Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-HLnow8YPnb7n8q2iYEVeuNCVME.roa
File: 1-HLnow8YPnb7n8q2iYEVeuNCVME.roa (raw, json)
Hash identifier: a0B+Ie02ue49b8pFY8vAsXh6IdGKnr2GGKUwRP2XgK0=
Subject key identifier: F8:72:E7:A3:0F:18:3E:76:FB:9F:CA:B6:89:81:15:7A:E3:42:54:C1
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018CC6B833AE593CAB4CF2AA089F4972A1E3
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-HLnow8YPnb7n8q2iYEVeuNCVME.roa
Signing time: Mon 01 Jan 2024 20:30:09 +0000
ROA not before: Mon 01 Jan 2024 20:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206804
IP address blocks: 45.138.84.0/22 maxlen: 24
193.36.116.0/22 maxlen: 24
45.133.192.0/22 maxlen: 24
141.98.212.0/22 maxlen: 24
45.146.220.0/22 maxlen: 24
195.80.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.mft
rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:33:ae:59:3c:ab:4c:f2:aa:08:9f:49:72:a1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 1 20:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f872e7a30f183e76fb9fcab68981157ae34254c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:a7:4f:72:e9:75:b5:df:20:0c:cb:1f:7a:
1c:48:e0:8c:77:0d:dc:bc:1d:03:e1:77:f1:d3:ed:
43:9a:b6:83:23:d8:f3:64:e3:ff:fd:3e:03:c5:d6:
86:98:97:9a:ad:11:73:09:82:21:23:7b:0b:52:bd:
0a:8d:e5:7c:9a:47:a5:ec:19:14:62:83:93:c8:96:
46:28:be:84:35:c5:1c:99:c4:3f:a0:71:0d:87:f7:
00:e0:44:1d:46:ed:0a:49:57:9a:f4:59:71:1d:83:
69:60:21:7d:5a:99:ff:83:de:68:f9:0d:13:1b:3d:
be:11:fd:db:48:cd:b9:68:4d:05:29:e2:42:78:d2:
43:36:9e:0b:59:e5:af:78:6f:5f:ee:d4:d8:5d:26:
85:c5:97:2b:44:a5:aa:7e:e5:72:a1:59:49:53:41:
e6:1e:d7:a5:3d:64:d3:25:ed:58:56:66:d8:cc:f7:
57:78:85:51:b2:a6:77:e5:12:69:cc:2f:2c:d4:6b:
ae:0d:82:fb:c5:ce:ba:f0:55:a1:ec:8a:5b:7d:42:
6b:21:3a:27:b8:35:64:82:b2:5f:00:bf:2e:8e:ae:
d5:39:e1:8f:a7:1d:7b:a6:21:9b:d4:18:07:87:29:
3d:16:ea:bb:aa:6c:e1:3a:f3:70:d4:23:c7:3c:fa:
84:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:72:E7:A3:0F:18:3E:76:FB:9F:CA:B6:89:81:15:7A:E3:42:54:C1
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-HLnow8YPnb7n8q2iYEVeuNCVME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.192.0/22
45.138.84.0/22
45.146.220.0/22
141.98.212.0/22
193.36.116.0/22
195.80.148.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:df:7d:01:f8:21:40:33:52:cb:40:39:e0:00:ec:24:f2:18:
db:ff:39:14:7d:e1:f6:70:43:0f:e5:23:1b:53:7e:a7:5f:ac:
cb:b6:7e:38:41:38:99:d6:0c:46:d3:1b:d9:f3:92:89:27:ee:
2b:c5:fa:80:4f:1f:11:79:49:9e:08:01:1e:55:a8:cd:77:8c:
8f:8f:59:cd:35:39:29:ee:6a:9d:f0:0f:65:bd:67:e8:7b:ec:
69:c8:94:31:60:6c:2c:56:a1:63:29:0c:80:c8:bc:50:38:56:
b9:a4:74:96:98:72:81:be:d3:0a:67:db:27:69:20:09:3c:56:
02:90:21:3e:3e:3e:71:96:87:27:83:53:69:71:2e:f6:d6:25:
33:61:5c:15:33:06:66:44:0c:d0:93:bf:ac:da:cb:5a:32:7f:
e3:d2:32:75:bd:e0:bc:3d:3e:a5:9b:54:82:ec:29:3e:b0:10:
d4:d3:18:f5:4b:af:bd:be:c4:bb:a0:f4:3a:a0:2a:25:83:86:
4d:28:0b:1f:91:e4:f5:90:d4:01:af:f5:19:fe:49:18:f1:94:
af:3c:20:b3:63:d2:5b:5c:11:e4:f7:68:5f:fa:f8:e4:f7:92:
42:c9:51:9f:06:b7:af:c4:ab:06:bb:26:0b:fc:77:a7:58:42:
64:d5:2e:5b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzGuDOuWTyrTPKqCJ9JcqHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjQwMTAxMjAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODcyZTdhMzBmMTgzZTc2ZmI5ZmNhYjY4OTgxMTU3YWUzNDI1NGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5OnT3LpdbXfIAzLH3ocSOCMdw3c
vB0D4Xfx0+1DmraDI9jzZOP//T4DxdaGmJearRFzCYIhI3sLUr0KjeV8mkel7BkU
YoOTyJZGKL6ENcUcmcQ/oHENh/cA4EQdRu0KSVea9FlxHYNpYCF9Wpn/g95o+Q0T
Gz2+Ef3bSM25aE0FKeJCeNJDNp4LWeWveG9f7tTYXSaFxZcrRKWqfuVyoVlJU0Hm
HtelPWTTJe1YVmbYzPdXeIVRsqZ35RJpzC8s1GuuDYL7xc668FWh7IpbfUJrITon
uDVkgrJfAL8ujq7VOeGPpx17piGb1BgHhyk9Fuq7qmzhOvNw1CPHPPqEawIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPhy56MPGD52+5/KtomBFXrjQlTBMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvMS1ITG5vdzhZUG5iN244cTJpWUVWZXVOQ1ZNRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjQ5ZmRjLTBkM2EtNDFlYy1hMWNlLWRjZTk0N2UyOTRi
Ni8xLzlOQ0tIaHk4a0pKVTZlYTV5VG45aGFKb3NlRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2FwAME
Ai2KVAMEAi2S3AMEAo1i1AMEAsEkdAMEAsNQlDANBgkqhkiG9w0BAQsFAAOCAQEA
O999AfghQDNSy0A54ADsJPIY2/85FH3h9nBDD+UjG1N+p1+sy7Z+OEE4mdYMRtMb
2fOSiSfuK8X6gE8fEXlJnggBHlWozXeMj49ZzTU5Ke5qnfAPZb1n6HvsaciUMWBs
LFahYykMgMi8UDhWuaR0lphygb7TCmfbJ2kgCTxWApAhPj4+cZaHJ4NTaXEu9tYl
M2FcFTMGZkQM0JO/rNrLWjJ/49Iydb3gvD0+pZtUguwpPrAQ1NMY9Uuvvb7Eu6D0
OqAqJYOGTSgLH5Hk9ZDUAa/1Gf5JGPGUrzwgs2PSW1wR5PdoX/r45PeSQslRnwa3
r8SrBrsmC/x3p1hCZNUuWw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:40:30 2024 by rpki-client on console-fra.rpki-client.org