Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/0BzLCSdSq3NvQA0dFYCUXZyZ41o.roa
File: 0BzLCSdSq3NvQA0dFYCUXZyZ41o.roa (raw, json)
Hash identifier: t/N4o7TuYGaAQCpitOE8KO9OW0qOUoFwx9aHi0Kztv0=
Subject key identifier: D0:1C:CB:09:27:52:AB:73:6F:40:0D:1D:15:80:94:5D:9C:99:E3:5A
Certificate issuer: /CN=1d828b781b079fb43ddb0ca75dc026e75d7f25e4
Certificate serial: 018CC802F4AE0CB86B716371B6B42E89C502
Authority key identifier: 1D:82:8B:78:1B:07:9F:B4:3D:DB:0C:A7:5D:C0:26:E7:5D:7F:25:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYKLeBsHn7Q92wynXcAm511_JeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/0BzLCSdSq3NvQA0dFYCUXZyZ41o.roa
Signing time: Tue 02 Jan 2024 02:31:26 +0000
ROA not before: Tue 02 Jan 2024 02:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31370
IP address blocks: 193.27.41.0/24 maxlen: 24
89.249.240.0/20 maxlen: 20
109.72.224.0/20 maxlen: 20
193.39.160.0/22 maxlen: 22
185.215.60.0/22 maxlen: 22
2a0c:dc40::/29 maxlen: 29
2a01:94c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/HYKLeBsHn7Q92wynXcAm511_JeQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/HYKLeBsHn7Q92wynXcAm511_JeQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYKLeBsHn7Q92wynXcAm511_JeQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f4:ae:0c:b8:6b:71:63:71:b6:b4:2e:89:c5:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d828b781b079fb43ddb0ca75dc026e75d7f25e4
Validity
Not Before: Jan 2 02:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d01ccb092752ab736f400d1d1580945d9c99e35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8e:cd:ba:89:c2:18:62:f0:e3:02:22:f4:39:
83:da:36:81:fd:f3:00:12:99:90:7a:b2:f8:d7:9f:
c7:19:78:f6:98:e1:82:f0:3c:74:12:70:d9:c5:2a:
0b:c2:3b:b9:c1:f0:bc:87:d1:ff:dc:54:5d:fa:d3:
85:11:ce:97:35:33:21:46:5c:eb:75:4c:53:bc:1b:
47:99:55:f1:3a:11:ec:59:3d:9a:02:ee:9a:54:5a:
98:64:8f:d3:5a:89:52:87:63:bf:6b:86:ed:f9:9c:
a9:f7:d7:55:36:f7:ca:ac:0c:17:65:4d:00:e9:53:
05:4b:09:77:be:ee:bc:e3:11:6f:13:22:ed:d4:b6:
53:2c:1a:87:63:b3:fd:0f:fe:00:c4:7a:49:7b:46:
c1:9e:c7:dc:a1:ad:7e:1e:7b:da:63:91:df:ce:70:
b1:ef:23:84:07:58:c5:06:70:a6:aa:d9:5d:e3:e3:
66:67:0a:72:b1:3f:32:df:8a:3d:d2:13:5a:9a:35:
92:35:4a:3f:5e:f2:c7:c8:e1:53:81:65:18:3c:2d:
cb:88:31:bd:02:a8:a4:bb:bf:8d:5f:c0:d7:62:f1:
a0:86:f2:1f:16:2c:c4:7a:26:ae:a4:35:df:4b:9c:
2c:e7:f8:6d:da:02:a7:5f:07:8a:a3:67:02:5a:e1:
f5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1C:CB:09:27:52:AB:73:6F:40:0D:1D:15:80:94:5D:9C:99:E3:5A
X509v3 Authority Key Identifier:
keyid:1D:82:8B:78:1B:07:9F:B4:3D:DB:0C:A7:5D:C0:26:E7:5D:7F:25:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYKLeBsHn7Q92wynXcAm511_JeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/0BzLCSdSq3NvQA0dFYCUXZyZ41o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7e719d-75ae-4fd1-b145-f06ced52112a/1/HYKLeBsHn7Q92wynXcAm511_JeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.240.0/20
109.72.224.0/20
185.215.60.0/22
193.27.41.0/24
193.39.160.0/22
IPv6:
2a01:94c0::/32
2a0c:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
16:15:b7:93:d9:7d:97:db:85:71:f0:cf:e7:47:da:9f:a9:69:
2e:55:cf:25:d0:7e:97:f7:fd:0f:fc:30:9a:37:17:4b:98:95:
95:de:f3:d4:fd:8c:5a:01:0e:14:bf:e8:1b:04:ea:05:34:c4:
5b:6a:68:60:2a:f5:40:ff:c8:fe:47:7d:f0:71:74:13:2f:24:
72:44:09:80:a8:06:0e:84:73:5e:6b:78:01:41:d0:ae:3f:0a:
00:2d:cd:45:7f:e4:85:86:4d:a1:c2:c9:e2:37:62:e7:a4:be:
46:4b:c5:36:c2:19:f0:6d:82:fc:cb:36:64:38:92:ad:b2:4a:
45:a7:cb:89:d5:5c:16:17:41:92:d0:fb:ca:7c:b8:cb:30:f1:
d3:56:69:28:d8:22:ba:3a:58:1d:97:22:8c:04:b2:f9:00:b1:
53:e5:f9:b7:1c:b1:99:55:4d:66:d5:fb:89:b0:29:82:01:a2:
f7:12:65:81:9c:08:a8:3c:66:0b:59:67:8b:eb:8f:db:ab:ae:
bb:56:f6:ed:88:6f:69:b7:f1:12:bc:63:1e:13:bf:2d:25:b5:
d3:af:3d:ab:a3:ba:86:94:1a:ff:f7:3c:c4:fd:a4:22:23:3e:
af:38:cc:1f:4d:1b:69:38:06:0d:ba:ab:97:a8:c7:47:c6:f4:
be:a1:9f:06
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzIAvSuDLhrcWNxtrQuicUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODI4Yjc4MWIwNzlmYjQzZGRiMGNhNzVkYzAyNmU3NWQ3
ZjI1ZTQwHhcNMjQwMTAyMDIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFjY2IwOTI3NTJhYjczNmY0MDBkMWQxNTgwOTQ1ZDljOTllMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhI7NuonCGGLw4wIi9DmD2jaB/fMA
EpmQerL415/HGXj2mOGC8Dx0EnDZxSoLwju5wfC8h9H/3FRd+tOFEc6XNTMhRlzr
dUxTvBtHmVXxOhHsWT2aAu6aVFqYZI/TWolSh2O/a4bt+Zyp99dVNvfKrAwXZU0A
6VMFSwl3vu684xFvEyLt1LZTLBqHY7P9D/4AxHpJe0bBnsfcoa1+HnvaY5HfznCx
7yOEB1jFBnCmqtld4+NmZwpysT8y34o90hNamjWSNUo/XvLHyOFTgWUYPC3LiDG9
Aqiku7+NX8DXYvGghvIfFizEeiaupDXfS5ws5/ht2gKnXweKo2cCWuH1PQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNAcywknUqtzb0ANHRWAlF2cmeNaMB8GA1UdIwQY
MBaAFB2Ci3gbB5+0PdsMp13AJuddfyXkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlLTGVCc0huN1E5Mnd5blhjQW01MTFfSmVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83ZTcxOWQtNzVhZS00ZmQxLWIxNDUt
ZjA2Y2VkNTIxMTJhLzEvMEJ6TENTZFNxM052UUEwZEZZQ1VYWnlaNDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83ZTcxOWQtNzVhZS00ZmQxLWIxNDUtZjA2Y2VkNTIxMTJh
LzEvSFlLTGVCc0huN1E5Mnd5blhjQW01MTFfSmVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEWfnwAwQE
bUjgAwQCudc8AwQAwRspAwQCwSegMBQEAgACMA4DBQAqAZTAAwUDKgzcQDANBgkq
hkiG9w0BAQsFAAOCAQEAFhW3k9l9l9uFcfDP50fan6lpLlXPJdB+l/f9D/wwmjcX
S5iVld7z1P2MWgEOFL/oGwTqBTTEW2poYCr1QP/I/kd98HF0Ey8kckQJgKgGDoRz
Xmt4AUHQrj8KAC3NRX/khYZNocLJ4jdi56S+RkvFNsIZ8G2C/Ms2ZDiSrbJKRafL
idVcFhdBktD7yny4yzDx01ZpKNgiujpYHZcijASy+QCxU+X5txyxmVVNZtX7ibAp
ggGi9xJlgZwIqDxmC1lni+uP26uuu1b27YhvabfxErxjHhO/LSW10689q6O6hpQa
//c8xP2kIiM+rzjMH00baTgGDbqrl6jHR8b0vqGfBg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:53 2024 by rpki-client on console-fra.rpki-client.org