Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/ha-EDLnJWGMAgk2Bl75jouWAYBw.roa
File: ha-EDLnJWGMAgk2Bl75jouWAYBw.roa (raw, json)
Hash identifier: GUSYaM6ufmvIIskpqBkGVClGeoGKZe0/gtSCpkV+jQE=
Subject key identifier: 85:AF:84:0C:B9:C9:58:63:00:82:4D:81:97:BE:63:A2:E5:80:60:1C
Certificate issuer: /CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Certificate serial: 018EC78D561AA0C2344D828EE0909A8009A4
Authority key identifier: EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/ha-EDLnJWGMAgk2Bl75jouWAYBw.roa
Signing time: Wed 10 Apr 2024 10:28:32 +0000
ROA not before: Wed 10 Apr 2024 10:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213291
IP address blocks: 195.242.8.0/21 maxlen: 24
195.242.16.0/20 maxlen: 24
2a13:5947::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/6uJlMXnK_l_2ZRxgWLZ60tLISF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/6uJlMXnK_l_2ZRxgWLZ60tLISF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:8d:56:1a:a0:c2:34:4d:82:8e:e0:90:9a:80:09:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Validity
Not Before: Apr 10 10:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85af840cb9c9586300824d8197be63a2e580601c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:65:bf:7a:fe:9b:25:76:ea:a8:24:bc:55:9d:
4d:43:88:a3:34:cd:5f:c3:e3:65:a6:3c:4c:39:e1:
f0:2b:df:08:1c:95:f7:a6:1a:cf:c0:2b:0d:f3:b5:
67:09:16:de:6a:92:3e:d3:2e:f4:77:20:37:c7:53:
0d:67:92:b1:91:3c:45:55:d6:46:c8:80:46:d3:03:
cc:45:a1:83:27:83:3b:9c:c2:a2:a5:2e:8d:58:9c:
d0:13:fb:3c:c7:59:17:80:58:f5:b0:40:d0:1a:bf:
4b:31:20:20:b8:5f:f4:5f:ae:20:db:de:aa:41:3a:
bd:82:85:e7:be:5a:9f:f8:9b:77:55:cd:4d:1e:da:
8f:be:7f:c4:df:0f:6c:ab:c7:20:b7:ab:ed:78:92:
c3:77:0b:0c:43:86:01:03:70:8b:0a:f4:2a:0b:9a:
35:6a:97:5c:47:fd:41:0a:42:8f:ff:d5:74:98:b4:
a3:41:db:81:ca:2e:59:f1:f2:b5:a3:30:2e:90:94:
01:9c:64:3e:b7:73:90:31:59:df:56:5c:7c:a7:da:
0c:98:e2:8c:68:ea:64:b6:f9:b4:75:ba:53:3c:b2:
09:bd:5b:e6:08:24:2b:30:ef:be:f2:84:67:78:d5:
13:97:da:1b:11:70:8a:f4:c5:0a:17:3d:9d:a3:36:
ba:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AF:84:0C:B9:C9:58:63:00:82:4D:81:97:BE:63:A2:E5:80:60:1C
X509v3 Authority Key Identifier:
keyid:EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/ha-EDLnJWGMAgk2Bl75jouWAYBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/6uJlMXnK_l_2ZRxgWLZ60tLISF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.8.0-195.242.31.255
IPv6:
2a13:5947::/40
Signature Algorithm: sha256WithRSAEncryption
16:e8:9a:68:2e:e9:e9:58:8b:07:c2:09:63:00:f2:da:3b:67:
f4:69:06:6f:ed:ee:7d:21:8f:4b:55:9f:5f:3a:8c:cf:e1:73:
ff:fe:08:99:3f:b9:fb:f7:4e:43:a3:76:b7:65:6e:33:18:a2:
23:aa:4b:b0:65:6e:ea:a5:52:92:2d:0f:dd:6f:a8:63:ec:e3:
30:74:a2:dd:f9:f1:c8:ae:3d:7c:74:1f:c5:72:e2:8b:70:4c:
27:32:40:3f:3c:49:0f:70:2d:4f:d9:19:f8:63:92:9e:fe:92:
8e:1e:fa:61:a3:34:e6:78:02:0d:15:51:d3:4d:7d:e7:92:ab:
84:b4:a9:ae:3a:c9:da:10:e5:1e:4b:e5:d1:69:3e:20:86:f3:
99:38:39:a0:e4:1f:44:a1:a4:76:bd:01:c6:9d:97:61:a2:cf:
4d:67:5c:93:78:59:89:ee:34:2d:2d:b4:34:6f:d0:3d:e6:88:
6f:f3:53:5d:75:98:d2:39:ec:08:94:ee:ed:7c:5e:a8:21:a2:
11:ea:42:70:49:03:29:58:1b:71:cd:31:07:98:99:ba:55:7a:
06:f5:af:e7:31:d1:60:24:25:73:ae:18:7d:11:da:65:dd:37:
8d:53:ed:94:c4:13:d8:10:a0:34:a3:e0:9e:d4:b7:0c:aa:70:
2c:df:a0:aa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7HjVYaoMI0TYKO4JCagAmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZTI2NTMxNzljYWZlNWZmNjY1MWM2MDU4YjY3YWQyZDJj
ODQ4NWUwHhcNMjQwNDEwMTAyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFmODQwY2I5Yzk1ODYzMDA4MjRkODE5N2JlNjNhMmU1ODA2MDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2W/ev6bJXbqqCS8VZ1NQ4ijNM1f
w+NlpjxMOeHwK98IHJX3phrPwCsN87VnCRbeapI+0y70dyA3x1MNZ5KxkTxFVdZG
yIBG0wPMRaGDJ4M7nMKipS6NWJzQE/s8x1kXgFj1sEDQGr9LMSAguF/0X64g296q
QTq9goXnvlqf+Jt3Vc1NHtqPvn/E3w9sq8cgt6vteJLDdwsMQ4YBA3CLCvQqC5o1
apdcR/1BCkKP/9V0mLSjQduByi5Z8fK1ozAukJQBnGQ+t3OQMVnfVlx8p9oMmOKM
aOpktvm0dbpTPLIJvVvmCCQrMO++8oRneNUTl9obEXCK9MUKFz2doza67QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIWvhAy5yVhjAIJNgZe+Y6LlgGAcMB8GA1UdIwQY
MBaAFOriZTF5yv5f9mUcYFi2etLSyEheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTkt
OTkyZDc5N2Y0YmJiLzEvaGEtRURMbkpXR01BZ2syQmw3NWpvdVdBWUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTktOTkyZDc5N2Y0YmJi
LzEvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAPD8ggD
BAXD8gAwDgQCAAIwCAMGACoTWUcAMA0GCSqGSIb3DQEBCwUAA4IBAQAW6JpoLunp
WIsHwgljAPLaO2f0aQZv7e59IY9LVZ9fOozP4XP//giZP7n7905Do3a3ZW4zGKIj
qkuwZW7qpVKSLQ/db6hj7OMwdKLd+fHIrj18dB/FcuKLcEwnMkA/PEkPcC1P2Rn4
Y5Ke/pKOHvphozTmeAINFVHTTX3nkquEtKmuOsnaEOUeS+XRaT4ghvOZODmg5B9E
oaR2vQHGnZdhos9NZ1yTeFmJ7jQtLbQ0b9A95ohv81NddZjSOewIlO7tfF6oIaIR
6kJwSQMpWBtxzTEHmJm6VXoG9a/nMdFgJCVzrhh9Edpl3TeNU+2UxBPYEKA0o+Ce
1LcMqnAs36Cq
-----END CERTIFICATE-----
Generated at Sat May 11 06:39:25 2024 by rpki-client on console-fra.rpki-client.org