Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/a07739-60ba-4e19-bc55-b56c53662028/1/0HUpR_9z6nnMtAJTjN5x9uPw49I.roa
File: 0HUpR_9z6nnMtAJTjN5x9uPw49I.roa (raw, json)
Hash identifier: sxeHl54biT5ZA3QbwV+eyh/MkfD+27Nszh0eVECbYdc=
Subject key identifier: D0:75:29:47:FF:73:EA:79:CC:B4:02:53:8C:DE:71:F6:E3:F0:E3:D2
Certificate issuer: /CN=26a451e245e01ba9b2fb2314c2609e7b151e74a2
Certificate serial: 018CC4923C42122093D0B8DCEB3ECB8E2441
Authority key identifier: 26:A4:51:E2:45:E0:1B:A9:B2:FB:23:14:C2:60:9E:7B:15:1E:74:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqRR4kXgG6my-yMUwmCeexUedKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/a07739-60ba-4e19-bc55-b56c53662028/1/0HUpR_9z6nnMtAJTjN5x9uPw49I.roa
Signing time: Mon 01 Jan 2024 10:29:27 +0000
ROA not before: Mon 01 Jan 2024 10:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39029
IP address blocks: 87.238.32.0/19 maxlen: 19
185.47.40.0/22 maxlen: 22
194.31.39.0/24 maxlen: 24
2a02:c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/a07739-60ba-4e19-bc55-b56c53662028/1/JqRR4kXgG6my-yMUwmCeexUedKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/a07739-60ba-4e19-bc55-b56c53662028/1/JqRR4kXgG6my-yMUwmCeexUedKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqRR4kXgG6my-yMUwmCeexUedKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:3c:42:12:20:93:d0:b8:dc:eb:3e:cb:8e:24:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a451e245e01ba9b2fb2314c2609e7b151e74a2
Validity
Not Before: Jan 1 10:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0752947ff73ea79ccb402538cde71f6e3f0e3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:98:53:de:e1:9c:55:50:99:55:1a:e5:e7:fe:
9f:e8:ef:9a:14:c5:4d:86:8e:62:bf:38:77:19:ad:
da:b8:de:0f:9d:a6:1a:8f:6b:ed:91:82:53:9a:39:
80:02:0d:f1:22:a6:38:90:1a:5a:f3:62:ae:51:c3:
0a:e2:79:b0:c6:02:79:f7:c0:85:6f:cf:bf:6f:a9:
94:43:20:89:c3:8c:cc:48:e4:ac:a9:87:bc:45:4e:
33:f8:0d:10:b4:9c:b4:a6:31:a7:d3:60:51:55:24:
67:e3:2f:6a:1b:5b:79:95:d3:cb:25:35:44:ba:03:
7c:f0:22:ad:3a:4c:42:50:ae:6a:94:d7:6e:b7:de:
a3:22:36:21:e8:9a:65:f0:5c:74:c2:74:43:8c:9e:
a6:38:df:d4:7d:59:5a:70:8f:b1:5b:1c:3d:51:8d:
8b:cb:e3:eb:12:0c:b4:95:51:2d:92:4b:51:8e:f5:
11:07:71:b4:95:54:41:ee:97:4f:49:aa:e2:25:6d:
01:0c:d1:f9:18:c2:51:0b:29:b9:3f:93:35:1f:99:
78:69:e6:d4:cf:62:b8:13:05:34:48:03:58:82:47:
01:d7:03:0d:00:e7:cc:cf:bb:24:aa:01:94:96:51:
c5:d4:2a:d4:08:24:c5:46:43:22:df:ee:75:f9:a6:
c1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:75:29:47:FF:73:EA:79:CC:B4:02:53:8C:DE:71:F6:E3:F0:E3:D2
X509v3 Authority Key Identifier:
keyid:26:A4:51:E2:45:E0:1B:A9:B2:FB:23:14:C2:60:9E:7B:15:1E:74:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqRR4kXgG6my-yMUwmCeexUedKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/a07739-60ba-4e19-bc55-b56c53662028/1/0HUpR_9z6nnMtAJTjN5x9uPw49I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/a07739-60ba-4e19-bc55-b56c53662028/1/JqRR4kXgG6my-yMUwmCeexUedKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.32.0/19
185.47.40.0/22
194.31.39.0/24
IPv6:
2a02:c0::/32
Signature Algorithm: sha256WithRSAEncryption
02:63:19:38:12:60:78:5c:e2:a9:08:52:04:e3:a0:98:2d:d8:
69:d8:0f:c5:71:28:9d:f4:c2:54:b2:8e:02:e9:1c:1b:27:6d:
00:96:be:53:6c:de:7d:c4:31:17:e2:b2:38:b6:5e:a5:48:d5:
f2:5c:fb:6d:c9:66:fc:30:a7:75:4c:11:a0:d5:ec:26:ff:12:
19:62:30:92:ca:2d:33:98:cf:e4:72:b9:ef:82:a1:fa:ec:44:
91:dc:10:e9:23:ca:7e:9b:90:f1:22:4f:9f:b8:b6:2a:0e:5c:
fa:ba:9f:8c:5e:51:67:17:61:ec:9c:cb:50:b9:5a:df:05:37:
77:d4:27:0f:b1:1f:14:b1:e4:32:12:7c:b4:2d:93:51:92:61:
01:06:98:7a:97:aa:61:33:90:8d:7e:5b:d7:e5:c5:d9:36:71:
28:59:c6:76:ef:40:8f:64:f4:05:f8:d8:fa:fc:8a:fe:20:c6:
df:d3:5b:a6:ff:dc:ce:cc:7e:d7:64:c5:b9:da:94:f9:67:97:
d1:30:6a:8f:c3:fb:27:91:63:aa:0e:71:e9:ba:e6:0d:c2:70:
20:d2:6e:2a:72:32:ef:34:c4:d0:0a:13:af:06:59:d7:06:b6:
9e:22:3e:35:7a:0e:82:c5:57:c3:82:1b:b1:77:95:e4:e4:a8:
b5:61:f4:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkjxCEiCT0Ljc6z7LjiRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTQ1MWUyNDVlMDFiYTliMmZiMjMxNGMyNjA5ZTdiMTUx
ZTc0YTIwHhcNMjQwMTAxMTAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc1Mjk0N2ZmNzNlYTc5Y2NiNDAyNTM4Y2RlNzFmNmUzZjBlM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZhT3uGcVVCZVRrl5/6f6O+aFMVN
ho5ivzh3Ga3auN4PnaYaj2vtkYJTmjmAAg3xIqY4kBpa82KuUcMK4nmwxgJ598CF
b8+/b6mUQyCJw4zMSOSsqYe8RU4z+A0QtJy0pjGn02BRVSRn4y9qG1t5ldPLJTVE
ugN88CKtOkxCUK5qlNdut96jIjYh6Jpl8Fx0wnRDjJ6mON/UfVlacI+xWxw9UY2L
y+PrEgy0lVEtkktRjvURB3G0lVRB7pdPSariJW0BDNH5GMJRCym5P5M1H5l4aebU
z2K4EwU0SANYgkcB1wMNAOfMz7skqgGUllHF1CrUCCTFRkMi3+51+abB6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNB1KUf/c+p5zLQCU4zecfbj8OPSMB8GA1UdIwQY
MBaAFCakUeJF4BupsvsjFMJgnnsVHnSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFSUjRrWGdHNm15LXlNVXdtQ2VleFVlZEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hMDc3MzktNjBiYS00ZTE5LWJjNTUt
YjU2YzUzNjYyMDI4LzEvMEhVcFJfOXo2bm5NdEFKVGpONXg5dVB3NDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hMDc3MzktNjBiYS00ZTE5LWJjNTUtYjU2YzUzNjYyMDI4
LzEvSnFSUjRrWGdHNm15LXlNVXdtQ2VleFVlZEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFV+4gAwQC
uS8oAwQAwh8nMA0EAgACMAcDBQAqAgDAMA0GCSqGSIb3DQEBCwUAA4IBAQACYxk4
EmB4XOKpCFIE46CYLdhp2A/FcSid9MJUso4C6RwbJ20Alr5TbN59xDEX4rI4tl6l
SNXyXPttyWb8MKd1TBGg1ewm/xIZYjCSyi0zmM/kcrnvgqH67ESR3BDpI8p+m5Dx
Ik+fuLYqDlz6up+MXlFnF2HsnMtQuVrfBTd31CcPsR8UseQyEny0LZNRkmEBBph6
l6phM5CNflvX5cXZNnEoWcZ270CPZPQF+Nj6/Ir+IMbf01um/9zOzH7XZMW52pT5
Z5fRMGqPw/snkWOqDnHpuuYNwnAg0m4qcjLvNMTQChOvBlnXBraeIj41eg6CxVfD
ghuxd5Xk5Ki1YfRZ
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:12:48 2024 by rpki-client on console-fra.rpki-client.org