Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/Hc4AcHxvICXB0eeOXpU5wPwCWks.roa
File: Hc4AcHxvICXB0eeOXpU5wPwCWks.roa (raw, json)
Hash identifier: 0l3r8mWoD06VIZjH5okJ+7sLLYCAuGyq3FROy8fL1j8=
Subject key identifier: 1D:CE:00:70:7C:6F:20:25:C1:D1:E7:8E:5E:95:39:C0:FC:02:5A:4B
Certificate issuer: /CN=aee2f8e53627adc27678063b93d3d9fd6ece9002
Certificate serial: 018CC26D651D9329EB3FC33C7A579254DD0C
Authority key identifier: AE:E2:F8:E5:36:27:AD:C2:76:78:06:3B:93:D3:D9:FD:6E:CE:90:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/Hc4AcHxvICXB0eeOXpU5wPwCWks.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209370
IP address blocks: 176.222.26.0/24 maxlen: 24
176.222.31.0/24 maxlen: 24
185.31.239.0/24 maxlen: 24
185.31.236.0/24 maxlen: 24
185.31.237.0/24 maxlen: 24
185.31.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:65:1d:93:29:eb:3f:c3:3c:7a:57:92:54:dd:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee2f8e53627adc27678063b93d3d9fd6ece9002
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dce00707c6f2025c1d1e78e5e9539c0fc025a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8d:f9:00:c9:85:98:36:e3:a0:3a:24:fa:8c:
c7:1b:d6:12:ee:bb:14:72:ad:2c:bd:de:f0:ee:ed:
94:39:60:4d:7e:d6:64:06:a2:86:3b:4a:6d:5e:6a:
b8:bc:ff:96:ff:cf:0f:47:e3:a4:be:f8:be:7b:97:
87:d9:66:e0:ed:09:df:06:04:4f:6a:03:b4:46:95:
15:8d:88:71:87:2c:e7:8b:f3:aa:c0:41:a9:a4:db:
47:7b:71:1b:0f:83:72:a5:5b:37:04:75:f1:27:5e:
60:f8:1a:07:b3:ab:c3:fc:b0:7c:a3:e8:6a:bf:80:
37:ec:4b:0a:d6:a6:5d:30:a3:4c:8e:2a:92:4b:e1:
7a:f8:3b:60:bd:0b:da:fa:d4:87:49:00:57:71:5d:
e3:e2:f0:ca:dc:b7:f7:d9:2c:60:b7:3e:8c:f1:c5:
12:69:89:cc:4a:51:12:2c:e9:81:60:ec:6f:32:14:
bc:5e:9d:86:ed:42:9f:c8:54:91:21:ad:46:0b:1e:
1c:4b:25:c6:71:0f:ac:f1:e4:0d:29:b2:46:d7:5c:
10:d3:3b:12:40:08:d5:50:82:41:ae:bf:e8:c8:12:
3f:50:11:b9:7f:68:f6:c5:17:ee:64:af:c6:1a:de:
87:34:c0:a3:c8:8e:50:20:61:3d:eb:c6:06:f6:ab:
1b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CE:00:70:7C:6F:20:25:C1:D1:E7:8E:5E:95:39:C0:FC:02:5A:4B
X509v3 Authority Key Identifier:
keyid:AE:E2:F8:E5:36:27:AD:C2:76:78:06:3B:93:D3:D9:FD:6E:CE:90:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/Hc4AcHxvICXB0eeOXpU5wPwCWks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/193ed2-b774-42f0-aa3f-a465641a48fa/1/ruL45TYnrcJ2eAY7k9PZ_W7OkAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.222.26.0/24
176.222.31.0/24
185.31.236.0/22
Signature Algorithm: sha256WithRSAEncryption
94:87:7e:01:33:98:b5:96:de:f5:12:0f:b9:13:d0:f6:cf:f4:
59:5d:7e:dd:0c:bb:7d:0e:5f:45:fa:b8:71:5b:4e:1c:66:c7:
d3:bc:05:bd:b9:d0:92:51:a0:0f:3a:be:8a:51:8e:b8:6b:60:
06:77:36:6d:cf:c1:5e:53:7e:f8:a2:ff:b3:12:04:3e:39:1d:
e8:fb:18:a6:9d:cb:10:8a:d7:fc:ef:a8:7f:c6:32:2d:b0:74:
cf:29:4e:fa:08:2c:01:b7:f7:0e:69:03:0c:e5:5d:cb:41:3a:
04:cc:64:e2:8b:64:80:e4:7d:73:99:56:a3:9e:ff:e6:1f:c9:
51:86:aa:53:2a:0b:7c:9c:09:0b:d3:82:2d:83:3f:81:bf:c7:
b9:5d:2d:20:47:e3:5e:e6:3a:95:26:0c:59:72:12:0e:f6:ee:
75:ae:d5:1d:02:d1:c6:56:29:88:68:60:a8:bc:35:5f:3a:79:
63:9e:62:3a:ae:23:e5:81:45:c5:41:72:d8:d1:ca:c8:e0:2e:
9f:17:4b:86:cf:b4:e6:7c:af:35:63:29:d4:1b:99:78:dc:57:
a0:c9:a3:e2:81:53:01:af:60:8e:38:d6:cf:7b:2e:35:57:e9:
12:48:05:ee:7f:23:ea:46:99:fe:64:24:d6:5f:4b:85:d4:0b:
85:73:2b:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbWUdkynrP8M8eleSVN0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTJmOGU1MzYyN2FkYzI3Njc4MDYzYjkzZDNkOWZkNmVj
ZTkwMDIwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNlMDA3MDdjNmYyMDI1YzFkMWU3OGU1ZTk1MzljMGZjMDI1YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI35AMmFmDbjoDok+ozHG9YS7rsU
cq0svd7w7u2UOWBNftZkBqKGO0ptXmq4vP+W/88PR+Okvvi+e5eH2Wbg7QnfBgRP
agO0RpUVjYhxhyzni/OqwEGppNtHe3EbD4NypVs3BHXxJ15g+BoHs6vD/LB8o+hq
v4A37EsK1qZdMKNMjiqSS+F6+DtgvQva+tSHSQBXcV3j4vDK3Lf32Sxgtz6M8cUS
aYnMSlESLOmBYOxvMhS8Xp2G7UKfyFSRIa1GCx4cSyXGcQ+s8eQNKbJG11wQ0zsS
QAjVUIJBrr/oyBI/UBG5f2j2xRfuZK/GGt6HNMCjyI5QIGE968YG9qsbGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB3OAHB8byAlwdHnjl6VOcD8AlpLMB8GA1UdIwQY
MBaAFK7i+OU2J63CdngGO5PT2f1uzpACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVMNDVUWW5yY0oyZUFZN2s5UFpfVzdPa0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOTNlZDItYjc3NC00MmYwLWFhM2Yt
YTQ2NTY0MWE0OGZhLzEvSGM0QWNIeHZJQ1hCMGVlT1hwVTV3UHdDV2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOTNlZDItYjc3NC00MmYwLWFhM2YtYTQ2NTY0MWE0OGZh
LzEvcnVMNDVUWW5yY0oyZUFZN2s5UFpfVzdPa0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsN4aAwQA
sN4fAwQCuR/sMA0GCSqGSIb3DQEBCwUAA4IBAQCUh34BM5i1lt71Eg+5E9D2z/RZ
XX7dDLt9Dl9F+rhxW04cZsfTvAW9udCSUaAPOr6KUY64a2AGdzZtz8FeU374ov+z
EgQ+OR3o+ximncsQitf876h/xjItsHTPKU76CCwBt/cOaQMM5V3LQToEzGTii2SA
5H1zmVajnv/mH8lRhqpTKgt8nAkL04Itgz+Bv8e5XS0gR+Ne5jqVJgxZchIO9u51
rtUdAtHGVimIaGCovDVfOnljnmI6riPlgUXFQXLY0crI4C6fF0uGz7TmfK81YynU
G5l43FegyaPigVMBr2COONbPey41V+kSSAXufyPqRpn+ZCTWX0uF1AuFcys5
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:23:10 2024 by rpki-client on console-fra.rpki-client.org