Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/HFxcavdAgH-U_SWJrdNZwWy0NiU.roa
File: HFxcavdAgH-U_SWJrdNZwWy0NiU.roa (raw, json)
Hash identifier: hi1O6RMmTsmMjjcT9XbiJ2YVAJF5ofN9J1hMhu7IIaQ=
Subject key identifier: 1C:5C:5C:6A:F7:40:80:7F:94:FD:25:89:AD:D3:59:C1:6C:B4:36:25
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DAD2889AD07CCA4DD99E6A4FE0D31E
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/HFxcavdAgH-U_SWJrdNZwWy0NiU.roa
Signing time: Mon 01 Jan 2024 02:29:29 +0000
ROA not before: Mon 01 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43372
IP address blocks: 88.220.112.0/24 maxlen: 24
195.136.168.0/22 maxlen: 22
88.220.130.0/23 maxlen: 23
88.220.134.0/23 maxlen: 23
88.220.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d2:88:9a:d0:7c:ca:4d:d9:9e:6a:4f:e0:d3:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c5c5c6af740807f94fd2589add359c16cb43625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:69:89:90:05:02:44:e9:2c:d1:c3:f3:88:
65:9e:90:e0:4e:0b:20:13:a2:c1:98:ba:a6:47:a9:
78:48:4a:22:6a:9d:c8:b0:da:76:ef:b8:75:9e:67:
e3:ca:f3:2f:98:80:46:c2:57:5e:b3:65:58:94:ae:
15:96:dc:4d:c7:67:ae:3d:65:73:26:c2:7c:98:ef:
17:80:c9:e6:a6:48:72:cc:fe:69:9b:11:34:55:a4:
f6:28:85:41:fc:4f:ed:78:7d:ca:bb:72:0c:c2:f4:
76:ed:15:8d:56:7c:b4:e8:66:c6:72:29:3d:bf:ec:
bd:84:39:21:44:d4:5e:f1:37:78:b8:0a:8a:eb:a6:
bc:ed:c9:e1:33:e4:b2:95:da:9a:f8:b2:03:3a:61:
d8:66:cb:ce:a5:c6:95:a1:90:f6:24:ad:d2:41:1f:
48:db:b3:89:b1:14:b7:08:50:be:fe:75:20:2f:aa:
ba:8f:8a:f8:41:8d:6f:7e:59:95:d6:56:3f:6c:be:
1a:17:63:f0:5e:7b:2b:59:ed:7d:7c:ac:39:ce:a6:
65:43:59:9d:7f:bc:f9:6a:81:af:5c:26:03:93:10:
ed:e4:1d:d9:35:31:5b:6e:7e:58:62:05:a3:37:35:
56:7d:c7:bd:26:45:c3:fe:97:3a:ce:d4:6f:3a:91:
cd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5C:5C:6A:F7:40:80:7F:94:FD:25:89:AD:D3:59:C1:6C:B4:36:25
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/HFxcavdAgH-U_SWJrdNZwWy0NiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.112.0/24
88.220.130.0/23
88.220.134.0/23
88.220.161.0/24
195.136.168.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:f4:1c:da:47:c7:30:0f:0c:73:74:14:33:57:8e:22:cf:d2:
ee:de:04:a2:5f:50:4b:ce:c2:8d:4c:64:0c:64:f3:de:d9:36:
f9:2b:95:5f:57:00:79:e2:9d:f4:62:5e:0c:4f:21:01:45:7a:
8b:d8:da:ab:85:c8:95:95:c4:bb:ea:f4:57:11:53:bc:88:17:
73:71:37:d7:e7:fa:51:d8:aa:36:41:da:cb:46:65:94:a8:a9:
e6:87:2e:ca:fa:16:4e:c7:96:ab:da:c6:73:f3:b3:80:3a:28:
8f:a0:e7:24:f9:af:ec:a8:c9:90:77:28:39:55:57:bd:bf:61:
81:28:b4:2d:ea:e1:fb:fd:3d:ed:a7:29:7e:ae:37:a3:be:dd:
d9:5f:ec:64:b7:a8:4b:05:05:fd:de:c9:99:43:0e:fe:68:23:
a3:61:a3:e9:3c:e4:11:5f:12:65:81:84:ef:ad:7a:15:ab:e3:
21:fa:cf:59:03:81:70:dc:aa:71:4a:8d:80:9f:1d:61:a6:61:
78:fe:2d:c4:0d:9e:bf:f9:9c:e8:88:e1:7d:48:49:e7:99:9d:
66:01:d4:1a:6c:96:be:34:36:23:2e:05:00:cc:a9:21:7e:d5:
dc:ac:d1:d8:33:dc:d2:02:eb:d4:71:07:ad:3a:79:70:b9:d6:
b3:66:51:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2tKImtB8yk3ZnmpP4NMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVjNWM2YWY3NDA4MDdmOTRmZDI1ODlhZGQzNTljMTZjYjQzNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxtpiZAFAkTpLNHD84hlnpDgTgsg
E6LBmLqmR6l4SEoiap3IsNp277h1nmfjyvMvmIBGwldes2VYlK4VltxNx2euPWVz
JsJ8mO8XgMnmpkhyzP5pmxE0VaT2KIVB/E/teH3Ku3IMwvR27RWNVny06GbGcik9
v+y9hDkhRNRe8Td4uAqK66a87cnhM+Syldqa+LIDOmHYZsvOpcaVoZD2JK3SQR9I
27OJsRS3CFC+/nUgL6q6j4r4QY1vflmV1lY/bL4aF2PwXnsrWe19fKw5zqZlQ1md
f7z5aoGvXCYDkxDt5B3ZNTFbbn5YYgWjNzVWfce9JkXD/pc6ztRvOpHNeQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBxcXGr3QIB/lP0lia3TWcFstDYlMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvSEZ4Y2F2ZEFnSC1VX1NXSnJkTlp3V3kwTmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWNxwAwQB
WNyCAwQBWNyGAwQAWNyhAwQCw4ioMA0GCSqGSIb3DQEBCwUAA4IBAQAO9BzaR8cw
DwxzdBQzV44iz9Lu3gSiX1BLzsKNTGQMZPPe2Tb5K5VfVwB54p30Yl4MTyEBRXqL
2NqrhciVlcS76vRXEVO8iBdzcTfX5/pR2Ko2QdrLRmWUqKnmhy7K+hZOx5ar2sZz
87OAOiiPoOck+a/sqMmQdyg5VVe9v2GBKLQt6uH7/T3tpyl+rjejvt3ZX+xkt6hL
BQX93smZQw7+aCOjYaPpPOQRXxJlgYTvrXoVq+Mh+s9ZA4Fw3KpxSo2Anx1hpmF4
/i3EDZ6/+ZzoiOF9SEnnmZ1mAdQabJa+NDYjLgUAzKkhftXcrNHYM9zSAuvUcQet
OnlwudazZlFu
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:14:50 2024 by rpki-client on console-fra.rpki-client.org