Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FlHubQ--hgsvw8CnUD1nk-peCAg.roa
File: FlHubQ--hgsvw8CnUD1nk-peCAg.roa (raw, json)
Hash identifier: 0GY66qwMRgpXmITdr1AstR8yhcar0/h0hoNcQ3CVVfI=
Subject key identifier: 16:51:EE:6D:0F:BE:86:0B:2F:C3:C0:A7:50:3D:67:93:EA:5E:08:08
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01946B7AF1DF271C26FB244E2020464150E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FlHubQ--hgsvw8CnUD1nk-peCAg.roa
Signing time: Wed 15 Jan 2025 19:40:06 +0000
ROA not before: Wed 15 Jan 2025 19:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214677
IP address blocks: 213.218.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:7a:f1:df:27:1c:26:fb:24:4e:20:20:46:41:50:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 15 19:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1651ee6d0fbe860b2fc3c0a7503d6793ea5e0808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8b:e9:16:4f:7a:6e:fd:5d:08:0d:c5:aa:a7:
c8:0e:f1:21:ea:0f:ad:e9:f9:a9:dd:05:cf:83:12:
f1:45:6f:7e:a0:8b:a3:7b:16:1c:97:8c:c3:b4:a5:
a7:d1:c6:1b:36:f2:db:f2:83:8f:fc:cf:87:0e:a9:
0d:10:19:b8:11:e0:ce:4e:14:f6:ce:46:0f:6f:a9:
ee:40:73:6b:28:03:11:1f:ab:67:08:2e:2e:43:a5:
a0:42:88:8b:b5:c9:59:c7:6d:ac:cc:07:0b:cd:b7:
92:51:fb:f5:5d:66:1f:c0:e2:52:94:b1:cf:3e:2b:
4d:91:eb:2c:ba:dd:01:c2:d7:cc:ac:47:3e:98:37:
f0:1a:de:33:e3:63:ba:a2:da:9c:fd:17:b0:23:cd:
f4:3b:da:02:12:7e:72:0d:a4:bb:16:23:d5:17:25:
3f:35:ed:9c:1c:b0:60:d7:c3:a4:13:64:15:2b:bd:
b1:f1:3a:40:7a:6a:a1:de:63:5e:15:8a:5c:b1:56:
eb:e6:b9:e6:de:7a:7c:8b:7f:ef:2a:31:51:e7:8b:
3a:1c:e1:96:af:70:f9:c3:1f:5c:dd:2c:a6:b2:4e:
2e:3f:a6:6d:71:92:33:a3:54:60:5d:ad:e0:73:42:
d3:7c:9a:02:27:31:34:51:96:2d:a6:40:f5:c0:82:
75:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:51:EE:6D:0F:BE:86:0B:2F:C3:C0:A7:50:3D:67:93:EA:5E:08:08
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FlHubQ--hgsvw8CnUD1nk-peCAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.210.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:85:a4:80:94:a9:d0:d5:6a:c0:82:b5:82:c1:db:f0:97:55:
33:60:30:8c:c8:23:fa:d2:70:d9:30:f6:80:87:e4:05:b4:d4:
5c:d8:99:9c:0f:cf:31:68:79:01:1a:86:0f:bc:e7:f7:68:c4:
f7:dc:24:79:31:20:81:cd:b4:61:06:48:8a:5b:8c:13:ba:56:
f0:ed:0e:c8:32:89:5a:f5:d6:b5:42:3f:d0:63:90:97:80:89:
4d:8a:02:1a:ed:63:6d:24:07:a5:93:76:d7:38:ed:b6:23:cc:
07:09:99:2d:c8:09:4f:69:9f:c3:b6:1b:f3:31:ef:c0:af:63:
ad:8a:e7:8e:fd:85:5e:29:2c:02:f7:7e:40:40:44:2a:e3:41:
7f:88:8e:9d:e2:71:41:e3:fa:bb:44:4f:e7:14:3c:6f:09:38:
d6:24:8a:f9:1e:f2:0d:a8:5d:3d:1d:51:b5:41:94:06:d3:fa:
76:19:2f:ed:ee:8d:29:11:fc:c7:f7:dd:15:12:16:ad:12:a0:
36:55:19:bb:67:c1:c3:db:15:85:db:6e:81:86:da:8c:a9:e3:
93:e0:3e:04:40:ab:9b:00:40:df:cd:7e:b3:e5:3b:8c:18:db:
ae:8b:23:37:05:e1:c2:6d:11:ec:59:f5:30:2f:19:2a:f1:2e:
4e:26:6f:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRrevHfJxwm+yROICBGQVDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTE1MTk0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUxZWU2ZDBmYmU4NjBiMmZjM2MwYTc1MDNkNjc5M2VhNWUwODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIvpFk96bv1dCA3FqqfIDvEh6g+t
6fmp3QXPgxLxRW9+oIujexYcl4zDtKWn0cYbNvLb8oOP/M+HDqkNEBm4EeDOThT2
zkYPb6nuQHNrKAMRH6tnCC4uQ6WgQoiLtclZx22szAcLzbeSUfv1XWYfwOJSlLHP
PitNkessut0BwtfMrEc+mDfwGt4z42O6otqc/RewI830O9oCEn5yDaS7FiPVFyU/
Ne2cHLBg18OkE2QVK72x8TpAemqh3mNeFYpcsVbr5rnm3np8i3/vKjFR54s6HOGW
r3D5wx9c3Symsk4uP6ZtcZIzo1RgXa3gc0LTfJoCJzE0UZYtpkD1wIJ13QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBZR7m0PvoYLL8PAp1A9Z5PqXggIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRmxIdWJRLS1oZ3N2dzhDblVEMW5rLXBlQ0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1drSMA0G
CSqGSIb3DQEBCwUAA4IBAQB9haSAlKnQ1WrAgrWCwdvwl1UzYDCMyCP60nDZMPaA
h+QFtNRc2JmcD88xaHkBGoYPvOf3aMT33CR5MSCBzbRhBkiKW4wTulbw7Q7IMola
9da1Qj/QY5CXgIlNigIa7WNtJAelk3bXOO22I8wHCZktyAlPaZ/DthvzMe/Ar2Ot
iueO/YVeKSwC935AQEQq40F/iI6d4nFB4/q7RE/nFDxvCTjWJIr5HvINqF09HVG1
QZQG0/p2GS/t7o0pEfzH990VEhatEqA2VRm7Z8HD2xWF226BhtqMqeOT4D4EQKub
AEDfzX6z5TuMGNuuiyM3BeHCbRHsWfUwLxkq8S5OJm/F
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:50:04 2025 by rpki-client