Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/H5TlYYqlRGo_PTyai5vbmWkAmwI.roa
File: H5TlYYqlRGo_PTyai5vbmWkAmwI.roa (raw, json)
Hash identifier: LNm3ZAa5iEPuwb+jrdOo7NfsPbxUUn7l4riakg8pua4=
Subject key identifier: 1F:94:E5:61:8A:A5:44:6A:3F:3D:3C:9A:8B:9B:DB:99:69:00:9B:02
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DAEBD4046EFDBEF8B546E4A2D4996
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/H5TlYYqlRGo_PTyai5vbmWkAmwI.roa
Signing time: Tue 02 Jan 2024 08:32:40 +0000
ROA not before: Tue 02 Jan 2024 08:32:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60508
IP address blocks: 176.227.153.0/24 maxlen: 24
178.156.25.0/24 maxlen: 24
89.45.242.0/24 maxlen: 24
84.236.183.0/24 maxlen: 24
88.148.102.0/24 maxlen: 24
84.236.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ae:bd:40:46:ef:db:ef:8b:54:6e:4a:2d:49:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f94e5618aa5446a3f3d3c9a8b9bdb9969009b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:37:ef:2f:c2:f8:07:da:88:b5:cf:a2:f7:96:
f0:ab:41:80:e3:ac:16:3a:c9:78:f7:79:be:1a:68:
56:da:a0:a1:52:43:47:7a:ea:a5:40:16:de:ac:c7:
9a:cb:24:6a:03:2e:47:03:7a:62:08:cb:6d:01:a2:
85:cb:8f:94:4c:21:3e:4c:b5:8f:01:90:f6:a8:c8:
2e:75:c8:30:c5:2d:d2:48:6b:07:b4:65:44:e0:0e:
ce:a0:5d:07:9a:16:58:c7:4a:12:78:b2:77:5c:99:
2d:7e:80:a8:95:a2:f4:90:76:34:25:76:29:70:2b:
ed:a6:34:f8:4f:59:90:1e:28:94:e5:2a:64:53:c3:
ab:38:1d:a2:66:d4:05:27:23:54:7a:7b:78:bb:a6:
78:29:70:2e:1f:72:71:26:d7:c3:4c:f3:cb:2f:bd:
0d:c8:6f:75:2c:f0:17:46:1a:e7:6c:88:b7:b0:89:
09:7b:33:04:47:6b:5f:fa:5d:e0:f8:5e:f6:e4:bc:
3e:4e:05:bb:c0:5c:3d:2a:38:61:2d:fc:ab:f0:72:
cc:70:bf:2a:97:ce:23:de:10:cc:d4:d7:9c:7b:13:
9d:26:71:e0:38:68:67:37:cf:b3:5d:b7:1f:ee:ee:
02:1c:d3:a0:06:52:1f:1a:b2:44:07:4a:88:36:4c:
84:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:94:E5:61:8A:A5:44:6A:3F:3D:3C:9A:8B:9B:DB:99:69:00:9B:02
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/H5TlYYqlRGo_PTyai5vbmWkAmwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.183.0/24
84.236.207.0/24
88.148.102.0/24
89.45.242.0/24
176.227.153.0/24
178.156.25.0/24
Signature Algorithm: sha256WithRSAEncryption
60:09:d6:79:dd:f6:34:ac:00:8c:72:7b:40:75:84:c6:1e:31:
68:0f:8a:a3:65:ec:6a:fc:7c:0d:03:35:c8:9d:7a:d2:be:e0:
0c:4d:ce:63:05:50:cd:e5:9c:92:0a:22:ca:83:50:05:cd:ca:
be:92:3f:85:3c:98:b1:bb:9b:26:34:56:cd:7b:71:44:fd:5e:
55:9e:45:1a:fd:f4:3f:72:37:bf:b8:c9:7c:8f:2f:22:b5:f2:
0d:48:d7:a2:43:60:98:24:c7:d4:90:46:ed:95:70:4c:99:b4:
63:7d:22:7d:7d:ae:11:4c:3d:5a:00:2e:4d:66:ec:14:4e:8b:
ef:91:ec:cc:41:9d:d4:a6:f9:99:a5:ce:bd:ab:87:69:79:11:
54:af:b2:99:c4:c7:cc:88:47:ec:60:00:92:7e:c4:e1:a1:e0:
c4:f7:83:cf:af:fc:3c:8c:a3:60:d3:2d:61:f0:86:1d:e9:98:
83:ce:d6:c7:83:0c:d8:ec:df:96:f6:2c:b0:46:cc:9d:62:f1:
34:a5:a9:04:11:2b:23:77:ce:88:a0:c6:85:11:d3:f5:a6:ab:
93:c1:a1:be:76:e9:db:0a:42:d8:3b:f5:a9:78:9a:79:93:a4:
24:09:3e:fe:61:60:e7:e6:73:57:84:97:fb:0a:e9:d2:0b:2d:
c7:35:24:69
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTa69QEbv2++LVG5KLUmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjk0ZTU2MThhYTU0NDZhM2YzZDNjOWE4YjliZGI5OTY5MDA5YjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzfvL8L4B9qItc+i95bwq0GA46wW
Osl493m+GmhW2qChUkNHeuqlQBberMeayyRqAy5HA3piCMttAaKFy4+UTCE+TLWP
AZD2qMgudcgwxS3SSGsHtGVE4A7OoF0HmhZYx0oSeLJ3XJktfoColaL0kHY0JXYp
cCvtpjT4T1mQHiiU5SpkU8OrOB2iZtQFJyNUent4u6Z4KXAuH3JxJtfDTPPLL70N
yG91LPAXRhrnbIi3sIkJezMER2tf+l3g+F725Lw+TgW7wFw9KjhhLfyr8HLMcL8q
l84j3hDM1NecexOdJnHgOGhnN8+zXbcf7u4CHNOgBlIfGrJEB0qINkyE2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB+U5WGKpURqPz08moub25lpAJsCMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvSDVUbFlZcWxSR29fUFR5YWk1dmJtV2tBbXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVOy3AwQA
VOzPAwQAWJRmAwQAWS3yAwQAsOOZAwQAspwZMA0GCSqGSIb3DQEBCwUAA4IBAQBg
CdZ53fY0rACMcntAdYTGHjFoD4qjZexq/HwNAzXInXrSvuAMTc5jBVDN5ZySCiLK
g1AFzcq+kj+FPJixu5smNFbNe3FE/V5VnkUa/fQ/cje/uMl8jy8itfINSNeiQ2CY
JMfUkEbtlXBMmbRjfSJ9fa4RTD1aAC5NZuwUTovvkezMQZ3UpvmZpc69q4dpeRFU
r7KZxMfMiEfsYACSfsThoeDE94PPr/w8jKNg0y1h8IYd6ZiDztbHgwzY7N+W9iyw
RsydYvE0pakEESsjd86IoMaFEdP1pquTwaG+dunbCkLYO/WpeJp5k6QkCT7+YWDn
5nNXhJf7CunSCy3HNSRp
-----END CERTIFICATE-----
Generated at Sat May 18 05:34:13 2024 by rpki-client on console-fra.rpki-client.org