Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HqT4p3_FmBxFDt7kRCjteimW3rE.roa
File: HqT4p3_FmBxFDt7kRCjteimW3rE.roa (raw, json)
Hash identifier: jefwFEsDaBKuxRtfLxjXVwTV028AyZvnGGPqgktqfio=
Subject key identifier: 1E:A4:F8:A7:7F:C5:98:1C:45:0E:DE:E4:44:28:ED:7A:29:96:DE:B1
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB1B3F8A2FB8654DC2AEBC7089E95
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HqT4p3_FmBxFDt7kRCjteimW3rE.roa
Signing time: Tue 02 Jan 2024 08:32:41 +0000
ROA not before: Tue 02 Jan 2024 08:32:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199952
IP address blocks: 94.76.154.0/24 maxlen: 24
5.154.19.0/24 maxlen: 24
84.232.18.0/23 maxlen: 23
178.156.86.0/24 maxlen: 24
178.156.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b1:b3:f8:a2:fb:86:54:dc:2a:eb:c7:08:9e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea4f8a77fc5981c450edee44428ed7a2996deb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:3a:66:eb:b0:e5:f7:30:38:b0:0c:b9:d2:
9a:1d:15:17:97:2f:0b:a3:55:28:13:cd:6e:67:b6:
a8:12:f9:1b:40:20:3a:6a:2b:ce:77:8e:c7:fe:41:
31:fa:1f:c5:79:db:94:d7:a8:38:1a:de:60:3f:75:
e7:54:8e:71:7e:02:30:70:af:16:e4:a2:99:cd:d1:
b3:9a:28:77:30:9c:56:ff:1e:f8:d1:95:9a:00:1d:
76:ad:ba:95:db:9a:20:1b:22:fa:57:2b:be:38:f9:
d1:26:db:48:d1:62:3a:f5:cc:1d:e4:fc:71:36:e8:
1e:97:07:41:f4:e5:25:c1:c2:43:c5:9e:49:15:d2:
ee:12:8b:70:79:55:78:af:07:1d:e3:33:e5:d8:16:
83:7f:9d:f0:31:c4:da:d1:c2:09:d5:64:fb:ee:e7:
ea:e6:9a:f5:8e:c4:1a:4b:d8:94:70:f2:d7:96:da:
4d:44:f7:25:be:e0:05:ef:34:84:5d:7d:dd:ed:f9:
be:86:4c:89:60:3c:56:20:44:cb:24:a0:40:c5:49:
a8:6f:12:33:1a:d8:e2:61:74:3c:62:51:8a:62:b9:
c1:08:e3:76:7c:32:b2:d1:28:63:e3:35:ce:4c:d6:
0f:df:2a:64:5e:24:1b:db:44:4a:e9:3e:69:79:8f:
e1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A4:F8:A7:7F:C5:98:1C:45:0E:DE:E4:44:28:ED:7A:29:96:DE:B1
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/HqT4p3_FmBxFDt7kRCjteimW3rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.19.0/24
84.232.18.0/23
94.76.154.0/24
178.156.86.0/24
178.156.91.0/24
Signature Algorithm: sha256WithRSAEncryption
42:56:8a:a0:ed:95:d7:ae:7f:bc:b2:1c:59:80:9c:16:cb:10:
8e:4a:3d:07:3c:7d:f3:cd:2e:1b:55:68:c1:ff:3f:d1:98:74:
67:46:70:b4:71:09:5e:94:5b:e1:7f:ab:6a:11:88:8a:bf:ff:
d2:2e:7f:b6:e0:13:86:51:aa:ec:35:03:20:1d:35:fc:4d:87:
ac:80:7e:d1:11:f0:de:c2:9b:3c:af:f6:58:c3:6b:72:d8:86:
c7:31:33:78:ec:a3:1e:ee:38:2c:5e:f8:32:71:25:96:61:5c:
ec:12:1a:0d:01:19:65:73:13:f5:9f:79:61:39:31:38:49:f0:
23:13:35:0e:97:6a:6d:c8:30:86:16:24:35:22:d1:f4:41:90:
b5:b5:08:8e:7d:96:40:39:4a:55:8c:5a:f1:f4:32:ce:26:9c:
a9:fc:a7:ff:20:27:08:2a:31:7c:3e:cb:13:fb:e9:89:0d:09:
75:a5:70:45:1e:56:f6:db:26:90:df:6d:a5:d7:b3:44:1c:48:
b3:9d:5b:d0:1d:e7:16:7b:2f:79:de:68:de:14:3c:91:88:94:
9a:ca:4e:fa:06:6b:c0:70:36:b1:e7:d7:c8:36:29:0a:c0:0b:
d8:85:65:59:c7:94:7e:74:4d:53:3d:1b:d8:b1:8f:9b:58:79:
67:4e:52:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTbGz+KL7hlTcKuvHCJ6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE0ZjhhNzdmYzU5ODFjNDUwZWRlZTQ0NDI4ZWQ3YTI5OTZkZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXk6Zuuw5fcwOLAMudKaHRUXly8L
o1UoE81uZ7aoEvkbQCA6aivOd47H/kEx+h/FeduU16g4Gt5gP3XnVI5xfgIwcK8W
5KKZzdGzmih3MJxW/x740ZWaAB12rbqV25ogGyL6Vyu+OPnRJttI0WI69cwd5Pxx
NugelwdB9OUlwcJDxZ5JFdLuEotweVV4rwcd4zPl2BaDf53wMcTa0cIJ1WT77ufq
5pr1jsQaS9iUcPLXltpNRPclvuAF7zSEXX3d7fm+hkyJYDxWIETLJKBAxUmobxIz
GtjiYXQ8YlGKYrnBCON2fDKy0Shj4zXOTNYP3ypkXiQb20RK6T5peY/hPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB6k+Kd/xZgcRQ7e5EQo7Xoplt6xMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvSHFUNHAzX0ZtQnhGRHQ3a1JDanRlaW1XM3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABZoTAwQB
VOgSAwQAXkyaAwQAspxWAwQAspxbMA0GCSqGSIb3DQEBCwUAA4IBAQBCVoqg7ZXX
rn+8shxZgJwWyxCOSj0HPH3zzS4bVWjB/z/RmHRnRnC0cQlelFvhf6tqEYiKv//S
Ln+24BOGUarsNQMgHTX8TYesgH7REfDewps8r/ZYw2ty2IbHMTN47KMe7jgsXvgy
cSWWYVzsEhoNARllcxP1n3lhOTE4SfAjEzUOl2ptyDCGFiQ1ItH0QZC1tQiOfZZA
OUpVjFrx9DLOJpyp/Kf/ICcIKjF8PssT++mJDQl1pXBFHlb22yaQ322l17NEHEiz
nVvQHecWey953mjeFDyRiJSayk76BmvAcDax59fINikKwAvYhWVZx5R+dE1TPRvY
sY+bWHlnTlIC
-----END CERTIFICATE-----
Generated at Sat May 18 05:34:13 2024 by rpki-client on console-fra.rpki-client.org