Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/HuPwF1XinNop6vv9tGIvVPSz55Q.roa
File: HuPwF1XinNop6vv9tGIvVPSz55Q.roa (raw, json)
Hash identifier: jGrMSkhI/Z5+Ixu2zzjT5xeF7/aKGqolZ2Bnk9/8oY0=
Subject key identifier: 1E:E3:F0:17:55:E2:9C:DA:29:EA:FB:FD:B4:62:2F:54:F4:B3:E7:94
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 0193867BF27B1E64164B8AE246F4ECFEDF76
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/HuPwF1XinNop6vv9tGIvVPSz55Q.roa
Signing time: Mon 02 Dec 2024 08:28:09 +0000
ROA not before: Mon 02 Dec 2024 08:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30811
IP address blocks: 217.114.80.0/20 maxlen: 20
217.114.94.0/24 maxlen: 24
2a00:1c50:1::/48 maxlen: 48
2a00:1c50:5::/48 maxlen: 48
2a00:1c50:6::/48 maxlen: 48
2a00:1c50:7::/48 maxlen: 48
2a00:1c50:94::/48 maxlen: 48
2a00:1c50:2002::/48 maxlen: 48
2a00:1c50:2003::/48 maxlen: 48
2a00:1c50:2004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:86:7b:f2:7b:1e:64:16:4b:8a:e2:46:f4:ec:fe:df:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: Dec 2 08:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ee3f01755e29cda29eafbfdb4622f54f4b3e794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bc:74:ee:11:b4:3f:57:0a:81:c0:24:00:6a:
87:e5:a0:40:18:f1:7f:ab:b6:04:48:d7:5e:15:13:
ff:8a:3d:76:98:ce:b2:28:04:0d:7b:fd:ba:86:c6:
60:98:ed:da:16:a6:0b:26:f0:22:cc:b4:26:bf:fa:
b9:9c:e5:06:8d:e6:fb:92:a3:e6:e9:9b:41:b9:83:
93:3b:eb:d4:f3:18:e8:d1:05:6f:25:6f:b9:2d:83:
37:2b:f6:d7:1c:48:ee:11:70:34:87:46:88:d7:cf:
7c:d8:fa:17:b9:34:1e:3a:2a:27:af:14:37:17:6d:
ed:b5:ba:d2:b6:88:ee:44:8e:aa:c6:5c:85:46:f5:
b6:8f:57:db:43:c8:c3:4c:19:d7:ee:6f:50:91:87:
d2:1a:07:85:91:8f:17:c6:ff:a8:35:83:b3:3d:3e:
09:5a:63:90:ae:8a:3d:53:87:65:4b:ec:40:dc:0c:
16:63:74:93:31:b6:62:c6:eb:e4:7e:cb:66:04:ed:
f2:a5:d7:21:60:fe:5c:25:78:77:61:b4:9d:85:ff:
d3:ce:c2:e9:2f:85:ec:e3:fc:7d:8c:16:92:fc:86:
a2:02:98:8a:1c:98:b4:db:a6:40:8d:de:3d:98:9e:
bd:26:fd:65:8c:c0:6f:be:75:23:dc:52:62:f3:d4:
23:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E3:F0:17:55:E2:9C:DA:29:EA:FB:FD:B4:62:2F:54:F4:B3:E7:94
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/HuPwF1XinNop6vv9tGIvVPSz55Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.80.0/20
IPv6:
2a00:1c50:1::/48
2a00:1c50:5::-2a00:1c50:7:ffff:ffff:ffff:ffff:ffff
2a00:1c50:94::/48
2a00:1c50:2002::-2a00:1c50:2004:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
68:2d:74:09:cf:26:35:f0:ba:60:cf:21:2e:f6:5f:d1:8e:51:
55:97:da:21:bd:fd:db:0a:2a:33:38:0a:da:e4:b0:16:d9:72:
d5:0c:9b:92:6a:f3:35:bd:a5:64:63:fa:ac:93:1b:59:c8:38:
29:21:46:3a:7d:c6:7d:ad:17:33:3e:c8:e8:08:7c:8c:37:64:
d1:67:92:fe:3a:6c:8a:09:72:58:3f:2e:0a:45:c3:0d:72:0c:
82:ed:2f:29:51:90:89:bd:0a:d9:cd:12:19:76:22:18:3a:e8:
b7:2f:65:b8:9f:d4:10:8c:dc:76:71:ad:f6:05:a5:2f:23:84:
50:3e:08:f2:ef:8a:13:75:80:bf:e6:58:46:4d:81:7d:dc:08:
3c:08:59:6f:34:fb:58:18:01:d2:71:a0:03:7a:88:cc:9d:ac:
6f:93:d8:34:2c:f0:ab:cf:7a:f9:0a:02:19:4b:25:6a:91:40:
ee:83:1d:82:20:22:f5:ba:39:42:5e:f1:d9:0f:5d:d7:87:fa:
82:4a:cb:7e:62:2f:8e:01:71:22:3b:7e:f0:28:f8:e2:ce:9f:
a2:2c:e6:64:39:a0:5e:e2:ad:e3:cf:0a:32:52:23:b8:7e:da:
e4:8b:e8:66:34:79:b4:97:62:39:14:81:90:19:8c:67:f2:d3:
14:ac:11:22
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZOGe/J7HmQWS4riRvTs/t92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjQxMjAyMDgyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUzZjAxNzU1ZTI5Y2RhMjllYWZiZmRiNDYyMmY1NGY0YjNlNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorx07hG0P1cKgcAkAGqH5aBAGPF/
q7YESNdeFRP/ij12mM6yKAQNe/26hsZgmO3aFqYLJvAizLQmv/q5nOUGjeb7kqPm
6ZtBuYOTO+vU8xjo0QVvJW+5LYM3K/bXHEjuEXA0h0aI18982PoXuTQeOionrxQ3
F23ttbrStojuRI6qxlyFRvW2j1fbQ8jDTBnX7m9QkYfSGgeFkY8Xxv+oNYOzPT4J
WmOQroo9U4dlS+xA3AwWY3STMbZixuvkfstmBO3ypdchYP5cJXh3YbSdhf/TzsLp
L4Xs4/x9jBaS/IaiApiKHJi026ZAjd49mJ69Jv1ljMBvvnUj3FJi89QjfwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFB7j8BdV4pzaKer7/bRiL1T0s+eUMB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvSHVQd0YxWGluTm9wNnZ2OXRHSXZWUFN6NTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAMBAIAATAGAwQE2XJQMEAE
AgACMDoDBwAqABxQAAEwEgMHACoAHFAABQMHAyoAHFAAAAMHACoAHFAAlDASAwcB
KgAcUCACAwcAKgAcUCAEMA0GCSqGSIb3DQEBCwUAA4IBAQBoLXQJzyY18LpgzyEu
9l/RjlFVl9ohvf3bCiozOAra5LAW2XLVDJuSavM1vaVkY/qskxtZyDgpIUY6fcZ9
rRczPsjoCHyMN2TRZ5L+OmyKCXJYPy4KRcMNcgyC7S8pUZCJvQrZzRIZdiIYOui3
L2W4n9QQjNx2ca32BaUvI4RQPgjy74oTdYC/5lhGTYF93Ag8CFlvNPtYGAHScaAD
eojMnaxvk9g0LPCrz3r5CgIZSyVqkUDugx2CICL1ujlCXvHZD13Xh/qCSst+Yi+O
AXEiO37wKPjizp+iLOZkOaBe4q3jzwoyUiO4ftrki+hmNHm0l2I5FIGQGYxn8tMU
rBEi
-----END CERTIFICATE-----
Generated at Fri Dec 27 22:29:47 2024 by rpki-client on console-fra.rpki-client.org