Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/Hdhdxk7Ul55LccmgSgzTU4BcL0o.roa
File: Hdhdxk7Ul55LccmgSgzTU4BcL0o.roa (raw, json)
Hash identifier: j0PKwuyBov3qQCP25Uvwdk8r4aB8Ilgk1BOicWwobs8=
Subject key identifier: 1D:D8:5D:C6:4E:D4:97:9E:4B:71:C9:A0:4A:0C:D3:53:80:5C:2F:4A
Certificate issuer: /CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Certificate serial: 018F8078697489EFE9FF93F38D35F53498CD
Authority key identifier: C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/Hdhdxk7Ul55LccmgSgzTU4BcL0o.roa
Signing time: Thu 16 May 2024 08:15:25 +0000
ROA not before: Thu 16 May 2024 08:15:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211804
IP address blocks: 185.250.240.0/24 maxlen: 24
185.250.242.0/24 maxlen: 24
185.250.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:78:69:74:89:ef:e9:ff:93:f3:8d:35:f5:34:98:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2d2ac1d7c9eccf5658b88f16f613d7b3e8e8c72
Validity
Not Before: May 16 08:15:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dd85dc64ed4979e4b71c9a04a0cd353805c2f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e1:0f:a6:de:94:4d:44:9e:a7:04:14:09:c6:
b4:1c:aa:10:dd:f3:d9:7d:b9:0a:49:c2:19:71:fd:
1a:fb:c5:a4:c3:05:3e:5d:b4:e6:d1:e3:bd:b6:15:
15:cd:09:b6:b3:62:67:a6:e2:5f:61:65:36:d3:d0:
86:aa:7c:11:3a:5a:0a:a3:5e:16:35:1d:4a:70:be:
2c:50:fe:8c:b7:94:47:cb:e4:7b:2f:74:e6:71:d4:
0e:25:96:26:b0:30:61:ac:39:1a:b9:33:e2:22:76:
8a:4f:b0:51:fe:79:63:be:01:db:8e:0c:f6:44:f8:
4e:08:15:e7:ae:0f:1d:da:f6:64:24:95:c6:81:9d:
01:bd:2a:c5:d0:85:73:27:b0:1a:e2:b6:91:3d:7e:
91:33:2a:2b:61:b2:66:2f:61:69:fb:9d:50:d7:2f:
ac:60:d4:f5:aa:fe:5e:58:87:a4:41:d0:c1:5c:d9:
58:d4:d3:88:38:0f:b7:ad:1e:da:aa:a5:30:e6:42:
94:cc:f0:01:5f:b4:c4:e9:9f:94:59:0f:42:c8:3a:
bb:2f:65:82:c5:0b:81:0d:8a:74:7c:8b:f8:df:90:
63:9a:90:86:ab:b4:dd:a4:01:23:20:81:93:c0:06:
57:6a:ef:af:b7:ff:d9:ec:a3:eb:5b:4c:6e:7c:e8:
77:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D8:5D:C6:4E:D4:97:9E:4B:71:C9:A0:4A:0C:D3:53:80:5C:2F:4A
X509v3 Authority Key Identifier:
keyid:C2:D2:AC:1D:7C:9E:CC:F5:65:8B:88:F1:6F:61:3D:7B:3E:8E:8C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtKsHXyezPVli4jxb2E9ez6OjHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/Hdhdxk7Ul55LccmgSgzTU4BcL0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8b1bc2-5926-4ace-b16f-197fe8365643/1/wtKsHXyezPVli4jxb2E9ez6OjHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.240.0/24
185.250.242.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:d9:18:64:9f:7a:45:6c:71:c7:4a:e7:79:d9:8f:7d:c2:de:
99:d0:3d:a9:45:3e:ba:c1:ad:2a:70:c5:fa:f5:4d:78:57:70:
87:5c:eb:6d:30:ef:66:1d:c6:0d:a7:52:82:b3:2f:26:b1:4d:
e3:c6:5e:94:b7:d0:0b:fb:48:e8:8c:a3:0a:86:c2:77:ea:3d:
c4:a1:80:28:0b:0e:bc:d8:f1:b8:38:46:21:ac:f0:81:2a:a0:
7a:72:4d:63:cc:60:03:b3:15:76:2d:fe:f7:0d:75:12:a6:6d:
db:78:7d:1c:14:f1:53:a6:d6:2a:b7:51:d4:bb:4d:a3:40:c6:
d8:a6:65:02:f3:b1:17:66:6e:15:b0:8d:29:0e:c3:7c:5b:97:
20:e7:83:6f:f7:57:cd:ee:a7:57:0d:e2:ff:78:d5:d8:05:48:
71:82:da:a7:ac:6f:53:12:e1:55:39:84:15:e1:5d:22:cc:b4:
39:87:6a:fc:6e:6a:70:e5:dd:78:d2:4c:63:f6:26:d9:1a:ac:
bd:c4:f4:31:0d:c1:4b:2d:35:61:29:14:fd:12:52:54:41:8d:
4d:1d:9a:b6:a6:32:43:bf:f8:7f:40:93:e1:3e:62:12:fa:ae:
3e:f4:10:61:e7:7c:3c:93:cf:be:c0:d6:a3:d4:7a:6b:6d:cd:
fa:86:23:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+AeGl0ie/p/5PzjTX1NJjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDJhYzFkN2M5ZWNjZjU2NThiODhmMTZmNjEzZDdiM2U4
ZThjNzIwHhcNMjQwNTE2MDgxNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ4NWRjNjRlZDQ5NzllNGI3MWM5YTA0YTBjZDM1MzgwNWMyZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOEPpt6UTUSepwQUCca0HKoQ3fPZ
fbkKScIZcf0a+8WkwwU+XbTm0eO9thUVzQm2s2JnpuJfYWU209CGqnwROloKo14W
NR1KcL4sUP6Mt5RHy+R7L3TmcdQOJZYmsDBhrDkauTPiInaKT7BR/nljvgHbjgz2
RPhOCBXnrg8d2vZkJJXGgZ0BvSrF0IVzJ7Aa4raRPX6RMyorYbJmL2Fp+51Q1y+s
YNT1qv5eWIekQdDBXNlY1NOIOA+3rR7aqqUw5kKUzPABX7TE6Z+UWQ9CyDq7L2WC
xQuBDYp0fIv435BjmpCGq7TdpAEjIIGTwAZXau+vt//Z7KPrW0xufOh3OQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3YXcZO1JeeS3HJoEoM01OAXC9KMB8GA1UdIwQY
MBaAFMLSrB18nsz1ZYuI8W9hPXs+joxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYt
MTk3ZmU4MzY1NjQzLzEvSGRoZHhrN1VsNTVMY2NtZ1NnelRVNEJjTDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YjFiYzItNTkyNi00YWNlLWIxNmYtMTk3ZmU4MzY1NjQz
LzEvd3RLc0hYeWV6UFZsaTRqeGIyRTllejZPakhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufrwAwQB
ufryMA0GCSqGSIb3DQEBCwUAA4IBAQAf2Rhkn3pFbHHHSud52Y99wt6Z0D2pRT66
wa0qcMX69U14V3CHXOttMO9mHcYNp1KCsy8msU3jxl6Ut9AL+0jojKMKhsJ36j3E
oYAoCw682PG4OEYhrPCBKqB6ck1jzGADsxV2Lf73DXUSpm3beH0cFPFTptYqt1HU
u02jQMbYpmUC87EXZm4VsI0pDsN8W5cg54Nv91fN7qdXDeL/eNXYBUhxgtqnrG9T
EuFVOYQV4V0izLQ5h2r8bmpw5d140kxj9ibZGqy9xPQxDcFLLTVhKRT9ElJUQY1N
HZq2pjJDv/h/QJPhPmIS+q4+9BBh53w8k8++wNaj1Hprbc36hiML
-----END CERTIFICATE-----
Generated at Sat Jun 1 07:23:28 2024 by rpki-client on console-fra.rpki-client.org