Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Hpe-GOLGGwTfVZYfxlCv-KLb0c4.roa
File: Hpe-GOLGGwTfVZYfxlCv-KLb0c4.roa (raw, json)
Hash identifier: TKqxcXViGOYGDY/OU9Acs41yJFQPLHNflUY7FNnLA8U=
Subject key identifier: 1E:97:BE:18:E2:C6:1B:04:DF:55:96:1F:C6:50:AF:F8:A2:DB:D1:CE
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 01904B3C32A97CD9EBAD140FB8BF3EB4B3E5
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Hpe-GOLGGwTfVZYfxlCv-KLb0c4.roa
Signing time: Mon 24 Jun 2024 17:12:34 +0000
ROA not before: Mon 24 Jun 2024 17:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42375
IP address blocks: 2a0f:bf40::/29 maxlen: 29
2a11:1580::/29 maxlen: 29
2a11:1fc0::/29 maxlen: 29
2a11:3640::/29 maxlen: 29
2a12:3a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4b:3c:32:a9:7c:d9:eb:ad:14:0f:b8:bf:3e:b4:b3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Jun 24 17:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e97be18e2c61b04df55961fc650aff8a2dbd1ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:92:b9:2d:06:f8:4b:b5:43:d1:66:71:9e:33:
f4:55:9f:e9:3e:8d:b7:6b:fd:dd:49:ac:10:37:38:
de:18:98:b0:31:a3:81:3d:20:9e:43:87:ac:6f:0d:
77:60:b9:aa:f2:46:3b:50:b0:1e:e4:27:c8:09:70:
19:f2:b1:9a:2f:2e:27:37:5a:88:6a:40:18:52:92:
32:fe:60:57:bc:a3:9e:87:74:82:a3:bf:84:97:46:
01:b6:7d:1b:32:87:e6:7c:53:6c:74:ec:60:76:e0:
c3:77:24:01:36:ca:7e:70:12:ca:a0:ad:4a:a6:ce:
c9:c5:cf:61:93:97:ab:39:66:83:a0:4f:e4:51:81:
82:a0:72:64:e3:9d:4d:79:d3:42:7d:80:2b:45:16:
35:b1:a6:ed:22:ab:c4:dd:43:69:e8:ec:1b:1c:0a:
b9:44:bd:f2:df:ca:c8:a4:a2:cb:4a:18:f6:54:f4:
e2:2d:f9:73:33:9d:1b:b2:b1:89:63:0d:83:64:a5:
ec:30:b3:35:5e:c7:3f:8e:10:f0:0c:0d:a1:53:f7:
9e:96:0a:97:12:39:8b:2f:09:57:a8:19:ea:be:6b:
90:90:6e:a3:55:44:59:b7:5b:47:e5:61:11:d1:a0:
9c:86:d2:36:23:8b:4c:4c:6f:61:e6:2a:f6:fb:36:
d9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:97:BE:18:E2:C6:1B:04:DF:55:96:1F:C6:50:AF:F8:A2:DB:D1:CE
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Hpe-GOLGGwTfVZYfxlCv-KLb0c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bf40::/29
2a11:1580::/29
2a11:1fc0::/29
2a11:3640::/29
2a12:3a40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:d5:76:62:6a:8a:4a:14:9f:fc:ad:4b:f4:4b:e5:08:d7:6a:
69:05:96:b8:81:3f:69:75:41:5e:af:8a:99:29:2f:1d:e7:4a:
62:31:5b:f1:65:3b:38:56:63:ae:d8:bd:f1:1e:63:ce:64:4f:
f8:3f:b3:06:6a:3d:1c:4a:44:21:4b:a5:57:52:f5:c1:d0:27:
e0:20:90:85:15:11:5c:8c:ac:21:e4:79:d7:0a:b2:9d:f7:6a:
67:dd:38:54:03:aa:32:bf:22:ce:d2:1a:ae:83:f6:69:cf:33:
50:46:0a:2f:de:8e:02:24:0c:bb:39:c3:59:67:61:13:8e:34:
bc:1b:26:9b:1e:f4:03:1e:b6:0d:3f:74:d5:a5:33:12:66:22:
28:52:48:e6:91:eb:4f:9b:f3:a1:8d:5c:b4:68:59:2a:cf:f9:
65:08:27:ee:cb:b6:c1:6d:df:86:fc:73:3b:2d:88:b5:6f:98:
fe:83:0a:32:0f:5f:ad:de:2b:ce:30:fa:e2:6e:c4:a5:9f:43:
8d:75:9d:5a:e5:f9:45:20:33:49:e4:a3:5f:49:b5:71:30:b7:
1c:23:76:14:5b:fc:1f:3d:7b:e6:1d:61:f4:d9:38:a1:29:d5:
7d:c3:a9:f5:65:ed:62:9b:01:01:b5:fb:63:38:96:70:75:b2:
d7:0f:78:bc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZBLPDKpfNnrrRQPuL8+tLPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3
YzIxNTIwHhcNMjQwNjI0MTcxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTk3YmUxOGUyYzYxYjA0ZGY1NTk2MWZjNjUwYWZmOGEyZGJkMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JK5LQb4S7VD0WZxnjP0VZ/pPo23
a/3dSawQNzjeGJiwMaOBPSCeQ4esbw13YLmq8kY7ULAe5CfICXAZ8rGaLy4nN1qI
akAYUpIy/mBXvKOeh3SCo7+El0YBtn0bMofmfFNsdOxgduDDdyQBNsp+cBLKoK1K
ps7Jxc9hk5erOWaDoE/kUYGCoHJk451NedNCfYArRRY1sabtIqvE3UNp6OwbHAq5
RL3y38rIpKLLShj2VPTiLflzM50bsrGJYw2DZKXsMLM1Xsc/jhDwDA2hU/eelgqX
EjmLLwlXqBnqvmuQkG6jVURZt1tH5WER0aCchtI2I4tMTG9h5ir2+zbZnQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFB6XvhjixhsE31WWH8ZQr/ii29HOMB8GA1UdIwQY
MBaAFDnwhspiEbuV0GQwicfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2Qt
N2ZlMzI4NTcxOTM4LzEvSHBlLUdPTEdHd1RmVlpZZnhsQ3YtS0xiMGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4
LzEvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg+/QAMF
AyoRFYADBQMqER/AAwUDKhE2QAMFAyoSOkAwDQYJKoZIhvcNAQELBQADggEBAJ7V
dmJqikoUn/ytS/RL5QjXamkFlriBP2l1QV6vipkpLx3nSmIxW/FlOzhWY67YvfEe
Y85kT/g/swZqPRxKRCFLpVdS9cHQJ+AgkIUVEVyMrCHkedcKsp33amfdOFQDqjK/
Is7SGq6D9mnPM1BGCi/ejgIkDLs5w1lnYROONLwbJpse9AMetg0/dNWlMxJmIihS
SOaR60+b86GNXLRoWSrP+WUIJ+7LtsFt34b8czstiLVvmP6DCjIPX63eK84w+uJu
xKWfQ411nVrl+UUgM0nko19JtXEwtxwjdhRb/B89e+YdYfTZOKEp1X3DqfVl7WKb
AQG1+2M4lnB1stcPeLw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:25 2024 by rpki-client on console-fra.rpki-client.org