Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/HleJLnRLxHUQ5H0BfK1awYIOgAc.roa
File: HleJLnRLxHUQ5H0BfK1awYIOgAc.roa (raw, json)
Hash identifier: i4CyeCOOMNgzQGc57qybC1b8CGstCMX1Q8W/qKRBy8g=
Subject key identifier: 1E:57:89:2E:74:4B:C4:75:10:E4:7D:01:7C:AD:5A:C1:82:0E:80:07
Certificate issuer: /CN=28178243a0866b091272d1e1eb451e71e413b99a
Certificate serial: 0193491E6A6DE33B2782FA85A103F5DE7313
Authority key identifier: 28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/HleJLnRLxHUQ5H0BfK1awYIOgAc.roa
Signing time: Wed 20 Nov 2024 10:29:10 +0000
ROA not before: Wed 20 Nov 2024 10:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208152
IP address blocks: 45.85.220.0/22 maxlen: 22
185.61.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:1e:6a:6d:e3:3b:27:82:fa:85:a1:03:f5:de:73:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28178243a0866b091272d1e1eb451e71e413b99a
Validity
Not Before: Nov 20 10:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e57892e744bc47510e47d017cad5ac1820e8007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:34:85:f2:0c:7a:b4:16:16:16:c0:63:45:fe:
55:3f:83:98:b7:a6:63:3b:e0:20:fa:9b:a0:9e:2a:
b3:37:c6:43:31:69:ef:c1:fd:c0:3d:43:8c:07:03:
5c:8b:d4:85:a2:13:f5:d9:ea:ee:27:ed:d7:61:ec:
a5:c7:30:30:75:5f:b0:f3:2b:65:3d:ae:67:83:89:
d5:69:84:05:7e:51:40:90:8d:77:3d:5a:31:cb:e2:
2c:e0:5b:f8:75:90:0c:c5:a7:26:8d:4d:41:02:a3:
3c:56:65:29:bc:18:75:01:79:29:10:03:ed:51:d1:
b4:24:ff:8e:a9:d5:e0:af:1e:c7:33:91:31:d1:d5:
da:99:0e:53:44:8f:64:32:1a:54:92:40:e0:70:9a:
36:99:05:d6:f9:e7:ff:0e:79:dc:85:7c:92:e0:02:
3f:ee:da:8a:11:94:3e:dc:3e:df:7c:e7:fe:b8:ec:
6c:48:3f:dc:97:4e:91:61:70:c8:f8:da:3c:ab:43:
81:c5:a0:bd:f5:22:3f:14:48:bf:bf:21:88:88:1e:
52:d5:26:88:25:2f:17:aa:02:86:33:53:1a:90:5a:
78:2a:89:01:f4:c9:21:70:43:d5:d4:7b:fb:f9:ad:
e6:ab:1f:cc:59:5a:dd:ff:47:fe:66:02:2b:64:e0:
10:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:57:89:2E:74:4B:C4:75:10:E4:7D:01:7C:AD:5A:C1:82:0E:80:07
X509v3 Authority Key Identifier:
keyid:28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/HleJLnRLxHUQ5H0BfK1awYIOgAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.220.0/22
185.61.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:28:d9:35:46:d0:cb:15:75:ae:98:e1:e5:03:df:3f:2b:ab:
3b:e0:b6:de:b6:b6:3b:a4:40:20:de:57:6c:12:ea:2d:c2:8c:
e3:86:b0:87:b8:96:b9:5f:c3:6f:a5:6e:c5:5e:7d:23:94:61:
2d:e8:b0:30:d2:4f:16:2e:e7:6e:a6:69:64:9a:0f:9e:50:09:
eb:2c:9c:42:a9:10:8a:34:db:2f:c8:67:42:09:5a:46:5c:52:
e9:77:a5:6c:a3:ea:d8:47:89:71:cd:7d:ed:ea:42:08:ca:be:
42:da:b4:5b:e0:df:c8:ac:6f:4a:fc:83:64:bd:34:de:db:6d:
09:fe:22:8a:b9:d4:92:f3:99:f0:71:a4:cc:2c:60:e1:d4:c0:
0f:3f:42:0b:9b:dd:04:5e:24:4d:0e:74:da:e4:be:f1:5f:b9:
de:05:cb:18:1b:ff:72:8e:bb:ea:13:17:42:10:14:36:6c:1d:
86:41:11:24:25:d6:dd:e8:29:c9:ca:a9:5f:f2:67:80:bd:04:
d2:40:9d:f0:95:60:79:73:fe:95:5b:9d:71:cc:8f:d7:b8:b9:
0c:39:7b:ac:cc:77:61:40:53:47:ed:35:20:b5:40:76:91:0d:
c0:6d:42:81:fe:63:74:7d:ec:22:a9:b5:08:11:a6:11:76:67:
5f:53:59:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNJHmpt4zsngvqFoQP13nMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTc4MjQzYTA4NjZiMDkxMjcyZDFlMWViNDUxZTcxZTQx
M2I5OWEwHhcNMjQxMTIwMTAyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU3ODkyZTc0NGJjNDc1MTBlNDdkMDE3Y2FkNWFjMTgyMGU4MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujSF8gx6tBYWFsBjRf5VP4OYt6Zj
O+Ag+pugniqzN8ZDMWnvwf3APUOMBwNci9SFohP12eruJ+3XYeylxzAwdV+w8ytl
Pa5ng4nVaYQFflFAkI13PVoxy+Is4Fv4dZAMxacmjU1BAqM8VmUpvBh1AXkpEAPt
UdG0JP+OqdXgrx7HM5Ex0dXamQ5TRI9kMhpUkkDgcJo2mQXW+ef/DnnchXyS4AI/
7tqKEZQ+3D7ffOf+uOxsSD/cl06RYXDI+No8q0OBxaC99SI/FEi/vyGIiB5S1SaI
JS8XqgKGM1MakFp4KokB9MkhcEPV1Hv7+a3mqx/MWVrd/0f+ZgIrZOAQKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5XiS50S8R1EOR9AXytWsGCDoAHMB8GA1UdIwQY
MBaAFCgXgkOghmsJEnLR4etFHnHkE7maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzIt
NmNlM2MwM2ExMzRjLzEvSGxlSkxuUkx4SFVRNUgwQmZLMWF3WUlPZ0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzItNmNlM2MwM2ExMzRj
LzEvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVXcAwQC
uT34MA0GCSqGSIb3DQEBCwUAA4IBAQB9KNk1RtDLFXWumOHlA98/K6s74LbetrY7
pEAg3ldsEuotwozjhrCHuJa5X8NvpW7FXn0jlGEt6LAw0k8WLudupmlkmg+eUAnr
LJxCqRCKNNsvyGdCCVpGXFLpd6Vso+rYR4lxzX3t6kIIyr5C2rRb4N/IrG9K/INk
vTTe220J/iKKudSS85nwcaTMLGDh1MAPP0ILm90EXiRNDnTa5L7xX7neBcsYG/9y
jrvqExdCEBQ2bB2GQREkJdbd6CnJyqlf8meAvQTSQJ3wlWB5c/6VW51xzI/XuLkM
OXuszHdhQFNH7TUgtUB2kQ3AbUKB/mN0fewiqbUIEaYRdmdfU1li
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:09 2024 by rpki-client on console-fra.rpki-client.org