Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hjsJPLUSFNGXQEAbjN5vj9X3Jbk.roa
File: hjsJPLUSFNGXQEAbjN5vj9X3Jbk.roa (raw, json)
Hash identifier: a0Pc5N9WdubfGIFWHO9HgQJjwf9zolPLLP3R+MpRGvo=
Subject key identifier: 86:3B:09:3C:B5:12:14:D1:97:40:40:1B:8C:DE:6F:8F:D5:F7:25:B9
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01963E5C2D53B2808FC0C2ADCC01AED085C3
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hjsJPLUSFNGXQEAbjN5vj9X3Jbk.roa
Signing time: Wed 16 Apr 2025 11:29:10 +0000
ROA not before: Wed 16 Apr 2025 11:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41726
IP address blocks: 85.254.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:5c:2d:53:b2:80:8f:c0:c2:ad:cc:01:ae:d0:85:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 16 11:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=863b093cb51214d19740401b8cde6f8fd5f725b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:a6:11:9e:b0:f8:f8:54:25:5f:c4:df:3e:
09:1b:41:ce:8f:a1:ab:16:8b:89:bc:15:da:bf:47:
a8:ad:bd:47:f0:c8:b4:23:4b:cf:4d:c1:4a:4a:0f:
f6:af:58:1e:4c:9d:b1:0e:e7:2d:2d:bb:e8:f9:47:
20:88:58:fc:12:44:7f:a4:d8:37:1f:59:9e:db:ad:
d3:68:0a:82:f7:18:18:3e:4c:94:b5:a2:8e:28:44:
6b:c7:3e:e5:cb:f4:cf:bd:94:f3:e6:57:36:35:99:
59:83:a4:9b:6f:46:5f:96:5f:8c:bd:95:ac:00:36:
99:c0:73:d7:e8:6e:3e:ff:6a:60:fd:2b:94:95:a8:
78:03:dd:29:76:0e:d2:53:85:0f:4e:6d:51:83:3e:
86:45:e9:82:94:45:6a:71:26:04:e0:c3:0b:96:27:
bb:96:a3:2a:d0:bd:ef:ed:7b:74:3c:18:88:29:e7:
2e:c8:8d:b5:0c:6f:a4:89:8e:51:a5:b6:05:22:32:
c8:30:73:3e:b6:f4:40:d2:21:28:8d:13:1a:d9:e0:
6f:26:7f:14:22:11:83:53:02:db:40:1d:d2:6e:b0:
a7:92:9b:be:47:2a:f4:c9:93:b9:0c:34:7f:b6:df:
c3:d5:d8:81:51:23:cf:aa:e6:4c:77:52:1c:3c:bb:
d8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3B:09:3C:B5:12:14:D1:97:40:40:1B:8C:DE:6F:8F:D5:F7:25:B9
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/hjsJPLUSFNGXQEAbjN5vj9X3Jbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.3.0/24
Signature Algorithm: sha256WithRSAEncryption
68:87:e7:66:06:25:3c:3d:a6:64:85:80:bc:6e:2a:ab:88:a2:
95:cb:6c:b1:08:e5:dd:4a:a6:b3:c8:28:74:be:d0:68:ed:31:
24:7a:8b:1d:fa:6c:84:cb:d1:65:c5:a5:44:3a:8b:52:02:1e:
10:91:3d:c7:e6:5f:1b:93:41:a3:fd:2b:cc:d5:40:87:c3:5a:
f6:34:af:b5:b5:83:99:de:86:f1:e9:b7:e3:09:0b:17:ea:78:
78:7c:13:f9:a9:65:7e:08:13:55:66:91:73:c0:ba:b3:d2:1e:
82:9e:b1:07:d8:3f:93:e9:e8:f9:57:24:62:5f:b3:e8:e9:c6:
6d:1b:14:3e:7a:fd:e5:f9:eb:0c:74:88:26:02:72:cc:6d:3a:
61:69:c4:04:b1:6b:54:2b:cd:9d:49:a8:fe:93:05:b8:55:b2:
37:0c:ad:2a:86:5e:f6:da:79:42:fb:d0:94:12:95:e5:7d:89:
cb:4e:3c:8f:c7:a5:8e:d5:ab:8b:e6:2b:0f:ee:af:4a:66:65:
57:b7:e7:80:21:90:0e:23:67:56:cf:23:72:19:89:5e:88:db:
e4:74:59:d5:f9:4b:88:a5:6e:46:9d:84:19:89:eb:58:0f:50:
7d:2c:74:cf:33:28:45:08:85:86:c2:a4:7b:d0:c7:96:ea:82:
e4:90:4e:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY+XC1TsoCPwMKtzAGu0IXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNDE2MTEyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjNiMDkzY2I1MTIxNGQxOTc0MDQwMWI4Y2RlNmY4ZmQ1ZjcyNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbymEZ6w+PhUJV/E3z4JG0HOj6Gr
FouJvBXav0eorb1H8Mi0I0vPTcFKSg/2r1geTJ2xDuctLbvo+UcgiFj8EkR/pNg3
H1me263TaAqC9xgYPkyUtaKOKERrxz7ly/TPvZTz5lc2NZlZg6Sbb0Zfll+MvZWs
ADaZwHPX6G4+/2pg/SuUlah4A90pdg7SU4UPTm1Rgz6GRemClEVqcSYE4MMLlie7
lqMq0L3v7Xt0PBiIKecuyI21DG+kiY5RpbYFIjLIMHM+tvRA0iEojRMa2eBvJn8U
IhGDUwLbQB3SbrCnkpu+Ryr0yZO5DDR/tt/D1diBUSPPquZMd1IcPLvYLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIY7CTy1EhTRl0BAG4zeb4/V9yW5MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaGpzSlBMVVNGTkdYUUVBYmpONXZqOVgzSmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf4DMA0G
CSqGSIb3DQEBCwUAA4IBAQBoh+dmBiU8PaZkhYC8biqriKKVy2yxCOXdSqazyCh0
vtBo7TEkeosd+myEy9FlxaVEOotSAh4QkT3H5l8bk0Gj/SvM1UCHw1r2NK+1tYOZ
3obx6bfjCQsX6nh4fBP5qWV+CBNVZpFzwLqz0h6CnrEH2D+T6ej5VyRiX7Po6cZt
GxQ+ev3l+esMdIgmAnLMbTphacQEsWtUK82dSaj+kwW4VbI3DK0qhl722nlC+9CU
EpXlfYnLTjyPx6WO1auL5isP7q9KZmVXt+eAIZAOI2dWzyNyGYleiNvkdFnV+UuI
pW5GnYQZietYD1B9LHTPMyhFCIWGwqR70MeW6oLkkE6c
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:17:20 2025 by rpki-client