Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/hpGKoWDWIkzCTsZA6jzQ7eMakKk.roa
File: hpGKoWDWIkzCTsZA6jzQ7eMakKk.roa (raw, json)
Hash identifier: Uub0tAA0YmfAc+pPLmgaA1YNlTpSd8wTRxGLgFbu7eE=
Subject key identifier: 86:91:8A:A1:60:D6:22:4C:C2:4E:C6:40:EA:3C:D0:ED:E3:1A:90:A9
Certificate issuer: /CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Certificate serial: 018CCA9A019E0ED47BBE14E44452672D6B92
Authority key identifier: A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/hpGKoWDWIkzCTsZA6jzQ7eMakKk.roa
Signing time: Tue 02 Jan 2024 14:35:39 +0000
ROA not before: Tue 02 Jan 2024 14:35:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55002
IP address blocks: 195.234.206.0/24 maxlen: 24
195.234.204.0/24 maxlen: 24
195.234.205.0/24 maxlen: 24
195.234.207.0/24 maxlen: 24
2001:67c:2620::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:01:9e:0e:d4:7b:be:14:e4:44:52:67:2d:6b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Validity
Not Before: Jan 2 14:35:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86918aa160d6224cc24ec640ea3cd0ede31a90a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:12:a5:71:d6:c6:b6:44:33:76:e3:15:0e:c7:
33:37:de:d0:bb:18:ce:89:3f:8d:6e:2a:95:90:af:
43:24:e0:f1:50:91:32:48:fa:6e:9f:e4:32:a2:5e:
bf:b9:79:95:3b:f7:09:29:54:3e:a0:2e:a2:91:fa:
a7:ad:ef:77:bf:0a:2b:d8:6f:4f:71:76:0e:51:f8:
ad:66:15:e0:4a:f7:85:b4:95:7b:b2:29:30:1b:0e:
81:e8:ca:c3:1a:27:2c:23:57:6e:48:5e:c9:ab:8d:
03:6f:30:44:01:b8:94:cf:7e:36:8e:89:d4:6d:8d:
bb:53:69:a9:60:11:c8:c6:1c:fa:ea:b8:e4:6f:ab:
fc:c9:8d:73:1b:94:e1:75:c2:55:4f:e3:80:10:11:
15:ca:ef:17:fb:c3:fa:c3:24:28:09:36:03:a3:48:
72:e5:bb:8e:7e:88:c5:e0:d1:f4:3c:e9:24:5e:81:
a1:99:0c:f3:42:06:60:6b:82:f5:4f:e2:0a:3d:c1:
c8:76:c0:ba:dd:09:b9:e2:b2:40:e6:70:e4:0e:b9:
6f:42:b0:a7:bb:62:b9:82:e4:d5:65:9c:b0:91:27:
e2:0c:54:9c:33:22:18:96:01:d5:fd:d0:42:16:b3:
fc:fd:9a:14:dd:e2:2e:86:0c:4d:41:98:5b:89:58:
2a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:91:8A:A1:60:D6:22:4C:C2:4E:C6:40:EA:3C:D0:ED:E3:1A:90:A9
X509v3 Authority Key Identifier:
keyid:A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/hpGKoWDWIkzCTsZA6jzQ7eMakKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.204.0/22
IPv6:
2001:67c:2620::/48
Signature Algorithm: sha256WithRSAEncryption
3a:0d:d5:02:42:49:2c:3d:ad:bd:69:5a:35:90:dc:83:35:8b:
fc:36:c2:93:de:e5:11:9f:1d:23:0b:59:13:d3:7d:0b:cb:c5:
b4:85:1a:1a:71:6e:ae:42:7b:04:49:65:04:4f:b7:57:b2:af:
12:d0:1f:80:79:7b:c7:ac:90:77:2d:fa:17:2b:45:db:f2:7f:
75:28:48:25:4f:6f:26:f4:fb:b6:56:44:ef:76:df:22:9c:03:
a2:c6:13:f8:73:c8:9f:b7:e1:eb:33:e5:e7:46:d2:fe:69:6b:
19:ab:0f:bb:ed:a2:6c:cf:c4:3b:76:45:eb:a0:99:fc:70:b6:
f7:db:45:3a:53:de:58:12:2c:38:f9:12:46:e7:99:ea:c5:ce:
b8:6b:8d:c4:45:ea:c8:65:df:d4:9e:76:37:38:a2:c7:e7:f2:
b4:60:29:a9:fe:ab:31:04:b5:a0:01:c6:ce:c9:bb:83:de:8b:
7c:a3:e3:3e:e2:b1:94:b2:fc:02:a0:5b:d8:76:86:dd:cc:4c:
c2:d7:a0:ff:34:47:7e:a8:8d:07:a6:43:67:ac:1d:fd:00:6e:
51:dc:ff:31:27:6e:5e:8a:47:db:d4:b1:68:d7:cd:f7:5c:56:
09:c5:eb:76:58:fd:b9:61:41:f8:5d:30:0e:99:2a:18:37:d3:
b3:27:3d:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmgGeDtR7vhTkRFJnLWuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MGEwODFmYmE4ZmIzM2VmYjQ2MjU5ZWY5M2Y2ODc4ZDcw
MTUwZWIwHhcNMjQwMTAyMTQzNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkxOGFhMTYwZDYyMjRjYzI0ZWM2NDBlYTNjZDBlZGUzMWE5MGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhKlcdbGtkQzduMVDsczN97QuxjO
iT+NbiqVkK9DJODxUJEySPpun+Qyol6/uXmVO/cJKVQ+oC6ikfqnre93vwor2G9P
cXYOUfitZhXgSveFtJV7sikwGw6B6MrDGicsI1duSF7Jq40DbzBEAbiUz342jonU
bY27U2mpYBHIxhz66rjkb6v8yY1zG5ThdcJVT+OAEBEVyu8X+8P6wyQoCTYDo0hy
5buOfojF4NH0POkkXoGhmQzzQgZga4L1T+IKPcHIdsC63Qm54rJA5nDkDrlvQrCn
u2K5guTVZZywkSfiDFScMyIYlgHV/dBCFrP8/ZoU3eIuhgxNQZhbiVgqrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIaRiqFg1iJMwk7GQOo80O3jGpCpMB8GA1UdIwQY
MBaAFKQKCB+6j7M++0Ylnvk/aHjXAVDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEt
YWU5MWU0NjYyZDkzLzEvaHBHS29XRFdJa3pDVHNaQTZqelE3ZU1ha0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEtYWU5MWU0NjYyZDkz
LzEvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw+rMMA8E
AgACMAkDBwAgAQZ8JiAwDQYJKoZIhvcNAQELBQADggEBADoN1QJCSSw9rb1pWjWQ
3IM1i/w2wpPe5RGfHSMLWRPTfQvLxbSFGhpxbq5CewRJZQRPt1eyrxLQH4B5e8es
kHct+hcrRdvyf3UoSCVPbyb0+7ZWRO923yKcA6LGE/hzyJ+34esz5edG0v5paxmr
D7vtomzPxDt2ReugmfxwtvfbRTpT3lgSLDj5EkbnmerFzrhrjcRF6shl39Sedjc4
osfn8rRgKan+qzEEtaABxs7Ju4Pei3yj4z7isZSy/AKgW9h2ht3MTMLXoP80R36o
jQemQ2esHf0AblHc/zEnbl6KR9vUsWjXzfdcVgnF63ZY/blhQfhdMA6ZKhg307Mn
Pcc=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:17:02 2024 by rpki-client on console-fra.rpki-client.org