Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/HmRNEG73OpkyQsJb8bSYktB3pbA.roa
File: HmRNEG73OpkyQsJb8bSYktB3pbA.roa (raw, json)
Hash identifier: digZJByV4X9NpSL18b/aeMHf71SxN8fWs53QahPbS0I=
Subject key identifier: 1E:64:4D:10:6E:F7:3A:99:32:42:C2:5B:F1:B4:98:92:D0:77:A5:B0
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 018E1925565887D6A1B04397FB37558DA87A
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/HmRNEG73OpkyQsJb8bSYktB3pbA.roa
Signing time: Thu 07 Mar 2024 13:41:01 +0000
ROA not before: Thu 07 Mar 2024 13:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 185.194.84.0/23 maxlen: 24
194.213.114.0/23 maxlen: 24
194.213.114.0/24 maxlen: 24
194.213.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:25:56:58:87:d6:a1:b0:43:97:fb:37:55:8d:a8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Mar 7 13:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e644d106ef73a993242c25bf1b49892d077a5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b1:e1:89:ee:bd:c6:0e:79:4f:36:b9:ec:4d:
33:2a:8c:35:ce:6d:31:e1:7e:96:a9:4d:5e:97:b1:
a9:2f:1c:8e:8b:97:19:7d:6d:b1:37:3c:d8:40:dc:
e7:8e:7a:85:35:2b:01:53:32:cf:21:99:ea:6b:43:
65:ef:54:cc:61:9e:91:60:5e:24:d9:a6:8c:1e:d6:
ff:47:44:42:17:cc:21:75:3e:3b:75:94:f1:ee:fb:
2c:2c:a1:a1:5c:2c:38:99:64:86:6a:6d:69:30:27:
d6:13:61:00:aa:eb:ec:0a:26:6b:57:28:44:96:3d:
fe:9d:e2:02:fb:aa:31:27:1c:b5:ce:49:5d:2e:59:
5d:13:11:3c:d1:8a:12:2b:87:f8:e0:48:32:d1:f3:
ae:69:f5:cc:59:43:55:13:3a:62:00:9f:40:fe:0f:
8b:af:93:2c:4d:4b:af:e8:24:1b:a1:dd:ff:26:e5:
c4:c9:1f:a5:75:62:69:98:9a:27:c5:dd:2a:c1:6b:
30:70:63:04:27:10:5e:d3:45:26:5b:4c:f6:30:0f:
8f:7b:4d:df:42:70:89:1b:c6:b7:95:67:49:4c:4a:
3b:cd:20:f0:03:a8:15:87:5d:01:01:19:62:d5:91:
bc:77:74:84:6e:29:13:f0:38:19:78:e0:e9:c5:73:
06:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:64:4D:10:6E:F7:3A:99:32:42:C2:5B:F1:B4:98:92:D0:77:A5:B0
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/HmRNEG73OpkyQsJb8bSYktB3pbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.84.0/23
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
61:18:be:fd:88:3e:03:09:66:ec:0a:6a:0c:da:1d:8f:fd:00:
5e:6e:69:c4:c7:ed:86:0d:56:c5:c0:8c:c6:46:c7:1d:2c:b9:
ec:2a:f4:e7:d8:95:99:62:42:a7:af:d4:1f:69:89:47:b1:88:
47:67:cd:a0:d4:14:04:b1:62:dd:b6:ff:db:80:be:8c:99:96:
7f:de:02:4a:75:2c:43:6e:7d:b1:88:f7:e5:33:56:0f:c2:1b:
13:6d:b0:0f:a4:48:22:e8:fc:1f:5d:4d:bf:4a:81:97:3c:19:
f7:5e:c5:db:4f:3b:f5:fc:b4:cf:28:fb:6f:76:a2:f4:46:b3:
21:0c:a8:85:d6:71:94:33:ca:f1:9e:05:eb:bd:31:02:38:82:
ed:95:cb:00:64:6b:30:81:18:2e:ab:0d:66:35:5b:ee:4b:c5:
d1:d8:4f:61:c9:6e:bc:bd:36:52:13:c5:f1:d9:79:39:8c:db:
36:ba:12:8d:60:cf:10:9b:11:a2:7d:02:8c:c0:df:96:b7:17:
c6:b1:90:21:70:73:07:bd:0f:db:1d:20:4b:7b:82:f8:f9:be:
6d:c3:4a:d5:16:60:65:d8:0d:c8:0b:0b:34:38:c4:f0:b8:82:
1c:17:48:4b:60:68:10:ee:0c:23:97:27:dd:0f:76:81:d5:9b:
a5:75:ea:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4ZJVZYh9ahsEOX+zdVjah6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YTJjMmVjZjU4YzQ0YjM1YTBkYTI5NTdmZjRkY2EyZTYw
YjY4NmEwHhcNMjQwMzA3MTM0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY0NGQxMDZlZjczYTk5MzI0MmMyNWJmMWI0OTg5MmQwNzdhNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLHhie69xg55Tza57E0zKow1zm0x
4X6WqU1el7GpLxyOi5cZfW2xNzzYQNznjnqFNSsBUzLPIZnqa0Nl71TMYZ6RYF4k
2aaMHtb/R0RCF8whdT47dZTx7vssLKGhXCw4mWSGam1pMCfWE2EAquvsCiZrVyhE
lj3+neIC+6oxJxy1zkldLlldExE80YoSK4f44Egy0fOuafXMWUNVEzpiAJ9A/g+L
r5MsTUuv6CQbod3/JuXEyR+ldWJpmJonxd0qwWswcGMEJxBe00UmW0z2MA+Pe03f
QnCJG8a3lWdJTEo7zSDwA6gVh10BARli1ZG8d3SEbikT8DgZeODpxXMGmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5kTRBu9zqZMkLCW/G0mJLQd6WwMB8GA1UdIwQY
MBaAFJmiwuz1jESzWg2ilX/03KLmC2hqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAt
ZTVkNTA3YTgyNmJmLzEvSG1STkVHNzNPcGt5UXNKYjhiU1lrdEIzcGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iYTk2NzQtZTU3MS00ZTM1LWFiMjAtZTVkNTA3YTgyNmJm
LzEvbWFMQzdQV01STE5hRGFLVmZfVGNvdVlMYUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBucJUAwQB
wtVyMA0GCSqGSIb3DQEBCwUAA4IBAQBhGL79iD4DCWbsCmoM2h2P/QBebmnEx+2G
DVbFwIzGRscdLLnsKvTn2JWZYkKnr9QfaYlHsYhHZ82g1BQEsWLdtv/bgL6MmZZ/
3gJKdSxDbn2xiPflM1YPwhsTbbAPpEgi6PwfXU2/SoGXPBn3XsXbTzv1/LTPKPtv
dqL0RrMhDKiF1nGUM8rxngXrvTECOILtlcsAZGswgRguqw1mNVvuS8XR2E9hyW68
vTZSE8Xx2Xk5jNs2uhKNYM8QmxGifQKMwN+WtxfGsZAhcHMHvQ/bHSBLe4L4+b5t
w0rVFmBl2A3ICws0OMTwuIIcF0hLYGgQ7gwjlyfdD3aB1ZuldeoX
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:43:18 2024 by rpki-client on console-fra.rpki-client.org