Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/HqFhg1sEiN9LS26OfJHpBiW2NWc.roa
File: HqFhg1sEiN9LS26OfJHpBiW2NWc.roa (raw, json)
Hash identifier: 3kRZssYnhcEhih9PVP4lIDbN04tEZVXvLBfvP092D38=
Subject key identifier: 1E:A1:61:83:5B:04:88:DF:4B:4B:6E:8E:7C:91:E9:06:25:B6:35:67
Certificate issuer: /CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Certificate serial: 018F531A80A48203620635ABE2E2D436A292
Authority key identifier: 8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/HqFhg1sEiN9LS26OfJHpBiW2NWc.roa
Signing time: Tue 07 May 2024 12:49:56 +0000
ROA not before: Tue 07 May 2024 12:49:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51733
IP address blocks: 91.209.254.0/24 maxlen: 24
91.221.58.0/23 maxlen: 23
91.221.58.0/24 maxlen: 24
91.221.59.0/24 maxlen: 24
185.156.84.0/22 maxlen: 22
185.156.84.0/23 maxlen: 23
185.156.84.0/24 maxlen: 24
185.156.85.0/24 maxlen: 24
185.156.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 09:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:1a:80:a4:82:03:62:06:35:ab:e2:e2:d4:36:a2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dff1b0ce9f486a67e63d3f0d0e688a24f700c7c
Validity
Not Before: May 7 12:49:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea161835b0488df4b4b6e8e7c91e90625b63567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f3:b6:bc:bb:1d:88:56:9a:4b:c5:43:ec:41:
9a:a3:37:f3:cc:8e:bd:04:38:d9:e0:1d:d5:71:b6:
a5:b3:f0:07:8f:ac:df:c8:cb:03:87:3d:7d:74:c8:
43:5f:c2:1a:c8:75:36:bf:ba:3d:a3:1d:d9:4a:5b:
93:c3:c0:31:33:80:fa:c6:a1:0a:71:db:cd:e1:fd:
4f:54:28:d8:10:0d:ea:02:30:5b:d5:36:88:3f:eb:
e4:3a:ea:3c:4c:19:fe:ab:ec:d5:b9:5d:15:ef:0f:
d0:75:d4:90:01:5d:00:89:37:ff:8e:cb:1d:35:20:
c9:e3:9b:25:aa:6a:4c:ba:dd:b3:8b:da:36:7a:f0:
c8:83:aa:6e:c0:7e:17:c3:2c:32:b9:c7:79:6f:28:
a5:d9:14:00:23:37:83:c3:03:d7:7c:44:cf:be:f8:
6c:bd:80:0b:76:bc:5b:e0:f3:5a:87:6d:9a:f5:23:
db:0f:54:5f:ad:87:39:df:ac:57:60:c6:8c:0b:b9:
8b:4c:12:3d:c5:90:7f:6e:d0:65:b5:a0:fc:f5:0b:
1e:4a:ec:de:9c:50:e9:6e:a6:f7:ac:bf:5b:e2:16:
70:9f:7d:fc:df:9f:76:31:f6:e5:e7:5f:fc:5e:2b:
73:af:f5:91:04:16:38:db:16:16:91:57:21:a3:84:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A1:61:83:5B:04:88:DF:4B:4B:6E:8E:7C:91:E9:06:25:B6:35:67
X509v3 Authority Key Identifier:
keyid:8D:FF:1B:0C:E9:F4:86:A6:7E:63:D3:F0:D0:E6:88:A2:4F:70:0C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/HqFhg1sEiN9LS26OfJHpBiW2NWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/4af64a-57f8-4643-87ba-d87b7026a3ff/1/jf8bDOn0hqZ-Y9Pw0OaIok9wDHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.254.0/24
91.221.58.0/23
185.156.84.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:40:80:a6:ef:36:f0:fc:d2:6c:8e:02:e5:b0:58:3f:4d:0b:
33:69:0d:be:5c:af:b7:64:cc:87:32:e0:17:e0:87:e3:24:fb:
d0:3e:d8:01:01:41:6f:7a:a4:7d:1f:36:f8:ce:03:91:8c:4e:
bb:e4:0d:89:cd:1e:96:df:e2:ed:51:e5:0f:0b:54:d3:6e:1d:
4f:d0:b8:c5:f2:35:1e:2f:d5:5a:13:25:e6:2d:ec:3e:73:7a:
e4:ca:d5:0f:cf:aa:a3:b0:b6:e0:1c:d3:d1:0c:ef:cc:25:51:
16:a5:bf:d9:78:12:35:74:91:dc:0c:aa:ca:77:f6:a5:af:8a:
81:b0:29:32:fd:de:38:28:6e:74:44:79:36:f3:d8:2b:57:5d:
87:d3:ad:75:9d:7d:a0:5c:50:5d:5a:30:bd:65:a3:9d:d0:87:
cc:6c:95:09:a4:1c:4d:fa:ed:3f:da:56:06:e8:bd:c9:bc:94:
44:ce:61:98:a3:30:a0:6a:85:5b:c4:05:c8:7c:a8:c3:78:36:
2d:54:1a:2f:c8:56:82:d9:6a:73:ed:63:9a:61:98:a1:04:bb:
24:56:86:af:c3:38:77:ff:6f:93:e6:ff:5f:cb:7b:da:15:02:
98:bc:8e:c2:5c:59:0a:e2:40:40:d3:ab:7c:8c:b2:da:73:9c:
a9:da:92:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9TGoCkggNiBjWr4uLUNqKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZmYxYjBjZTlmNDg2YTY3ZTYzZDNmMGQwZTY4OGEyNGY3
MDBjN2MwHhcNMjQwNTA3MTI0OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWExNjE4MzViMDQ4OGRmNGI0YjZlOGU3YzkxZTkwNjI1YjYzNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vO2vLsdiFaaS8VD7EGaozfzzI69
BDjZ4B3Vcbals/AHj6zfyMsDhz19dMhDX8IayHU2v7o9ox3ZSluTw8AxM4D6xqEK
cdvN4f1PVCjYEA3qAjBb1TaIP+vkOuo8TBn+q+zVuV0V7w/QddSQAV0AiTf/jssd
NSDJ45slqmpMut2zi9o2evDIg6puwH4Xwywyucd5byil2RQAIzeDwwPXfETPvvhs
vYALdrxb4PNah22a9SPbD1RfrYc536xXYMaMC7mLTBI9xZB/btBltaD89QseSuze
nFDpbqb3rL9b4hZwn3383592Mfbl51/8Xitzr/WRBBY42xYWkVcho4SQQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB6hYYNbBIjfS0tujnyR6QYltjVnMB8GA1UdIwQY
MBaAFI3/Gwzp9IamfmPT8NDmiKJPcAx8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEt
ZDg3YjcwMjZhM2ZmLzEvSHFGaGcxc0VpTjlMUzI2T2ZKSHBCaVcyTldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi80YWY2NGEtNTdmOC00NjQzLTg3YmEtZDg3YjcwMjZhM2Zm
LzEvamY4YkRPbjBocVotWTlQdzBPYUlvazl3REh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9H+AwQB
W906AwQCuZxUMA0GCSqGSIb3DQEBCwUAA4IBAQB9QICm7zbw/NJsjgLlsFg/TQsz
aQ2+XK+3ZMyHMuAX4IfjJPvQPtgBAUFveqR9Hzb4zgORjE675A2JzR6W3+LtUeUP
C1TTbh1P0LjF8jUeL9VaEyXmLew+c3rkytUPz6qjsLbgHNPRDO/MJVEWpb/ZeBI1
dJHcDKrKd/alr4qBsCky/d44KG50RHk289grV12H0611nX2gXFBdWjC9ZaOd0IfM
bJUJpBxN+u0/2lYG6L3JvJREzmGYozCgaoVbxAXIfKjDeDYtVBovyFaC2Wpz7WOa
YZihBLskVoavwzh3/2+T5v9fy3vaFQKYvI7CXFkK4kBA06t8jLLac5yp2pKf
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:01:28 2024 by rpki-client on console-ams.rpki-client.org