Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/HE-VYGoJuOFKttfq98QKXlaKvZI.roa
File: HE-VYGoJuOFKttfq98QKXlaKvZI.roa (raw, json)
Hash identifier: DiI2zoxpYs11kZllqIyKpF1hhzO1I/XD/xCiyfgLOS8=
Subject key identifier: 1C:4F:95:60:6A:09:B8:E1:4A:B6:D7:EA:F7:C4:0A:5E:56:8A:BD:92
Certificate issuer: /CN=7c835498f35199a1571964d855c3877751681ab9
Certificate serial: 018CCA2BA7B41A7C37274A67A37DC032A708
Authority key identifier: 7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/HE-VYGoJuOFKttfq98QKXlaKvZI.roa
Signing time: Tue 02 Jan 2024 12:35:07 +0000
ROA not before: Tue 02 Jan 2024 12:35:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61207
IP address blocks: 185.15.120.0/22 maxlen: 22
87.237.208.0/21 maxlen: 21
195.35.82.0/23 maxlen: 23
89.221.240.0/23 maxlen: 23
89.221.243.0/24 maxlen: 24
89.221.247.0/24 maxlen: 24
89.221.248.0/21 maxlen: 21
185.215.196.0/22 maxlen: 22
185.215.196.0/24 maxlen: 24
2a02:fc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a7:b4:1a:7c:37:27:4a:67:a3:7d:c0:32:a7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c835498f35199a1571964d855c3877751681ab9
Validity
Not Before: Jan 2 12:35:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c4f95606a09b8e14ab6d7eaf7c40a5e568abd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:92:21:8e:4b:61:61:92:dc:74:61:57:e4:88:
62:57:cc:2b:8f:3a:46:19:95:c0:9f:85:05:9d:e3:
3b:3b:f4:35:01:f8:04:ad:5e:27:0b:3c:d4:34:99:
3b:4f:a3:b8:e6:51:16:25:95:d6:21:6f:6c:ad:87:
8b:e4:25:a0:49:c9:21:fe:a2:e4:cb:36:12:8b:d2:
1a:1a:52:cd:e4:52:b9:1f:ea:45:95:f6:06:9c:d2:
e7:b4:78:60:88:65:1e:a8:7f:67:49:a3:f6:d5:95:
2d:db:f9:24:f8:7a:99:c1:39:44:62:1b:1f:b7:ac:
d5:4c:25:eb:56:6c:d5:e7:d0:98:5a:f0:e1:a0:fb:
70:e4:2e:15:52:81:5c:1b:05:d6:d8:22:67:3b:fb:
cc:4c:09:57:61:ed:1c:66:e4:35:7b:98:77:6b:69:
0b:bb:3f:73:e7:89:b7:df:d9:07:e0:54:30:bd:59:
5f:8a:f5:34:34:0e:38:b4:a3:bd:f8:fd:e9:79:a3:
52:7a:50:28:34:4b:7e:f2:84:40:88:41:71:bf:1e:
08:f4:e4:64:ed:14:5a:ce:18:5c:fe:e8:25:30:93:
8f:21:e8:84:01:88:c5:53:66:0e:7c:75:6a:57:10:
49:dd:93:69:a7:19:86:e6:49:bb:78:e8:f2:97:52:
27:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4F:95:60:6A:09:B8:E1:4A:B6:D7:EA:F7:C4:0A:5E:56:8A:BD:92
X509v3 Authority Key Identifier:
keyid:7C:83:54:98:F3:51:99:A1:57:19:64:D8:55:C3:87:77:51:68:1A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fINUmPNRmaFXGWTYVcOHd1FoGrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/HE-VYGoJuOFKttfq98QKXlaKvZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9f8ae2-0fb5-4c04-ad93-4ce477dbb407/1/fINUmPNRmaFXGWTYVcOHd1FoGrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.208.0/21
89.221.240.0/23
89.221.243.0/24
89.221.247.0-89.221.255.255
185.15.120.0/22
185.215.196.0/22
195.35.82.0/23
IPv6:
2a02:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
60:47:57:b7:39:da:8d:61:d9:78:91:3b:9c:40:4d:e9:cc:c7:
4d:de:cd:4f:21:5a:a4:04:6c:15:d1:cd:38:9a:87:9b:38:8c:
94:76:f6:53:00:18:76:37:b6:a1:b5:d2:1d:7e:33:80:5b:fe:
73:78:63:e9:b2:8d:3f:12:0a:4e:68:71:f7:d8:6c:da:56:51:
be:72:e3:77:b7:59:a6:6f:f7:b8:a1:a0:a8:c7:23:69:c0:e9:
3e:8c:cf:dc:70:ea:80:8f:ff:ae:ec:f0:62:c8:c4:67:2e:b2:
d6:08:b2:7d:da:be:fa:f2:a1:da:f1:85:d3:6c:0c:52:b3:ed:
fe:ac:2b:4f:92:76:96:83:f8:5c:2c:80:23:df:aa:bc:72:8a:
06:11:17:a6:53:0a:8a:f3:f6:8c:8f:e4:58:e2:77:4a:8f:97:
26:e0:3f:b1:50:c5:06:c8:fb:9c:4c:d8:33:a3:79:2d:ba:1c:
96:56:8e:e6:11:ab:d5:96:d1:e2:6e:70:69:50:0a:d3:b8:db:
fb:9b:ea:53:5b:5a:a0:d5:21:e1:b1:da:6a:26:f6:f0:59:f3:
fe:8e:54:c0:f5:89:07:8d:40:15:9d:a7:b7:37:44:db:55:68:
56:91:0f:31:32:c3:13:d3:7a:23:94:ce:c8:e8:79:af:61:94:
44:b0:6d:2a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzKK6e0Gnw3J0pno33AMqcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjODM1NDk4ZjM1MTk5YTE1NzE5NjRkODU1YzM4Nzc3NTE2
ODFhYjkwHhcNMjQwMTAyMTIzNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzRmOTU2MDZhMDliOGUxNGFiNmQ3ZWFmN2M0MGE1ZTU2OGFiZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZIhjkthYZLcdGFX5IhiV8wrjzpG
GZXAn4UFneM7O/Q1AfgErV4nCzzUNJk7T6O45lEWJZXWIW9srYeL5CWgSckh/qLk
yzYSi9IaGlLN5FK5H+pFlfYGnNLntHhgiGUeqH9nSaP21ZUt2/kk+HqZwTlEYhsf
t6zVTCXrVmzV59CYWvDhoPtw5C4VUoFcGwXW2CJnO/vMTAlXYe0cZuQ1e5h3a2kL
uz9z54m339kH4FQwvVlfivU0NA44tKO9+P3peaNSelAoNEt+8oRAiEFxvx4I9ORk
7RRazhhc/uglMJOPIeiEAYjFU2YOfHVqVxBJ3ZNppxmG5km7eOjyl1In1QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFBxPlWBqCbjhSrbX6vfECl5Wir2SMB8GA1UdIwQY
MBaAFHyDVJjzUZmhVxlk2FXDh3dRaBq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMt
NGNlNDc3ZGJiNDA3LzEvSEUtVllHb0p1T0ZLdHRmcTk4UUtYbGFLdlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZjhhZTItMGZiNS00YzA0LWFkOTMtNGNlNDc3ZGJiNDA3
LzEvZklOVW1QTlJtYUZYR1dUWVZjT0hkMUZvR3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQDV+3QAwQB
Wd3wAwQAWd3zMAsDBABZ3fcDAwFZ3AMEArkPeAMEArnXxAMEAcMjUjANBAIAAjAH
AwUDKgL8ADANBgkqhkiG9w0BAQsFAAOCAQEAYEdXtznajWHZeJE7nEBN6czHTd7N
TyFapARsFdHNOJqHmziMlHb2UwAYdje2obXSHX4zgFv+c3hj6bKNPxIKTmhx99hs
2lZRvnLjd7dZpm/3uKGgqMcjacDpPozP3HDqgI//ruzwYsjEZy6y1giyfdq++vKh
2vGF02wMUrPt/qwrT5J2loP4XCyAI9+qvHKKBhEXplMKivP2jI/kWOJ3So+XJuA/
sVDFBsj7nEzYM6N5LbocllaO5hGr1ZbR4m5waVAK07jb+5vqU1taoNUh4bHaaib2
8Fnz/o5UwPWJB41AFZ2ntzdE21VoVpEPMTLDE9N6I5TOyOh5r2GURLBtKg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:35:49 2024 by rpki-client on console-fra.rpki-client.org