Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/HphGBPWaqrSP-Kl5MthQgl2vYDY.roa
File: HphGBPWaqrSP-Kl5MthQgl2vYDY.roa (raw, json)
Hash identifier: HbPs7FzXqTuZLH1V+noPwRUTH9A9ga5sIcI1nS55gsM=
Subject key identifier: 1E:98:46:04:F5:9A:AA:B4:8F:F8:A9:79:32:D8:50:82:5D:AF:60:36
Certificate issuer: /CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0
Certificate serial: 019198F4DDDE9992F1360348D4E109BB204B
Authority key identifier: A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/HphGBPWaqrSP-Kl5MthQgl2vYDY.roa
Signing time: Wed 28 Aug 2024 12:27:49 +0000
ROA not before: Wed 28 Aug 2024 12:27:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9080
IP address blocks: 85.132.140.0/22 maxlen: 24
85.132.160.0/20 maxlen: 24
85.132.176.0/22 maxlen: 24
212.71.128.0/18 maxlen: 24
213.168.160.0/20 maxlen: 24
2001:ae8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:f4:dd:de:99:92:f1:36:03:48:d4:e1:09:bb:20:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9cad9a977bf8b6b40f0b8e998e5787c6ae641c0
Validity
Not Before: Aug 28 12:27:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e984604f59aaab48ff8a97932d850825daf6036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:cb:32:92:94:ee:bc:2f:65:18:80:30:9c:1d:
4d:cd:7d:6d:22:ea:c2:2a:ae:f9:4c:de:d4:39:80:
cd:14:bf:37:80:66:ed:11:02:06:42:31:c7:4f:d5:
64:c0:69:9f:92:87:08:b6:61:7b:e0:cc:38:44:9a:
6f:9a:15:fa:7b:af:e5:8c:f0:9e:4f:9c:e8:7f:cf:
24:b3:0f:4f:a4:db:d0:b3:79:ec:93:47:f1:ff:9f:
7d:74:22:3a:30:3f:2a:fd:41:be:8b:f6:d6:c7:25:
77:26:3d:94:ac:ed:3f:58:81:24:6d:b7:c5:65:45:
f2:2e:2a:cc:b7:6d:cf:95:f4:06:1f:59:b6:6b:97:
ae:55:25:8e:9a:88:7b:a5:6e:88:45:06:92:90:b2:
33:a0:dd:9a:26:cd:f9:f8:de:18:b2:08:3a:26:ae:
43:ce:23:4d:53:7c:e9:2a:57:45:cf:5c:92:14:f6:
30:6a:f2:63:d1:88:81:36:e4:4a:47:2d:78:37:6e:
b2:0b:cd:0a:57:53:bd:43:1f:46:92:51:ff:40:b2:
fe:96:2e:6b:d1:2d:a6:38:69:98:a5:31:b8:14:10:
61:e0:38:48:a6:d8:4f:61:24:78:b6:d9:3c:4a:1f:
ce:c3:da:81:82:80:66:50:99:7d:a2:18:df:e9:db:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:98:46:04:F5:9A:AA:B4:8F:F8:A9:79:32:D8:50:82:5D:AF:60:36
X509v3 Authority Key Identifier:
keyid:A9:CA:D9:A9:77:BF:8B:6B:40:F0:B8:E9:98:E5:78:7C:6A:E6:41:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcrZqXe_i2tA8LjpmOV4fGrmQcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/HphGBPWaqrSP-Kl5MthQgl2vYDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f2003-9210-44bb-8a27-db3ec75fa20c/1/qcrZqXe_i2tA8LjpmOV4fGrmQcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.140.0/22
85.132.160.0-85.132.179.255
212.71.128.0/18
213.168.160.0/20
IPv6:
2001:ae8::/32
Signature Algorithm: sha256WithRSAEncryption
93:8c:dd:64:1e:31:2c:90:1d:81:15:0b:82:f0:ad:7b:af:5c:
8f:94:b2:c7:ce:f9:60:43:6a:c7:6c:e8:6f:24:73:70:38:31:
08:71:75:af:ef:25:bd:d7:5f:65:47:18:2e:8f:37:40:db:ef:
af:d6:5e:16:aa:5d:cb:03:81:5f:18:ad:18:1b:9d:87:d4:ca:
5e:05:bf:f1:06:cc:e7:01:fa:9a:95:59:aa:ac:34:6f:dd:fe:
00:15:00:62:1c:34:53:6a:73:33:ff:4e:32:56:01:e1:54:10:
9f:5b:a1:c3:a2:d6:57:46:3d:27:9a:26:b5:d5:55:99:c8:f8:
f0:eb:d1:71:2f:c1:a5:1a:60:59:57:02:6d:44:0d:e7:37:7b:
40:6f:f5:5c:f3:16:0f:6a:e0:63:52:1c:01:c7:6a:ae:91:25:
d3:ed:70:82:d7:86:cb:d3:27:c1:8e:74:cc:ec:4a:6a:d7:a2:
e2:a4:37:bb:85:c5:7c:5e:8e:dd:99:c5:b4:27:5c:5a:9b:5f:
80:1b:a9:75:66:42:ff:33:82:bc:51:a5:f3:8c:ff:7e:6d:96:
54:8f:95:72:f5:83:e6:34:cf:39:51:b5:dd:36:82:a5:c3:d9:
5c:58:ef:97:e6:78:9e:d7:c6:f7:a7:17:44:61:b2:27:0f:13:
a1:df:55:0a
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZGY9N3emZLxNgNI1OEJuyBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5Y2FkOWE5NzdiZjhiNmI0MGYwYjhlOTk4ZTU3ODdjNmFl
NjQxYzAwHhcNMjQwODI4MTIyNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTk4NDYwNGY1OWFhYWI0OGZmOGE5NzkzMmQ4NTA4MjVkYWY2MDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ssykpTuvC9lGIAwnB1NzX1tIurC
Kq75TN7UOYDNFL83gGbtEQIGQjHHT9VkwGmfkocItmF74Mw4RJpvmhX6e6/ljPCe
T5zof88ksw9PpNvQs3nsk0fx/599dCI6MD8q/UG+i/bWxyV3Jj2UrO0/WIEkbbfF
ZUXyLirMt23PlfQGH1m2a5euVSWOmoh7pW6IRQaSkLIzoN2aJs35+N4Ysgg6Jq5D
ziNNU3zpKldFz1ySFPYwavJj0YiBNuRKRy14N26yC80KV1O9Qx9GklH/QLL+li5r
0S2mOGmYpTG4FBBh4DhIpthPYSR4ttk8Sh/Ow9qBgoBmUJl9ohjf6dsxwwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFB6YRgT1mqq0j/ipeTLYUIJdr2A2MB8GA1UdIwQY
MBaAFKnK2al3v4trQPC46ZjleHxq5kHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjct
ZGIzZWM3NWZhMjBjLzEvSHBoR0JQV2FxclNQLUtsNU10aFFnbDJ2WURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zZjIwMDMtOTIxMC00NGJiLThhMjctZGIzZWM3NWZhMjBj
LzEvcWNyWnFYZV9pMnRBOExqcG1PVjRmR3JtUWNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCVYSMMAwD
BAVVhKADBAJVhLADBAbUR4ADBATVqKAwDQQCAAIwBwMFACABCugwDQYJKoZIhvcN
AQELBQADggEBAJOM3WQeMSyQHYEVC4LwrXuvXI+UssfO+WBDasds6G8kc3A4MQhx
da/vJb3XX2VHGC6PN0Db76/WXhaqXcsDgV8YrRgbnYfUyl4Fv/EGzOcB+pqVWaqs
NG/d/gAVAGIcNFNqczP/TjJWAeFUEJ9bocOi1ldGPSeaJrXVVZnI+PDr0XEvwaUa
YFlXAm1EDec3e0Bv9VzzFg9q4GNSHAHHaq6RJdPtcILXhsvTJ8GOdMzsSmrXouKk
N7uFxXxejt2ZxbQnXFqbX4AbqXVmQv8zgrxRpfOM/35tllSPlXL1g+Y0zzlRtd02
gqXD2VxY75fmeJ7XxvenF0RhsicPE6HfVQo=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:05:24 2024 by rpki-client on console-fra.rpki-client.org