Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/1Hdm4Yb6uudKtF7Z6GZsQybyHjU.roa
File: 1Hdm4Yb6uudKtF7Z6GZsQybyHjU.roa (raw, json)
Hash identifier: W7Iji0sZOuTaW08iAlZ0I50hV2fJR5fIhMcUjQTgllQ=
Subject key identifier: D4:77:66:E1:86:FA:BA:E7:4A:B4:5E:D9:E8:66:6C:43:26:F2:1E:35
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01964A8F0A7F4BA547B16A1116B2033312B8
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/1Hdm4Yb6uudKtF7Z6GZsQybyHjU.roa
Signing time: Fri 18 Apr 2025 20:20:10 +0000
ROA not before: Fri 18 Apr 2025 20:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 158.120.49.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
192.46.184.0/21 maxlen: 21
192.46.184.0/22 maxlen: 22
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
192.53.64.0/22 maxlen: 22
192.53.68.0/22 maxlen: 22
192.53.136.0/22 maxlen: 22
192.53.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 14:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4a:8f:0a:7f:4b:a5:47:b1:6a:11:16:b2:03:33:12:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Apr 18 20:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d47766e186fabae74ab45ed9e8666c4326f21e35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ef:ad:31:d5:fb:27:a8:43:77:f1:18:68:8b:
ae:01:05:0c:6e:a1:dc:ce:12:51:52:40:de:ba:8a:
72:71:78:e1:a4:cf:50:f8:19:b8:1b:c3:a5:2d:44:
1c:b3:dd:96:e9:8a:1b:43:24:0c:28:aa:07:a7:cf:
cf:3a:31:c9:13:f1:2f:94:99:42:7c:37:ec:ad:9b:
f9:c7:8d:b2:b4:b0:eb:46:57:05:32:9b:02:12:8f:
0e:ab:17:d3:50:5a:40:c1:44:5a:fd:42:17:db:02:
1b:3d:cc:e4:3c:87:bd:19:88:8d:8e:be:40:b2:85:
31:d9:a4:4e:13:bb:bd:c2:44:6c:74:30:76:1b:a1:
57:c8:f4:33:9d:fd:38:07:04:e1:d3:f6:9b:9e:82:
86:0b:ab:59:e3:0b:2c:91:75:fc:9b:a9:5c:9a:74:
5a:f6:f0:44:0e:22:27:a7:b1:78:49:59:53:33:d8:
b4:5e:91:e4:30:ac:3a:21:36:b7:db:0f:b6:5a:de:
ec:76:2c:17:5b:78:6e:7a:32:4f:0e:28:4c:7c:5c:
59:a8:ee:68:41:19:95:a0:cf:e0:18:e0:55:8f:81:
89:2d:93:16:74:9e:0f:6d:e4:9b:78:fa:81:96:1f:
dc:cd:2e:32:7c:a4:87:b7:1d:22:cc:7c:7a:b7:e5:
55:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:77:66:E1:86:FA:BA:E7:4A:B4:5E:D9:E8:66:6C:43:26:F2:1E:35
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/1Hdm4Yb6uudKtF7Z6GZsQybyHjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
192.53.64.0/21
192.53.136.0/21
Signature Algorithm: sha256WithRSAEncryption
44:09:cf:c2:d7:8a:08:ef:fd:1c:a8:4e:95:9f:32:9d:8e:8c:
3d:26:11:94:98:a1:ae:dc:68:a7:ca:dc:95:93:f0:4b:74:c5:
4a:b6:b4:f5:2b:c0:68:72:89:42:9d:29:07:45:21:c3:ee:33:
49:b0:7f:30:61:0b:c1:38:83:bf:34:7a:31:5c:1b:a9:80:86:
b7:c0:0f:b7:8e:b9:d0:b8:b1:38:5b:26:7f:09:17:07:5e:7f:
b8:13:c6:50:7d:cf:1e:0a:30:70:40:f1:d0:c1:38:2f:2e:96:
f4:5b:ed:94:cf:fb:18:60:9d:d0:9d:63:1c:fd:72:31:99:98:
7d:78:1d:1b:d2:08:02:a6:9d:0c:23:07:86:74:eb:11:75:1f:
f6:4d:be:26:bc:4e:60:ef:c4:cf:36:d2:a1:2a:3c:f3:a1:18:
91:48:0f:ef:78:2f:0e:a0:51:2a:fa:87:a4:ec:1d:ca:35:ad:
a3:ed:af:69:5e:d7:6d:78:8d:cf:a2:34:b0:c5:aa:77:1d:23:
29:cb:52:05:ba:79:8d:58:7b:14:ef:71:8b:c4:c6:68:76:d7:
ab:09:61:2c:55:54:e7:3c:b6:16:27:d2:e4:21:ec:af:fb:47:
b1:dc:34:7a:c9:31:d3:a1:f9:49:0b:d9:6f:0c:83:0e:df:ef:
26:16:b5:32
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZZKjwp/S6VHsWoRFrIDMxK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwNDE4MjAyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc3NjZlMTg2ZmFiYWU3NGFiNDVlZDllODY2NmM0MzI2ZjIxZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt++tMdX7J6hDd/EYaIuuAQUMbqHc
zhJRUkDeuopycXjhpM9Q+Bm4G8OlLUQcs92W6YobQyQMKKoHp8/POjHJE/EvlJlC
fDfsrZv5x42ytLDrRlcFMpsCEo8OqxfTUFpAwURa/UIX2wIbPczkPIe9GYiNjr5A
soUx2aROE7u9wkRsdDB2G6FXyPQznf04BwTh0/abnoKGC6tZ4wsskXX8m6lcmnRa
9vBEDiInp7F4SVlTM9i0XpHkMKw6ITa32w+2Wt7sdiwXW3huejJPDihMfFxZqO5o
QRmVoM/gGOBVj4GJLZMWdJ4PbeSbePqBlh/czS4yfKSHtx0izHx6t+VV8QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNR3ZuGG+rrnSrRe2ehmbEMm8h41MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvMUhkbTRZYjZ1dWRLdEY3WjZHWnNReWJ5SGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAnngxAwQA
nngzAwQAnng1AwQAnng3AwQAnng5AwQAnng7AwQAnng9AwQAnng/AwQDwC64AwQC
wC7IAwQDwDVAAwQDwDWIMA0GCSqGSIb3DQEBCwUAA4IBAQBECc/C14oI7/0cqE6V
nzKdjow9JhGUmKGu3GinytyVk/BLdMVKtrT1K8BocolCnSkHRSHD7jNJsH8wYQvB
OIO/NHoxXBupgIa3wA+3jrnQuLE4WyZ/CRcHXn+4E8ZQfc8eCjBwQPHQwTgvLpb0
W+2Uz/sYYJ3QnWMc/XIxmZh9eB0b0ggCpp0MIweGdOsRdR/2Tb4mvE5g78TPNtKh
KjzzoRiRSA/veC8OoFEq+oek7B3KNa2j7a9pXtdteI3PojSwxap3HSMpy1IFunmN
WHsU73GLxMZodterCWEsVVTnPLYWJ9LkIeyv+0ex3DR6yTHToflJC9lvDIMO3+8m
FrUy
-----END CERTIFICATE-----
Generated at Fri May 2 00:05:32 2025 by rpki-client