Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/278f68-c16f-4a2f-80f7-4130fa48b559/1/hqgu9Ko3T0X7TVi6gCGP5bMKvjE.roa
File: hqgu9Ko3T0X7TVi6gCGP5bMKvjE.roa (raw, json)
Hash identifier: lg9Ee9N5DOK3KoM8jZ25x59/IswbmZrx8AHghqkoEOk=
Subject key identifier: 86:A8:2E:F4:AA:37:4F:45:FB:4D:58:BA:80:21:8F:E5:B3:0A:BE:31
Certificate issuer: /CN=0a332f5adc0469533bbddcfce8957eaee58bfd60
Certificate serial: 018CC726B2317F64FC48D9A1F2A745FEE51A
Authority key identifier: 0A:33:2F:5A:DC:04:69:53:3B:BD:DC:FC:E8:95:7E:AE:E5:8B:FD:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjMvWtwEaVM7vdz86JV-ruWL_WA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/278f68-c16f-4a2f-80f7-4130fa48b559/1/hqgu9Ko3T0X7TVi6gCGP5bMKvjE.roa
Signing time: Mon 01 Jan 2024 22:30:51 +0000
ROA not before: Mon 01 Jan 2024 22:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20546
IP address blocks: 185.5.82.0/24 maxlen: 24
185.5.83.0/24 maxlen: 24
185.5.80.0/24 maxlen: 24
185.5.81.0/24 maxlen: 24
91.236.122.0/24 maxlen: 24
80.90.0.0/19 maxlen: 24
2a02:cb45:104::/48 maxlen: 48
2a02:cb42::/32 maxlen: 32
2a02:cb43::/32 maxlen: 48
2a02:cb46:0:205::/64 maxlen: 64
2a02:cb43:4007::/48 maxlen: 48
2a02:cb46:0:6::/64 maxlen: 64
2a02:cb41::/32 maxlen: 32
2a02:cb44::/32 maxlen: 32
2a02:cb46:0:3::/64 maxlen: 64
2a02:cb45:101::/48 maxlen: 48
2a02:cb40::/32 maxlen: 32
2a02:cb43:f::/48 maxlen: 48
2a02:cb46:0:204::/64 maxlen: 64
2a02:cb46::/32 maxlen: 32
2a02:cb46:0:5::/64 maxlen: 64
2a02:cb47::/32 maxlen: 32
2a02:cb45:103::/48 maxlen: 48
2a02:cb43:4009::/48 maxlen: 48
2a02:cb43:e::/48 maxlen: 48
2a02:cb46:0:2::/64 maxlen: 64
2a02:cb46:0:203::/64 maxlen: 64
2a02:cb45:102::/48 maxlen: 48
2a02:cb45::/32 maxlen: 32
2a02:cb45:105::/48 maxlen: 48
2a02:cb46:0:4::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/278f68-c16f-4a2f-80f7-4130fa48b559/1/CjMvWtwEaVM7vdz86JV-ruWL_WA.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/278f68-c16f-4a2f-80f7-4130fa48b559/1/CjMvWtwEaVM7vdz86JV-ruWL_WA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CjMvWtwEaVM7vdz86JV-ruWL_WA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:b2:31:7f:64:fc:48:d9:a1:f2:a7:45:fe:e5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a332f5adc0469533bbddcfce8957eaee58bfd60
Validity
Not Before: Jan 1 22:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86a82ef4aa374f45fb4d58ba80218fe5b30abe31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:43:62:10:4e:63:f0:64:8d:36:21:f5:46:a2:
a6:20:6f:cf:be:1b:b0:1b:30:47:4a:ca:51:ed:9e:
be:1d:5f:02:04:6a:2e:9d:cc:f3:fd:ee:1e:90:fd:
ee:af:cc:f5:23:f3:59:9f:24:a1:bc:52:d0:f0:f8:
37:3d:93:73:02:a4:8b:e2:80:83:95:61:f8:da:71:
0e:9f:96:29:a3:77:aa:e9:f8:27:a4:9d:55:37:fa:
97:6d:f5:59:98:73:f7:1e:c7:44:d9:a6:14:01:d8:
c4:78:30:5f:ba:dc:03:46:88:12:25:32:2e:b5:c0:
01:71:a7:b6:0e:29:b1:77:de:33:32:5d:a8:b0:56:
ae:55:1e:3c:4e:8c:19:26:b7:37:89:6b:db:62:15:
0f:f0:a9:8f:dc:00:f3:4a:f3:05:c5:5d:14:02:c6:
5e:ec:23:51:6b:87:c5:85:99:dc:d6:af:6f:4d:66:
f1:8d:2f:c5:c5:e2:fc:80:af:4a:d5:3a:07:ec:bf:
be:ae:13:8a:79:75:28:b7:c4:71:e7:7c:6d:6f:91:
8f:bc:89:2e:65:ae:43:ba:c7:1e:0b:a0:83:41:79:
bb:98:ca:78:3d:3c:b4:00:8a:95:f8:a0:7f:30:cb:
2a:57:41:64:d9:99:d1:da:2a:60:d0:5e:6d:3a:a8:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A8:2E:F4:AA:37:4F:45:FB:4D:58:BA:80:21:8F:E5:B3:0A:BE:31
X509v3 Authority Key Identifier:
keyid:0A:33:2F:5A:DC:04:69:53:3B:BD:DC:FC:E8:95:7E:AE:E5:8B:FD:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjMvWtwEaVM7vdz86JV-ruWL_WA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/278f68-c16f-4a2f-80f7-4130fa48b559/1/hqgu9Ko3T0X7TVi6gCGP5bMKvjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/278f68-c16f-4a2f-80f7-4130fa48b559/1/CjMvWtwEaVM7vdz86JV-ruWL_WA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.0.0/19
91.236.122.0/24
185.5.80.0/22
IPv6:
2a02:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
16:87:e4:17:7a:9a:91:b8:5a:11:0f:d8:46:91:c2:ee:56:5e:
50:fe:91:d2:1b:1f:b3:c0:f1:cf:1c:18:69:4a:e5:ec:0f:d2:
23:05:40:5f:42:20:4a:4f:96:73:15:75:ce:f2:83:c7:fb:f9:
69:af:f5:01:ca:f7:2a:3b:54:bc:71:de:76:04:fd:9e:b0:59:
f5:28:39:ae:2f:df:b3:a8:72:43:c0:77:61:0a:19:50:12:0d:
7a:a7:a3:fa:ba:d2:cc:c0:f1:16:ec:e5:29:04:c4:f6:09:90:
6f:c0:b0:c8:51:e9:21:39:7b:cf:f0:32:4d:5c:f1:c3:eb:3b:
c9:f6:fc:a2:8a:1f:18:54:e0:e5:09:05:1c:d8:de:76:75:9a:
dc:a5:d9:b8:ff:b9:94:4b:e1:3c:db:5f:fe:ac:07:94:a6:24:
ef:60:d0:c7:f6:cc:6d:94:d5:4c:8b:9e:7c:0c:e3:8e:13:96:
3f:47:67:00:9f:cf:df:96:12:9e:e4:5f:fe:19:f3:3b:fd:67:
ca:92:89:9b:6d:7b:92:c3:21:3d:7c:a7:8d:47:3d:e4:b5:de:
71:26:9c:0f:b1:96:97:82:b7:61:76:df:5d:12:34:3a:07:e9:
87:09:84:43:57:71:96:b7:0f:c8:72:69:f5:54:46:07:06:11:
c8:0a:37:59
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJrIxf2T8SNmh8qdF/uUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzMyZjVhZGMwNDY5NTMzYmJkZGNmY2U4OTU3ZWFlZTU4
YmZkNjAwHhcNMjQwMTAxMjIzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE4MmVmNGFhMzc0ZjQ1ZmI0ZDU4YmE4MDIxOGZlNWIzMGFiZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0NiEE5j8GSNNiH1RqKmIG/Pvhuw
GzBHSspR7Z6+HV8CBGounczz/e4ekP3ur8z1I/NZnyShvFLQ8Pg3PZNzAqSL4oCD
lWH42nEOn5Ypo3eq6fgnpJ1VN/qXbfVZmHP3HsdE2aYUAdjEeDBfutwDRogSJTIu
tcABcae2Dimxd94zMl2osFauVR48TowZJrc3iWvbYhUP8KmP3ADzSvMFxV0UAsZe
7CNRa4fFhZnc1q9vTWbxjS/FxeL8gK9K1ToH7L++rhOKeXUot8Rx53xtb5GPvIku
Za5DusceC6CDQXm7mMp4PTy0AIqV+KB/MMsqV0Fk2ZnR2ipg0F5tOqhlFQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIaoLvSqN09F+01YuoAhj+WzCr4xMB8GA1UdIwQY
MBaAFAozL1rcBGlTO73c/OiVfq7li/1gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pNdld0d0VhVk03dmR6ODZKVi1ydVdMX1dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8yNzhmNjgtYzE2Zi00YTJmLTgwZjct
NDEzMGZhNDhiNTU5LzEvaHFndTlLbzNUMFg3VFZpNmdDR1A1Yk1LdmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8yNzhmNjgtYzE2Zi00YTJmLTgwZjctNDEzMGZhNDhiNTU5
LzEvQ2pNdld0d0VhVk03dmR6ODZKVi1ydVdMX1dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUFoAAwQA
W+x6AwQCuQVQMA0EAgACMAcDBQMqAstAMA0GCSqGSIb3DQEBCwUAA4IBAQAWh+QX
epqRuFoRD9hGkcLuVl5Q/pHSGx+zwPHPHBhpSuXsD9IjBUBfQiBKT5ZzFXXO8oPH
+/lpr/UByvcqO1S8cd52BP2esFn1KDmuL9+zqHJDwHdhChlQEg16p6P6utLMwPEW
7OUpBMT2CZBvwLDIUekhOXvP8DJNXPHD6zvJ9vyiih8YVODlCQUc2N52dZrcpdm4
/7mUS+E821/+rAeUpiTvYNDH9sxtlNVMi558DOOOE5Y/R2cAn8/flhKe5F/+GfM7
/WfKkombbXuSwyE9fKeNRz3ktd5xJpwPsZaXgrdhdt9dEjQ6B+mHCYRDV3GWtw/I
cmn1VEYHBhHICjdZ
-----END CERTIFICATE-----
Generated at Fri May 17 20:15:48 2024 by rpki-client on console-fra.rpki-client.org