:52:4d:25:26:99:5e:94:37:80:
58:fb:0e:b3:e3:91:0f:d9:5f:64:80:54:24:98:14:a6:46:68:
26:11:7a:e8:2c:31:65:5c:55:dc:1b:cc:64:62:dd:25:61:be:
c1:95:a2:2d:f6:e2:36:27:eb:8b:f1:c6:79:39:f6:c0:0d:fc:
b2:fa:40:dd:fe:ab:41:69:02:f3:88:0a:3e:1f:81:6a:17:1f:
2a:8f:36:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj11dhQNL1BUXN5rCWNrpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRhNGNhNjA3MDRkYTY4ODZmNmE5ZmJmNzI4Yjc1ZGIyYmZhNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7JCv7jZqqVkTjZSmU27QnbUxWtO
ee3aOTlIIEgETUPVjpLz/2c1ZcICo2+Amz6hqI/9JxRkQl5yNvGzQ3H3hED7cR2k
daZCm5HUk0psMw+RyAIWsgDH8WUjjx9iGPtZvMNQkhg2LMohKvTxxEdeTBVV5tPg
pwMn4o2h/Ri+06oWCfdvOdCOtkXOlkJ2RPCrE0ZF9K1NAW6tOHFgBPesTwWzVsmj
f2suuNo79OR/DwpeH90v7QXC+A5TjBtgKxQWR2r6wFjJ+5aMPUW5xnyEzdCiFE26
mgLr1ZynJgOb0VXHvM0mgYXdNlO4ZJZgsji7PmGzANDTCVdlUgtjI/6QUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5KTKYHBNpohvap+/cot12yv6ThMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvSGtwTXBnY0UybWlHOXFuNzl5aTNYYktfcE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPlKXAwQA
Up+QMA0GCSqGSIb3DQEBCwUAA4IBAQBW3Opj5Bdiemcpd0kwG6/B7fwO3nsUBtKd
uhH9e3XXfx2ctw414xICo7oQykMTXl7YgMkAa9r2lACX6YI2bj+CSZgBALi92UtM
NyRPgehH8WZcpCzLL/B8VXM1H/utPEDobKbJsi4XqaGoM3mOLfEEGfO954jp5OQ8
K2WHDQPd4RVXAfSMjRAzClR4BS+YEmJAfV5sedjs9cmo6DI9K9RrtW8yJ23zZfqs
QQNSTSUmmV6UN4BY+w6z45EP2V9kgFQkmBSmRmgmEXroLDFlXFXcG8xkYt0lYb7B
laIt9uI2J+uL8cZ5OfbADfyy+kDd/qtBaQLziAo+H4FqFx8qjzbD
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:02:38 2025 by rpki-client