Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hl9U1oOfnnInUl7pLIsOSMUZBK0.roa
File: hl9U1oOfnnInUl7pLIsOSMUZBK0.roa (raw, json)
Hash identifier: ox7bO+s9SgH9jox1o/dtuyRPnkLr36uZXMKkqqUga9c=
Subject key identifier: 86:5F:54:D6:83:9F:9E:72:27:52:5E:E9:2C:8B:0E:48:C5:19:04:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019222C1F654267E9E5E6F629FC207F5141C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hl9U1oOfnnInUl7pLIsOSMUZBK0.roa
Signing time: Tue 24 Sep 2024 06:39:49 +0000
ROA not before: Tue 24 Sep 2024 06:39:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 401116
IP address blocks: 31.13.224.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:c1:f6:54:26:7e:9e:5e:6f:62:9f:c2:07:f5:14:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 24 06:39:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=865f54d6839f9e7227525ee92c8b0e48c51904ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4b:95:99:b7:69:c2:6b:d1:9c:1f:cb:f0:52:
b0:88:af:0b:7d:d6:97:b9:16:1f:19:0a:a5:2d:27:
1e:eb:d0:73:ba:93:51:ef:12:26:70:d8:95:62:de:
33:39:26:a0:c9:2c:13:31:c8:8e:11:00:44:c3:90:
42:a7:6b:bd:76:bd:4a:ae:57:32:3d:a8:fc:3f:ac:
1e:92:8f:1d:6c:fc:78:77:1d:d0:ee:d4:74:a8:91:
e3:ae:27:87:08:97:6b:3e:72:1c:57:4b:7f:77:e1:
70:3c:87:14:b1:82:7a:4b:40:8f:b9:40:9d:cd:ea:
7c:5c:37:d6:da:a0:2d:b3:22:11:c8:b0:bf:72:a6:
32:b3:2f:24:37:93:92:28:b9:59:e2:ab:ad:f9:88:
fe:50:63:da:7d:a2:82:54:2d:d3:22:b7:e8:a7:8d:
3e:77:a5:7c:11:25:9b:5e:61:ae:08:db:9b:30:94:
2a:b5:aa:3b:87:1d:b1:99:ca:09:94:7e:af:78:44:
4a:44:6d:4e:c8:a5:aa:3e:1a:f0:48:59:00:b3:82:
8d:d0:26:2a:17:e1:6a:2f:42:93:bc:f0:51:59:6a:
ea:83:c8:c0:a7:05:90:70:8d:18:57:3a:f4:7f:73:
cb:91:9e:20:6e:58:71:ca:0a:64:4a:ad:96:88:e0:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5F:54:D6:83:9F:9E:72:27:52:5E:E9:2C:8B:0E:48:C5:19:04:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hl9U1oOfnnInUl7pLIsOSMUZBK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
45.149.241.0/24
80.76.51.0/24
81.161.238.0/24
85.31.47.0/24
87.121.86.0/24
93.123.109.0/24
94.103.125.0/24
178.215.224.0/24
Signature Algorithm: sha256WithRSAEncryption
15:cb:9c:c6:74:66:e5:a3:dc:c2:09:a1:62:31:00:01:39:42:
5b:40:25:6d:45:a6:e6:2a:35:8a:04:9a:49:96:3c:33:dc:f4:
0d:28:85:0a:82:a3:eb:12:98:5a:5b:bb:48:4a:41:65:21:53:
28:06:b9:ef:bd:c4:d8:22:cf:db:ee:74:88:c8:70:67:23:fc:
dd:ad:b9:ab:03:bd:9e:e7:ab:66:05:65:30:ee:88:a7:ec:8d:
d2:af:0f:7a:dd:64:94:6c:4c:92:e1:3f:e9:c3:90:78:4f:81:
f0:14:ce:93:03:b0:12:3b:05:7a:3f:ed:45:42:7d:ed:f4:9c:
36:5f:1b:a2:cb:89:09:31:16:bd:8b:1f:c2:52:2a:c0:02:80:
ce:f8:f0:c3:45:f6:b2:16:cf:e4:59:20:a6:89:1b:90:60:eb:
a6:4a:d0:a0:7f:d8:3a:e2:5b:ad:7a:80:09:21:00:f8:bd:08:
ae:c8:4c:10:1d:e1:f0:c5:eb:86:c2:64:d3:3b:ec:fd:58:dc:
8a:c9:4f:b1:9e:0a:82:cf:d6:6c:79:c4:80:2b:af:e5:66:d9:
1f:67:ed:b6:b7:b0:29:31:a4:e0:25:07:95:e6:ba:e7:3e:17:
ca:07:b2:7d:2d:52:62:24:d0:8b:47:c9:66:05:98:7f:25:4a:
bd:ab:2f:87
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZIiwfZUJn6eXm9in8IH9RQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTI0MDYzOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjVmNTRkNjgzOWY5ZTcyMjc1MjVlZTkyYzhiMGU0OGM1MTkwNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kuVmbdpwmvRnB/L8FKwiK8LfdaX
uRYfGQqlLSce69BzupNR7xImcNiVYt4zOSagySwTMciOEQBEw5BCp2u9dr1Krlcy
Paj8P6weko8dbPx4dx3Q7tR0qJHjrieHCJdrPnIcV0t/d+FwPIcUsYJ6S0CPuUCd
zep8XDfW2qAtsyIRyLC/cqYysy8kN5OSKLlZ4qut+Yj+UGPafaKCVC3TIrfop40+
d6V8ESWbXmGuCNubMJQqtao7hx2xmcoJlH6veERKRG1OyKWqPhrwSFkAs4KN0CYq
F+FqL0KTvPBRWWrqg8jApwWQcI0YVzr0f3PLkZ4gblhxygpkSq2WiOATQQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIZfVNaDn55yJ1Je6SyLDkjFGQStMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaGw5VTFvT2ZubkluVWw3cExJc09TTVVaQkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHw3gAwQA
LZXxAwQAUEwzAwQAUaHuAwQAVR8vAwQAV3lWAwQAXXttAwQAXmd9AwQAstfgMA0G
CSqGSIb3DQEBCwUAA4IBAQAVy5zGdGblo9zCCaFiMQABOUJbQCVtRabmKjWKBJpJ
ljwz3PQNKIUKgqPrEphaW7tISkFlIVMoBrnvvcTYIs/b7nSIyHBnI/zdrbmrA72e
56tmBWUw7oin7I3Srw963WSUbEyS4T/pw5B4T4HwFM6TA7ASOwV6P+1FQn3t9Jw2
Xxuiy4kJMRa9ix/CUirAAoDO+PDDRfayFs/kWSCmiRuQYOumStCgf9g64luteoAJ
IQD4vQiuyEwQHeHwxeuGwmTTO+z9WNyKyU+xngqCz9ZsecSAK6/lZtkfZ+22t7Ap
MaTgJQeV5rrnPhfKB7J9LVJiJNCLR8lmBZh/JUq9qy+H
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:07 2024 by rpki-client on console-fra.rpki-client.org