Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/HrD9axNwojGc9gn0e5_hxSYDCwc.roa
File: HrD9axNwojGc9gn0e5_hxSYDCwc.roa (raw, json)
Hash identifier: l2Og23VbseBHlL6WgftV+a+c2UrUgOjU/jXZUXL4hQ0=
Subject key identifier: 1E:B0:FD:6B:13:70:A2:31:9C:F6:09:F4:7B:9F:E1:C5:26:03:0B:07
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 01965E20CF829CD4A367D8A40A68D185EDF4
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/HrD9axNwojGc9gn0e5_hxSYDCwc.roa
Signing time: Tue 22 Apr 2025 15:32:10 +0000
ROA not before: Tue 22 Apr 2025 15:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58327
IP address blocks: 5.252.252.0/22 maxlen: 24
89.150.32.0/24 maxlen: 24
89.150.37.0/24 maxlen: 24
89.150.39.0/24 maxlen: 24
89.150.42.0/24 maxlen: 24
176.120.168.0/21 maxlen: 24
185.74.193.0/24 maxlen: 24
185.74.194.0/23 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.195.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.224.94.0/23 maxlen: 24
185.224.94.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.226.228.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
185.239.4.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
193.242.188.0/23 maxlen: 24
2a09:4e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 21:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5e:20:cf:82:9c:d4:a3:67:d8:a4:0a:68:d1:85:ed:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Apr 22 15:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1eb0fd6b1370a2319cf609f47b9fe1c526030b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7d:b6:00:16:3a:d3:74:36:2e:6c:fc:b7:06:
40:87:c5:e6:72:8a:9d:52:ba:38:1b:18:21:42:c6:
c9:14:15:db:64:cd:70:fb:e1:a9:b0:70:d2:18:1e:
8c:13:93:68:c9:61:a5:e3:ee:ce:3e:2a:8b:f9:29:
b4:84:90:3b:74:ba:7e:f2:1e:9a:75:9b:bd:95:df:
88:97:02:66:78:42:33:69:33:96:a0:2b:24:a0:81:
fb:20:f4:95:67:81:ed:ce:22:8b:27:24:9c:2b:8a:
b9:9f:28:eb:31:de:7d:64:8e:35:7a:cc:96:21:f7:
be:e5:0a:13:b6:15:f2:cf:90:db:d9:28:22:cc:f7:
7d:c7:53:5e:60:e0:bc:60:8b:80:b4:ae:2b:7c:ec:
36:11:96:f8:d3:69:76:f2:4c:c3:13:d2:3c:fb:ad:
47:78:f1:ab:a4:90:61:ef:b7:ac:09:47:b0:9d:38:
9a:13:23:e5:4f:49:cd:6c:5c:ea:fd:69:a8:b8:8c:
77:c6:b5:53:23:27:71:e7:46:07:7d:cc:1b:25:7d:
d1:e9:f6:77:6d:f4:8b:fa:37:d6:16:7f:59:af:a7:
02:42:63:79:c4:1d:b1:10:e1:79:12:2e:f4:50:fa:
21:33:21:de:2f:d6:31:14:4c:76:af:fe:60:ed:1a:
5c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B0:FD:6B:13:70:A2:31:9C:F6:09:F4:7B:9F:E1:C5:26:03:0B:07
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/HrD9axNwojGc9gn0e5_hxSYDCwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
89.150.32.0/24
89.150.37.0/24
89.150.39.0/24
89.150.42.0/24
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.221.191.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.230.144.0/24
185.232.135.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
IPv6:
2a09:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
dd:ea:c2:d8:34:78:ab:26:ef:4d:ea:2d:2f:32:b6:0f:51:00:
06:2f:d5:ad:09:3b:87:28:5d:c6:b9:31:e9:88:b8:2a:53:0f:
dc:36:b3:7d:57:2e:f1:b9:a2:46:10:c9:0e:ab:bf:39:42:14:
77:dc:41:ca:20:c3:1c:24:7b:2d:a0:f0:ec:1b:5c:34:c9:93:
eb:2e:1f:47:50:a6:a1:a3:e8:24:11:8d:73:58:21:a6:5b:5c:
6f:2a:26:ca:08:1d:eb:c1:a7:64:a4:cb:f2:f4:35:dc:95:79:
1c:9c:74:32:99:ce:9f:06:c7:29:cb:ed:2f:84:ae:49:fd:c0:
7a:ed:f5:64:c5:33:56:e0:c4:dd:14:73:7d:bb:ab:93:58:11:
22:a5:57:cf:b5:99:a7:4c:3c:45:60:78:2c:fb:ed:38:78:7f:
06:8a:6f:41:af:a6:8b:36:35:22:24:7f:7b:e1:3c:58:6a:d9:
04:51:bb:94:0d:6a:53:1e:0d:57:10:de:aa:30:d8:4c:e4:0c:
52:64:92:ac:19:de:ba:46:06:c4:d6:88:19:31:6c:5a:bf:ac:
01:ab:af:b7:43:a4:61:01:da:dd:63:b1:00:a2:75:4d:17:30:
a0:3b:64:0b:c5:07:9d:20:a7:42:c7:71:84:74:e3:a7:d8:c4:
6e:95:f8:77
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZZeIM+CnNSjZ9ikCmjRhe30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjUwNDIyMTUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIwZmQ2YjEzNzBhMjMxOWNmNjA5ZjQ3YjlmZTFjNTI2MDMwYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH22ABY603Q2Lmz8twZAh8Xmcoqd
Uro4GxghQsbJFBXbZM1w++GpsHDSGB6ME5NoyWGl4+7OPiqL+Sm0hJA7dLp+8h6a
dZu9ld+IlwJmeEIzaTOWoCskoIH7IPSVZ4HtziKLJyScK4q5nyjrMd59ZI41esyW
Ife+5QoTthXyz5Db2SgizPd9x1NeYOC8YIuAtK4rfOw2EZb402l28kzDE9I8+61H
ePGrpJBh77esCUewnTiaEyPlT0nNbFzq/WmouIx3xrVTIydx50YHfcwbJX3R6fZ3
bfSL+jfWFn9Zr6cCQmN5xB2xEOF5Ei70UPohMyHeL9YxFEx2r/5g7Rpc4QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFB6w/WsTcKIxnPYJ9Huf4cUmAwsHMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvSHJEOWF4TndvakdjOWduMGU1X2h4U1lEQ3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQCBfz8
AwQAWZYgAwQAWZYlAwQAWZYnAwQAWZYqAwQDsHioMAwDBAC5SsEDBAK5SsADBAC5
whkDBAC53b8wDAMEALngXQMEBbngQAMEALni5AMEALnmkAMEALnohwMEArnvBAME
AbzUIAMEAcHyvDANBAIAAjAHAwUDKglOQDANBgkqhkiG9w0BAQsFAAOCAQEA3erC
2DR4qybvTeotLzK2D1EABi/VrQk7hyhdxrkx6Yi4KlMP3DazfVcu8bmiRhDJDqu/
OUIUd9xByiDDHCR7LaDw7BtcNMmT6y4fR1CmoaPoJBGNc1ghpltcbyomyggd68Gn
ZKTL8vQ13JV5HJx0MpnOnwbHKcvtL4SuSf3Aeu31ZMUzVuDE3RRzfburk1gRIqVX
z7WZp0w8RWB4LPvtOHh/BopvQa+mizY1IiR/e+E8WGrZBFG7lA1qUx4NVxDeqjDY
TOQMUmSSrBneukYGxNaIGTFsWr+sAauvt0OkYQHa3WOxAKJ1TRcwoDtkC8UHnSCn
QsdxhHTjp9jEbpX4dw==
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:41:29 2025 by rpki-client