Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/hpiQ9b6dADMMCgPn8qm6BE6i2jw.roa
File: hpiQ9b6dADMMCgPn8qm6BE6i2jw.roa (raw, json)
Hash identifier: yFQ/BFhaMnUnfyifn6Y0SDrP82gizO4DNf5XC02jvTU=
Subject key identifier: 86:98:90:F5:BE:9D:00:33:0C:0A:03:E7:F2:A9:BA:04:4E:A2:DA:3C
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018CC2DAEB14359B1E8E20E4D1B800C97307
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/hpiQ9b6dADMMCgPn8qm6BE6i2jw.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12570
IP address blocks: 212.96.160.0/19 maxlen: 19
80.78.144.0/20 maxlen: 20
89.190.40.0/21 maxlen: 21
109.105.32.0/19 maxlen: 19
89.190.48.0/20 maxlen: 20
212.4.128.0/19 maxlen: 19
185.8.188.0/22 maxlen: 22
88.83.224.0/19 maxlen: 19
213.211.32.0/19 maxlen: 19
2001:4ba8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:eb:14:35:9b:1e:8e:20:e4:d1:b8:00:c9:73:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869890f5be9d00330c0a03e7f2a9ba044ea2da3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:04:38:20:68:5d:1a:13:a5:95:53:b3:ff:17:
7a:d7:5b:53:79:73:cc:44:52:87:79:b1:17:9f:f2:
82:3c:be:4e:cb:e6:94:61:54:4b:e7:48:13:e2:3e:
50:1d:a7:3a:7c:8f:a2:7d:85:46:00:84:58:a7:b3:
05:31:25:f4:4d:d3:27:22:f4:7c:01:2b:6f:90:cb:
5c:a7:11:b8:4e:d6:54:88:84:54:fb:1a:32:6c:f6:
ad:33:b5:fd:9f:75:23:f7:cc:e4:58:fc:d2:69:7f:
af:12:4f:77:ae:1d:c8:3b:7d:38:2a:98:64:79:17:
2b:cb:42:92:f8:9f:7a:c2:de:a4:5f:30:ae:bc:b1:
0b:df:c6:2d:24:d4:da:6c:b4:6c:f1:d3:af:64:d4:
36:24:01:9c:47:e9:fc:5d:c0:3b:68:f0:08:90:e6:
4e:62:f3:d6:c3:2a:10:4d:c0:86:95:ef:06:bc:8e:
c2:41:dc:98:2c:eb:76:18:ed:c8:41:da:bc:61:c9:
fb:bd:52:37:a9:1e:ed:6d:4d:2e:c0:be:c7:60:82:
3b:4b:a3:4f:98:bb:e4:a6:f9:86:80:7b:d9:a7:c8:
5d:0a:e5:48:59:67:c1:04:c7:22:24:71:84:b0:e0:
db:75:28:96:cc:aa:0d:d9:9a:6c:85:e5:7a:62:ce:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:98:90:F5:BE:9D:00:33:0C:0A:03:E7:F2:A9:BA:04:4E:A2:DA:3C
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/hpiQ9b6dADMMCgPn8qm6BE6i2jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.144.0/20
88.83.224.0/19
89.190.40.0-89.190.63.255
109.105.32.0/19
185.8.188.0/22
212.4.128.0/19
212.96.160.0/19
213.211.32.0/19
IPv6:
2001:4ba8::/29
Signature Algorithm: sha256WithRSAEncryption
bc:4f:16:68:b7:cf:23:d2:7b:8c:c3:79:78:be:44:b2:04:e9:
f7:b0:88:20:04:26:9e:62:a1:ec:fc:d5:08:c5:02:62:59:2a:
1c:96:d2:65:74:72:5e:ee:44:ed:75:8f:22:f4:18:58:1e:22:
cf:e2:a6:e7:55:9b:d4:b7:c5:92:bc:64:d2:27:7e:c1:c4:b8:
92:d5:4d:91:e0:63:94:51:9c:f0:7c:8b:ab:bc:89:38:10:be:
7a:f0:91:fd:9a:b2:4a:19:32:23:57:46:00:fd:ad:90:93:e8:
cb:c2:42:0e:65:bc:d1:ec:fc:17:2e:a3:b4:83:8b:bd:ce:1d:
33:d7:38:4b:45:b3:ce:64:6b:04:b2:22:4a:50:36:43:06:56:
76:4a:13:3b:b9:8d:03:78:3f:ef:42:d2:3d:b5:58:f4:3e:28:
4f:ed:bc:b0:eb:02:d3:f0:b3:f9:76:6a:72:c3:6b:ac:45:8e:
9f:3a:f6:72:d6:3c:ce:2a:44:42:17:93:47:17:f3:ab:2e:a3:
e3:e7:ed:d2:17:ab:ae:cc:d5:6d:7e:10:e9:fc:b1:38:a7:ae:
76:d1:94:27:3b:28:ed:5b:6a:ec:2e:90:95:03:0f:b6:6e:18:
60:b0:52:7c:b9:98:63:cb:e3:91:cc:d8:6b:2b:39:8c:ac:12:
dc:e2:62:ea
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzC2usUNZsejiDk0bgAyXMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk4OTBmNWJlOWQwMDMzMGMwYTAzZTdmMmE5YmEwNDRlYTJkYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAQ4IGhdGhOllVOz/xd611tTeXPM
RFKHebEXn/KCPL5Oy+aUYVRL50gT4j5QHac6fI+ifYVGAIRYp7MFMSX0TdMnIvR8
AStvkMtcpxG4TtZUiIRU+xoybPatM7X9n3Uj98zkWPzSaX+vEk93rh3IO304Kphk
eRcry0KS+J96wt6kXzCuvLEL38YtJNTabLRs8dOvZNQ2JAGcR+n8XcA7aPAIkOZO
YvPWwyoQTcCGle8GvI7CQdyYLOt2GO3IQdq8Ycn7vVI3qR7tbU0uwL7HYII7S6NP
mLvkpvmGgHvZp8hdCuVIWWfBBMciJHGEsODbdSiWzKoN2ZpsheV6Ys7gnwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIaYkPW+nQAzDAoD5/KpugROoto8MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvaHBpUTliNmRBRE1NQ2dQbjhxbTZCRTZpMmp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQEUE6QAwQF
WFPgMAwDBANZvigDBAZZvgADBAVtaSADBAK5CLwDBAXUBIADBAXUYKADBAXV0yAw
DQQCAAIwBwMFAyABS6gwDQYJKoZIhvcNAQELBQADggEBALxPFmi3zyPSe4zDeXi+
RLIE6fewiCAEJp5ioez81QjFAmJZKhyW0mV0cl7uRO11jyL0GFgeIs/ipudVm9S3
xZK8ZNInfsHEuJLVTZHgY5RRnPB8i6u8iTgQvnrwkf2askoZMiNXRgD9rZCT6MvC
Qg5lvNHs/Bcuo7SDi73OHTPXOEtFs85kawSyIkpQNkMGVnZKEzu5jQN4P+9C0j21
WPQ+KE/tvLDrAtPws/l2anLDa6xFjp869nLWPM4qREIXk0cX86suo+Pn7dIXq67M
1W1+EOn8sTinrnbRlCc7KO1bauwukJUDD7ZuGGCwUny5mGPL45HM2GsrOYysEtzi
Yuo=
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:34:20 2024 by rpki-client on console-fra.rpki-client.org