Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/U_rRkLjI_8zW8W9T_j8hyNbH5H8.roa
File: U_rRkLjI_8zW8W9T_j8hyNbH5H8.roa (raw, json)
Hash identifier: 1sPLXdn50D+Gj8+QftUUS3U/y8BDczGCDqpUbx/HvjM=
Subject key identifier: 53:FA:D1:90:B8:C8:FF:CC:D6:F1:6F:53:FE:3F:21:C8:D6:C7:E4:7F
Certificate issuer: /CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Certificate serial: 018E75239E373FB04934783DDDE04E279751
Authority key identifier: 1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/U_rRkLjI_8zW8W9T_j8hyNbH5H8.roa
Signing time: Mon 25 Mar 2024 10:24:12 +0000
ROA not before: Mon 25 Mar 2024 10:24:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206509
IP address blocks: 86.54.164.0/24 maxlen: 24
193.108.169.0/24 maxlen: 24
194.164.97.0/24 maxlen: 24
194.164.114.0/24 maxlen: 24
194.164.181.0/24 maxlen: 24
213.254.171.0/24 maxlen: 24
213.254.178.0/24 maxlen: 24
213.254.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:23:9e:37:3f:b0:49:34:78:3d:dd:e0:4e:27:97:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d01f4dffd6fba66cdf8c374c9b0f047552705dd
Validity
Not Before: Mar 25 10:24:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53fad190b8c8ffccd6f16f53fe3f21c8d6c7e47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:13:8c:63:4a:9b:81:de:10:fd:37:a7:56:1a:
5d:f2:4c:9d:89:bc:ac:a6:0a:a0:59:10:93:0f:f8:
16:56:71:2b:e1:7b:0a:17:27:2d:45:d6:f9:28:5f:
af:d5:75:2c:fb:ab:5b:74:09:fe:28:25:66:87:0e:
ec:67:ac:29:f8:53:c3:ee:0e:05:5a:d9:ce:14:fd:
47:1a:bb:05:36:bd:78:46:dd:3c:c2:22:d8:44:59:
df:a3:00:f9:e0:5e:04:e2:ed:19:2e:d9:8f:0b:24:
fc:77:2d:21:af:f9:83:0e:fb:24:e4:10:14:08:ee:
99:d8:ab:77:c2:53:71:bc:3d:87:2b:b5:73:ec:71:
d5:f6:40:6a:2f:24:af:81:ac:39:49:d0:ca:32:22:
b9:61:c1:b0:eb:76:34:df:0b:5b:ba:89:4b:c3:57:
cb:55:b6:f3:8d:5d:8d:45:d7:9e:ac:ac:e4:4d:c7:
95:56:93:b1:fa:d3:69:51:63:f9:fe:a6:07:23:be:
32:c9:92:95:c1:9e:42:39:9c:e2:c7:cf:81:f1:f3:
7f:a4:2d:e9:78:64:6e:a0:58:4e:49:18:04:34:40:
3b:72:2f:50:ec:d0:f6:40:46:a4:95:c5:4a:79:3b:
b5:31:64:a6:7e:aa:a0:c4:5f:7b:e8:a0:1d:33:84:
35:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:D1:90:B8:C8:FF:CC:D6:F1:6F:53:FE:3F:21:C8:D6:C7:E4:7F
X509v3 Authority Key Identifier:
keyid:1D:01:F4:DF:FD:6F:BA:66:CD:F8:C3:74:C9:B0:F0:47:55:27:05:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQH03_1vumbN-MN0ybDwR1UnBd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/U_rRkLjI_8zW8W9T_j8hyNbH5H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b80384-f2fe-4456-9cae-fe4a02caef7f/1/HQH03_1vumbN-MN0ybDwR1UnBd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.164.0/24
193.108.169.0/24
194.164.97.0/24
194.164.114.0/24
194.164.181.0/24
213.254.171.0/24
213.254.178.0/24
213.254.185.0/24
Signature Algorithm: sha256WithRSAEncryption
84:04:5b:5f:55:f2:b1:82:55:e8:59:2a:14:9c:d8:a5:34:82:
76:0b:b9:e4:ec:37:f2:c9:4e:32:b8:3f:60:3d:3f:06:21:ab:
e2:45:b5:42:e2:1d:5f:1d:55:46:ff:38:22:89:da:63:cf:98:
9f:b5:c8:76:26:29:86:60:e5:6c:41:bd:d5:43:b2:fa:fe:f0:
83:7a:0e:5f:8a:67:f7:f1:87:cf:b7:ae:25:c7:d5:98:0c:69:
fc:0c:94:bb:8b:71:39:42:7c:53:e9:c5:92:7d:17:9b:f0:6d:
07:70:e9:23:35:02:2d:c2:d0:8c:f8:78:a6:cd:39:b5:9f:23:
a1:2a:e9:90:d7:5a:1c:8e:14:f8:53:ae:85:d6:f0:8c:86:d2:
6c:60:21:6b:58:96:69:a1:d0:3f:9b:f9:49:4a:44:05:47:c8:
6c:59:af:c2:e1:96:55:45:87:39:6b:a6:ad:fc:0e:5f:cd:d1:
d4:85:39:f1:9b:56:c4:42:ba:51:6b:6d:da:7d:c3:36:b2:35:
4a:eb:7d:fa:61:14:1e:80:d1:4b:84:e5:c1:c3:98:9c:98:ba:
ba:37:40:ca:60:bd:2e:b3:50:25:1e:13:05:34:5c:fc:77:1a:
a6:ce:88:46:22:dd:44:0b:36:ee:17:06:ff:a6:2d:85:0c:9a:
de:2e:2e:75
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY51I543P7BJNHg93eBOJ5dRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDFmNGRmZmQ2ZmJhNjZjZGY4YzM3NGM5YjBmMDQ3NTUy
NzA1ZGQwHhcNMjQwMzI1MTAyNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZhZDE5MGI4YzhmZmNjZDZmMTZmNTNmZTNmMjFjOGQ2YzdlNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxOMY0qbgd4Q/TenVhpd8kydibys
pgqgWRCTD/gWVnEr4XsKFyctRdb5KF+v1XUs+6tbdAn+KCVmhw7sZ6wp+FPD7g4F
WtnOFP1HGrsFNr14Rt08wiLYRFnfowD54F4E4u0ZLtmPCyT8dy0hr/mDDvsk5BAU
CO6Z2Kt3wlNxvD2HK7Vz7HHV9kBqLySvgaw5SdDKMiK5YcGw63Y03wtbuolLw1fL
VbbzjV2NRdeerKzkTceVVpOx+tNpUWP5/qYHI74yyZKVwZ5COZzix8+B8fN/pC3p
eGRuoFhOSRgENEA7ci9Q7ND2QEaklcVKeTu1MWSmfqqgxF976KAdM4Q1RQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFP60ZC4yP/M1vFvU/4/IcjWx+R/MB8GA1UdIwQY
MBaAFB0B9N/9b7pmzfjDdMmw8EdVJwXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUt
ZmU0YTAyY2FlZjdmLzEvVV9yUmtMaklfOHpXOFc5VF9qOGh5TmJINUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iODAzODQtZjJmZS00NDU2LTljYWUtZmU0YTAyY2FlZjdm
LzEvSFFIMDNfMXZ1bWJOLU1OMHliRHdSMVVuQmQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVjakAwQA
wWypAwQAwqRhAwQAwqRyAwQAwqS1AwQA1f6rAwQA1f6yAwQA1f65MA0GCSqGSIb3
DQEBCwUAA4IBAQCEBFtfVfKxglXoWSoUnNilNIJ2C7nk7DfyyU4yuD9gPT8GIavi
RbVC4h1fHVVG/zgiidpjz5iftch2JimGYOVsQb3VQ7L6/vCDeg5fimf38YfPt64l
x9WYDGn8DJS7i3E5QnxT6cWSfReb8G0HcOkjNQItwtCM+HimzTm1nyOhKumQ11oc
jhT4U66F1vCMhtJsYCFrWJZpodA/m/lJSkQFR8hsWa/C4ZZVRYc5a6at/A5fzdHU
hTnxm1bEQrpRa23afcM2sjVK6336YRQegNFLhOXBw5icmLq6N0DKYL0us1AlHhMF
NFz8dxqmzohGIt1ECzbuFwb/pi2FDJreLi51
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:34 2024 by rpki-client on console-ams.rpki-client.org