Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/HqojYHtJxU1G6ms08qYh97DrqEI.roa
File: HqojYHtJxU1G6ms08qYh97DrqEI.roa (raw, json)
Hash identifier: BKQU3azfNKH3cgjZkiVSKAffl6Du6x6irSj5kKutUJY=
Subject key identifier: 1E:AA:23:60:7B:49:C5:4D:46:EA:6B:34:F2:A6:21:F7:B0:EB:A8:42
Certificate issuer: /CN=8a5d86aab4c0974f0c27f43d968df426f53df5d2
Certificate serial: 018CC8DD0ABC872A587AADF1FC0B10C04FE1
Authority key identifier: 8A:5D:86:AA:B4:C0:97:4F:0C:27:F4:3D:96:8D:F4:26:F5:3D:F5:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/il2GqrTAl08MJ_Q9lo30JvU99dI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/HqojYHtJxU1G6ms08qYh97DrqEI.roa
Signing time: Tue 02 Jan 2024 06:29:38 +0000
ROA not before: Tue 02 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12637
IP address blocks: 46.174.138.0/24 maxlen: 24
46.174.137.0/24 maxlen: 24
46.174.136.0/24 maxlen: 24
2a09:dd81::/32 maxlen: 32
2a09:dd82::/32 maxlen: 32
2a09:dd80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/il2GqrTAl08MJ_Q9lo30JvU99dI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/il2GqrTAl08MJ_Q9lo30JvU99dI.mft
rsync://rpki.ripe.net/repository/DEFAULT/il2GqrTAl08MJ_Q9lo30JvU99dI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0a:bc:87:2a:58:7a:ad:f1:fc:0b:10:c0:4f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5d86aab4c0974f0c27f43d968df426f53df5d2
Validity
Not Before: Jan 2 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eaa23607b49c54d46ea6b34f2a621f7b0eba842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:68:6b:af:e6:af:81:a2:de:88:22:54:ae:
8a:63:65:34:ac:dc:02:cd:1a:fe:c8:14:37:e7:01:
0e:66:11:25:8c:62:03:42:e6:7a:0e:4b:68:0b:f1:
9c:ad:cc:e9:82:16:60:70:71:26:af:f4:29:95:88:
87:d0:3b:5c:56:ad:31:e8:c0:87:9b:12:3d:70:29:
fb:24:87:ef:f7:9c:0e:29:6b:d9:eb:98:9e:f1:ec:
b4:a6:f7:f6:cd:a1:12:26:4d:ba:dc:81:9d:13:73:
88:ed:f5:ae:56:93:39:50:41:86:82:b0:0e:ea:da:
f2:9b:47:fc:dc:2d:95:ae:a2:95:e8:60:d4:29:ac:
24:d1:49:71:87:f3:02:70:92:72:57:ba:93:cd:43:
63:9b:21:40:ef:c8:2f:c6:a5:7a:96:d5:8d:3c:9c:
c2:63:fa:30:03:fb:52:a4:43:b3:d2:64:f0:68:ec:
20:56:cb:2f:49:0f:ad:81:e4:ec:dc:d5:8f:21:50:
1e:26:da:d0:93:21:46:c9:bd:6c:71:d8:cc:c1:ae:
ad:f0:cf:52:4d:f0:5d:44:58:99:c2:52:73:66:eb:
21:41:2a:5d:8a:50:7e:5e:24:ba:ef:17:4c:6a:d8:
4f:f4:75:c2:96:13:f1:a8:eb:1d:6c:ee:ac:db:f1:
f3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AA:23:60:7B:49:C5:4D:46:EA:6B:34:F2:A6:21:F7:B0:EB:A8:42
X509v3 Authority Key Identifier:
keyid:8A:5D:86:AA:B4:C0:97:4F:0C:27:F4:3D:96:8D:F4:26:F5:3D:F5:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/il2GqrTAl08MJ_Q9lo30JvU99dI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/HqojYHtJxU1G6ms08qYh97DrqEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4cea79-2a09-4ae7-a50c-f8a836f01b21/1/il2GqrTAl08MJ_Q9lo30JvU99dI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.136.0-46.174.138.255
IPv6:
2a09:dd80::-2a09:dd82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
30:04:42:7c:9a:88:c7:0b:53:ff:51:42:48:f9:fd:b7:1a:a3:
b0:46:7b:37:08:91:84:94:b6:ef:9b:38:3a:2d:f3:4b:30:18:
7b:7f:45:f1:e4:bd:72:c7:c1:b4:cb:a3:df:68:34:bc:21:13:
d9:f2:52:e9:a6:d7:75:2d:5c:71:55:07:db:8d:e7:05:f7:32:
74:e4:b9:d3:12:ef:fa:fd:ea:ca:d2:a1:32:f5:b3:35:85:69:
b1:39:1d:6b:b7:56:05:a4:ae:72:8e:29:0f:63:55:90:37:02:
40:d1:41:4c:11:80:4d:a3:39:46:03:1d:ba:6e:c6:c5:c6:fe:
fc:5c:ed:4e:f1:63:43:31:6b:fb:4a:41:76:90:47:57:12:9a:
f5:6c:19:a2:21:61:81:60:dc:bc:81:81:87:88:17:81:3b:09:
d0:02:95:cb:59:bb:a9:b9:32:09:55:0e:d8:03:aa:48:67:3e:
bf:b0:38:8e:f4:17:50:47:88:32:52:79:8c:da:c5:f1:66:3f:
ac:6d:d9:00:7f:c7:85:dc:3e:af:19:f2:c6:a6:7c:22:fa:0c:
05:bf:bf:42:93:a5:26:dd:fe:3e:43:92:6e:a2:26:44:33:8a:
c4:54:4e:9f:9e:fb:b9:d6:60:15:19:1a:4e:32:ad:d1:18:59:
11:f5:f5:52
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzI3Qq8hypYeq3x/AsQwE/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWQ4NmFhYjRjMDk3NGYwYzI3ZjQzZDk2OGRmNDI2ZjUz
ZGY1ZDIwHhcNMjQwMTAyMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFhMjM2MDdiNDljNTRkNDZlYTZiMzRmMmE2MjFmN2IwZWJhODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn41oa6/mr4Gi3ogiVK6KY2U0rNwC
zRr+yBQ35wEOZhEljGIDQuZ6DktoC/GcrczpghZgcHEmr/QplYiH0DtcVq0x6MCH
mxI9cCn7JIfv95wOKWvZ65ie8ey0pvf2zaESJk263IGdE3OI7fWuVpM5UEGGgrAO
6trym0f83C2VrqKV6GDUKawk0Ulxh/MCcJJyV7qTzUNjmyFA78gvxqV6ltWNPJzC
Y/owA/tSpEOz0mTwaOwgVssvSQ+tgeTs3NWPIVAeJtrQkyFGyb1scdjMwa6t8M9S
TfBdRFiZwlJzZushQSpdilB+XiS67xdMathP9HXClhPxqOsdbO6s2/HzgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB6qI2B7ScVNRuprNPKmIfew66hCMB8GA1UdIwQY
MBaAFIpdhqq0wJdPDCf0PZaN9Cb1PfXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWwyR3FyVEFsMDhNSl9ROWxvMzBKdlU5OWRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80Y2VhNzktMmEwOS00YWU3LWE1MGMt
ZjhhODM2ZjAxYjIxLzEvSHFvallIdEp4VTFHNm1zMDhxWWg5N0RycUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80Y2VhNzktMmEwOS00YWU3LWE1MGMtZjhhODM2ZjAxYjIx
LzEvaWwyR3FyVEFsMDhNSl9ROWxvMzBKdlU5OWRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAUBAIAATAOMAwDBAMurogD
BAAuroowFgQCAAIwEDAOAwUHKgndgAMFACoJ3YIwDQYJKoZIhvcNAQELBQADggEB
ADAEQnyaiMcLU/9RQkj5/bcao7BGezcIkYSUtu+bODot80swGHt/RfHkvXLHwbTL
o99oNLwhE9nyUumm13UtXHFVB9uN5wX3MnTkudMS7/r96srSoTL1szWFabE5HWu3
VgWkrnKOKQ9jVZA3AkDRQUwRgE2jOUYDHbpuxsXG/vxc7U7xY0Mxa/tKQXaQR1cS
mvVsGaIhYYFg3LyBgYeIF4E7CdAClctZu6m5MglVDtgDqkhnPr+wOI70F1BHiDJS
eYzaxfFmP6xt2QB/x4XcPq8Z8samfCL6DAW/v0KTpSbd/j5Dkm6iJkQzisRUTp+e
+7nWYBUZGk4yrdEYWRH19VI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:39 2024 by rpki-client on console-fra.rpki-client.org