Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/HqPhCXVCmW7_23WEi_PHB70XRCg.roa
File: HqPhCXVCmW7_23WEi_PHB70XRCg.roa (raw, json)
Hash identifier: pgADXgyqUKGosNgPld4xZXrt0PmaCynouZF/2k+SxUY=
Subject key identifier: 1E:A3:E1:09:75:42:99:6E:FF:DB:75:84:8B:F3:C7:07:BD:17:44:28
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC794235743C6586197B7D6A66070BC8D
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/HqPhCXVCmW7_23WEi_PHB70XRCg.roa
Signing time: Tue 02 Jan 2024 00:30:23 +0000
ROA not before: Tue 02 Jan 2024 00:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47205
IP address blocks: 31.193.192.0/21 maxlen: 24
92.61.32.0/20 maxlen: 32
195.12.186.0/24 maxlen: 24
185.3.228.0/22 maxlen: 24
2a02:118::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:23:57:43:c6:58:61:97:b7:d6:a6:60:70:bc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea3e1097542996effdb75848bf3c707bd174428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6c:08:d4:12:6a:e2:c9:ea:53:f6:88:7d:97:
dc:ee:f2:54:3f:a8:5f:59:0e:a5:32:11:5d:80:9d:
67:8c:88:d8:c5:42:2b:e8:a2:98:d1:ff:66:da:3e:
5d:f9:fe:bc:5b:77:4b:5e:23:c2:f6:c0:3b:ac:f8:
ec:95:4c:48:a5:4b:d6:a4:85:7f:cd:6e:b8:27:5a:
dd:92:1f:c8:0f:f4:a0:cd:0b:fe:8d:c2:1e:5f:ff:
bb:a3:e6:36:af:97:d3:6a:90:01:c8:a5:5c:56:68:
52:09:a8:42:2e:45:87:7a:27:3f:19:10:26:16:77:
85:e1:20:77:33:79:f1:32:8f:ed:e2:d4:48:ad:57:
ac:bb:7d:32:c7:5d:17:8a:c8:2d:c0:45:3b:ee:13:
a0:8d:e3:45:05:c2:5c:f9:c2:1b:89:e2:b2:fe:e6:
f9:75:56:c2:cc:9a:5a:5e:7f:c3:7d:ae:86:24:a7:
38:f7:55:92:4b:78:ba:5b:8a:fb:b2:25:00:21:7a:
1d:95:5f:67:87:7c:1c:1d:42:5b:bf:55:f0:b5:8a:
e3:44:6a:80:43:9d:b0:e6:f5:c5:80:8d:c3:55:9e:
d3:76:bd:20:99:e6:fc:ea:16:c7:3c:6a:e8:ee:0b:
8d:48:9b:bf:53:1c:e9:06:2d:63:9f:d1:3f:e3:9b:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A3:E1:09:75:42:99:6E:FF:DB:75:84:8B:F3:C7:07:BD:17:44:28
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/HqPhCXVCmW7_23WEi_PHB70XRCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.192.0/21
92.61.32.0/20
185.3.228.0/22
195.12.186.0/24
IPv6:
2a02:118::/32
Signature Algorithm: sha256WithRSAEncryption
12:35:dc:a6:5b:4f:c3:b3:96:d1:56:e6:6b:b1:27:48:43:15:
bb:73:66:5e:e5:b5:ba:e4:b0:f1:33:4b:09:d5:44:80:82:0c:
42:1f:9d:70:3f:63:ba:72:ed:47:ff:ac:ae:7f:86:90:a9:96:
a1:ca:87:68:8f:a0:a9:12:0c:fc:75:b9:eb:f7:a7:8a:52:20:
88:b6:e3:95:36:ac:52:ba:ea:03:eb:12:16:64:8d:be:cd:95:
68:49:95:e2:8a:76:29:c3:48:02:81:13:d3:de:8e:eb:30:35:
c7:2e:d2:49:d9:89:c5:e9:aa:bd:8a:af:49:23:f1:66:c2:c7:
1a:41:d4:f8:6a:1d:9e:ac:19:6b:d2:71:a7:46:ab:f0:53:64:
94:59:f8:39:76:5d:c0:f1:11:99:86:b1:ee:4f:60:40:55:a4:
5f:f0:cf:e3:44:62:df:50:d3:b2:e4:8a:76:cf:24:78:a3:10:
38:60:f4:47:d1:e6:d1:95:b6:98:c0:5d:2d:c1:4e:bf:83:bb:
80:11:45:58:37:c1:5a:2c:03:8c:f0:57:4c:9b:aa:f0:4f:cb:
e6:a0:b8:6d:5d:06:a7:91:35:8f:ec:1c:8b:ba:05:98:d9:1e:
1e:76:56:22:70:3e:69:22:0d:1f:bb:1b:72:a9:cc:db:a6:57:
da:8c:16:d5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHlCNXQ8ZYYZe31qZgcLyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWEzZTEwOTc1NDI5OTZlZmZkYjc1ODQ4YmYzYzcwN2JkMTc0NDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmwI1BJq4snqU/aIfZfc7vJUP6hf
WQ6lMhFdgJ1njIjYxUIr6KKY0f9m2j5d+f68W3dLXiPC9sA7rPjslUxIpUvWpIV/
zW64J1rdkh/ID/SgzQv+jcIeX/+7o+Y2r5fTapAByKVcVmhSCahCLkWHeic/GRAm
FneF4SB3M3nxMo/t4tRIrVesu30yx10XisgtwEU77hOgjeNFBcJc+cIbieKy/ub5
dVbCzJpaXn/Dfa6GJKc491WSS3i6W4r7siUAIXodlV9nh3wcHUJbv1XwtYrjRGqA
Q52w5vXFgI3DVZ7Tdr0gmeb86hbHPGro7guNSJu/UxzpBi1jn9E/45s7uwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFB6j4Ql1Qplu/9t1hIvzxwe9F0QoMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL0hxUGhDWFZDbVc3XzIzV0VpX1BIQjcwWFJDZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAMfwcAD
BARcPSADBAK5A+QDBADDDLowDQQCAAIwBwMFACoCARgwDQYJKoZIhvcNAQELBQAD
ggEBABI13KZbT8OzltFW5muxJ0hDFbtzZl7ltbrksPEzSwnVRICCDEIfnXA/Y7py
7Uf/rK5/hpCplqHKh2iPoKkSDPx1uev3p4pSIIi245U2rFK66gPrEhZkjb7NlWhJ
leKKdinDSAKBE9PejuswNccu0knZicXpqr2Kr0kj8WbCxxpB1PhqHZ6sGWvScadG
q/BTZJRZ+Dl2XcDxEZmGse5PYEBVpF/wz+NEYt9Q07LkinbPJHijEDhg9EfR5tGV
tpjAXS3BTr+Du4ARRVg3wVosA4zwV0ybqvBPy+aguG1dBqeRNY/sHIu6BZjZHh52
ViJwPmkiDR+7G3KpzNumV9qMFtU=
-----END CERTIFICATE-----
Generated at Sat May 18 13:57:14 2024 by rpki-client on console-ams.rpki-client.org