Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/HqtOcsV1qVUk60bmfkJEkeWpoG4.roa
File: HqtOcsV1qVUk60bmfkJEkeWpoG4.roa (raw, json)
Hash identifier: 1HTC/4emiT2eP7QwVE7gd7OlGvrX+fof7nDsX4Wd56o=
Subject key identifier: 1E:AB:4E:72:C5:75:A9:55:24:EB:46:E6:7E:42:44:91:E5:A9:A0:6E
Certificate issuer: /CN=b1241f129dbfc4a1651fecdba03108fcd2cc1df2
Certificate serial: 018CC79413257763E0AC4F99D2DBC95B2FA3
Authority key identifier: B1:24:1F:12:9D:BF:C4:A1:65:1F:EC:DB:A0:31:08:FC:D2:CC:1D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/HqtOcsV1qVUk60bmfkJEkeWpoG4.roa
Signing time: Tue 02 Jan 2024 00:30:19 +0000
ROA not before: Tue 02 Jan 2024 00:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42742
IP address blocks: 92.118.140.0/22 maxlen: 22
194.79.4.0/22 maxlen: 22
195.211.64.0/22 maxlen: 22
91.189.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:13:25:77:63:e0:ac:4f:99:d2:db:c9:5b:2f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1241f129dbfc4a1651fecdba03108fcd2cc1df2
Validity
Not Before: Jan 2 00:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eab4e72c575a95524eb46e67e424491e5a9a06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:55:71:1e:c0:94:0c:ba:68:62:2c:77:06:ab:
64:e8:d7:f7:72:8e:d8:de:6c:b4:54:69:c3:90:68:
b4:3b:2e:6b:cb:89:b6:8f:c2:66:0a:40:4b:19:22:
14:ef:47:e0:c6:e1:c0:a6:b3:db:f0:b1:d6:69:d4:
df:e7:ba:f4:16:bc:81:12:77:aa:cd:c5:f8:1f:9a:
00:96:f2:2e:82:76:c8:13:d2:1f:aa:8f:53:6c:99:
cc:fa:a6:c7:de:b2:2e:88:bf:1d:37:83:89:ba:5d:
66:7a:08:8f:26:1f:07:77:03:7a:78:d2:90:f6:05:
0c:74:88:96:87:9e:c1:c7:e1:fc:2a:77:80:0c:3f:
29:41:a9:09:d2:67:03:be:74:b0:9e:10:f7:3d:a6:
86:a9:69:37:1a:b1:93:97:7e:91:c9:c9:66:13:27:
86:0a:97:80:45:cd:d6:c7:71:16:7d:2e:c5:c6:af:
f1:83:5f:84:a6:5d:40:2a:06:10:82:34:f5:c4:0f:
71:6b:80:a3:3a:4b:ef:1c:f9:06:59:f1:4c:bc:5d:
9a:4e:dc:1c:b7:97:4c:13:0f:30:1e:85:4a:a8:06:
59:d7:2c:6e:ac:94:59:87:84:ea:4b:a6:0f:63:45:
c8:82:01:7c:ce:4a:74:78:a2:fd:23:84:01:b3:24:
a7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AB:4E:72:C5:75:A9:55:24:EB:46:E6:7E:42:44:91:E5:A9:A0:6E
X509v3 Authority Key Identifier:
keyid:B1:24:1F:12:9D:BF:C4:A1:65:1F:EC:DB:A0:31:08:FC:D2:CC:1D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSQfEp2_xKFlH-zboDEI_NLMHfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/HqtOcsV1qVUk60bmfkJEkeWpoG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/b1a75d-b791-40b4-bda7-e9ddbe3efbe3/1/sSQfEp2_xKFlH-zboDEI_NLMHfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.232.0/21
92.118.140.0/22
194.79.4.0/22
195.211.64.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:af:72:8b:51:aa:f8:cc:c5:1f:27:45:58:f8:02:f3:1f:26:
20:1c:ef:14:4b:ab:bc:e6:a8:b2:80:9b:b6:7e:ca:39:fc:a6:
c9:3a:ae:07:99:02:f5:9e:c0:ce:67:51:b4:50:37:ab:2d:17:
8f:dc:91:2e:90:af:e5:4c:0f:40:e1:98:ba:02:d5:11:c3:7f:
e4:63:35:3c:e1:b8:4a:46:ad:1f:c0:0f:ea:60:fa:5b:ef:86:
28:0d:4d:40:7a:5e:66:16:0d:75:7c:7c:ca:ab:dc:e3:df:92:
b2:0c:03:52:6d:d4:96:33:75:6c:4e:3f:19:cc:69:f3:48:4a:
96:49:73:b9:9d:40:d4:75:f8:18:9d:5d:65:e7:27:d5:39:91:
b5:dc:f2:2b:2f:9d:2e:3d:6f:ca:8c:f0:68:e8:5b:35:8d:f3:
72:63:62:46:5d:3a:18:21:65:7b:1c:75:1b:bf:73:22:04:34:
af:e5:dc:c7:c7:21:b2:da:55:1f:0e:b4:bf:c3:2d:96:06:2f:
b2:aa:ac:00:a4:72:51:f7:95:4a:a0:af:3e:ea:5d:be:56:06:
33:db:1f:2f:15:ea:bb:f1:5e:d6:7a:42:d1:7e:34:1a:88:be:
23:69:01:f5:c2:cf:09:bb:85:45:aa:50:ea:be:13:86:95:7c:
ad:2d:ed:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlBMld2PgrE+Z0tvJWy+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjQxZjEyOWRiZmM0YTE2NTFmZWNkYmEwMzEwOGZjZDJj
YzFkZjIwHhcNMjQwMTAyMDAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFiNGU3MmM1NzVhOTU1MjRlYjQ2ZTY3ZTQyNDQ5MWU1YTlhMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlVxHsCUDLpoYix3Bqtk6Nf3co7Y
3my0VGnDkGi0Oy5ry4m2j8JmCkBLGSIU70fgxuHAprPb8LHWadTf57r0FryBEneq
zcX4H5oAlvIugnbIE9Ifqo9TbJnM+qbH3rIuiL8dN4OJul1megiPJh8HdwN6eNKQ
9gUMdIiWh57Bx+H8KneADD8pQakJ0mcDvnSwnhD3PaaGqWk3GrGTl36RyclmEyeG
CpeARc3Wx3EWfS7Fxq/xg1+Epl1AKgYQgjT1xA9xa4CjOkvvHPkGWfFMvF2aTtwc
t5dMEw8wHoVKqAZZ1yxurJRZh4TqS6YPY0XIggF8zkp0eKL9I4QBsySn/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB6rTnLFdalVJOtG5n5CRJHlqaBuMB8GA1UdIwQY
MBaAFLEkHxKdv8ShZR/s26AxCPzSzB3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NRZkVwMl94S0ZsSC16Ym9ERUlfTkxNSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9iMWE3NWQtYjc5MS00MGI0LWJkYTct
ZTlkZGJlM2VmYmUzLzEvSHF0T2NzVjFxVlVrNjBibWZrSkVrZVdwb0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9iMWE3NWQtYjc5MS00MGI0LWJkYTctZTlkZGJlM2VmYmUz
LzEvc1NRZkVwMl94S0ZsSC16Ym9ERUlfTkxNSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDW73oAwQC
XHaMAwQCwk8EAwQCw9NAMA0GCSqGSIb3DQEBCwUAA4IBAQChr3KLUar4zMUfJ0VY
+ALzHyYgHO8US6u85qiygJu2fso5/KbJOq4HmQL1nsDOZ1G0UDerLReP3JEukK/l
TA9A4Zi6AtURw3/kYzU84bhKRq0fwA/qYPpb74YoDU1Ael5mFg11fHzKq9zj35Ky
DANSbdSWM3VsTj8ZzGnzSEqWSXO5nUDUdfgYnV1l5yfVOZG13PIrL50uPW/KjPBo
6Fs1jfNyY2JGXToYIWV7HHUbv3MiBDSv5dzHxyGy2lUfDrS/wy2WBi+yqqwApHJR
95VKoK8+6l2+VgYz2x8vFeq78V7WekLRfjQaiL4jaQH1ws8Ju4VFqlDqvhOGlXyt
Le0r
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:24:19 2024 by rpki-client on console-fra.rpki-client.org