Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/H1Upf48guG6wLq-b7f2l-RgWplk.roa
File: H1Upf48guG6wLq-b7f2l-RgWplk.roa (raw, json)
Hash identifier: Z2t6JhSnb+GLWTV3ZIt3K0DQ8yjjQPthRCQmLMp8pkI=
Subject key identifier: 1F:55:29:7F:8F:20:B8:6E:B0:2E:AF:9B:ED:FD:A5:F9:18:16:A6:59
Certificate issuer: /CN=0321bfea0305c48e949e6c249f4810b46905c886
Certificate serial: 018CC4247259FD068A162F48A7131DA8A0BF
Authority key identifier: 03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/H1Upf48guG6wLq-b7f2l-RgWplk.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393262
IP address blocks: 91.231.3.0/24 maxlen: 24
91.92.32.0/24 maxlen: 24
91.92.37.0/24 maxlen: 24
91.92.36.0/24 maxlen: 24
89.44.34.0/24 maxlen: 24
95.214.78.0/24 maxlen: 24
45.10.131.0/24 maxlen: 24
95.214.77.0/24 maxlen: 24
95.214.76.0/24 maxlen: 24
77.81.141.0/24 maxlen: 24
194.147.64.0/24 maxlen: 24
194.147.65.0/24 maxlen: 24
95.214.79.0/24 maxlen: 24
78.159.151.0/24 maxlen: 24
212.11.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/AyG_6gMFxI6Unmwkn0gQtGkFyIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/AyG_6gMFxI6Unmwkn0gQtGkFyIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:72:59:fd:06:8a:16:2f:48:a7:13:1d:a8:a0:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0321bfea0305c48e949e6c249f4810b46905c886
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f55297f8f20b86eb02eaf9bedfda5f91816a659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:be:e1:22:f9:fd:7a:10:15:fa:55:29:8f:4c:
da:30:f0:03:d1:c9:49:e2:f7:f6:53:bb:c5:98:0e:
2f:94:a3:2c:55:ab:a5:a3:e0:a4:c1:6e:69:7e:fd:
25:07:7b:28:b1:3c:4c:22:a0:7d:a4:e5:cc:60:8a:
68:41:2d:52:91:6a:7e:fa:1b:00:5e:76:90:1e:8d:
09:26:68:a5:c7:f3:99:a0:d0:83:67:a8:6a:c7:33:
98:16:e3:ee:fd:5e:5c:ad:9d:c7:cc:07:f5:21:3b:
ca:1a:aa:86:eb:9d:1a:51:3e:45:8a:4c:7b:d2:a4:
1c:26:dc:c9:72:ee:b8:e0:2e:8d:3e:4f:e6:91:33:
ec:b3:84:ae:ef:08:33:62:b6:5a:2c:ce:a7:70:55:
49:dd:e1:fd:ed:68:65:71:0b:28:9f:c7:63:71:0a:
c6:11:16:a7:a1:86:06:dc:dc:f3:9a:7e:22:83:de:
39:2b:96:f8:1d:30:c9:8b:fa:0d:91:1a:e7:a3:b6:
6d:fd:03:99:c1:ce:df:eb:48:c0:25:6c:9b:a5:b3:
2a:42:b5:07:9d:5a:55:28:3c:d0:98:a1:ec:15:dd:
df:49:cf:aa:88:80:67:7f:78:2a:77:aa:52:f0:01:
ee:ff:6f:dc:6e:28:e1:41:a5:db:1e:7b:d4:1c:c7:
11:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:55:29:7F:8F:20:B8:6E:B0:2E:AF:9B:ED:FD:A5:F9:18:16:A6:59
X509v3 Authority Key Identifier:
keyid:03:21:BF:EA:03:05:C4:8E:94:9E:6C:24:9F:48:10:B4:69:05:C8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyG_6gMFxI6Unmwkn0gQtGkFyIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/H1Upf48guG6wLq-b7f2l-RgWplk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/11da2b-77bd-41c7-bbf3-560c9e7c0747/1/AyG_6gMFxI6Unmwkn0gQtGkFyIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.131.0/24
77.81.141.0/24
78.159.151.0/24
89.44.34.0/24
91.92.32.0/24
91.92.36.0/23
91.231.3.0/24
95.214.76.0/22
194.147.64.0/23
212.11.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:70:4a:5f:61:38:02:88:59:d4:5b:a6:7b:9a:a1:18:c7:24:
ca:9e:03:85:53:ce:77:a8:34:ab:88:2d:39:c4:b3:e6:e6:c1:
a1:9b:44:e3:45:c4:e6:79:ce:3c:b4:aa:c4:74:66:28:af:6d:
95:ce:bc:18:76:40:9d:b4:17:f6:d5:34:3c:71:51:e4:4b:89:
e7:fc:f1:11:05:cb:dd:50:72:21:17:ed:71:e9:55:82:38:40:
12:e3:03:63:e8:8d:a5:e7:e1:4b:56:f4:9d:0c:f5:c6:b3:af:
5f:5c:88:30:42:04:3c:e7:74:71:58:4a:97:fb:46:93:2c:42:
dc:8c:ec:90:f2:83:ff:76:e2:e5:a9:53:7d:0c:61:80:2c:5e:
59:67:b7:a9:e0:3d:5f:23:43:29:c1:d6:d5:24:f9:33:df:fb:
89:47:a3:ab:6c:9f:eb:66:09:85:98:97:e0:cb:37:d2:d0:86:
cc:a2:4a:56:56:da:a4:da:b1:2c:6f:cd:a1:21:f9:b9:5d:cb:
c9:fa:cb:e8:0d:4d:f1:c9:bc:ab:6c:09:26:a4:e9:85:7f:8f:
a4:20:66:51:50:bc:46:38:47:1c:f7:b3:81:1f:db:83:32:23:
72:6d:2a:66:9a:16:fc:2a:95:59:d8:a0:a8:a0:3a:2a:2a:6c:
41:f4:00:f5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzEJHJZ/QaKFi9IpxMdqKC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjFiZmVhMDMwNWM0OGU5NDllNmMyNDlmNDgxMGI0Njkw
NWM4ODYwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU1Mjk3ZjhmMjBiODZlYjAyZWFmOWJlZGZkYTVmOTE4MTZhNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL7hIvn9ehAV+lUpj0zaMPAD0clJ
4vf2U7vFmA4vlKMsVaulo+CkwW5pfv0lB3sosTxMIqB9pOXMYIpoQS1SkWp++hsA
XnaQHo0JJmilx/OZoNCDZ6hqxzOYFuPu/V5crZ3HzAf1ITvKGqqG650aUT5Fikx7
0qQcJtzJcu644C6NPk/mkTPss4Su7wgzYrZaLM6ncFVJ3eH97WhlcQson8djcQrG
ERanoYYG3Nzzmn4ig945K5b4HTDJi/oNkRrno7Zt/QOZwc7f60jAJWybpbMqQrUH
nVpVKDzQmKHsFd3fSc+qiIBnf3gqd6pS8AHu/2/cbijhQaXbHnvUHMcRPQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB9VKX+PILhusC6vm+39pfkYFqZZMB8GA1UdIwQY
MBaAFAMhv+oDBcSOlJ5sJJ9IELRpBciGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlHXzZnTUZ4STZVbm13a24wZ1F0R2tGeUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xMWRhMmItNzdiZC00MWM3LWJiZjMt
NTYwYzllN2MwNzQ3LzEvSDFVcGY0OGd1RzZ3THEtYjdmMmwtUmdXcGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xMWRhMmItNzdiZC00MWM3LWJiZjMtNTYwYzllN2MwNzQ3
LzEvQXlHXzZnTUZ4STZVbm13a24wZ1F0R2tGeUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQqDAwQA
TVGNAwQATp+XAwQAWSwiAwQAW1wgAwQBW1wkAwQAW+cDAwQCX9ZMAwQBwpNAAwQA
1AtfMA0GCSqGSIb3DQEBCwUAA4IBAQAMcEpfYTgCiFnUW6Z7mqEYxyTKngOFU853
qDSriC05xLPm5sGhm0TjRcTmec48tKrEdGYor22VzrwYdkCdtBf21TQ8cVHkS4nn
/PERBcvdUHIhF+1x6VWCOEAS4wNj6I2l5+FLVvSdDPXGs69fXIgwQgQ853RxWEqX
+0aTLELcjOyQ8oP/duLlqVN9DGGALF5ZZ7ep4D1fI0MpwdbVJPkz3/uJR6OrbJ/r
ZgmFmJfgyzfS0IbMokpWVtqk2rEsb82hIfm5XcvJ+svoDU3xybyrbAkmpOmFf4+k
IGZRULxGOEcc97OBH9uDMiNybSpmmhb8KpVZ2KCooDoqKmxB9AD1
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:19:28 2024 by rpki-client on console-ams.rpki-client.org