Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/HzBkiKhuiqff_TTVGmLjYBovMzQ.roa
File: HzBkiKhuiqff_TTVGmLjYBovMzQ.roa (raw, json)
Hash identifier: qKqhsRRVPhaKh0NQ1lXqtQkYrgEiWm0P2Q/f/i1BnBs=
Subject key identifier: 1F:30:64:88:A8:6E:8A:A7:DF:FD:34:D5:1A:62:E3:60:1A:2F:33:34
Certificate issuer: /CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Certificate serial: 0194228D34C760CECF5AD6C3D87425A496E2
Authority key identifier: 8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/HzBkiKhuiqff_TTVGmLjYBovMzQ.roa
Signing time: Wed 01 Jan 2025 15:47:46 +0000
ROA not before: Wed 01 Jan 2025 15:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 46.17.88.0/21 maxlen: 24
91.192.192.0/22 maxlen: 24
91.215.184.0/22 maxlen: 24
185.27.244.0/22 maxlen: 24
193.164.206.0/23 maxlen: 24
193.200.80.0/23 maxlen: 24
194.50.108.0/24 maxlen: 24
194.116.174.0/23 maxlen: 24
195.8.126.0/24 maxlen: 24
212.42.0.0/19 maxlen: 24
2a03:be80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:34:c7:60:ce:cf:5a:d6:c3:d8:74:25:a4:96:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Validity
Not Before: Jan 1 15:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f306488a86e8aa7dffd34d51a62e3601a2f3334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fe:ca:77:46:47:5f:bd:81:39:f0:cf:75:48:
2b:e3:e3:c5:65:3a:27:e6:67:eb:a8:d7:81:21:ad:
5f:e9:41:07:4d:5e:f5:7f:e0:07:85:39:90:68:2f:
ca:9f:e3:fd:d2:b7:60:fc:b4:d9:09:2b:8f:92:97:
42:4c:51:08:07:7b:a3:c4:ec:b9:80:d2:12:91:12:
2d:88:8d:e1:8f:39:3f:ea:33:a3:35:d5:a4:41:41:
e1:81:04:50:85:50:f8:6d:df:ab:8c:25:67:1c:fa:
a0:33:9d:98:54:b9:ea:37:21:13:0c:5c:2c:54:ea:
51:7b:21:a6:3e:8a:e1:00:36:29:0d:37:67:6d:44:
e8:49:24:fe:89:ad:9b:84:5b:b6:67:b2:f7:d3:41:
70:4e:05:44:68:2b:1d:26:18:70:e5:0d:00:34:d7:
e3:ed:d5:96:92:b7:a7:a6:58:fd:4f:d5:93:39:11:
5e:9e:6e:e9:b7:df:ec:0e:9b:ec:ea:ba:24:ab:0b:
26:cd:fa:00:e1:12:ce:e6:67:79:b9:45:d2:88:e9:
d0:dc:7e:25:f8:06:04:ec:5c:be:9d:66:cd:ba:92:
f9:02:15:9e:33:88:9a:60:83:ea:d2:bb:47:7a:7d:
c9:91:fd:94:5b:5f:5c:30:6b:c1:bf:29:8b:4a:e6:
0f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:30:64:88:A8:6E:8A:A7:DF:FD:34:D5:1A:62:E3:60:1A:2F:33:34
X509v3 Authority Key Identifier:
keyid:8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/HzBkiKhuiqff_TTVGmLjYBovMzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.88.0/21
91.192.192.0/22
91.215.184.0/22
185.27.244.0/22
193.164.206.0/23
193.200.80.0/23
194.50.108.0/24
194.116.174.0/23
195.8.126.0/24
212.42.0.0/19
IPv6:
2a03:be80::/32
Signature Algorithm: sha256WithRSAEncryption
3a:5d:1a:c0:76:66:8c:7e:11:ed:32:4c:26:ae:38:55:b7:38:
04:f4:09:40:ac:ed:8c:86:97:44:ab:df:49:fc:56:71:c0:88:
b5:83:a7:b5:0a:38:53:3a:00:25:08:db:e6:56:b5:c9:5a:b7:
b8:09:bf:7c:99:40:6c:39:d3:7f:07:f0:f1:b0:6d:82:51:68:
d8:c4:08:5e:8c:20:37:01:af:00:ad:27:ce:a1:db:fb:46:2f:
b9:7b:1c:4c:8f:13:de:6f:02:38:dc:28:56:9e:56:5f:12:0e:
07:3e:fb:a3:0a:53:d2:bf:65:dc:88:2a:9b:48:46:f1:19:0b:
c2:f6:f7:8e:3a:91:b9:52:b1:bd:ad:95:b2:7e:73:1a:0f:c0:
c2:26:83:35:74:b7:95:bb:fb:8e:13:aa:2c:d0:ff:64:b3:9d:
eb:5b:d4:60:c2:49:15:74:33:44:36:0f:42:a9:82:c0:d2:74:
40:ee:51:dd:61:4e:3c:be:00:ed:c0:39:e5:bb:fd:d2:cb:85:
56:32:de:d0:61:c4:6a:c0:2e:50:d3:04:91:cd:b4:26:bf:70:
09:0b:9b:f1:3c:22:ff:d0:8e:e2:1e:94:9b:fc:17:55:1c:45:
71:e7:4c:4c:61:85:ea:84:14:26:41:c2:87:35:2e:c0:67:da:
7c:cb:ee:a5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZQijTTHYM7PWtbD2HQlpJbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjUxZDA2NzA3MTVlYjY5ZWZhMmZiZmYxOTk4YzNiZGJk
OGE5ZjUwHhcNMjUwMTAxMTU0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMwNjQ4OGE4NmU4YWE3ZGZmZDM0ZDUxYTYyZTM2MDFhMmYzMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/7Kd0ZHX72BOfDPdUgr4+PFZTon
5mfrqNeBIa1f6UEHTV71f+AHhTmQaC/Kn+P90rdg/LTZCSuPkpdCTFEIB3ujxOy5
gNISkRItiI3hjzk/6jOjNdWkQUHhgQRQhVD4bd+rjCVnHPqgM52YVLnqNyETDFws
VOpReyGmPorhADYpDTdnbUToSST+ia2bhFu2Z7L300FwTgVEaCsdJhhw5Q0ANNfj
7dWWkrenplj9T9WTORFenm7pt9/sDpvs6rokqwsmzfoA4RLO5md5uUXSiOnQ3H4l
+AYE7Fy+nWbNupL5AhWeM4iaYIPq0rtHen3Jkf2UW19cMGvBvymLSuYPxQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFB8wZIioboqn3/001Rpi42AaLzM0MB8GA1UdIwQY
MBaAFI31HQZwcV62nvovv/GZjDvb2Kn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDkt
N2E3OTRkNWNlZDNkLzEvSHpCa2lLaHVpcWZmX1RUVkdtTGpZQm92TXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDktN2E3OTRkNWNlZDNk
LzEvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDLhFYAwQC
W8DAAwQCW9e4AwQCuRv0AwQBwaTOAwQBwchQAwQAwjJsAwQBwnSuAwQAwwh+AwQF
1CoAMA0EAgACMAcDBQAqA76AMA0GCSqGSIb3DQEBCwUAA4IBAQA6XRrAdmaMfhHt
MkwmrjhVtzgE9AlArO2MhpdEq99J/FZxwIi1g6e1CjhTOgAlCNvmVrXJWre4Cb98
mUBsOdN/B/DxsG2CUWjYxAhejCA3Aa8ArSfOodv7Ri+5exxMjxPebwI43ChWnlZf
Eg4HPvujClPSv2XciCqbSEbxGQvC9veOOpG5UrG9rZWyfnMaD8DCJoM1dLeVu/uO
E6os0P9ks53rW9RgwkkVdDNENg9CqYLA0nRA7lHdYU48vgDtwDnlu/3Sy4VWMt7Q
YcRqwC5Q0wSRzbQmv3AJC5vxPCL/0I7iHpSb/BdVHEVx50xMYYXqhBQmQcKHNS7A
Z9p8y+6l
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:38 2025 by rpki-client