Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Hgg_cF9sIWxFhgBJKFyol6UxpKk.roa
File: Hgg_cF9sIWxFhgBJKFyol6UxpKk.roa (raw, json)
Hash identifier: a+zfKmPM0BTUCvn5uCNp03bnw8pElCcdMbHLMXl8xAo=
Subject key identifier: 1E:08:3F:70:5F:6C:21:6C:45:86:00:49:28:5C:A8:97:A5:31:A4:A9
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0190106332ED6FCA3B24F9190BC0AAF67B0A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Hgg_cF9sIWxFhgBJKFyol6UxpKk.roa
Signing time: Thu 13 Jun 2024 06:57:34 +0000
ROA not before: Thu 13 Jun 2024 06:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204741
IP address blocks: 85.209.72.0/22 maxlen: 22
85.209.72.0/24 maxlen: 24
85.209.73.0/24 maxlen: 24
85.209.74.0/24 maxlen: 24
85.209.75.0/24 maxlen: 24
217.76.253.0/24 maxlen: 24
217.76.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:63:32:ed:6f:ca:3b:24:f9:19:0b:c0:aa:f6:7b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 13 06:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e083f705f6c216c45860049285ca897a531a4a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:af:3d:67:22:9e:ec:7e:0c:c8:47:e3:a9:3b:
d1:57:55:7a:83:53:0c:c5:b4:ba:da:1e:6d:a7:40:
67:87:8c:58:dd:0f:23:83:6a:a9:02:35:16:7c:db:
02:b5:4d:7d:92:16:3e:89:af:33:f8:18:fd:d0:9f:
bd:ed:ee:19:fd:5b:97:dd:50:41:c2:5e:75:37:71:
1c:28:46:a9:37:83:25:31:42:1c:11:b8:1d:4c:db:
f9:db:c8:4a:b9:58:5b:b3:02:b0:bd:2b:d0:0a:5a:
54:65:bf:da:00:fb:49:89:e7:60:7d:01:5d:dd:87:
71:e1:2f:a0:c8:8b:ba:64:6d:c9:cd:40:b4:ce:1c:
fc:46:ea:41:f5:04:e4:0a:02:2d:7c:6a:0a:92:48:
d6:ff:27:a8:12:4a:11:79:c6:bb:3b:29:61:d2:ac:
cd:03:dd:80:6f:71:89:15:3a:f5:12:7f:f1:84:89:
30:6b:a6:78:db:8f:26:0a:1b:da:ca:25:17:74:95:
81:fa:33:d7:91:a4:e6:b5:9a:e9:ad:ae:9a:c1:dc:
a4:93:01:b5:88:cf:39:53:2d:cf:b4:fd:6a:04:53:
82:6c:62:16:ce:be:9e:22:a3:d6:4f:35:4a:cd:9e:
94:23:1f:75:ad:dd:95:ec:24:16:66:1a:e2:31:3f:
9e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:08:3F:70:5F:6C:21:6C:45:86:00:49:28:5C:A8:97:A5:31:A4:A9
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Hgg_cF9sIWxFhgBJKFyol6UxpKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.72.0/22
217.76.253.0-217.76.254.255
Signature Algorithm: sha256WithRSAEncryption
a6:0e:36:21:98:47:a9:36:9d:f8:6a:1e:31:28:b6:42:52:6d:
10:7a:aa:aa:e1:11:9e:2c:b3:88:43:e3:da:f9:01:66:e1:33:
45:8f:32:8f:bb:8c:79:45:5b:76:58:a4:6d:32:ca:68:5d:88:
54:e7:b7:9c:c2:be:8b:a8:86:74:60:ad:80:3d:b7:e2:db:2e:
2d:90:a7:20:5a:6c:7f:04:b9:d3:fd:5b:b3:e6:22:f3:5e:7e:
6f:7d:de:1b:8e:60:34:9b:f2:ae:0e:1f:c9:26:eb:26:df:85:
66:12:4e:70:07:31:0d:86:42:1f:67:68:be:da:d7:84:d5:7e:
86:2b:89:64:47:17:56:30:94:7c:6c:54:5e:9c:4a:94:a7:57:
bc:3a:ae:71:a7:32:dc:d4:66:0d:6c:a9:c3:e5:1c:69:06:6b:
5c:bd:47:2f:ca:6f:62:c6:dd:ec:49:d5:b4:d9:11:b2:82:eb:
ec:51:62:c7:fd:7a:9c:4a:aa:06:e8:07:95:41:0a:65:3a:05:
62:eb:6f:b6:eb:19:cd:6a:8c:19:e4:5f:87:7a:ed:06:f9:ba:
51:8e:ab:2e:d4:bb:8d:c7:2e:a2:eb:70:76:56:58:a7:24:d4:
61:18:c7:03:09:1a:ce:ae:cb:9d:8f:bd:f6:7a:74:36:44:dd:
eb:ae:1e:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZAQYzLtb8o7JPkZC8Cq9nsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNjEzMDY1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA4M2Y3MDVmNmMyMTZjNDU4NjAwNDkyODVjYTg5N2E1MzFhNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K89ZyKe7H4MyEfjqTvRV1V6g1MM
xbS62h5tp0Bnh4xY3Q8jg2qpAjUWfNsCtU19khY+ia8z+Bj90J+97e4Z/VuX3VBB
wl51N3EcKEapN4MlMUIcEbgdTNv528hKuVhbswKwvSvQClpUZb/aAPtJiedgfQFd
3Ydx4S+gyIu6ZG3JzUC0zhz8RupB9QTkCgItfGoKkkjW/yeoEkoReca7Oylh0qzN
A92Ab3GJFTr1En/xhIkwa6Z4248mChvayiUXdJWB+jPXkaTmtZrpra6awdykkwG1
iM85Uy3PtP1qBFOCbGIWzr6eIqPWTzVKzZ6UIx91rd2V7CQWZhriMT+e/QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB4IP3BfbCFsRYYASShcqJelMaSpMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvSGdnX2NGOXNJV3hGaGdCSktGeW9sNlV4cEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCVdFIMAwD
BADZTP0DBADZTP4wDQYJKoZIhvcNAQELBQADggEBAKYONiGYR6k2nfhqHjEotkJS
bRB6qqrhEZ4ss4hD49r5AWbhM0WPMo+7jHlFW3ZYpG0yymhdiFTnt5zCvouohnRg
rYA9t+LbLi2QpyBabH8EudP9W7PmIvNefm993huOYDSb8q4OH8km6ybfhWYSTnAH
MQ2GQh9naL7a14TVfoYriWRHF1YwlHxsVF6cSpSnV7w6rnGnMtzUZg1sqcPlHGkG
a1y9Ry/Kb2LG3exJ1bTZEbKC6+xRYsf9epxKqgboB5VBCmU6BWLrb7brGc1qjBnk
X4d67Qb5ulGOqy7Uu43HLqLrcHZWWKck1GEYxwMJGs6uy52PvfZ6dDZE3euuHqA=
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:09:06 2024 by rpki-client on console-fra.rpki-client.org