Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0YUh1AndNjqdItbk6JV01KdXxE0.roa
File: 0YUh1AndNjqdItbk6JV01KdXxE0.roa (raw, json)
Hash identifier: FsVZUIPlXudd2momzEEJnW+6aN3T6GQVWkVqMF0Kz9Y=
Subject key identifier: D1:85:21:D4:09:DD:36:3A:9D:22:D6:E4:E8:95:74:D4:A7:57:C4:4D
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01968A978FC542DCF03DA364F6DA2C63B43F
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0YUh1AndNjqdItbk6JV01KdXxE0.roa
Signing time: Thu 01 May 2025 06:45:10 +0000
ROA not before: Thu 01 May 2025 06:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:97:8f:c5:42:dc:f0:3d:a3:64:f6:da:2c:63:b4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 1 06:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d18521d409dd363a9d22d6e4e89574d4a757c44d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ca:19:ad:f3:7a:b6:87:e1:ad:49:3a:84:b6:
56:04:12:f1:ed:86:74:85:db:a1:98:fe:bf:f1:c3:
fa:fd:6a:2d:de:ec:3d:d7:87:bd:4f:fd:e2:39:d2:
1e:03:50:42:85:ad:bc:d6:26:0b:ad:d3:78:21:f0:
78:00:f2:6a:2f:81:d4:4b:77:ca:05:45:50:fc:2c:
cf:ba:f7:9d:97:b5:b6:d0:98:3e:5d:6a:6a:69:7f:
27:02:bb:42:88:ea:10:9b:a3:ac:71:dc:7c:f2:6e:
21:5a:bd:a4:23:5d:41:7d:70:3a:c6:33:dd:38:db:
78:21:a2:25:f2:c3:37:14:55:77:38:1a:02:d9:94:
9f:23:7d:81:cc:84:cc:c4:11:e5:18:9b:84:54:ac:
cb:e3:ef:46:1d:fb:84:50:e4:b0:c2:b3:1e:8b:e3:
40:6d:2b:87:eb:f3:5e:ab:68:87:e7:ff:27:65:3a:
ed:ba:35:2b:0b:47:74:76:79:d3:2e:46:46:48:63:
b0:4d:3a:8a:68:ee:16:d8:a8:3c:09:37:70:48:b5:
15:84:f4:5d:cb:fc:ac:51:6e:04:fa:7b:f7:85:13:
f3:8a:20:db:5d:91:c7:df:46:5f:d3:b5:47:0d:2f:
e1:9b:ec:cd:37:48:15:5a:0f:de:76:ec:6d:5b:0a:
c4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:85:21:D4:09:DD:36:3A:9D:22:D6:E4:E8:95:74:D4:A7:57:C4:4D
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0YUh1AndNjqdItbk6JV01KdXxE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
46.20.210.0/23
82.163.52.0/23
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:b3:b2:fd:28:94:c2:c9:48:c0:27:7c:29:10:db:30:86:98:
01:9d:53:f7:42:0d:4b:11:bc:12:88:84:ef:5a:35:1c:3a:d1:
c4:2c:b5:00:fb:71:6b:c9:4c:79:b2:14:ef:29:8a:f0:9e:15:
f2:ea:39:ba:d2:55:dd:93:57:46:dc:78:c6:a1:87:3c:ec:3e:
b2:30:dd:e3:19:20:b5:1c:8b:98:18:06:d0:5b:be:88:55:e7:
9a:de:f3:4a:23:dc:7d:74:ab:d2:04:5e:18:d8:f3:77:25:a8:
43:7d:c4:68:7f:7a:5b:22:40:7e:c2:4c:6d:24:a2:a8:a3:11:
f8:4e:05:d4:e7:c4:2c:7b:02:b2:3d:d1:2a:7e:31:5c:9a:16:
b8:8f:5f:78:d0:c9:2c:45:33:02:bc:58:d8:86:a2:a8:1a:bb:
51:b0:14:1f:74:94:b2:f9:d1:9d:64:ed:65:3e:19:c6:a9:25:
c6:b1:10:20:3a:8f:47:24:ab:08:7d:79:6a:63:fe:a3:10:44:
10:f0:23:ef:52:9e:86:e3:d8:86:80:ba:1e:40:25:64:6f:95:
09:d4:cf:36:98:f8:00:22:c5:74:7a:55:a6:0b:58:ed:90:6b:
dd:c8:54:70:2b:ba:9c:15:bb:c3:dc:01:2c:e7:77:0c:fe:26:
40:af:37:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaKl4/FQtzwPaNk9tosY7Q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNTAxMDY0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg1MjFkNDA5ZGQzNjNhOWQyMmQ2ZTRlODk1NzRkNGE3NTdjNDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcoZrfN6tofhrUk6hLZWBBLx7YZ0
hduhmP6/8cP6/Wot3uw914e9T/3iOdIeA1BCha281iYLrdN4IfB4APJqL4HUS3fK
BUVQ/CzPuvedl7W20Jg+XWpqaX8nArtCiOoQm6Oscdx88m4hWr2kI11BfXA6xjPd
ONt4IaIl8sM3FFV3OBoC2ZSfI32BzITMxBHlGJuEVKzL4+9GHfuEUOSwwrMei+NA
bSuH6/Neq2iH5/8nZTrtujUrC0d0dnnTLkZGSGOwTTqKaO4W2Kg8CTdwSLUVhPRd
y/ysUW4E+nv3hRPziiDbXZHH30Zf07VHDS/hm+zNN0gVWg/eduxtWwrEHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNGFIdQJ3TY6nSLW5OiVdNSnV8RNMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMFlVaDFBbmROanFkSXRiazZKVjAxS2RYeEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7q0AwQB
LhTSAwQBUqM0AwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQAqs7L9KJTCyUjAJ3wp
ENswhpgBnVP3Qg1LEbwSiITvWjUcOtHELLUA+3FryUx5shTvKYrwnhXy6jm60lXd
k1dG3HjGoYc87D6yMN3jGSC1HIuYGAbQW76IVeea3vNKI9x9dKvSBF4Y2PN3JahD
fcRof3pbIkB+wkxtJKKooxH4TgXU58QsewKyPdEqfjFcmha4j1940MksRTMCvFjY
hqKoGrtRsBQfdJSy+dGdZO1lPhnGqSXGsRAgOo9HJKsIfXlqY/6jEEQQ8CPvUp6G
49iGgLoeQCVkb5UJ1M82mPgAIsV0elWmC1jtkGvdyFRwK7qcFbvD3AEs53cM/iZA
rzfI
-----END CERTIFICATE-----
Generated at Sun May 11 21:17:23 2025 by rpki-client