Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2560f-1c4c-4ca3-a63b-304fa18898bf/1/hTsQTsiR93SXZ2hUSDCWOa3UYQ0.roa
File: hTsQTsiR93SXZ2hUSDCWOa3UYQ0.roa (raw, json)
Hash identifier: l+663EQMwCNrvJ0MxDE467RmYSV5NxKAWIPr5hTU8rA=
Subject key identifier: 85:3B:10:4E:C8:91:F7:74:97:67:68:54:48:30:96:39:AD:D4:61:0D
Certificate issuer: /CN=c07804766b2353985b9718088b5c679e0c3ea67f
Certificate serial: 018CCA2AB9BCA89F72D96F7B2F357C77CFAB
Authority key identifier: C0:78:04:76:6B:23:53:98:5B:97:18:08:8B:5C:67:9E:0C:3E:A6:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHgEdmsjU5hblxgIi1xnngw-pn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c2560f-1c4c-4ca3-a63b-304fa18898bf/1/hTsQTsiR93SXZ2hUSDCWOa3UYQ0.roa
Signing time: Tue 02 Jan 2024 12:34:06 +0000
ROA not before: Tue 02 Jan 2024 12:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58059
IP address blocks: 185.12.109.0/24 maxlen: 24
185.12.110.0/24 maxlen: 24
185.12.108.0/24 maxlen: 24
185.12.111.0/24 maxlen: 24
185.154.130.0/24 maxlen: 24
185.154.128.0/24 maxlen: 24
185.154.131.0/24 maxlen: 24
185.154.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/c2560f-1c4c-4ca3-a63b-304fa18898bf/1/wHgEdmsjU5hblxgIi1xnngw-pn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/c2560f-1c4c-4ca3-a63b-304fa18898bf/1/wHgEdmsjU5hblxgIi1xnngw-pn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wHgEdmsjU5hblxgIi1xnngw-pn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:b9:bc:a8:9f:72:d9:6f:7b:2f:35:7c:77:cf:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c07804766b2353985b9718088b5c679e0c3ea67f
Validity
Not Before: Jan 2 12:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=853b104ec891f7749767685448309639add4610d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9a:17:25:5d:72:44:7e:c6:1c:bb:7e:6a:16:
86:7a:f9:91:fa:80:72:63:b6:45:87:fb:a6:9f:d6:
08:7e:96:3a:7b:69:f6:48:d6:cc:38:5d:82:56:2f:
72:a1:6d:f9:61:d1:d0:87:50:90:ec:1b:8b:36:a5:
b1:49:f5:c8:8f:0a:3e:f4:a4:1b:f1:fa:50:eb:f5:
94:31:a8:a3:07:74:3f:90:93:59:04:19:2f:55:22:
c5:6f:3a:b0:e8:dc:3a:a2:5e:11:de:d6:51:de:12:
38:27:81:ce:99:99:0f:d2:c1:ed:de:85:9e:96:9d:
a7:9e:3c:70:d2:2d:39:7e:ec:14:20:11:aa:91:05:
e6:07:ae:ca:48:a8:30:9e:83:eb:09:2b:e5:23:fa:
85:ff:f6:6f:52:31:8a:cc:41:25:ef:41:a6:79:a2:
54:69:be:4f:c3:23:8a:fd:c6:27:27:cd:05:4f:66:
b6:44:81:9d:96:cc:66:b5:fb:e2:a3:c3:01:51:d5:
fd:ce:f0:c7:c6:7c:b2:57:88:15:a6:b2:e7:62:9b:
13:47:83:2b:b6:8f:85:16:15:3f:7b:01:b9:98:53:
1b:2d:4e:af:2f:46:d3:7b:5e:e8:5a:b8:65:34:7b:
c6:54:48:6f:32:86:d0:c6:2e:be:8e:dc:6e:e9:0a:
8b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3B:10:4E:C8:91:F7:74:97:67:68:54:48:30:96:39:AD:D4:61:0D
X509v3 Authority Key Identifier:
keyid:C0:78:04:76:6B:23:53:98:5B:97:18:08:8B:5C:67:9E:0C:3E:A6:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHgEdmsjU5hblxgIi1xnngw-pn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2560f-1c4c-4ca3-a63b-304fa18898bf/1/hTsQTsiR93SXZ2hUSDCWOa3UYQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2560f-1c4c-4ca3-a63b-304fa18898bf/1/wHgEdmsjU5hblxgIi1xnngw-pn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.108.0/22
185.154.128.0/22
Signature Algorithm: sha256WithRSAEncryption
38:58:bc:49:8e:77:ef:db:1f:76:2e:1e:d9:c2:89:ba:a3:83:
bf:60:14:80:a0:44:b3:2a:8e:72:34:21:fa:0c:7f:24:2d:50:
d7:fa:99:a0:72:23:25:bb:75:6b:00:40:86:e8:58:3d:2d:9b:
f2:c2:11:2f:5a:5f:32:ae:3e:97:a1:20:85:60:57:28:06:92:
cd:07:32:bc:28:1e:c1:cc:54:6e:42:8a:d6:33:1c:de:c6:10:
cb:56:21:68:cb:6e:b5:d6:33:62:3a:44:55:e4:d9:0f:93:ed:
54:ba:db:e7:f4:65:02:d9:5c:96:2e:94:53:cf:08:84:5b:21:
c0:ce:ca:a1:c4:bd:46:c3:1b:61:53:e5:c8:ff:1c:18:99:17:
2b:5a:55:e9:9e:e9:fe:4c:f0:0b:af:3c:83:a4:bb:16:bf:60:
e4:8d:61:5b:82:87:0a:88:3c:08:b4:29:a1:50:4e:45:09:7e:
11:91:d8:cd:28:84:21:4f:8b:a1:55:f2:b1:77:55:40:72:49:
49:e3:8b:db:d7:a7:c6:2c:fa:dc:39:c9:e7:3b:34:3b:bb:88:
0f:52:cb:e5:d6:e6:e1:ac:a3:82:83:c3:6c:81:5f:c3:1c:6b:
95:4d:99:94:7e:d1:6c:c2:2d:5b:69:13:72:25:e4:2e:7e:2e:
1e:5c:a7:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKrm8qJ9y2W97LzV8d8+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzgwNDc2NmIyMzUzOTg1Yjk3MTgwODhiNWM2NzllMGMz
ZWE2N2YwHhcNMjQwMTAyMTIzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNiMTA0ZWM4OTFmNzc0OTc2NzY4NTQ0ODMwOTYzOWFkZDQ2MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZoXJV1yRH7GHLt+ahaGevmR+oBy
Y7ZFh/umn9YIfpY6e2n2SNbMOF2CVi9yoW35YdHQh1CQ7BuLNqWxSfXIjwo+9KQb
8fpQ6/WUMaijB3Q/kJNZBBkvVSLFbzqw6Nw6ol4R3tZR3hI4J4HOmZkP0sHt3oWe
lp2nnjxw0i05fuwUIBGqkQXmB67KSKgwnoPrCSvlI/qF//ZvUjGKzEEl70GmeaJU
ab5PwyOK/cYnJ80FT2a2RIGdlsxmtfvio8MBUdX9zvDHxnyyV4gVprLnYpsTR4Mr
to+FFhU/ewG5mFMbLU6vL0bTe17oWrhlNHvGVEhvMobQxi6+jtxu6QqLgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIU7EE7Ikfd0l2doVEgwljmt1GENMB8GA1UdIwQY
MBaAFMB4BHZrI1OYW5cYCItcZ54MPqZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hnRWRtc2pVNWhibHhnSWkxeG5uZ3ctcG44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMjU2MGYtMWM0Yy00Y2EzLWE2M2It
MzA0ZmExODg5OGJmLzEvaFRzUVRzaVI5M1NYWjJoVVNEQ1dPYTNVWVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMjU2MGYtMWM0Yy00Y2EzLWE2M2ItMzA0ZmExODg5OGJm
LzEvd0hnRWRtc2pVNWhibHhnSWkxeG5uZ3ctcG44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQxsAwQC
uZqAMA0GCSqGSIb3DQEBCwUAA4IBAQA4WLxJjnfv2x92Lh7Zwom6o4O/YBSAoESz
Ko5yNCH6DH8kLVDX+pmgciMlu3VrAECG6Fg9LZvywhEvWl8yrj6XoSCFYFcoBpLN
BzK8KB7BzFRuQorWMxzexhDLViFoy2611jNiOkRV5NkPk+1Uutvn9GUC2VyWLpRT
zwiEWyHAzsqhxL1GwxthU+XI/xwYmRcrWlXpnun+TPALrzyDpLsWv2DkjWFbgocK
iDwItCmhUE5FCX4RkdjNKIQhT4uhVfKxd1VAcklJ44vb16fGLPrcOcnnOzQ7u4gP
Usvl1ubhrKOCg8NsgV/DHGuVTZmUftFswi1baRNyJeQufi4eXKfK
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:30:23 2024 by rpki-client on console-fra.rpki-client.org