Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/Hs5OpoVTxSJfvS3erDXXhGQXJSE.roa
File: Hs5OpoVTxSJfvS3erDXXhGQXJSE.roa (raw, json)
Hash identifier: ETk/+dQR/qhcGpGtYBL6fSkfntPwX1tHoXTuoqNreRs=
Subject key identifier: 1E:CE:4E:A6:85:53:C5:22:5F:BD:2D:DE:AC:35:D7:84:64:17:25:21
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0194228DECC976DA79CB1B72A4697ECF4092
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/Hs5OpoVTxSJfvS3erDXXhGQXJSE.roa
Signing time: Wed 01 Jan 2025 15:48:34 +0000
ROA not before: Wed 01 Jan 2025 15:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13127
IP address blocks: 62.58.0.0/15 maxlen: 24
62.166.0.0/17 maxlen: 24
62.166.50.0/24 maxlen: 24
62.166.51.0/24 maxlen: 24
62.166.56.0/24 maxlen: 24
81.58.0.0/15 maxlen: 24
81.58.0.0/16 maxlen: 24
81.59.128.0/17 maxlen: 24
82.172.0.0/16 maxlen: 24
82.172.128.0/17 maxlen: 24
82.173.0.0/16 maxlen: 24
82.173.81.0/24 maxlen: 24
82.173.128.0/18 maxlen: 24
82.173.192.0/19 maxlen: 24
82.175.0.0/16 maxlen: 24
87.211.0.0/16 maxlen: 24
87.213.0.0/16 maxlen: 24
87.214.0.0/15 maxlen: 24
87.215.0.0/16 maxlen: 24
143.176.0.0/16 maxlen: 24
143.179.0.0/16 maxlen: 24
217.149.216.0/24 maxlen: 24
2a01:380::/32 maxlen: 40
2a01:380:6000::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:ec:c9:76:da:79:cb:1b:72:a4:69:7e:cf:40:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 1 15:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ece4ea68553c5225fbd2ddeac35d78464172521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:93:d2:30:53:af:06:5b:4a:3d:e3:78:db:03:
06:bd:10:d1:b6:24:3d:6b:a5:82:21:a9:b8:7a:55:
1c:33:3a:f8:ff:62:d8:01:6d:d6:dd:a2:21:aa:cc:
a3:30:44:12:53:ef:20:39:34:a1:81:0a:88:16:ad:
0d:84:7c:86:bf:50:12:85:41:4c:1f:b8:14:87:8f:
59:e0:84:eb:e8:9c:f7:48:ba:87:e1:f6:90:f2:ce:
a6:89:2b:c2:0a:0a:a5:94:d3:d1:86:7d:19:3f:71:
bf:b0:cc:36:d6:92:34:9c:62:ab:4e:9a:24:c2:9b:
78:36:49:ab:58:58:f4:a7:c2:db:bb:c3:f5:6d:57:
61:a7:df:5e:7f:fd:5e:0a:66:7e:bf:b0:9c:d9:fb:
fc:f5:fb:6d:8c:b7:40:f0:65:73:62:40:64:fe:f5:
2e:f9:31:6f:dc:72:21:d1:48:3f:b7:28:68:15:56:
5a:6d:cc:e7:d6:24:a1:fd:b4:fa:5d:58:f7:27:0c:
3d:fc:4e:ab:f8:24:bc:85:c7:ec:ce:8f:44:4b:29:
83:98:3c:73:54:3a:e1:ab:69:1a:a7:0b:91:55:2d:
58:a2:91:8a:77:6c:b6:86:bb:11:2f:28:54:7a:9e:
15:5a:6a:eb:dc:40:45:8d:c6:83:e4:0d:69:02:e8:
f7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:CE:4E:A6:85:53:C5:22:5F:BD:2D:DE:AC:35:D7:84:64:17:25:21
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/Hs5OpoVTxSJfvS3erDXXhGQXJSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.58.0.0/15
62.166.0.0/17
81.58.0.0/15
82.172.0.0/15
82.175.0.0/16
87.211.0.0/16
87.213.0.0-87.215.255.255
143.176.0.0/16
143.179.0.0/16
217.149.216.0/24
IPv6:
2a01:380::/32
Signature Algorithm: sha256WithRSAEncryption
78:ef:bb:e1:85:4d:45:d7:4d:ca:24:34:d2:28:04:9c:d1:3e:
32:74:85:31:cb:f4:0a:91:f7:a0:af:19:43:da:4f:53:aa:16:
69:48:54:32:cf:a9:90:dd:fb:a1:1b:08:c6:cb:16:26:88:6e:
69:de:14:d8:88:7e:7a:e1:3b:1b:71:5d:03:94:bd:66:5d:11:
ce:2c:57:7e:d1:a3:ba:63:f8:65:b5:1c:f9:5f:56:0b:58:78:
71:c8:c2:7c:8d:a6:bd:23:94:2a:d9:09:36:0f:4f:0e:e1:30:
7c:a7:b5:e0:52:7e:3d:e4:c9:f3:49:d6:20:ab:ee:fe:a3:26:
2f:c3:4e:e3:13:dd:de:3d:4d:ea:ce:7b:04:5c:6e:eb:5e:7b:
89:55:27:00:23:24:33:c9:4b:3b:01:48:c7:b4:88:89:08:90:
d2:f9:9c:43:fe:f6:f2:52:0c:b2:4e:73:87:e1:6e:0f:a1:28:
61:b3:03:2b:45:9f:a0:95:da:c0:60:9e:fd:c9:8f:0f:af:e1:
2e:07:70:73:9f:6f:93:96:42:90:cc:fb:4a:80:1a:90:5f:f3:
4e:3a:17:e0:35:f7:b8:99:6b:5c:5b:ea:34:30:9f:bf:12:69:
58:a0:b2:2e:c6:9f:22:fd:d4:3b:4c:7e:c3:2c:6f:7e:eb:41:
e6:eb:f7:77
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQijezJdtp5yxtypGl+z0CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjUwMTAxMTU0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWNlNGVhNjg1NTNjNTIyNWZiZDJkZGVhYzM1ZDc4NDY0MTcyNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpPSMFOvBltKPeN42wMGvRDRtiQ9
a6WCIam4elUcMzr4/2LYAW3W3aIhqsyjMEQSU+8gOTShgQqIFq0NhHyGv1AShUFM
H7gUh49Z4ITr6Jz3SLqH4faQ8s6miSvCCgqllNPRhn0ZP3G/sMw21pI0nGKrTpok
wpt4NkmrWFj0p8Lbu8P1bVdhp99ef/1eCmZ+v7Cc2fv89fttjLdA8GVzYkBk/vUu
+TFv3HIh0Ug/tyhoFVZabczn1iSh/bT6XVj3Jww9/E6r+CS8hcfszo9ESymDmDxz
VDrhq2kapwuRVS1YopGKd2y2hrsRLyhUep4VWmrr3EBFjcaD5A1pAuj3cQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFB7OTqaFU8UiX70t3qw114RkFyUhMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvSHM1T3BvVlR4U0pmdlMzZXJEWFhoR1FYSlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwMBPjoDBAc+
pgADAwFROgMDAVKsAwMAUq8DAwBX0zAKAwMAV9UDAwNX0AMDAI+wAwMAj7MDBADZ
ldgwDQQCAAIwBwMFACoBA4AwDQYJKoZIhvcNAQELBQADggEBAHjvu+GFTUXXTcok
NNIoBJzRPjJ0hTHL9AqR96CvGUPaT1OqFmlIVDLPqZDd+6EbCMbLFiaIbmneFNiI
fnrhOxtxXQOUvWZdEc4sV37Ro7pj+GW1HPlfVgtYeHHIwnyNpr0jlCrZCTYPTw7h
MHynteBSfj3kyfNJ1iCr7v6jJi/DTuMT3d49TerOewRcbutee4lVJwAjJDPJSzsB
SMe0iIkIkNL5nEP+9vJSDLJOc4fhbg+hKGGzAytFn6CV2sBgnv3Jjw+v4S4HcHOf
b5OWQpDM+0qAGpBf8046F+A197iZa1xb6jQwn78SaVigsi7GnyL91DtMfsMsb37r
Qebr93c=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:46:57 2025 by rpki-client