Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/_IKA2Fs9sk_HXgYRoE_hIh9ff0o.roa
File: _IKA2Fs9sk_HXgYRoE_hIh9ff0o.roa (raw, json)
Hash identifier: 7fFt0WExoH93JNOsEPipdfERGEC89/UjUDUL8wmgczo=
Subject key identifier: FC:82:80:D8:5B:3D:B2:4F:C7:5E:06:11:A0:4F:E1:22:1F:5F:7F:4A
Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Certificate serial: 01942827A83DDEF3EA8157C1DA57647B7B54
Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/_IKA2Fs9sk_HXgYRoE_hIh9ff0o.roa
Signing time: Thu 02 Jan 2025 17:54:35 +0000
ROA not before: Thu 02 Jan 2025 17:54:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198930
IP address blocks: 91.106.128.0/18 maxlen: 24
170.133.0.0/18 maxlen: 24
185.78.60.0/22 maxlen: 24
185.161.144.0/22 maxlen: 22
2a07:c540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 09:59:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:a8:3d:de:f3:ea:81:57:c1:da:57:64:7b:7b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Validity
Not Before: Jan 2 17:54:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc8280d85b3db24fc75e0611a04fe1221f5f7f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:24:51:77:23:91:8a:0d:ab:59:2a:45:1c:5d:
72:59:dd:3a:de:d9:07:1a:2a:d8:55:ea:9d:cb:08:
60:0d:c9:92:f9:74:d7:3a:d5:ca:16:fd:a4:a9:88:
9e:d9:cf:27:db:eb:c2:db:62:2d:fd:b5:6e:f2:25:
04:f0:13:ae:a4:de:3d:46:ee:91:fa:9c:49:95:67:
1e:77:75:a3:9d:fe:d0:6f:c9:c4:33:98:3c:be:97:
c4:09:af:d8:01:8a:93:74:6b:bf:26:a9:e3:37:c6:
46:15:1b:91:14:c2:fa:29:29:1d:fd:3d:94:a9:ea:
7d:96:b3:d9:1b:03:9a:25:39:d4:70:e9:eb:4a:e4:
7b:54:6c:a0:3c:ff:55:42:e6:9e:3b:5b:69:4d:73:
22:c5:fb:7a:79:d0:ce:01:98:a0:a2:94:10:20:0f:
22:90:18:5e:a7:bc:10:67:4d:06:5e:9d:07:16:9a:
da:b8:8f:49:fe:95:c2:56:ce:b1:fc:09:4c:92:ba:
16:ce:65:3c:62:8d:08:74:ca:2b:11:42:13:62:73:
80:df:6e:ed:d3:e3:de:44:c4:bd:89:ed:e7:48:41:
1c:32:4d:cd:10:68:0b:b7:17:05:42:d2:a1:11:43:
57:fc:0b:e2:15:0e:06:fe:84:34:f3:44:90:03:f1:
20:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:82:80:D8:5B:3D:B2:4F:C7:5E:06:11:A0:4F:E1:22:1F:5F:7F:4A
X509v3 Authority Key Identifier:
keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/_IKA2Fs9sk_HXgYRoE_hIh9ff0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.128.0/18
170.133.0.0/18
185.78.60.0/22
185.161.144.0/22
IPv6:
2a07:c540::/29
Signature Algorithm: sha256WithRSAEncryption
4a:0a:31:cd:7a:d5:99:6c:c2:9f:e7:96:e7:9f:cd:4d:34:82:
01:b3:55:12:f4:85:95:c7:3a:39:05:02:96:15:5f:e2:5a:8c:
38:10:89:66:21:7e:99:43:f1:94:70:b9:e3:1e:eb:49:46:4a:
05:ae:03:f1:06:65:5c:88:cd:85:a8:a5:e1:e4:94:bb:0a:2c:
f8:a2:43:61:6f:f9:57:6c:71:40:37:ca:9b:dc:cb:ad:4c:eb:
98:c3:06:87:76:41:ec:4c:9b:14:e7:78:ab:80:32:e0:09:d6:
49:2c:bf:03:9c:35:20:58:52:68:b4:7c:2c:55:e0:69:f6:2a:
08:ae:14:88:58:3a:0b:89:81:fa:71:51:53:82:bb:cb:87:16:
fd:4b:cf:6f:f4:67:e1:a8:23:cf:4c:e0:07:de:bc:de:91:87:
64:65:f7:cf:7e:12:7a:b8:9c:b9:b3:4e:b7:04:4a:54:33:42:
29:e7:5b:b6:4f:6b:6e:e8:9f:22:0b:3b:82:a4:d2:93:eb:6b:
e2:6f:17:80:c6:15:80:88:58:fb:e1:a7:9a:0f:1d:a8:33:8b:
ea:38:46:47:b7:94:07:d3:1f:a9:a7:62:95:6a:98:85:77:25:
5c:1d:2b:97:f7:00:df:e4:e4:8e:4f:a2:6c:b8:c1:a0:02:4c:
65:94:33:8f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQoJ6g93vPqgVfB2ldke3tUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl
NDFhMTAwHhcNMjUwMTAyMTc1NDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzgyODBkODViM2RiMjRmYzc1ZTA2MTFhMDRmZTEyMjFmNWY3ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iRRdyORig2rWSpFHF1yWd063tkH
GirYVeqdywhgDcmS+XTXOtXKFv2kqYie2c8n2+vC22It/bVu8iUE8BOupN49Ru6R
+pxJlWced3Wjnf7Qb8nEM5g8vpfECa/YAYqTdGu/JqnjN8ZGFRuRFML6KSkd/T2U
qep9lrPZGwOaJTnUcOnrSuR7VGygPP9VQuaeO1tpTXMixft6edDOAZigopQQIA8i
kBhep7wQZ00GXp0HFprauI9J/pXCVs6x/AlMkroWzmU8Yo0IdMorEUITYnOA327t
0+PeRMS9ie3nSEEcMk3NEGgLtxcFQtKhEUNX/AviFQ4G/oQ080SQA/EggQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPyCgNhbPbJPx14GEaBP4SIfX39KMB8GA1UdIwQY
MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut
YzRjNjM5ODNiNTBjLzEvX0lLQTJGczlza19IWGdZUm9FX2hJaDlmZjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2UtYzRjNjM5ODNiNTBj
LzEvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGW2qAAwQG
qoUAAwQCuU48AwQCuaGQMA0EAgACMAcDBQMqB8VAMA0GCSqGSIb3DQEBCwUAA4IB
AQBKCjHNetWZbMKf55bnn81NNIIBs1US9IWVxzo5BQKWFV/iWow4EIlmIX6ZQ/GU
cLnjHutJRkoFrgPxBmVciM2FqKXh5JS7Ciz4okNhb/lXbHFAN8qb3MutTOuYwwaH
dkHsTJsU53irgDLgCdZJLL8DnDUgWFJotHwsVeBp9ioIrhSIWDoLiYH6cVFTgrvL
hxb9S89v9GfhqCPPTOAH3rzekYdkZffPfhJ6uJy5s063BEpUM0Ip51u2T2tu6J8i
CzuCpNKT62vibxeAxhWAiFj74aeaDx2oM4vqOEZHt5QH0x+pp2KVapiFdyVcHSuX
9wDf5OSOT6JsuMGgAkxllDOP
-----END CERTIFICATE-----
Generated at Sun Apr 13 20:09:45 2025 by rpki-client