Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/44WcjUyhdWbouJas9-vY_4pr1wA.roa
File: 44WcjUyhdWbouJas9-vY_4pr1wA.roa (raw, json)
Hash identifier: Qx8y85cpYAiQ8a63DXW295iCOgGuHySiBFYnU925DiI=
Subject key identifier: E3:85:9C:8D:4C:A1:75:66:E8:B8:96:AC:F7:EB:D8:FF:8A:6B:D7:00
Certificate issuer: /CN=1ea0a9eb47d824b51f154442481a257168394551
Certificate serial: 01964D45EC982F545FE5F4F793729E385DC7
Authority key identifier: 1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/44WcjUyhdWbouJas9-vY_4pr1wA.roa
Signing time: Sat 19 Apr 2025 08:59:10 +0000
ROA not before: Sat 19 Apr 2025 08:59:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41044
IP address blocks: 194.24.228.0/23 maxlen: 23
194.24.228.0/24 maxlen: 24
194.24.229.0/24 maxlen: 24
217.113.204.0/24 maxlen: 24
217.113.205.0/24 maxlen: 24
217.113.206.0/24 maxlen: 24
217.113.207.0/24 maxlen: 24
2a11:fac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4d:45:ec:98:2f:54:5f:e5:f4:f7:93:72:9e:38:5d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea0a9eb47d824b51f154442481a257168394551
Validity
Not Before: Apr 19 08:59:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3859c8d4ca17566e8b896acf7ebd8ff8a6bd700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:1b:56:19:58:d5:4d:9f:af:77:ff:aa:05:
05:02:40:4c:8f:d1:24:12:db:c8:5d:7e:97:95:11:
ff:d6:d4:b7:ec:61:e4:7f:6c:83:d1:60:83:48:6a:
70:d9:4e:e4:62:61:3d:37:f3:d3:3c:e4:57:cb:90:
bb:2b:2c:ff:a2:d7:22:2d:b2:78:13:87:85:c9:c2:
99:0b:24:f9:45:55:4b:86:25:d4:3d:fa:4d:2b:2d:
28:55:64:ad:f8:2c:f0:13:ac:a3:6c:62:93:59:75:
fa:02:f8:e7:53:77:ae:72:cc:e7:02:a7:41:d5:b2:
52:b4:3d:81:49:6b:68:9b:30:c8:ab:f4:69:7f:c0:
80:9b:3a:87:10:cb:eb:fe:03:61:d1:2a:75:e5:9b:
3b:40:02:a8:1d:0e:bf:f3:f5:25:a6:70:c7:06:62:
49:c0:6a:53:9e:32:84:51:2c:3b:fa:b0:ff:70:7e:
57:e8:09:9e:12:b5:85:62:d7:6c:72:9a:cc:06:ec:
8b:1b:bc:8e:f1:ef:e8:38:e2:0f:0f:b3:dd:1a:25:
68:0a:08:d5:46:a7:2b:ab:f4:c7:0e:b9:c7:5a:5f:
63:f4:0d:a2:39:44:66:ce:56:39:eb:d4:e1:08:57:
cd:6e:14:f5:9d:3d:c5:b5:ad:fe:d7:61:fd:a1:09:
a5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:85:9C:8D:4C:A1:75:66:E8:B8:96:AC:F7:EB:D8:FF:8A:6B:D7:00
X509v3 Authority Key Identifier:
keyid:1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/44WcjUyhdWbouJas9-vY_4pr1wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.228.0/23
217.113.204.0/22
IPv6:
2a11:fac0::/29
Signature Algorithm: sha256WithRSAEncryption
58:4c:25:0d:0b:75:0b:27:14:84:86:e8:bf:85:35:27:71:bd:
24:b9:7a:d8:f1:96:f2:f4:a1:46:c2:2e:a2:ec:41:47:7a:16:
a7:ef:fb:87:33:f8:b2:df:fe:fd:34:d8:4d:6c:4f:30:74:ed:
21:83:c5:8a:28:cb:3a:3b:62:47:db:c6:86:19:1f:e2:0c:5b:
30:e3:15:45:c3:9c:1b:67:dd:00:9b:3c:91:1b:88:63:d8:24:
e2:a2:c7:5a:6e:8f:2c:34:f1:37:c0:48:2b:e3:fe:ec:0b:dd:
79:11:32:ec:ba:f0:4f:cd:75:a0:b9:8f:a5:3a:85:7d:38:b3:
ed:19:03:3d:9c:ba:78:3d:3e:6a:ea:c1:77:5b:d2:ad:c7:6a:
08:93:6b:44:d9:7b:cf:bc:1e:21:be:20:55:f9:71:80:69:7e:
fe:d0:b3:3d:ac:0e:01:ed:b4:18:b2:6d:17:76:0c:87:a5:5f:
00:50:34:a5:e5:e7:9d:52:7e:47:f7:af:a3:da:51:6b:9a:57:
ec:76:02:d2:13:c9:a5:66:6b:d4:4a:a7:59:eb:1d:66:98:63:
9f:87:63:8a:cd:7d:b0:90:1c:d0:ae:b8:a5:b3:4c:ed:7d:42:
11:ea:c5:5b:f6:dd:48:9c:0c:99:50:ed:67:79:bc:39:83:a8:
5a:cd:3d:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZZNReyYL1Rf5fT3k3KeOF3HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTBhOWViNDdkODI0YjUxZjE1NDQ0MjQ4MWEyNTcxNjgz
OTQ1NTEwHhcNMjUwNDE5MDg1OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzg1OWM4ZDRjYTE3NTY2ZThiODk2YWNmN2ViZDhmZjhhNmJkNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMIbVhlY1U2fr3f/qgUFAkBMj9Ek
EtvIXX6XlRH/1tS37GHkf2yD0WCDSGpw2U7kYmE9N/PTPORXy5C7Kyz/otciLbJ4
E4eFycKZCyT5RVVLhiXUPfpNKy0oVWSt+CzwE6yjbGKTWXX6AvjnU3eucsznAqdB
1bJStD2BSWtomzDIq/Rpf8CAmzqHEMvr/gNh0Sp15Zs7QAKoHQ6/8/UlpnDHBmJJ
wGpTnjKEUSw7+rD/cH5X6AmeErWFYtdscprMBuyLG7yO8e/oOOIPD7PdGiVoCgjV
Rqcrq/THDrnHWl9j9A2iOURmzlY569ThCFfNbhT1nT3Fta3+12H9oQmleQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOOFnI1MoXVm6LiWrPfr2P+Ka9cAMB8GA1UdIwQY
MBaAFB6gqetH2CS1HxVEQkgaJXFoOUVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzkt
ODQxOGE5NmY2Nzk1LzEvNDRXY2pVeWhkV2JvdUphczktdllfNHByMXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1
LzEvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwhjkAwQC
2XHMMA0EAgACMAcDBQMqEfrAMA0GCSqGSIb3DQEBCwUAA4IBAQBYTCUNC3ULJxSE
hui/hTUncb0kuXrY8Zby9KFGwi6i7EFHehan7/uHM/iy3/79NNhNbE8wdO0hg8WK
KMs6O2JH28aGGR/iDFsw4xVFw5wbZ90AmzyRG4hj2CTiosdabo8sNPE3wEgr4/7s
C915ETLsuvBPzXWguY+lOoV9OLPtGQM9nLp4PT5q6sF3W9Ktx2oIk2tE2XvPvB4h
viBV+XGAaX7+0LM9rA4B7bQYsm0XdgyHpV8AUDSl5eedUn5H96+j2lFrmlfsdgLS
E8mlZmvUSqdZ6x1mmGOfh2OKzX2wkBzQrrils0ztfUIR6sVb9t1InAyZUO1nebw5
g6hazT1o
-----END CERTIFICATE-----
Generated at Thu May 8 00:34:20 2025 by rpki-client