Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/HGu0zMc7Lx97ckvyWLDsIFYHm4c.roa
File: HGu0zMc7Lx97ckvyWLDsIFYHm4c.roa (raw, json)
Hash identifier: nfrjUzUcOnqwS+5MXrTeO2LSr9m5+dFXHlOySBGBPIU=
Subject key identifier: 1C:6B:B4:CC:C7:3B:2F:1F:7B:72:4B:F2:58:B0:EC:20:56:07:9B:87
Certificate issuer: /CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Certificate serial: 018CCA29F3169EEE656F7979AFE60805481A
Authority key identifier: 9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/HGu0zMc7Lx97ckvyWLDsIFYHm4c.roa
Signing time: Tue 02 Jan 2024 12:33:15 +0000
ROA not before: Tue 02 Jan 2024 12:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201990
IP address blocks: 193.218.203.0/24 maxlen: 24
217.197.102.0/24 maxlen: 24
45.90.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f3:16:9e:ee:65:6f:79:79:af:e6:08:05:48:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Validity
Not Before: Jan 2 12:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c6bb4ccc73b2f1f7b724bf258b0ec2056079b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:30:53:dc:99:32:8f:f4:7b:e6:b6:5d:95:02:
63:60:ab:b0:18:61:8f:58:62:22:cc:ad:b3:e7:24:
27:09:3c:4f:a9:56:57:48:15:bf:de:fe:01:6a:a0:
06:8f:db:31:a5:c9:84:49:46:bd:c7:ce:92:ad:ba:
65:02:9d:8b:61:58:c4:ce:61:08:57:4b:2b:99:c9:
0c:b3:e9:29:1e:e1:3d:ba:d3:54:53:d1:88:d5:2e:
fe:4c:8e:05:31:f1:f5:d9:0f:6d:f0:82:3e:ea:3f:
db:bb:42:73:8e:f0:46:9b:18:7e:38:94:a5:b4:61:
a4:44:e8:22:67:12:65:31:e3:30:61:b8:d8:17:69:
6b:21:a3:52:f4:7c:00:01:4d:30:85:b2:f0:93:f5:
57:07:a3:4e:a1:84:5a:4d:2d:75:32:54:65:f1:ea:
50:fe:94:20:cb:f8:8e:11:bc:13:61:1a:1a:a1:27:
41:f8:e8:6d:b9:d9:4d:a2:5b:60:62:49:57:42:2b:
0a:7b:da:6d:02:ec:54:1b:2d:b7:96:d1:50:04:3b:
52:cc:24:e9:6d:19:f1:75:d3:6b:ea:9d:b8:60:3e:
4a:72:9a:9e:81:e5:1a:30:db:75:12:a0:af:10:8a:
9d:d6:e5:36:e1:db:ed:92:47:8b:c8:c3:75:b4:95:
5e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6B:B4:CC:C7:3B:2F:1F:7B:72:4B:F2:58:B0:EC:20:56:07:9B:87
X509v3 Authority Key Identifier:
keyid:9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/HGu0zMc7Lx97ckvyWLDsIFYHm4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.43.0/24
193.218.203.0/24
217.197.102.0/24
Signature Algorithm: sha256WithRSAEncryption
55:53:ca:d0:5b:51:d7:a1:51:ee:51:d4:6e:68:89:15:4f:72:
29:16:89:30:65:59:8f:c9:65:69:45:a3:4e:1b:e8:5f:da:5d:
66:b2:ff:88:a8:79:c7:e8:f7:cc:09:87:c3:9c:b6:bc:d9:8b:
b9:76:06:ad:f7:17:fa:49:b5:f7:c3:b2:82:50:8d:8f:36:03:
7a:f8:0e:48:79:72:40:c3:b7:94:b2:47:41:21:30:17:f6:1d:
73:61:07:76:e7:26:81:bd:de:27:53:a1:71:fb:46:5d:b2:c9:
e4:76:b3:46:75:7d:eb:6e:c9:56:10:b5:a1:e6:16:2e:9a:e1:
6b:00:8e:11:2f:37:29:0c:e2:6e:c5:04:87:62:7a:79:1c:83:
95:31:d1:d7:f8:d0:c1:88:8e:63:cf:03:03:31:ea:10:33:de:
d3:0d:d7:98:05:bb:bd:88:ea:4f:31:b4:98:f9:73:54:d2:00:
ff:18:e2:28:44:fa:09:4f:06:bd:a0:ac:6c:79:56:37:21:82:
0a:3b:0b:26:83:86:80:f3:48:ca:eb:91:64:e9:4c:4b:3d:65:
4c:30:09:7b:62:9b:5a:ad:5e:65:be:2a:8d:ce:09:68:b5:23:
7a:2d:ed:b8:90:c3:ad:18:1c:2d:7d:ba:88:de:87:1d:aa:ca:
07:c7:66:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKfMWnu5lb3l5r+YIBUgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjE4NWU5OWZmZTYxMTUyN2EwZTk0MzMxMTUxZmZlMmVl
NzJhZTkwHhcNMjQwMTAyMTIzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZiYjRjY2M3M2IyZjFmN2I3MjRiZjI1OGIwZWMyMDU2MDc5Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizBT3Jkyj/R75rZdlQJjYKuwGGGP
WGIizK2z5yQnCTxPqVZXSBW/3v4BaqAGj9sxpcmESUa9x86SrbplAp2LYVjEzmEI
V0srmckMs+kpHuE9utNUU9GI1S7+TI4FMfH12Q9t8II+6j/bu0JzjvBGmxh+OJSl
tGGkROgiZxJlMeMwYbjYF2lrIaNS9HwAAU0whbLwk/VXB6NOoYRaTS11MlRl8epQ
/pQgy/iOEbwTYRoaoSdB+OhtudlNoltgYklXQisKe9ptAuxUGy23ltFQBDtSzCTp
bRnxddNr6p24YD5KcpqegeUaMNt1EqCvEIqd1uU24dvtkkeLyMN1tJVeCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBxrtMzHOy8fe3JL8liw7CBWB5uHMB8GA1UdIwQY
MBaAFJ3xhemf/mEVJ6DpQzEVH/4u5yrpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2Et
ZjI5OTBjZWI5NGVjLzEvSEd1MHpNYzdMeDk3Y2t2eVdMRHNJRllIbTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2EtZjI5OTBjZWI5NGVj
LzEvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVorAwQA
wdrLAwQA2cVmMA0GCSqGSIb3DQEBCwUAA4IBAQBVU8rQW1HXoVHuUdRuaIkVT3Ip
FokwZVmPyWVpRaNOG+hf2l1msv+IqHnH6PfMCYfDnLa82Yu5dgat9xf6SbX3w7KC
UI2PNgN6+A5IeXJAw7eUskdBITAX9h1zYQd25yaBvd4nU6Fx+0ZdssnkdrNGdX3r
bslWELWh5hYumuFrAI4RLzcpDOJuxQSHYnp5HIOVMdHX+NDBiI5jzwMDMeoQM97T
DdeYBbu9iOpPMbSY+XNU0gD/GOIoRPoJTwa9oKxseVY3IYIKOwsmg4aA80jK65Fk
6UxLPWVMMAl7YptarV5lviqNzglotSN6Le24kMOtGBwtfbqI3ocdqsoHx2a3
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:12:34 2024 by rpki-client on console-ams.rpki-client.org