Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/Hk8XpTmh5JAxcOPxWA0BNww-HiY.roa
File: Hk8XpTmh5JAxcOPxWA0BNww-HiY.roa (raw, json)
Hash identifier: 53mPaoMvf+Ky8W9T7oEqF1qPddb1lcszNaHnkS2beVs=
Subject key identifier: 1E:4F:17:A5:39:A1:E4:90:31:70:E3:F1:58:0D:01:37:0C:3E:1E:26
Certificate issuer: /CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Certificate serial: 018D87E9133F988AB44954C3C09E2B3FCAA8
Authority key identifier: D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/Hk8XpTmh5JAxcOPxWA0BNww-HiY.roa
Signing time: Thu 08 Feb 2024 08:50:15 +0000
ROA not before: Thu 08 Feb 2024 08:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213306
IP address blocks: 109.94.102.0/23 maxlen: 23
109.94.102.0/24 maxlen: 24
109.94.103.0/24 maxlen: 24
185.56.223.0/24 maxlen: 24
193.201.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:87:e9:13:3f:98:8a:b4:49:54:c3:c0:9e:2b:3f:ca:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5089bce08c55daa57b4f3a3c9070fb391853ccf
Validity
Not Before: Feb 8 08:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e4f17a539a1e4903170e3f1580d01370c3e1e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:70:ab:19:b0:f0:1c:c9:22:86:d3:5e:c7:b5:
fb:91:a3:57:06:a2:5f:9d:99:c2:8b:09:88:02:8a:
92:ed:6e:6b:89:41:e1:66:99:c3:ee:91:df:e5:c9:
1a:00:86:26:98:8c:0e:b3:88:85:65:e9:f6:4d:36:
83:d0:70:44:07:ef:28:11:e4:cc:ab:3a:2d:a9:a4:
c1:bb:d7:03:04:6e:30:8c:6f:2a:52:3a:ce:cc:f6:
85:eb:b7:61:fb:40:17:ad:97:f9:c2:9f:27:28:b8:
96:b9:46:af:ea:63:f0:39:64:1c:c2:b8:7c:d5:d8:
8e:8b:37:0d:aa:25:27:d4:1e:c1:82:38:d2:a9:09:
bd:4e:b3:a7:2b:aa:72:e3:55:ca:b9:24:db:fb:45:
66:cd:e9:e9:4c:ec:b3:a5:7d:fd:02:7f:b2:f5:10:
e9:e6:77:6c:5a:d5:69:91:e3:73:3c:7d:1f:ec:ef:
d9:5f:00:89:05:08:75:76:86:cf:5c:0d:12:00:fc:
1d:ed:6a:31:86:bf:d3:45:26:8e:56:fa:31:cd:54:
b0:e0:a2:99:e0:df:eb:fa:a2:06:4d:87:ee:6c:41:
45:4b:88:31:87:33:98:9d:d2:73:4d:0f:7a:61:a6:
8a:69:58:98:21:7f:f9:db:63:5f:5b:da:59:33:7c:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4F:17:A5:39:A1:E4:90:31:70:E3:F1:58:0D:01:37:0C:3E:1E:26
X509v3 Authority Key Identifier:
keyid:D5:08:9B:CE:08:C5:5D:AA:57:B4:F3:A3:C9:07:0F:B3:91:85:3C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QibzgjFXapXtPOjyQcPs5GFPM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/Hk8XpTmh5JAxcOPxWA0BNww-HiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/02fde7-d326-43de-8520-6d71fe13d61d/1/1QibzgjFXapXtPOjyQcPs5GFPM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.94.102.0/23
185.56.223.0/24
193.201.207.0/24
Signature Algorithm: sha256WithRSAEncryption
85:8c:60:56:5b:cd:73:ef:77:98:88:e0:f5:53:8b:b2:f0:9c:
e2:f3:46:89:ac:4e:96:33:7c:c6:fd:2c:4c:ac:82:c5:bb:56:
ee:28:1b:e1:b9:f4:1d:66:7d:7f:d1:1c:58:62:dd:6a:70:e4:
6f:e2:3f:c7:40:e7:2c:5e:a8:51:09:8c:71:02:8f:f8:7e:f1:
59:cb:51:28:38:c3:8d:27:38:2e:45:50:89:11:2f:6d:2b:87:
80:ae:16:4d:f8:cf:e3:0f:a5:d1:f5:a7:8b:d9:7e:bf:bd:fa:
8d:e1:03:57:8b:33:26:05:6a:ff:34:d2:aa:f6:dc:7d:c6:76:
c7:59:3b:62:2c:b7:7b:c1:4b:14:86:5f:5d:aa:4f:42:00:b4:
b2:c7:af:8a:04:1d:a3:73:d1:8f:7d:1f:ba:a7:a9:4f:db:b6:
b7:21:9d:92:56:35:26:9c:53:43:2a:48:4f:fb:40:68:a3:fe:
60:c6:d3:9d:79:61:6f:ca:95:a3:79:8e:67:c4:bd:2e:25:b6:
e1:c2:9b:e5:38:04:e6:7e:2c:f7:77:dc:ad:ef:08:2a:5b:cf:
f5:d4:8f:3b:e3:12:18:e7:a2:01:e5:e1:34:88:98:67:e1:1e:
e9:0c:29:12:bb:3b:5c:ce:de:d6:00:f9:6d:4b:89:7c:06:ab:
3c:f0:e3:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2H6RM/mIq0SVTDwJ4rP8qoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDg5YmNlMDhjNTVkYWE1N2I0ZjNhM2M5MDcwZmIzOTE4
NTNjY2YwHhcNMjQwMjA4MDg1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTRmMTdhNTM5YTFlNDkwMzE3MGUzZjE1ODBkMDEzNzBjM2UxZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3CrGbDwHMkihtNex7X7kaNXBqJf
nZnCiwmIAoqS7W5riUHhZpnD7pHf5ckaAIYmmIwOs4iFZen2TTaD0HBEB+8oEeTM
qzotqaTBu9cDBG4wjG8qUjrOzPaF67dh+0AXrZf5wp8nKLiWuUav6mPwOWQcwrh8
1diOizcNqiUn1B7BgjjSqQm9TrOnK6py41XKuSTb+0VmzenpTOyzpX39An+y9RDp
5ndsWtVpkeNzPH0f7O/ZXwCJBQh1dobPXA0SAPwd7Woxhr/TRSaOVvoxzVSw4KKZ
4N/r+qIGTYfubEFFS4gxhzOYndJzTQ96YaaKaViYIX/522NfW9pZM3z/UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB5PF6U5oeSQMXDj8VgNATcMPh4mMB8GA1UdIwQY
MBaAFNUIm84IxV2qV7Tzo8kHD7ORhTzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAt
NmQ3MWZlMTNkNjFkLzEvSGs4WHBUbWg1SkF4Y09QeFdBMEJOd3ctSGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wMmZkZTctZDMyNi00M2RlLTg1MjAtNmQ3MWZlMTNkNjFk
LzEvMVFpYnpnakZYYXBYdFBPanlRY1BzNUdGUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbV5mAwQA
uTjfAwQAwcnPMA0GCSqGSIb3DQEBCwUAA4IBAQCFjGBWW81z73eYiOD1U4uy8Jzi
80aJrE6WM3zG/SxMrILFu1buKBvhufQdZn1/0RxYYt1qcORv4j/HQOcsXqhRCYxx
Ao/4fvFZy1EoOMONJzguRVCJES9tK4eArhZN+M/jD6XR9aeL2X6/vfqN4QNXizMm
BWr/NNKq9tx9xnbHWTtiLLd7wUsUhl9dqk9CALSyx6+KBB2jc9GPfR+6p6lP27a3
IZ2SVjUmnFNDKkhP+0Boo/5gxtOdeWFvypWjeY5nxL0uJbbhwpvlOATmfiz3d9yt
7wgqW8/11I874xIY56IB5eE0iJhn4R7pDCkSuztczt7WAPltS4l8Bqs88OOp
-----END CERTIFICATE-----
Generated at Thu May 23 12:40:51 2024 by rpki-client on console-fra.rpki-client.org