Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/hFaskM76WmkGz-mPiPTUpMiqZxk.roa
File: hFaskM76WmkGz-mPiPTUpMiqZxk.roa (raw, json)
Hash identifier: luq1omNBXihu/qimESEN6qhU6P0bWFQ94OAUTpScUXc=
Subject key identifier: 84:56:AC:90:CE:FA:5A:69:06:CF:E9:8F:88:F4:D4:A4:C8:AA:67:19
Certificate issuer: /CN=c32a16b207e3b6f6f72d3d0ad5fceba8ea103636
Certificate serial: 0194221FB400B670E53BE074C12AE9C8180C
Authority key identifier: C3:2A:16:B2:07:E3:B6:F6:F7:2D:3D:0A:D5:FC:EB:A8:EA:10:36:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/hFaskM76WmkGz-mPiPTUpMiqZxk.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198290
IP address blocks: 185.44.56.0/22 maxlen: 24
193.169.158.0/23 maxlen: 24
2a01:7360::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 04:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b4:00:b6:70:e5:3b:e0:74:c1:2a:e9:c8:18:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c32a16b207e3b6f6f72d3d0ad5fceba8ea103636
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8456ac90cefa5a6906cfe98f88f4d4a4c8aa6719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b7:81:df:32:28:4a:e9:48:cb:20:5b:ff:42:
89:4e:67:2d:00:68:50:cc:47:d5:a3:87:93:ac:e5:
74:10:4f:fb:6d:9f:4e:44:cc:51:c5:5e:2f:b8:ad:
34:ca:a2:04:49:5e:cf:13:ba:69:75:b2:b4:44:e5:
3b:cc:aa:8c:f7:a6:ea:4c:5f:93:4d:27:23:63:45:
34:7b:bf:a9:82:b4:ba:f8:2d:83:50:fa:17:77:e5:
8e:a7:1d:ca:55:a1:88:ac:35:29:18:2d:95:f5:84:
4f:d9:94:06:07:99:1e:a1:08:6b:26:25:e1:f4:86:
59:06:c6:66:a3:43:aa:91:90:40:ad:40:33:6b:79:
66:bd:07:f5:cc:af:98:47:79:72:50:89:39:cd:7d:
45:53:de:cb:7c:cd:6f:53:9e:cf:ae:14:a0:b1:43:
c2:a8:c8:f6:e6:f7:1d:85:16:c7:91:42:1d:6d:c8:
0b:b7:59:c1:df:68:25:3d:ed:1e:11:75:7e:f3:21:
b4:c6:7a:59:88:63:1f:f2:e3:08:4b:f1:6b:32:e9:
50:9a:ab:f9:47:5c:d4:50:2b:0a:77:45:6a:8c:2f:
22:02:fa:e9:52:e4:de:77:8d:1e:7b:d9:dd:df:a7:
55:84:26:c7:8c:29:a2:3c:a9:da:84:4a:ae:1e:14:
cd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:56:AC:90:CE:FA:5A:69:06:CF:E9:8F:88:F4:D4:A4:C8:AA:67:19
X509v3 Authority Key Identifier:
keyid:C3:2A:16:B2:07:E3:B6:F6:F7:2D:3D:0A:D5:FC:EB:A8:EA:10:36:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/hFaskM76WmkGz-mPiPTUpMiqZxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.56.0/22
193.169.158.0/23
IPv6:
2a01:7360::/32
Signature Algorithm: sha256WithRSAEncryption
28:2e:2d:68:db:75:d2:c3:04:bc:b7:a8:36:cd:0b:be:66:4d:
e9:66:76:6f:c3:1a:58:2f:46:ef:46:a9:07:91:62:4d:02:ab:
73:9c:a7:b6:ba:d4:23:92:6b:53:06:01:f3:c3:c6:22:7b:bc:
cd:26:76:4b:32:0a:38:aa:19:e8:39:b6:a9:86:4a:ee:ce:09:
d0:50:2e:b7:8f:0e:72:48:dc:d9:27:e1:38:ff:f6:35:79:21:
39:10:18:fc:b6:00:af:b2:be:89:ff:8c:44:b2:c8:53:7e:a2:
18:09:78:87:06:76:c4:d5:63:2f:f5:6c:5f:a3:4a:c7:e2:96:
e0:c5:06:52:8c:5c:b6:d6:1b:c9:db:0a:e6:0c:38:e2:86:23:
38:cf:53:0f:8b:06:15:eb:bc:35:5c:b8:cc:b9:f6:62:ad:d9:
2d:d5:d2:4a:10:a9:f2:55:c6:ed:3f:aa:6a:6e:54:94:68:c6:
03:aa:f3:b1:98:96:7b:4e:95:d3:45:2e:20:e2:c0:bb:11:5a:
8f:c1:29:0e:e9:17:07:26:8d:a9:bc:1f:40:fd:b7:d9:ad:c3:
0d:07:4f:3f:62:1c:90:89:da:7c:a6:10:26:b2:54:ec:71:e6:
81:9d:b9:91:46:5f:61:d7:d8:25:3e:2e:85:45:3f:62:d7:f2:
d6:97:e9:b0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH7QAtnDlO+B0wSrpyBgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMmExNmIyMDdlM2I2ZjZmNzJkM2QwYWQ1ZmNlYmE4ZWEx
MDM2MzYwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDU2YWM5MGNlZmE1YTY5MDZjZmU5OGY4OGY0ZDRhNGM4YWE2NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3beB3zIoSulIyyBb/0KJTmctAGhQ
zEfVo4eTrOV0EE/7bZ9ORMxRxV4vuK00yqIESV7PE7ppdbK0ROU7zKqM96bqTF+T
TScjY0U0e7+pgrS6+C2DUPoXd+WOpx3KVaGIrDUpGC2V9YRP2ZQGB5keoQhrJiXh
9IZZBsZmo0OqkZBArUAza3lmvQf1zK+YR3lyUIk5zX1FU97LfM1vU57PrhSgsUPC
qMj25vcdhRbHkUIdbcgLt1nB32glPe0eEXV+8yG0xnpZiGMf8uMIS/FrMulQmqv5
R1zUUCsKd0VqjC8iAvrpUuTed40ee9nd36dVhCbHjCmiPKnahEquHhTNhwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIRWrJDO+lppBs/pj4j01KTIqmcZMB8GA1UdIwQY
MBaAFMMqFrIH47b29y09CtX866jqEDY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3lvV3NnZmp0dmIzTFQwSzFmenJxT29RTmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YTY5NGItYzYxYi00MWIyLTkzY2Ut
NGRjMmY3OTNjM2NkLzEvaEZhc2tNNzZXbWtHei1tUGlQVFVwTWlxWnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YTY5NGItYzYxYi00MWIyLTkzY2UtNGRjMmY3OTNjM2Nk
LzEvd3lvV3NnZmp0dmIzTFQwSzFmenJxT29RTmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSw4AwQB
wameMA0EAgACMAcDBQAqAXNgMA0GCSqGSIb3DQEBCwUAA4IBAQAoLi1o23XSwwS8
t6g2zQu+Zk3pZnZvwxpYL0bvRqkHkWJNAqtznKe2utQjkmtTBgHzw8Yie7zNJnZL
Mgo4qhnoObaphkruzgnQUC63jw5ySNzZJ+E4//Y1eSE5EBj8tgCvsr6J/4xEsshT
fqIYCXiHBnbE1WMv9Wxfo0rH4pbgxQZSjFy21hvJ2wrmDDjihiM4z1MPiwYV67w1
XLjMufZirdkt1dJKEKnyVcbtP6pqblSUaMYDqvOxmJZ7TpXTRS4g4sC7EVqPwSkO
6RcHJo2pvB9A/bfZrcMNB08/YhyQidp8phAmslTsceaBnbmRRl9h19glPi6FRT9i
1/LWl+mw
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:15:35 2025 by rpki-client