Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Hj67O-0TCtgqqS-gXKA5W4yOWyY.roa
File: Hj67O-0TCtgqqS-gXKA5W4yOWyY.roa (raw, json)
Hash identifier: iinLa4AKWtYaAwV3G+2j6pX+SNug3veh28wOUhQaxgc=
Subject key identifier: 1E:3E:BB:3B:ED:13:0A:D8:2A:A9:2F:A0:5C:A0:39:5B:8C:8E:5B:26
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 018CC4253D5A163E463E123C79B3A5DDDBA0
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Hj67O-0TCtgqqS-gXKA5W4yOWyY.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 176.67.160.0/20 maxlen: 24
185.7.224.0/22 maxlen: 24
176.67.169.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
109.123.64.0/18 maxlen: 24
83.170.64.0/18 maxlen: 24
82.163.72.0/21 maxlen: 24
88.202.224.0/21 maxlen: 24
77.92.64.0/19 maxlen: 24
31.24.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
46.23.64.0/20 maxlen: 24
46.23.74.0/24 maxlen: 24
88.202.176.0/20 maxlen: 24
2a02:2498:8000::/40 maxlen: 40
2a02:2498::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3d:5a:16:3e:46:3e:12:3c:79:b3:a5:dd:db:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e3ebb3bed130ad82aa92fa05ca0395b8c8e5b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ee:e9:e5:20:de:e0:55:01:75:2c:77:9e:8b:
ef:37:df:88:43:64:16:bc:19:53:40:b6:2b:71:24:
df:10:0a:f0:c6:d6:4d:d8:5c:9f:8b:83:07:ff:79:
1e:2f:22:de:51:cb:7b:34:48:b4:6b:49:f3:04:7d:
7b:91:dd:fe:08:cc:f3:64:cc:59:3d:5d:25:36:51:
97:92:e2:bb:f2:66:7f:1b:93:7e:1e:52:ae:e3:55:
ef:cd:8d:95:17:08:ae:39:f7:d7:5a:9d:81:77:d6:
bb:42:0c:90:36:f2:a8:ba:6f:86:69:c5:25:a5:8b:
72:30:2a:ca:21:9a:ee:b3:10:7a:e6:d1:e7:49:a3:
e8:93:26:ed:5d:f3:6d:59:eb:6f:6d:44:c3:d1:e0:
88:40:b6:51:81:d7:4b:23:03:7a:b2:f3:c3:ba:28:
1b:f1:86:f2:a5:3e:dc:43:01:1f:38:7b:ab:1c:ad:
61:d0:9a:2e:ab:be:bb:10:17:cb:6c:5f:73:e7:82:
65:bc:97:71:5a:d1:0b:28:72:77:8f:ab:5d:bd:cd:
ef:03:6e:34:30:3b:54:4f:65:8d:32:97:9e:ba:b9:
f8:d4:d9:42:6c:c5:90:67:b1:67:5d:d8:fe:d1:5f:
d2:55:7c:1c:e7:08:c7:71:91:ba:7e:61:ba:8a:3c:
b1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3E:BB:3B:ED:13:0A:D8:2A:A9:2F:A0:5C:A0:39:5B:8C:8E:5B:26
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Hj67O-0TCtgqqS-gXKA5W4yOWyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/20
185.7.224.0/22
IPv6:
2a02:2498::/32
Signature Algorithm: sha256WithRSAEncryption
2c:61:fb:37:4e:7b:b3:13:d7:f2:cc:76:a4:db:9f:a5:4b:f5:
51:ee:3d:fc:aa:cc:47:90:a3:28:fb:ac:25:d8:6f:ff:08:a0:
45:fd:d2:bd:b0:ab:48:b1:80:f7:02:32:c5:5e:a5:5e:64:8c:
4a:4c:bd:ff:47:94:52:80:66:1a:36:e7:02:1a:8c:d8:56:6e:
71:29:d3:be:e0:ea:d3:38:41:e6:f4:82:c4:e2:38:83:83:f9:
96:26:a7:e2:83:a9:f3:b8:b6:33:13:b1:17:43:05:4f:a8:f5:
92:5c:8b:0a:8e:8a:a5:81:04:b8:68:a2:c4:bc:f8:d9:65:eb:
03:76:8f:af:72:84:f4:62:d6:c1:fd:15:59:d1:cb:06:a4:58:
38:be:3b:e2:44:4a:34:60:f2:1b:82:d4:d3:c1:b1:9e:8c:20:
92:70:7a:83:3a:8a:69:48:2b:26:a9:62:00:a2:76:f6:da:27:
88:8d:df:02:dc:78:f2:c0:42:6c:95:37:ca:73:63:c7:9d:da:
72:20:b1:91:b9:f9:09:bd:77:5a:a9:66:7a:da:c0:f0:d3:3e:
d5:cf:2d:7c:b0:9f:7b:7d:4b:7b:e9:11:30:9f:3f:87:b5:48:
08:a4:f2:04:5d:7d:31:55:d9:5a:28:7f:44:bd:2a:dd:48:02:
45:61:1a:77
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzEJT1aFj5GPhI8ebOl3dugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNlYmIzYmVkMTMwYWQ4MmFhOTJmYTA1Y2EwMzk1YjhjOGU1YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+7p5SDe4FUBdSx3novvN9+IQ2QW
vBlTQLYrcSTfEArwxtZN2Fyfi4MH/3keLyLeUct7NEi0a0nzBH17kd3+CMzzZMxZ
PV0lNlGXkuK78mZ/G5N+HlKu41XvzY2VFwiuOffXWp2Bd9a7QgyQNvKoum+GacUl
pYtyMCrKIZrusxB65tHnSaPokybtXfNtWetvbUTD0eCIQLZRgddLIwN6svPDuigb
8YbypT7cQwEfOHurHK1h0Jouq767EBfLbF9z54JlvJdxWtELKHJ3j6tdvc3vA240
MDtUT2WNMpeeurn41NlCbMWQZ7FnXdj+0V/SVXwc5wjHcZG6fmG6ijyxswIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFB4+uzvtEwrYKqkvoFygOVuMjlsmMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvSGo2N08tMFRDdGdxcVMtZ1hLQTVXNHlPV3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDHxjgAwQD
JXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23wAwQG
bXtAAwQEsEOgAwQCuQfgMA0EAgACMAcDBQAqAiSYMA0GCSqGSIb3DQEBCwUAA4IB
AQAsYfs3TnuzE9fyzHak25+lS/VR7j38qsxHkKMo+6wl2G//CKBF/dK9sKtIsYD3
AjLFXqVeZIxKTL3/R5RSgGYaNucCGozYVm5xKdO+4OrTOEHm9ILE4jiDg/mWJqfi
g6nzuLYzE7EXQwVPqPWSXIsKjoqlgQS4aKLEvPjZZesDdo+vcoT0YtbB/RVZ0csG
pFg4vjviREo0YPIbgtTTwbGejCCScHqDOoppSCsmqWIAonb22ieIjd8C3HjywEJs
lTfKc2PHndpyILGRufkJvXdaqWZ62sDw0z7Vzy18sJ97fUt76REwnz+HtUgIpPIE
XX0xVdlaKH9EvSrdSAJFYRp3
-----END CERTIFICATE-----
Generated at Mon May 20 16:21:12 2024 by rpki-client on console-fra.rpki-client.org