Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/HjQkm2JT356OOTfVxzC91MAJejE.roa
File: HjQkm2JT356OOTfVxzC91MAJejE.roa (raw, json)
Hash identifier: 6EBMcahxPvJvcaJie71cxhJd2CWIr+iW37GbqtuijiY=
Subject key identifier: 1E:34:24:9B:62:53:DF:9E:8E:39:37:D5:C7:30:BD:D4:C0:09:7A:31
Certificate issuer: /CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Certificate serial: 0194228E3E4A3C3DEDBCEDF85B9FA2EC10EA
Authority key identifier: 91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/HjQkm2JT356OOTfVxzC91MAJejE.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204732
IP address blocks: 185.242.68.0/22 maxlen: 22
185.242.68.0/23 maxlen: 23
185.242.68.0/24 maxlen: 24
185.242.69.0/24 maxlen: 24
185.242.70.0/23 maxlen: 23
185.242.70.0/24 maxlen: 24
185.242.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3e:4a:3c:3d:ed:bc:ed:f8:5b:9f:a2:ec:10:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91e6d3242257b2965b6278ff8c17e16ff3f08b21
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e34249b6253df9e8e3937d5c730bdd4c0097a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:76:17:3a:75:cc:cb:d3:ee:b0:5a:03:b5:ea:
e0:a7:f2:02:09:d9:9e:a1:a7:c0:63:cf:b0:28:af:
54:92:da:2c:9d:e3:c9:5e:6e:80:b8:58:74:d9:86:
83:b9:7f:fa:b1:be:88:83:c1:ab:23:a3:61:d6:5a:
fb:4d:c6:3a:58:05:8b:14:32:39:b7:9d:aa:b9:d2:
d4:19:6e:1e:ee:53:a9:dc:a8:e0:53:4a:b7:ef:55:
56:83:d2:a9:65:98:65:dc:0f:4e:2d:a0:cd:66:e9:
2a:ef:6e:95:70:23:06:3d:ac:f9:f0:0a:e1:78:a6:
6f:4c:dd:18:fb:85:21:4a:34:99:95:30:b6:33:34:
18:f1:7f:85:98:8c:3f:3d:14:31:4e:67:c5:c1:87:
78:18:fd:10:56:d2:d1:a6:ce:ae:0d:84:98:00:01:
29:03:7a:36:12:f4:22:58:ac:3a:e5:41:29:68:3d:
68:51:a3:f4:fb:47:3a:84:ee:37:65:ef:90:f2:2c:
50:bb:a6:73:96:ec:60:ab:ce:40:ec:c9:60:74:ad:
64:5d:9e:4a:53:55:30:e7:6a:38:b6:52:6e:35:b4:
19:eb:57:e5:ea:53:01:24:5e:6e:c0:ae:b2:9b:74:
cf:57:09:0b:d3:0c:13:e5:56:81:0e:1a:28:58:a2:
da:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:34:24:9B:62:53:DF:9E:8E:39:37:D5:C7:30:BD:D4:C0:09:7A:31
X509v3 Authority Key Identifier:
keyid:91:E6:D3:24:22:57:B2:96:5B:62:78:FF:8C:17:E1:6F:F3:F0:8B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kebTJCJXspZbYnj_jBfhb_PwiyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/HjQkm2JT356OOTfVxzC91MAJejE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/0c0f61-b69c-4657-9867-7e74a6a98ecd/1/kebTJCJXspZbYnj_jBfhb_PwiyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.68.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:3b:92:e0:51:4e:a9:67:26:16:a9:c3:76:a3:0b:2e:0d:30:
6f:fc:5d:51:db:22:7b:fc:79:7e:b4:ea:71:34:47:d0:e6:9a:
47:ae:a3:54:49:73:40:d1:d3:e1:60:8e:47:5b:9a:75:b2:e9:
08:5c:98:15:48:c1:75:13:63:44:df:24:22:7a:ec:25:3c:30:
80:34:ed:18:11:c2:3a:86:c6:98:7e:12:39:a3:80:74:3a:d3:
10:9b:39:be:db:69:2e:27:bd:41:76:e3:e3:46:37:df:ef:f6:
fc:d7:ea:42:98:75:49:30:10:e7:f3:c9:29:e6:3d:42:98:ac:
f2:93:66:33:49:d1:0c:95:74:6a:b4:ab:d2:8a:a1:8e:88:47:
75:df:77:f9:9b:bb:b7:90:d7:06:62:81:f6:c6:c0:3c:b9:1a:
49:a8:ec:e8:7d:44:94:52:b4:61:ed:71:82:ea:88:39:98:49:
f9:c9:02:27:a0:50:c3:b9:a4:43:d6:3a:37:f7:2b:3d:32:07:
1a:c5:c4:62:5c:17:cd:bd:f3:ac:f8:73:bf:f2:62:a9:72:69:
2a:dc:99:1f:48:d2:7d:ef:a5:46:35:80:31:72:3e:57:25:f7:
e7:d5:cc:84:9b:61:1b:51:aa:7a:4f:c2:32:bc:ee:8d:ae:53:
ca:3d:df:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijj5KPD3tvO34W5+i7BDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZTZkMzI0MjI1N2IyOTY1YjYyNzhmZjhjMTdlMTZmZjNm
MDhiMjEwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTM0MjQ5YjYyNTNkZjllOGUzOTM3ZDVjNzMwYmRkNGMwMDk3YTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3YXOnXMy9PusFoDtergp/ICCdme
oafAY8+wKK9UktosnePJXm6AuFh02YaDuX/6sb6Ig8GrI6Nh1lr7TcY6WAWLFDI5
t52qudLUGW4e7lOp3KjgU0q371VWg9KpZZhl3A9OLaDNZukq726VcCMGPaz58Arh
eKZvTN0Y+4UhSjSZlTC2MzQY8X+FmIw/PRQxTmfFwYd4GP0QVtLRps6uDYSYAAEp
A3o2EvQiWKw65UEpaD1oUaP0+0c6hO43Ze+Q8ixQu6Zzluxgq85A7MlgdK1kXZ5K
U1Uw52o4tlJuNbQZ61fl6lMBJF5uwK6ym3TPVwkL0wwT5VaBDhooWKLa0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB40JJtiU9+ejjk31ccwvdTACXoxMB8GA1UdIwQY
MBaAFJHm0yQiV7KWW2J4/4wX4W/z8IshMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2ViVEpDSlhzcFpiWW5qX2pCZmhiX1B3aXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wYzBmNjEtYjY5Yy00NjU3LTk4Njct
N2U3NGE2YTk4ZWNkLzEvSGpRa20ySlQzNTZPT1RmVnh6QzkxTUFKZWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wYzBmNjEtYjY5Yy00NjU3LTk4NjctN2U3NGE2YTk4ZWNk
LzEva2ViVEpDSlhzcFpiWW5qX2pCZmhiX1B3aXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJEMA0G
CSqGSIb3DQEBCwUAA4IBAQClO5LgUU6pZyYWqcN2owsuDTBv/F1R2yJ7/Hl+tOpx
NEfQ5ppHrqNUSXNA0dPhYI5HW5p1sukIXJgVSMF1E2NE3yQieuwlPDCANO0YEcI6
hsaYfhI5o4B0OtMQmzm+22kuJ71BduPjRjff7/b81+pCmHVJMBDn88kp5j1CmKzy
k2YzSdEMlXRqtKvSiqGOiEd133f5m7u3kNcGYoH2xsA8uRpJqOzofUSUUrRh7XGC
6og5mEn5yQInoFDDuaRD1jo39ys9MgcaxcRiXBfNvfOs+HO/8mKpcmkq3JkfSNJ9
76VGNYAxcj5XJffn1cyEm2EbUap6T8IyvO6NrlPKPd9e
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:10 2025 by rpki-client