Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/HQQP_1ErG5AIZGTStMV1ZFqgp7Q.roa
File: HQQP_1ErG5AIZGTStMV1ZFqgp7Q.roa (raw, json)
Hash identifier: kVvnq0GX1EDS2wbnRyzlWBrq2N+KaA/kMzSphYBhOvA=
Subject key identifier: 1D:04:0F:FF:51:2B:1B:90:08:64:64:D2:B4:C5:75:64:5A:A0:A7:B4
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019537DF1C20F7757BE9DF69EB664B6B249D
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/HQQP_1ErG5AIZGTStMV1ZFqgp7Q.roa
Signing time: Mon 24 Feb 2025 12:12:03 +0000
ROA not before: Mon 24 Feb 2025 12:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 87.229.22.0/24 maxlen: 24
87.229.79.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.110.0/24 maxlen: 24
87.229.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:df:1c:20:f7:75:7b:e9:df:69:eb:66:4b:6b:24:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 24 12:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d040fff512b1b90086464d2b4c575645aa0a7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ec:4e:0a:d1:1d:dc:85:52:53:df:0b:df:cb:
03:04:01:ae:4c:85:3b:77:0f:08:b5:08:39:88:d3:
ca:81:45:e0:52:b7:49:00:1c:c1:26:ae:36:17:b1:
8c:4f:2a:10:ae:af:d8:39:e2:94:15:e9:a9:54:25:
5e:f3:9c:33:b2:50:50:20:d2:94:3a:3f:02:ca:2a:
1a:31:8a:d4:b9:f0:ad:1a:97:17:38:70:3a:27:b4:
3c:fc:dc:ec:4e:2b:d6:cc:25:31:1a:c6:c3:6b:92:
c0:c7:46:74:14:a5:c1:63:44:bd:7c:d3:07:0b:0f:
23:22:2e:b3:11:41:5a:c7:c0:ad:23:d7:22:ed:54:
c3:db:1d:9a:fb:ff:19:f3:12:85:36:54:21:3d:71:
da:dc:ee:da:5d:06:08:20:e8:c3:2f:fd:6f:82:2c:
2f:92:11:f8:e4:c3:22:2a:87:10:33:b8:44:b9:65:
5b:6a:22:2f:9e:bd:a8:0e:90:c2:69:90:29:97:be:
b1:bb:d7:3e:99:c2:aa:e6:eb:6f:00:6a:d8:19:b8:
40:1d:35:e7:6a:e0:2d:eb:0c:9c:d1:04:98:67:34:
b4:f8:70:45:37:39:44:8c:16:5e:2b:f0:1b:2e:5d:
47:7a:4a:13:b6:1b:49:ad:02:6c:e8:d6:5b:7c:a6:
46:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:04:0F:FF:51:2B:1B:90:08:64:64:D2:B4:C5:75:64:5A:A0:A7:B4
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/HQQP_1ErG5AIZGTStMV1ZFqgp7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.22.0/24
87.229.79.0-87.229.81.255
87.229.110.0/24
87.229.124.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:43:92:9f:fa:80:da:4f:54:fb:08:b9:a0:8b:05:1b:31:e8:
78:d5:2b:84:f0:53:e0:c2:dc:eb:0a:f2:12:2d:20:1d:a4:78:
cf:fa:5a:04:f8:a7:4f:53:55:df:81:7e:a4:02:db:41:1c:03:
80:11:fc:b5:f6:f7:b7:91:5d:e3:69:5b:75:d8:63:b0:d4:ce:
9b:75:27:f4:dc:02:5d:d7:9e:1d:52:d0:f6:11:2a:fe:6a:ae:
72:55:a0:c5:c1:2a:9f:ef:7a:0f:82:8f:2c:af:b4:79:c7:0c:
26:f1:fd:98:6c:38:22:e4:47:9b:9c:e9:7a:29:5e:07:fa:d1:
e2:43:36:91:21:e4:29:39:d0:cd:bf:a1:6c:f1:e8:42:75:17:
26:fc:06:8e:0a:fd:81:c9:9b:33:13:01:b8:9a:ab:86:64:62:
22:82:94:c1:19:3c:82:00:b6:40:f1:dd:d7:83:3c:42:5f:d8:
4b:0a:9b:73:9f:f5:68:d0:90:d3:d1:08:8e:a8:00:13:bc:e5:
c5:fb:4e:33:aa:9c:7c:cf:8a:ff:45:73:0f:d7:1b:5f:1a:26:
69:e0:ad:e2:a8:45:40:ac:0c:4a:f7:77:fc:ad:8a:f2:44:d3:
da:86:40:4e:0f:73:38:37:d7:6d:58:91:cb:47:7c:47:52:58:
c8:52:be:a3
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZU33xwg93V76d9p62ZLaySdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMjI0MTIxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDA0MGZmZjUxMmIxYjkwMDg2NDY0ZDJiNGM1NzU2NDVhYTBhN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uxOCtEd3IVSU98L38sDBAGuTIU7
dw8ItQg5iNPKgUXgUrdJABzBJq42F7GMTyoQrq/YOeKUFempVCVe85wzslBQINKU
Oj8CyioaMYrUufCtGpcXOHA6J7Q8/NzsTivWzCUxGsbDa5LAx0Z0FKXBY0S9fNMH
Cw8jIi6zEUFax8CtI9ci7VTD2x2a+/8Z8xKFNlQhPXHa3O7aXQYIIOjDL/1vgiwv
khH45MMiKocQM7hEuWVbaiIvnr2oDpDCaZApl76xu9c+mcKq5utvAGrYGbhAHTXn
auAt6wyc0QSYZzS0+HBFNzlEjBZeK/AbLl1HekoTthtJrQJs6NZbfKZG3QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFB0ED/9RKxuQCGRk0rTFdWRaoKe0MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvSFFRUF8xRXJHNUFJWkdUU3RNVjFaRnFncDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAV+UWMAwD
BABX5U8DBAFX5VADBABX5W4DBABX5XwwDQYJKoZIhvcNAQELBQADggEBAAxDkp/6
gNpPVPsIuaCLBRsx6HjVK4TwU+DC3OsK8hItIB2keM/6WgT4p09TVd+BfqQC20Ec
A4AR/LX297eRXeNpW3XYY7DUzpt1J/TcAl3Xnh1S0PYRKv5qrnJVoMXBKp/veg+C
jyyvtHnHDCbx/ZhsOCLkR5uc6XopXgf60eJDNpEh5Ck50M2/oWzx6EJ1Fyb8Bo4K
/YHJmzMTAbiaq4ZkYiKClMEZPIIAtkDx3deDPEJf2EsKm3Of9WjQkNPRCI6oABO8
5cX7TjOqnHzPiv9Fcw/XG18aJmngreKoRUCsDEr3d/ytivJE09qGQE4Pczg3121Y
kctHfEdSWMhSvqM=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:28:44 2025 by rpki-client