Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hR6QgQeeTZjTLo2X4dNLLf7t5sQ.roa
File: hR6QgQeeTZjTLo2X4dNLLf7t5sQ.roa (raw, json)
Hash identifier: 8xvmk7+gU/2WTiY/0i4vUD2ATfKkI7Mk2Wrc8s/LKGE=
Subject key identifier: 85:1E:90:81:07:9E:4D:98:D3:2E:8D:97:E1:D3:4B:2D:FE:ED:E6:C4
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018CC56DF6E8CBC53B8CEE024129254F6DC3
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hR6QgQeeTZjTLo2X4dNLLf7t5sQ.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 89.191.234.0/24 maxlen: 24
141.98.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f6:e8:cb:c5:3b:8c:ee:02:41:29:25:4f:6d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=851e9081079e4d98d32e8d97e1d34b2dfeede6c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cd:9d:6d:a5:f6:bc:0c:f2:3f:c6:ea:a2:2d:
2c:04:63:9a:50:64:b9:8f:ac:31:22:cd:9f:84:b3:
b3:c9:b3:8a:78:ee:bc:06:cd:98:e5:84:e8:d7:5f:
6b:cc:43:fb:4a:97:bd:0f:07:82:b7:f7:bd:3b:26:
b2:40:29:8a:e2:b2:9e:c1:ae:b3:ac:b2:aa:f2:8f:
de:33:ec:a7:1f:4f:b7:3f:97:76:96:c9:c9:eb:8e:
f1:e0:57:96:d1:b9:05:28:d8:ca:ff:17:70:6e:8a:
39:1a:a7:d5:b9:e7:fc:74:47:08:26:d3:1c:08:6c:
c7:be:db:8a:77:d3:28:98:fa:88:db:24:5d:6e:3e:
3c:1a:36:e8:da:d8:6f:41:02:ee:9d:60:16:a5:07:
99:81:74:c1:1a:ca:e5:85:20:6f:48:63:e8:fe:30:
f0:a8:f5:c9:b8:ee:0e:1b:dd:0a:2b:c7:b9:2f:f2:
cd:8f:de:9e:99:d6:d6:7a:6b:20:d4:ea:7c:f8:0f:
48:11:6c:14:10:fe:e9:26:71:d2:d9:37:29:58:6f:
d9:57:56:72:3a:8e:88:f4:84:7d:89:d3:5e:dd:d5:
bc:40:e7:42:6d:23:ce:c9:97:df:24:7e:3e:0d:88:
8c:a0:14:c5:5b:5e:e2:b2:f4:85:23:8f:88:b7:08:
5a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1E:90:81:07:9E:4D:98:D3:2E:8D:97:E1:D3:4B:2D:FE:ED:E6:C4
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hR6QgQeeTZjTLo2X4dNLLf7t5sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.234.0/24
141.98.235.0/24
Signature Algorithm: sha256WithRSAEncryption
25:61:ae:39:50:24:7c:6f:71:14:10:1f:4e:57:8d:1f:d8:88:
26:23:d8:bd:59:a0:d8:eb:c3:81:a3:80:66:29:7a:01:d1:26:
db:63:9f:86:34:84:7d:2f:10:89:ca:a6:8f:b7:14:ba:47:50:
5e:24:c9:c5:c6:9e:ad:9a:62:63:d5:81:43:57:ee:d3:ec:fd:
54:7f:e9:67:92:64:ba:74:7a:f4:91:ad:b4:70:be:95:1a:72:
de:a2:9d:ec:81:94:2c:49:24:d0:7f:6a:c6:51:b7:84:87:e9:
31:bd:0f:10:90:cd:2e:5c:2e:2b:a8:63:55:0a:c3:5e:ac:94:
d7:59:25:d0:b3:84:33:d6:89:cc:dd:45:4d:3f:23:10:81:18:
74:bd:6b:a6:22:e4:29:b4:55:63:b9:37:c3:ae:59:9c:9b:f7:
2b:f1:e8:06:83:e9:e3:c5:70:5a:ef:1f:84:86:2e:6f:c8:eb:
0b:47:9d:fa:0d:62:bd:a6:ee:7d:7e:3f:cf:2e:40:f4:74:62:
30:6a:7b:16:91:99:0b:f6:12:79:9f:6e:66:59:bb:8b:67:25:
f6:91:45:89:b5:2f:d1:29:2a:13:58:5a:be:45:27:af:93:82:
99:39:0a:08:97:ad:c4:cb:cb:10:b4:df:eb:ba:1d:27:86:b9:
2c:dd:73:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbfboy8U7jO4CQSklT23DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTFlOTA4MTA3OWU0ZDk4ZDMyZThkOTdlMWQzNGIyZGZlZWRlNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs2dbaX2vAzyP8bqoi0sBGOaUGS5
j6wxIs2fhLOzybOKeO68Bs2Y5YTo119rzEP7Spe9DweCt/e9OyayQCmK4rKewa6z
rLKq8o/eM+ynH0+3P5d2lsnJ647x4FeW0bkFKNjK/xdwboo5GqfVuef8dEcIJtMc
CGzHvtuKd9MomPqI2yRdbj48Gjbo2thvQQLunWAWpQeZgXTBGsrlhSBvSGPo/jDw
qPXJuO4OG90KK8e5L/LNj96emdbWemsg1Op8+A9IEWwUEP7pJnHS2TcpWG/ZV1Zy
Oo6I9IR9idNe3dW8QOdCbSPOyZffJH4+DYiMoBTFW17isvSFI4+ItwhaXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIUekIEHnk2Y0y6Nl+HTSy3+7ebEMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvaFI2UWdRZWVUWmpUTG8yWDRkTkxMZjd0NXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWb/qAwQA
jWLrMA0GCSqGSIb3DQEBCwUAA4IBAQAlYa45UCR8b3EUEB9OV40f2IgmI9i9WaDY
68OBo4BmKXoB0SbbY5+GNIR9LxCJyqaPtxS6R1BeJMnFxp6tmmJj1YFDV+7T7P1U
f+lnkmS6dHr0ka20cL6VGnLeop3sgZQsSSTQf2rGUbeEh+kxvQ8QkM0uXC4rqGNV
CsNerJTXWSXQs4Qz1onM3UVNPyMQgRh0vWumIuQptFVjuTfDrlmcm/cr8egGg+nj
xXBa7x+Ehi5vyOsLR536DWK9pu59fj/PLkD0dGIwansWkZkL9hJ5n25mWbuLZyX2
kUWJtS/RKSoTWFq+RSevk4KZOQoIl63Ey8sQtN/ruh0nhrks3XNt
-----END CERTIFICATE-----
Generated at Tue May 7 04:53:05 2024 by rpki-client on console-fra.rpki-client.org