Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/HBs_Ffk6pLKLo-845SwaCNkK2KM.roa
File: HBs_Ffk6pLKLo-845SwaCNkK2KM.roa (raw, json)
Hash identifier: k7EwZUxDF05RIBR3gNYSgk/GMX2wqlW+//xf71PvITM=
Subject key identifier: 1C:1B:3F:15:F9:3A:A4:B2:8B:A3:EF:38:E5:2C:1A:08:D9:0A:D8:A3
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018D1C332A5C6DBA25F3AEE48365594D6103
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/HBs_Ffk6pLKLo-845SwaCNkK2KM.roa
Signing time: Thu 18 Jan 2024 10:52:11 +0000
ROA not before: Thu 18 Jan 2024 10:52:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 78.109.224.0/24 maxlen: 24
78.109.233.0/24 maxlen: 24
78.109.234.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:33:2a:5c:6d:ba:25:f3:ae:e4:83:65:59:4d:61:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 18 10:52:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c1b3f15f93aa4b28ba3ef38e52c1a08d90ad8a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:94:70:0c:04:3f:c5:3a:b0:40:3f:8c:61:d0:
5e:2f:df:c2:d6:a6:21:b9:15:09:6b:5b:c4:02:0d:
b9:bc:fc:f1:bb:b8:4f:b3:94:40:eb:97:ed:b9:cc:
6e:92:95:0c:40:38:d9:f5:9a:e9:33:97:ed:df:0a:
c3:73:7a:0b:43:15:c8:d6:7a:db:a4:3e:48:4e:cf:
9e:c2:08:59:55:56:be:c0:00:62:3a:40:c8:9d:f8:
20:56:5d:94:eb:cb:ec:3b:95:67:5c:83:c9:6f:5b:
55:e7:47:8e:dc:9b:25:0c:24:bf:5b:0e:31:6d:2c:
ab:96:1f:11:6c:ce:81:bb:1e:87:d9:37:9c:aa:ab:
86:8a:05:bf:5b:a0:a8:6b:e9:89:11:62:23:ac:54:
3c:46:c9:b6:56:b6:70:82:88:e1:03:6a:1a:74:00:
28:eb:40:4d:39:63:ce:76:77:60:84:46:3b:10:77:
49:cf:17:7a:51:d4:0f:99:47:ed:2a:07:f1:92:a0:
48:45:6d:c0:1f:11:26:49:ae:e5:42:8f:7a:1e:72:
79:a7:85:0d:9d:06:53:8e:83:99:e8:9c:6a:6b:fe:
8d:54:86:31:44:3f:c2:19:1f:1c:6d:d3:34:55:09:
b5:5c:03:b1:9a:53:99:0c:89:38:d6:cf:df:34:e0:
94:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1B:3F:15:F9:3A:A4:B2:8B:A3:EF:38:E5:2C:1A:08:D9:0A:D8:A3
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/HBs_Ffk6pLKLo-845SwaCNkK2KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.224.0/24
78.109.233.0-78.109.235.255
78.109.238.0/24
185.52.101.0/24
Signature Algorithm: sha256WithRSAEncryption
59:bf:03:e2:ce:dc:f8:a9:e2:68:f7:8f:46:f5:ba:fe:92:c2:
68:36:69:81:4e:bd:b9:21:b3:3a:85:06:be:98:4c:ce:38:2c:
12:fb:2a:56:75:0b:b7:3d:75:39:cd:37:18:89:60:df:c2:b5:
38:9f:e2:1f:a2:1a:e1:f7:33:72:05:25:75:9e:bb:9c:b5:ab:
28:32:7a:fe:57:4a:0f:9c:69:b2:3e:41:ae:3a:75:e6:4a:bb:
89:39:70:2e:9e:66:d8:5d:8d:14:78:48:3c:a9:e8:fd:b9:e3:
77:28:ca:63:95:a0:ae:80:00:df:62:ad:5c:f8:7d:32:7f:de:
c4:cf:33:78:76:26:d9:f1:00:e0:6e:a4:6d:32:a5:c2:d0:01:
4b:96:03:e6:b6:ff:d2:82:09:28:1a:b1:3b:91:31:16:cd:3b:
b5:d5:7a:be:21:29:4b:3c:e5:05:41:38:b4:1c:d4:82:07:9d:
a7:f3:a5:b3:98:d3:69:43:1f:ac:6f:5b:a1:d3:6b:ce:72:36:
fa:d1:15:66:19:b5:91:56:43:22:49:f9:0d:85:41:32:9e:00:
86:49:1f:8e:97:0f:5f:ec:fc:a2:b1:9d:2e:9f:ea:dc:47:5d:
ff:db:da:5d:80:53:2c:b6:97:a4:fd:42:7f:51:06:b3:a9:d7:
86:a2:e8:8b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY0cMypcbbol867kg2VZTWEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjQwMTE4MTA1MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzFiM2YxNWY5M2FhNGIyOGJhM2VmMzhlNTJjMWEwOGQ5MGFkOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJRwDAQ/xTqwQD+MYdBeL9/C1qYh
uRUJa1vEAg25vPzxu7hPs5RA65ftucxukpUMQDjZ9ZrpM5ft3wrDc3oLQxXI1nrb
pD5ITs+ewghZVVa+wABiOkDInfggVl2U68vsO5VnXIPJb1tV50eO3JslDCS/Ww4x
bSyrlh8RbM6Bux6H2TecqquGigW/W6Coa+mJEWIjrFQ8Rsm2VrZwgojhA2oadAAo
60BNOWPOdndghEY7EHdJzxd6UdQPmUftKgfxkqBIRW3AHxEmSa7lQo96HnJ5p4UN
nQZTjoOZ6Jxqa/6NVIYxRD/CGR8cbdM0VQm1XAOxmlOZDIk41s/fNOCUCwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBwbPxX5OqSyi6PvOOUsGgjZCtijMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL0hCc19GZms2cExLTG8tODQ1U3dhQ05rSzJLTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOQYIKwYBBQUHAQcBAf8EKjAoMCYEAgABMCADBABObeAw
DAMEAE5t6QMEAk5t6AMEAE5t7gMEALk0ZTANBgkqhkiG9w0BAQsFAAOCAQEAWb8D
4s7c+KniaPePRvW6/pLCaDZpgU69uSGzOoUGvphMzjgsEvsqVnULtz11Oc03GIlg
38K1OJ/iH6Ia4fczcgUldZ67nLWrKDJ6/ldKD5xpsj5Brjp15kq7iTlwLp5m2F2N
FHhIPKno/bnjdyjKY5WgroAA32KtXPh9Mn/exM8zeHYm2fEA4G6kbTKlwtABS5YD
5rb/0oIJKBqxO5ExFs07tdV6viEpSzzlBUE4tBzUggedp/Ols5jTaUMfrG9bodNr
znI2+tEVZhm1kVZDIkn5DYVBMp4AhkkfjpcPX+z8orGdLp/q3Edd/9vaXYBTLLaX
pP1Cf1EGs6nXhqLoiw==
-----END CERTIFICATE-----
Generated at Thu May 2 16:36:14 2024 by rpki-client on console-fra.rpki-client.org