Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HsAGBt_sORyEs8q-L-wNL0I4iI4.roa
File: HsAGBt_sORyEs8q-L-wNL0I4iI4.roa (raw, json)
Hash identifier: Z8l5TcU5Zcs2nKvrn4aNMg1x2Wss+b16c+BtivSp12M=
Subject key identifier: 1E:C0:06:06:DF:EC:39:1C:84:B3:CA:BE:2F:EC:0D:2F:42:38:88:8E
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01966BC58B3B896CE93DA6691173EC53D0D7
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HsAGBt_sORyEs8q-L-wNL0I4iI4.roa
Signing time: Fri 25 Apr 2025 07:07:10 +0000
ROA not before: Fri 25 Apr 2025 07:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 194.238.40.0/23 maxlen: 24
217.179.50.0/23 maxlen: 24
217.179.72.0/23 maxlen: 24
217.179.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:c5:8b:3b:89:6c:e9:3d:a6:69:11:73:ec:53:d0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 25 07:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ec00606dfec391c84b3cabe2fec0d2f4238888e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:46:96:39:57:bb:63:2a:14:5e:07:ea:23:ad:
28:fd:ab:92:a3:0e:48:a2:9d:31:3c:54:62:d0:be:
9e:7b:09:cc:e5:7f:ab:ed:db:35:fc:e0:c4:df:04:
90:35:41:ed:d1:ca:76:f5:38:7b:a2:50:e4:a9:d1:
fb:75:cd:28:9b:e8:a7:90:77:05:80:0f:e6:40:90:
dc:fd:4f:77:01:de:8d:d8:d9:ab:fd:1e:de:70:38:
e8:b3:cf:df:30:6a:4e:18:35:11:39:b2:2c:05:a3:
b6:bf:09:be:4c:2f:61:28:3a:d9:10:56:1c:d4:c1:
a3:00:24:ce:71:66:e0:24:d8:d3:14:9d:ba:dc:bc:
0f:28:59:cd:f3:65:28:3b:49:af:a1:9e:d6:62:a9:
c2:f1:12:a6:f0:ce:d6:e7:b3:ca:ac:ca:4e:89:6e:
6e:22:2e:e8:ef:8c:01:62:9d:d5:64:e4:08:f4:98:
91:a7:48:4d:08:eb:50:82:16:58:dd:36:c5:3a:0a:
06:21:5a:3c:af:e4:cf:a8:5f:16:c9:26:5e:c8:0a:
71:eb:31:c5:8d:29:35:85:c2:6d:b9:e1:c8:3f:2d:
9a:c7:c4:a0:ed:58:f9:ea:ab:58:d8:3d:f3:25:70:
d0:3c:30:52:ab:2d:c4:be:1c:f6:d2:71:5f:47:e2:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:C0:06:06:DF:EC:39:1C:84:B3:CA:BE:2F:EC:0D:2F:42:38:88:8E
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HsAGBt_sORyEs8q-L-wNL0I4iI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.238.40.0/23
217.179.50.0/23
217.179.72.0/23
217.179.228.0/22
Signature Algorithm: sha256WithRSAEncryption
07:be:a1:d5:23:22:48:00:c4:21:df:6c:f7:f7:7e:7c:3c:c6:
d5:80:39:14:5c:b6:9c:43:44:08:e4:79:bb:17:fe:3a:ed:45:
25:d3:6b:4f:d5:17:f8:c0:64:67:13:48:3a:05:57:1b:5c:92:
ec:a1:e2:fc:e3:b5:cf:a8:1e:0e:c3:06:c4:00:8a:81:73:62:
c2:67:19:82:54:0f:67:1b:eb:4f:d3:d6:7e:0e:ca:86:9b:54:
d4:c7:f1:57:dc:0b:cd:f5:6d:54:04:6a:8c:b5:a9:1d:e7:b8:
91:13:2b:56:64:d0:cb:32:18:91:27:cb:af:59:d6:a2:22:11:
54:03:3e:b3:24:09:90:2d:e3:70:e4:8b:2c:d4:9f:a8:86:bc:
5a:a9:0c:6c:0c:9c:2a:28:92:fc:26:0b:e5:bd:fd:eb:cd:e4:
95:68:23:0e:c9:1d:ae:91:28:43:cc:33:44:61:bd:aa:a4:61:
a2:e0:29:bc:96:de:c3:e8:40:01:67:21:0d:56:94:ff:76:2a:
c8:ed:e3:5d:06:a7:a7:c5:ac:c2:e1:da:89:70:e9:91:55:2a:
dd:8e:c7:bc:fb:97:2d:96:2d:2c:e4:41:3c:07:f2:74:34:2b:
57:37:5d:c4:ff:9e:ea:6a:0a:7e:7e:bd:18:76:ad:86:e7:5d:
75:c9:14:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZrxYs7iWzpPaZpEXPsU9DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDI1MDcwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWMwMDYwNmRmZWMzOTFjODRiM2NhYmUyZmVjMGQyZjQyMzg4ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UaWOVe7YyoUXgfqI60o/auSow5I
op0xPFRi0L6eewnM5X+r7ds1/ODE3wSQNUHt0cp29Th7olDkqdH7dc0om+inkHcF
gA/mQJDc/U93Ad6N2Nmr/R7ecDjos8/fMGpOGDURObIsBaO2vwm+TC9hKDrZEFYc
1MGjACTOcWbgJNjTFJ263LwPKFnN82UoO0mvoZ7WYqnC8RKm8M7W57PKrMpOiW5u
Ii7o74wBYp3VZOQI9JiRp0hNCOtQghZY3TbFOgoGIVo8r+TPqF8WySZeyApx6zHF
jSk1hcJtueHIPy2ax8Sg7Vj56qtY2D3zJXDQPDBSqy3Evhz20nFfR+LfjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB7ABgbf7DkchLPKvi/sDS9COIiOMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSHNBR0J0X3NPUnlFczhxLUwtd05MMEk0aUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwu4oAwQB
2bMyAwQB2bNIAwQC2bPkMA0GCSqGSIb3DQEBCwUAA4IBAQAHvqHVIyJIAMQh32z3
9358PMbVgDkUXLacQ0QI5Hm7F/467UUl02tP1Rf4wGRnE0g6BVcbXJLsoeL847XP
qB4OwwbEAIqBc2LCZxmCVA9nG+tP09Z+DsqGm1TUx/FX3AvN9W1UBGqMtakd57iR
EytWZNDLMhiRJ8uvWdaiIhFUAz6zJAmQLeNw5Iss1J+ohrxaqQxsDJwqKJL8Jgvl
vf3rzeSVaCMOyR2ukShDzDNEYb2qpGGi4Cm8lt7D6EABZyENVpT/dirI7eNdBqen
xazC4dqJcOmRVSrdjse8+5ctli0s5EE8B/J0NCtXN13E/57qagp+fr0Ydq2G5111
yRTq
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:46:30 2025 by rpki-client