Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/HfYwAow6ZSdn6-d2sIhcEMwW45o.roa
File: HfYwAow6ZSdn6-d2sIhcEMwW45o.roa (raw, json)
Hash identifier: TYdccGHL99NBPf89Jqf19VjD+a2Pkthx8U9HdaOuXj0=
Subject key identifier: 1D:F6:30:02:8C:3A:65:27:67:EB:E7:76:B0:88:5C:10:CC:16:E3:9A
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 01963D841D262E241605E817F12FB5A75421
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/HfYwAow6ZSdn6-d2sIhcEMwW45o.roa
Signing time: Wed 16 Apr 2025 07:33:10 +0000
ROA not before: Wed 16 Apr 2025 07:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 46.194.0.0/15 maxlen: 15
62.119.0.0/16 maxlen: 16
94.234.0.0/16 maxlen: 16
195.66.32.0/19 maxlen: 19
213.112.0.0/14 maxlen: 14
213.163.128.0/19 maxlen: 19
2a02:1400::/26 maxlen: 26
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:84:1d:26:2e:24:16:05:e8:17:f1:2f:b5:a7:54:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Apr 16 07:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1df630028c3a652767ebe776b0885c10cc16e39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f4:8d:52:82:e3:93:26:1a:35:8d:fe:98:dd:
c5:ad:75:53:05:a5:a8:fd:47:58:99:7c:27:dc:0d:
bc:bd:b1:51:44:17:ce:09:69:a4:8c:9e:f5:12:f9:
66:f5:3b:f9:33:93:be:d0:9d:8e:bb:ab:34:0f:1e:
96:a6:33:79:7f:c1:e9:7e:13:5f:87:5a:68:03:37:
31:5f:bc:79:7b:38:8a:35:eb:3b:87:10:89:5e:2a:
e5:5e:b8:e4:0e:a7:88:d7:c3:1c:33:18:db:48:4c:
b2:e3:4c:7e:2b:51:3f:22:2a:70:50:ac:af:58:5c:
e8:2d:f2:90:f8:04:b1:33:c4:0e:36:2f:84:61:da:
d7:11:9a:f2:d8:c5:46:9b:78:83:89:84:80:51:4c:
68:87:0a:6d:dd:be:2c:a8:a2:41:c0:f8:a3:b4:8d:
30:bd:f7:8a:2c:c2:f6:a7:91:e2:dc:62:52:88:31:
fc:fa:e2:6c:13:1a:9c:b8:c7:81:cc:9f:c9:d8:ec:
d9:85:39:e2:a5:8a:1b:31:60:8f:b2:fa:5d:d1:f8:
6d:cc:04:7f:b8:f7:cb:de:9a:bf:a3:39:f1:57:ad:
eb:c7:09:41:fd:be:c2:b7:ab:3f:bc:72:aa:fc:c4:
3c:79:21:9d:96:ea:ba:9d:6b:cb:60:93:d8:5f:6e:
3c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F6:30:02:8C:3A:65:27:67:EB:E7:76:B0:88:5C:10:CC:16:E3:9A
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/HfYwAow6ZSdn6-d2sIhcEMwW45o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.194.0.0/15
62.119.0.0/16
94.234.0.0/16
195.66.32.0/19
213.112.0.0/14
213.163.128.0/19
IPv6:
2a02:1400::/26
Signature Algorithm: sha256WithRSAEncryption
1c:e0:0e:95:67:79:ff:f4:01:72:83:3c:29:dc:63:84:8b:42:
67:f2:2b:a1:cf:45:9f:6e:f8:af:b4:9d:b0:ce:10:66:3d:fe:
09:cc:b5:88:c4:9d:d2:ee:57:78:ea:ff:34:de:2f:ea:db:8e:
7a:fa:ef:5a:20:4c:62:2a:4c:4b:a6:59:23:3a:04:4a:af:f2:
97:6d:d3:ee:24:30:88:e5:2d:7d:44:78:f1:44:02:48:2f:6f:
4c:36:1f:33:d3:e8:a7:c5:68:0f:84:c2:d4:20:46:c1:bd:fa:
86:7d:1c:f9:d1:e1:b4:f8:6c:91:22:2c:06:bb:8c:fb:e4:06:
77:ff:77:87:56:9b:d9:c8:9f:5f:9d:be:ed:91:5b:f4:46:57:
bc:03:c1:f9:ac:54:17:d1:22:cc:e0:a4:4e:07:f5:66:8b:96:
f2:c9:9c:f2:fe:5d:17:ef:f3:07:d8:5e:09:f1:c7:4f:8e:de:
7c:4f:84:f1:27:e2:13:53:12:2a:a4:72:05:1f:58:8a:75:8b:
0d:30:49:cd:51:bf:c0:96:57:ad:08:d1:86:62:73:3a:96:64:
e0:bc:af:fd:63:89:88:92:e9:ec:91:d5:5e:55:98:13:dd:d3:
00:8c:ae:5e:73:39:31:b3:f7:01:d9:2d:00:d2:d2:60:aa:e0:
91:10:62:07
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZY9hB0mLiQWBegX8S+1p1QhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjUwNDE2MDczMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY2MzAwMjhjM2E2NTI3NjdlYmU3NzZiMDg4NWMxMGNjMTZlMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPSNUoLjkyYaNY3+mN3FrXVTBaWo
/UdYmXwn3A28vbFRRBfOCWmkjJ71Evlm9Tv5M5O+0J2Ou6s0Dx6WpjN5f8HpfhNf
h1poAzcxX7x5eziKNes7hxCJXirlXrjkDqeI18McMxjbSEyy40x+K1E/IipwUKyv
WFzoLfKQ+ASxM8QONi+EYdrXEZry2MVGm3iDiYSAUUxohwpt3b4sqKJBwPijtI0w
vfeKLML2p5Hi3GJSiDH8+uJsExqcuMeBzJ/J2OzZhTnipYobMWCPsvpd0fhtzAR/
uPfL3pq/oznxV63rxwlB/b7Ct6s/vHKq/MQ8eSGdluq6nWvLYJPYX2481QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFB32MAKMOmUnZ+vndrCIXBDMFuOaMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvSGZZd0FvdzZaU2RuNi1kMnNJaGNFTXdXNDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwMBLsIDAwA+
dwMDAF7qAwQFw0IgAwMC1XADBAXVo4AwDQQCAAIwBwMFBioCFAAwDQYJKoZIhvcN
AQELBQADggEBABzgDpVnef/0AXKDPCncY4SLQmfyK6HPRZ9u+K+0nbDOEGY9/gnM
tYjEndLuV3jq/zTeL+rbjnr671ogTGIqTEumWSM6BEqv8pdt0+4kMIjlLX1EePFE
Akgvb0w2HzPT6KfFaA+EwtQgRsG9+oZ9HPnR4bT4bJEiLAa7jPvkBnf/d4dWm9nI
n1+dvu2RW/RGV7wDwfmsVBfRIszgpE4H9WaLlvLJnPL+XRfv8wfYXgnxx0+O3nxP
hPEn4hNTEiqkcgUfWIp1iw0wSc1Rv8CWV60I0YZiczqWZOC8r/1jiYiS6eyR1V5V
mBPd0wCMrl5zOTGz9wHZLQDS0mCq4JEQYgc=
-----END CERTIFICATE-----
Generated at Mon May 5 22:12:30 2025 by rpki-client