Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Hgx22Q9o6OU2VcwQjapWLsxVsX0.roa
File: Hgx22Q9o6OU2VcwQjapWLsxVsX0.roa (raw, json)
Hash identifier: cAvz5/vi1xc62ly46fcIgjE5mXTUlYaiMVaDBzbp7fc=
Subject key identifier: 1E:0C:76:D9:0F:68:E8:E5:36:55:CC:10:8D:AA:56:2E:CC:55:B1:7D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCD8951DEF1FE9A4ADF745442F1C45
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Hgx22Q9o6OU2VcwQjapWLsxVsX0.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45051
IP address blocks: 91.203.170.0/24 maxlen: 24
91.203.168.0/24 maxlen: 24
91.203.168.0/22 maxlen: 22
91.203.169.0/24 maxlen: 24
91.203.171.0/24 maxlen: 24
212.75.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d8:95:1d:ef:1f:e9:a4:ad:f7:45:44:2f:1c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e0c76d90f68e8e53655cc108daa562ecc55b17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e1:54:35:97:f6:a6:ea:b9:86:e1:eb:0a:a3:
c9:74:d9:c4:53:02:86:24:92:48:6f:a4:8a:e4:4b:
e7:d7:9e:c6:0f:b6:34:d7:20:57:05:18:7c:db:f4:
05:ba:ef:d1:53:7a:ce:29:77:8b:81:42:fa:8c:40:
a4:4a:56:f2:f5:52:9e:21:b1:40:84:ba:73:ef:eb:
61:a8:cf:3a:52:e2:e7:f7:10:ca:fb:fe:34:65:ec:
02:ed:4e:df:12:06:a8:48:1f:9f:49:f4:cb:07:eb:
07:86:f3:9b:3a:45:32:ea:04:71:cc:28:33:bf:e2:
1c:ae:2d:37:4f:c8:64:c8:09:2b:45:fa:bc:ee:ab:
9a:3e:ab:d0:cb:ac:6c:88:30:07:d5:29:0e:81:ee:
f5:84:8e:36:7c:b9:be:b4:f5:65:df:16:08:96:4f:
94:3e:36:44:48:6d:3e:f5:7b:dd:e5:18:14:20:b4:
2a:1d:b6:e9:59:6f:a2:a7:97:6c:12:91:6e:27:fd:
28:4d:87:12:cd:9c:f6:37:79:1a:bd:0d:96:68:63:
b3:28:2c:f4:00:c6:81:ab:99:66:69:1f:6c:7d:43:
ae:6d:e9:d4:7d:bb:68:ca:18:e3:f5:ec:94:fc:39:
e2:83:97:d2:70:2e:f8:ce:74:80:6b:03:73:56:b8:
40:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:0C:76:D9:0F:68:E8:E5:36:55:CC:10:8D:AA:56:2E:CC:55:B1:7D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/Hgx22Q9o6OU2VcwQjapWLsxVsX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.168.0/22
212.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
a0:29:fa:b8:26:b4:3a:ad:ef:2a:28:55:c9:fb:06:cb:6c:f3:
47:2f:82:a2:85:ae:20:3e:c3:81:eb:eb:46:9b:fd:aa:5a:49:
4f:6b:51:15:7e:e8:54:06:c9:cb:b0:d8:fe:fe:72:df:73:3e:
e3:ce:fa:85:c6:97:95:e1:66:05:0c:bf:6c:f7:76:ed:e0:9d:
b9:6c:19:ad:03:7a:7e:26:69:87:55:6e:c9:9f:fd:79:06:74:
fb:e4:29:25:1a:11:3e:65:0c:dd:9b:ab:f5:d4:74:a2:69:31:
df:4d:d7:fd:aa:59:be:ea:ab:ff:cc:42:d8:45:37:ca:f6:ea:
bb:9e:cf:cb:96:4c:ac:48:ad:bf:9d:52:2d:eb:cd:0c:4f:dd:
7f:69:70:7e:fd:4c:d3:b6:5c:87:92:5d:67:79:d1:96:af:27:
4f:80:ad:cb:70:b7:a2:d1:d5:36:12:cd:29:b5:0c:14:86:10:
d5:2d:03:07:76:05:8b:e4:7a:4b:34:d2:3e:5c:12:b2:b7:43:
c8:88:b1:f6:c5:a6:41:5a:1e:dc:79:3c:b4:b6:60:c7:8c:fe:
92:c2:2a:70:60:ac:80:d1:c5:49:d6:06:9c:bc:7b:32:64:cf:
83:0a:e2:d8:d6:f2:de:6a:2e:45:92:94:b6:c2:eb:d4:41:12:
4e:13:81:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvNiVHe8f6aSt90VELxxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTBjNzZkOTBmNjhlOGU1MzY1NWNjMTA4ZGFhNTYyZWNjNTViMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquFUNZf2puq5huHrCqPJdNnEUwKG
JJJIb6SK5Evn157GD7Y01yBXBRh82/QFuu/RU3rOKXeLgUL6jECkSlby9VKeIbFA
hLpz7+thqM86UuLn9xDK+/40ZewC7U7fEgaoSB+fSfTLB+sHhvObOkUy6gRxzCgz
v+Icri03T8hkyAkrRfq87quaPqvQy6xsiDAH1SkOge71hI42fLm+tPVl3xYIlk+U
PjZESG0+9Xvd5RgUILQqHbbpWW+ip5dsEpFuJ/0oTYcSzZz2N3kavQ2WaGOzKCz0
AMaBq5lmaR9sfUOubenUfbtoyhjj9eyU/Dnig5fScC74znSAawNzVrhA6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4MdtkPaOjlNlXMEI2qVi7MVbF9MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvSGd4MjJROW82T1UyVmN3UWphcFdMc3hWc1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8uoAwQF
1EvgMA0GCSqGSIb3DQEBCwUAA4IBAQCgKfq4JrQ6re8qKFXJ+wbLbPNHL4Kiha4g
PsOB6+tGm/2qWklPa1EVfuhUBsnLsNj+/nLfcz7jzvqFxpeV4WYFDL9s93bt4J25
bBmtA3p+JmmHVW7Jn/15BnT75CklGhE+ZQzdm6v11HSiaTHfTdf9qlm+6qv/zELY
RTfK9uq7ns/LlkysSK2/nVIt680MT91/aXB+/UzTtlyHkl1nedGWrydPgK3LcLei
0dU2Es0ptQwUhhDVLQMHdgWL5HpLNNI+XBKyt0PIiLH2xaZBWh7ceTy0tmDHjP6S
wipwYKyA0cVJ1gacvHsyZM+DCuLY1vLeai5FkpS2wuvUQRJOE4F6
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:45 2024 by rpki-client on console-fra.rpki-client.org