Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/1-HpsrpmMdTDHdfBKxbTpNc4byDw.roa
File: 1-HpsrpmMdTDHdfBKxbTpNc4byDw.roa (raw, json)
Hash identifier: Uphk+8aKqnGpFHYuk6i+WYE7+NxG7F7J9fYuqXCZa2M=
Subject key identifier: F8:7A:6C:AE:99:8C:75:30:C7:75:F0:4A:C5:B4:E9:35:CE:1B:C8:3C
Certificate issuer: /CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Certificate serial: 018CC726782DD279072899322E0446E06133
Authority key identifier: AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/1-HpsrpmMdTDHdfBKxbTpNc4byDw.roa
Signing time: Mon 01 Jan 2024 22:30:36 +0000
ROA not before: Mon 01 Jan 2024 22:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15412
IP address blocks: 85.95.24.0/22 maxlen: 24
80.77.0.0/20 maxlen: 24
62.216.128.0/19 maxlen: 24
89.17.96.0/19 maxlen: 19
2001:1a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:78:2d:d2:79:07:28:99:32:2e:04:46:e0:61:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Validity
Not Before: Jan 1 22:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f87a6cae998c7530c775f04ac5b4e935ce1bc83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:32:7f:94:8a:a1:c7:5b:78:91:f5:3f:cf:61:
7b:40:ed:c7:1f:92:80:f3:13:1d:a4:ec:bc:9e:50:
9a:15:9e:13:22:0e:de:04:17:82:b4:38:28:87:50:
70:14:2f:7f:2d:26:94:e9:b2:b8:a9:60:02:e3:bb:
98:a9:e0:77:da:bd:e7:48:08:2d:85:3f:f7:8e:94:
3c:1a:e6:3d:8f:87:20:5e:07:50:15:94:3b:5b:5a:
79:72:93:fc:fa:d3:3a:0e:4e:0f:bd:07:9a:99:cf:
63:c6:fc:a6:0f:0c:9d:0e:b0:2f:1b:84:c9:61:b7:
2b:fb:e1:72:65:d7:79:39:cb:5a:b3:aa:9e:d3:a5:
fb:1f:d3:96:29:ac:6e:b9:84:4b:85:55:d1:cf:38:
57:44:3e:fe:cb:43:50:99:a7:fc:7e:1b:b9:2c:c1:
d2:bd:da:69:94:65:ca:b3:0b:6d:92:8e:b1:ba:ba:
fe:d0:ba:8a:f7:65:a8:31:49:c1:44:1d:ea:2f:88:
e7:8a:56:3a:8a:96:99:0b:6e:95:2b:66:8f:77:f0:
bd:4c:9f:f9:b5:f5:60:00:e3:8d:85:ef:44:f8:3f:
7f:d0:8e:54:c4:13:e9:42:fd:44:86:86:c9:35:aa:
f6:66:ba:d8:0e:b5:af:1b:51:64:62:b6:7d:30:55:
0b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7A:6C:AE:99:8C:75:30:C7:75:F0:4A:C5:B4:E9:35:CE:1B:C8:3C
X509v3 Authority Key Identifier:
keyid:AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/1-HpsrpmMdTDHdfBKxbTpNc4byDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.128.0/19
80.77.0.0/20
85.95.24.0/22
89.17.96.0/19
IPv6:
2001:1a00::/32
Signature Algorithm: sha256WithRSAEncryption
93:2a:8d:3d:74:7e:eb:d0:60:a9:09:98:45:41:63:73:95:86:
05:98:08:75:28:11:d2:10:de:34:d3:74:e6:ff:29:a2:c2:aa:
6b:99:17:95:9b:2c:53:c1:28:af:f9:fd:b0:8a:7f:26:a1:30:
6c:f5:12:10:c0:5f:ba:00:3f:f8:8f:8b:c9:25:01:96:95:6e:
c4:8b:67:03:3f:25:be:a0:7e:58:e8:93:3f:e6:eb:8c:27:ed:
12:0e:df:95:d6:45:b6:27:e0:62:ae:50:d3:88:e4:b0:80:1f:
4e:29:e1:46:bc:19:27:64:4b:9f:0e:36:97:27:3f:99:59:a2:
fa:02:6f:61:ae:f3:b9:8b:f3:ee:27:63:48:99:e7:28:18:64:
58:63:d2:c7:48:92:ad:11:74:20:ef:99:ba:bf:6b:d1:74:b7:
2b:1f:e8:1b:2f:cf:b0:c4:53:33:5a:9e:c4:cb:f3:81:c4:3f:
62:b9:28:71:ff:8c:3d:3f:59:4d:7a:de:5f:4c:14:7c:f9:2a:
5b:07:8c:9a:5d:f3:95:cb:07:7c:4b:63:ef:6f:a3:8b:72:55:
09:6f:fe:6d:0f:e4:25:fd:34:08:8b:43:0c:08:98:e4:e1:96:
5a:4a:8a:40:df:88:5e:4a:81:1c:ff:7d:f0:be:81:05:59:5d:
35:92:33:ee
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHJngt0nkHKJkyLgRG4GEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhM2FlZDkxZjI5YjJjYzdkM2UwNWYyNDBkOTkxMzc1ODFk
OWI1YjMwHhcNMjQwMTAxMjIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdhNmNhZTk5OGM3NTMwYzc3NWYwNGFjNWI0ZTkzNWNlMWJjODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizJ/lIqhx1t4kfU/z2F7QO3HH5KA
8xMdpOy8nlCaFZ4TIg7eBBeCtDgoh1BwFC9/LSaU6bK4qWAC47uYqeB32r3nSAgt
hT/3jpQ8GuY9j4cgXgdQFZQ7W1p5cpP8+tM6Dk4PvQeamc9jxvymDwydDrAvG4TJ
Ybcr++FyZdd5Octas6qe06X7H9OWKaxuuYRLhVXRzzhXRD7+y0NQmaf8fhu5LMHS
vdpplGXKswttko6xurr+0LqK92WoMUnBRB3qL4jnilY6ipaZC26VK2aPd/C9TJ/5
tfVgAOONhe9E+D9/0I5UxBPpQv1EhobJNar2ZrrYDrWvG1FkYrZ9MFUL+wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPh6bK6ZjHUwx3XwSsW06TXOG8g8MB8GA1UdIwQY
MBaAFKo67ZHymyzH0+BfJA2ZE3WB2bWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYt
MDRlMWViMmE5MzI4LzEvMS1IcHNycG1NZFRESGRmQkt4YlRwTmM0YnlEdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzMvOGUwZjYzLWVmN2EtNDY2Mi1iMDQ2LTA0ZTFlYjJhOTMy
OC8xL3FqcnRrZktiTE1mVDRGOGtEWmtUZFlIWnRiTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBT7YgAME
BFBNAAMEAlVfGAMEBVkRYDANBAIAAjAHAwUAIAEaADANBgkqhkiG9w0BAQsFAAOC
AQEAkyqNPXR+69BgqQmYRUFjc5WGBZgIdSgR0hDeNNN05v8posKqa5kXlZssU8Eo
r/n9sIp/JqEwbPUSEMBfugA/+I+LySUBlpVuxItnAz8lvqB+WOiTP+brjCftEg7f
ldZFtifgYq5Q04jksIAfTinhRrwZJ2RLnw42lyc/mVmi+gJvYa7zuYvz7idjSJnn
KBhkWGPSx0iSrRF0IO+Zur9r0XS3Kx/oGy/PsMRTM1qexMvzgcQ/Yrkocf+MPT9Z
TXreX0wUfPkqWweMml3zlcsHfEtj72+ji3JVCW/+bQ/kJf00CItDDAiY5OGWWkqK
QN+IXkqBHP998L6BBVldNZIz7g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:17 2024 by rpki-client on console-fra.rpki-client.org