Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/RHQDwKu8R1BiqVyY2Tjg4hHJAWc.roa
File: RHQDwKu8R1BiqVyY2Tjg4hHJAWc.roa (raw, json)
Hash identifier: b8HvAiKDPdfzzLQtID64DX+UXDDGwjs7bi1PBPQ+P/8=
Subject key identifier: 44:74:03:C0:AB:BC:47:50:62:A9:5C:98:D9:38:E0:E2:11:C9:01:67
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01966DFD2BD1A26C2AE80A418D2909242AFE
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/RHQDwKu8R1BiqVyY2Tjg4hHJAWc.roa
Signing time: Fri 25 Apr 2025 17:27:10 +0000
ROA not before: Fri 25 Apr 2025 17:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 5.178.3.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:fd:2b:d1:a2:6c:2a:e8:0a:41:8d:29:09:24:2a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 25 17:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=447403c0abbc475062a95c98d938e0e211c90167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:58:7f:17:c4:9f:b7:6f:0c:0d:4f:77:08:
f2:a2:22:41:0b:c0:c9:ba:2b:fa:97:05:82:f6:e5:
73:b0:2e:e3:af:17:04:a0:0a:d8:07:a9:6d:f3:35:
02:43:03:6a:a9:3c:19:72:d6:d9:c2:80:a5:41:01:
4a:2e:06:f9:88:d0:9c:b9:db:d9:c6:e4:12:0f:3c:
30:11:96:54:77:5e:dd:52:40:c0:37:a8:05:0f:08:
14:6b:d6:70:a3:b4:4b:a0:52:cf:8c:7f:35:75:64:
c7:93:a5:92:87:33:ae:2a:19:d5:3e:8a:78:82:2d:
19:ea:c3:9c:26:b7:21:39:14:87:7f:30:5a:f7:fa:
ae:ba:a7:74:73:39:ef:a1:ef:1d:56:bc:09:7e:cc:
0a:98:d8:06:ba:e7:7c:2f:0d:58:e4:23:45:c7:d5:
3c:40:99:9d:2e:39:a1:14:f7:ce:f7:45:81:40:49:
67:4a:55:5d:ae:09:ef:d7:0c:9b:95:c6:fe:46:e3:
ba:c9:c4:66:1f:88:2c:41:60:16:b1:a8:95:71:40:
e8:aa:07:f4:5f:a4:0f:1a:91:4a:00:c5:43:10:bd:
e3:d3:e7:96:f7:04:c4:9c:a1:c1:21:17:78:a9:7d:
d0:00:83:52:78:3a:c8:c7:cf:46:bc:5f:0f:96:23:
99:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:74:03:C0:AB:BC:47:50:62:A9:5C:98:D9:38:E0:E2:11:C9:01:67
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/RHQDwKu8R1BiqVyY2Tjg4hHJAWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
109.205.212.0/24
164.215.97.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:5a:03:94:1d:23:b6:c6:c2:52:6b:4c:74:f5:25:0f:2c:53:
8b:55:5e:89:53:29:ec:c8:09:fd:8e:7e:22:be:1c:47:f5:e2:
6c:6e:00:f6:08:85:ad:ab:92:95:28:c7:ad:d5:aa:2e:99:1b:
37:36:94:29:14:a1:2e:75:7b:42:48:4d:85:b0:36:03:1c:51:
ac:90:8a:ed:89:5b:48:72:a5:5b:3b:de:0a:0b:34:d9:89:8d:
3a:73:c7:23:73:35:9c:4b:61:3a:65:cb:65:97:06:f2:53:8b:
52:c0:b5:58:67:fb:56:37:b7:a4:97:1e:73:88:aa:f9:56:6a:
ef:55:39:a3:67:d3:6b:c5:1e:32:5b:bb:bf:bf:3f:10:40:52:
18:84:86:84:99:ae:af:dd:a9:36:f8:35:ad:9b:b2:d6:4e:22:
1b:a9:99:88:a0:8f:12:ae:dd:62:4d:b2:d7:78:c7:5f:0f:08:
1c:a2:50:ff:6f:ba:fa:ce:b8:65:04:8d:a8:4a:af:b5:5d:bb:
60:2c:bc:47:92:e0:14:f9:65:8a:66:4e:58:38:9a:28:90:1a:
e6:d9:98:85:98:e2:9b:11:d0:dc:7f:0c:65:8c:33:a0:68:1a:
2a:6d:5a:c6:55:9c:fb:ac:a5:9e:37:14:8d:9c:ff:19:f6:41:
ca:93:43:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZt/SvRomwq6ApBjSkJJCr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwNDI1MTcyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc0MDNjMGFiYmM0NzUwNjJhOTVjOThkOTM4ZTBlMjExYzkwMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtohYfxfEn7dvDA1PdwjyoiJBC8DJ
uiv6lwWC9uVzsC7jrxcEoArYB6lt8zUCQwNqqTwZctbZwoClQQFKLgb5iNCcudvZ
xuQSDzwwEZZUd17dUkDAN6gFDwgUa9Zwo7RLoFLPjH81dWTHk6WShzOuKhnVPop4
gi0Z6sOcJrchORSHfzBa9/quuqd0cznvoe8dVrwJfswKmNgGuud8Lw1Y5CNFx9U8
QJmdLjmhFPfO90WBQElnSlVdrgnv1wyblcb+RuO6ycRmH4gsQWAWsaiVcUDoqgf0
X6QPGpFKAMVDEL3j0+eW9wTEnKHBIRd4qX3QAINSeDrIx89GvF8PliOZAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFER0A8CrvEdQYqlcmNk44OIRyQFnMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvUkhRRHdLdThSMUJpcVZ5WTJUamc0aEhKQVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbIDAwQA
LhdgAwQALhdiAwQAbc3UAwQApNdhMA0GCSqGSIb3DQEBCwUAA4IBAQAdWgOUHSO2
xsJSa0x09SUPLFOLVV6JUynsyAn9jn4ivhxH9eJsbgD2CIWtq5KVKMet1aoumRs3
NpQpFKEudXtCSE2FsDYDHFGskIrtiVtIcqVbO94KCzTZiY06c8cjczWcS2E6Zctl
lwbyU4tSwLVYZ/tWN7eklx5ziKr5VmrvVTmjZ9NrxR4yW7u/vz8QQFIYhIaEma6v
3ak2+DWtm7LWTiIbqZmIoI8Srt1iTbLXeMdfDwgcolD/b7r6zrhlBI2oSq+1Xbtg
LLxHkuAU+WWKZk5YOJookBrm2ZiFmOKbEdDcfwxljDOgaBoqbVrGVZz7rKWeNxSN
nP8Z9kHKk0P/
-----END CERTIFICATE-----
Generated at Wed May 7 13:10:48 2025 by rpki-client