Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/HVjfY1r3U8S8K0J_OGYPyWZcT-s.roa
File: HVjfY1r3U8S8K0J_OGYPyWZcT-s.roa (raw, json)
Hash identifier: 2x05a6vJIHVK5o76xiDLo8EmT+rNsKBIS+mU7PCleFE=
Subject key identifier: 1D:58:DF:63:5A:F7:53:C4:BC:2B:42:7F:38:66:0F:C9:66:5C:4F:EB
Certificate issuer: /CN=393cc8b7d2dc70a27d40fa459e4e56c005ccc63a
Certificate serial: 018CC8DF5E0D883676933CA40A5380A48CC8
Authority key identifier: 39:3C:C8:B7:D2:DC:70:A2:7D:40:FA:45:9E:4E:56:C0:05:CC:C6:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/HVjfY1r3U8S8K0J_OGYPyWZcT-s.roa
Signing time: Tue 02 Jan 2024 06:32:10 +0000
ROA not before: Tue 02 Jan 2024 06:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50880
IP address blocks: 185.69.211.0/24 maxlen: 24
185.69.210.0/24 maxlen: 24
185.69.209.0/24 maxlen: 24
185.69.208.0/24 maxlen: 24
78.110.3.0/24 maxlen: 24
78.110.2.0/24 maxlen: 24
78.110.0.0/20 maxlen: 20
78.110.1.0/24 maxlen: 24
78.110.0.0/24 maxlen: 24
78.110.4.0/24 maxlen: 24
78.110.10.0/24 maxlen: 24
78.110.9.0/24 maxlen: 24
78.110.8.0/24 maxlen: 24
78.110.7.0/24 maxlen: 24
78.110.6.0/24 maxlen: 24
78.110.5.0/24 maxlen: 24
78.110.11.0/24 maxlen: 24
78.110.15.0/24 maxlen: 24
78.110.14.0/24 maxlen: 24
78.110.13.0/24 maxlen: 24
78.110.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:5e:0d:88:36:76:93:3c:a4:0a:53:80:a4:8c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=393cc8b7d2dc70a27d40fa459e4e56c005ccc63a
Validity
Not Before: Jan 2 06:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d58df635af753c4bc2b427f38660fc9665c4feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e7:04:38:96:86:08:3a:b9:12:1d:f6:8e:cf:
43:8c:7e:ec:5b:7e:43:20:81:b6:ed:11:28:2f:24:
9c:73:54:68:c9:c3:c9:8f:ae:47:4c:dd:61:63:8f:
02:a1:49:42:0a:12:8e:16:f4:79:d0:b1:c0:55:4f:
ea:30:2b:dd:d6:22:2d:fb:45:45:64:d0:90:82:4e:
7f:9c:64:8f:14:40:68:3b:d8:38:4d:74:40:f3:4b:
24:73:87:1f:46:3f:ad:c1:65:fa:eb:12:54:9f:6f:
df:5b:b8:de:62:db:15:49:1b:34:6c:5a:cb:30:c8:
11:3f:23:01:f2:10:0d:53:36:84:a0:ed:c5:a7:cb:
b6:35:2c:75:4e:82:49:f1:06:7e:45:85:c3:45:23:
91:c7:64:c0:7a:e7:b3:b5:df:1f:17:88:c7:b4:03:
e1:d0:96:55:ec:fa:42:27:d5:9b:b7:f8:56:42:4e:
b9:b5:d1:0a:2c:34:5d:34:b1:3c:48:48:10:2d:3d:
f1:80:b5:97:12:39:8e:08:4a:28:3b:8d:66:ec:00:
fe:93:aa:5b:97:43:08:eb:4a:9a:61:7c:89:11:c5:
94:86:1a:d3:bb:89:b9:91:01:d9:fa:56:f4:fb:99:
a4:d8:d7:3d:51:e6:f1:73:9f:4c:fd:c3:5e:22:c8:
c2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:58:DF:63:5A:F7:53:C4:BC:2B:42:7F:38:66:0F:C9:66:5C:4F:EB
X509v3 Authority Key Identifier:
keyid:39:3C:C8:B7:D2:DC:70:A2:7D:40:FA:45:9E:4E:56:C0:05:CC:C6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTzIt9LccKJ9QPpFnk5WwAXMxjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/HVjfY1r3U8S8K0J_OGYPyWZcT-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/137002-e75f-4201-9988-991a1c714f95/1/OTzIt9LccKJ9QPpFnk5WwAXMxjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.0.0/20
185.69.208.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:c3:23:06:3d:67:7e:09:dc:52:e4:12:31:0e:9a:99:fe:d8:
77:24:59:c6:0a:1e:c6:74:1c:03:e3:01:dd:5d:c1:bf:e9:e9:
ab:be:19:a2:a5:5c:a0:35:9d:6d:c1:44:4c:c4:90:fd:59:dd:
a4:ec:67:37:20:b6:84:8a:6d:b4:05:33:0b:a0:52:48:46:f8:
fd:91:27:83:88:83:a7:43:98:9b:a0:60:91:00:53:be:fe:48:
3a:f4:d7:25:ae:ba:55:f3:78:ae:ad:c7:58:f8:d1:4c:6c:e2:
d7:19:8c:64:7e:c1:be:1b:fa:0f:17:d0:fe:60:ba:bb:5b:17:
70:8e:d3:8a:89:69:40:71:ff:3d:54:76:1c:73:7a:eb:b9:30:
f8:54:7d:d7:53:e1:35:c2:06:ba:7b:b9:6a:7e:39:cf:a8:bc:
a0:68:90:cb:cc:7d:40:de:7d:5e:a4:8a:ed:9e:7e:24:21:34:
03:95:a6:4b:91:3b:6d:34:92:8b:be:26:fa:23:c1:f4:9d:5f:
4d:9b:28:01:84:07:81:0c:69:e1:48:e9:a4:83:5c:f8:e7:39:
09:80:6b:16:4b:fa:3c:91:1a:15:f6:2b:cd:1d:2e:01:69:99:
c1:29:0c:52:40:f2:77:94:31:8d:06:76:cf:1b:39:17:4f:a0:
5b:cd:b5:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI314NiDZ2kzykClOApIzIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5M2NjOGI3ZDJkYzcwYTI3ZDQwZmE0NTllNGU1NmMwMDVj
Y2M2M2EwHhcNMjQwMTAyMDYzMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDU4ZGY2MzVhZjc1M2M0YmMyYjQyN2YzODY2MGZjOTY2NWM0ZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+cEOJaGCDq5Eh32js9DjH7sW35D
IIG27REoLyScc1RoycPJj65HTN1hY48CoUlCChKOFvR50LHAVU/qMCvd1iIt+0VF
ZNCQgk5/nGSPFEBoO9g4TXRA80skc4cfRj+twWX66xJUn2/fW7jeYtsVSRs0bFrL
MMgRPyMB8hANUzaEoO3Fp8u2NSx1ToJJ8QZ+RYXDRSORx2TAeueztd8fF4jHtAPh
0JZV7PpCJ9Wbt/hWQk65tdEKLDRdNLE8SEgQLT3xgLWXEjmOCEooO41m7AD+k6pb
l0MI60qaYXyJEcWUhhrTu4m5kQHZ+lb0+5mk2Nc9Uebxc59M/cNeIsjClQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1Y32Na91PEvCtCfzhmD8lmXE/rMB8GA1UdIwQY
MBaAFDk8yLfS3HCifUD6RZ5OVsAFzMY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzcwMDItZTc1Zi00MjAxLTk5ODgt
OTkxYTFjNzE0Zjk1LzEvSFZqZlkxcjNVOFM4SzBKX09HWVB5V1pjVC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzcwMDItZTc1Zi00MjAxLTk5ODgtOTkxYTFjNzE0Zjk1
LzEvT1R6SXQ5TGNjS0o5UVBwRm5rNVd3QVhNeGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQETm4AAwQC
uUXQMA0GCSqGSIb3DQEBCwUAA4IBAQAfwyMGPWd+CdxS5BIxDpqZ/th3JFnGCh7G
dBwD4wHdXcG/6emrvhmipVygNZ1twURMxJD9Wd2k7Gc3ILaEim20BTMLoFJIRvj9
kSeDiIOnQ5iboGCRAFO+/kg69NclrrpV83iurcdY+NFMbOLXGYxkfsG+G/oPF9D+
YLq7WxdwjtOKiWlAcf89VHYcc3rruTD4VH3XU+E1wga6e7lqfjnPqLygaJDLzH1A
3n1epIrtnn4kITQDlaZLkTttNJKLvib6I8H0nV9NmygBhAeBDGnhSOmkg1z45zkJ
gGsWS/o8kRoV9ivNHS4BaZnBKQxSQPJ3lDGNBnbPGzkXT6BbzbWL
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:35:31 2024 by rpki-client on console-fra.rpki-client.org