Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/fHLhL2Z7oUZOPluta0WGbOAClWY.roa
File: fHLhL2Z7oUZOPluta0WGbOAClWY.roa (raw, json)
Hash identifier: np/GbmsWG6xqqsW/WQsC2URTEDkQ8+uV8SW60MC4s3Y=
Subject key identifier: 7C:72:E1:2F:66:7B:A1:46:4E:3E:5B:AD:6B:45:86:6C:E0:02:95:66
Certificate issuer: /CN=a8b31004df135aa1a8b943033db14691b11a63dd
Certificate serial: 018CC9BCCD097362541661241023C7E26BAD
Authority key identifier: A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/fHLhL2Z7oUZOPluta0WGbOAClWY.roa
Signing time: Tue 02 Jan 2024 10:34:02 +0000
ROA not before: Tue 02 Jan 2024 10:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31617
IP address blocks: 192.166.252.0/24 maxlen: 24
192.172.232.0/24 maxlen: 24
185.186.92.0/22 maxlen: 24
192.188.248.0/24 maxlen: 24
194.143.142.0/23 maxlen: 24
45.66.100.0/22 maxlen: 24
193.23.114.0/24 maxlen: 24
192.207.14.0/24 maxlen: 24
45.92.148.0/22 maxlen: 24
185.252.52.0/22 maxlen: 24
195.88.230.0/23 maxlen: 24
195.88.234.0/23 maxlen: 24
91.241.86.0/23 maxlen: 24
62.192.148.0/22 maxlen: 24
217.26.180.0/22 maxlen: 24
2a0b:7380::/29 maxlen: 29
2a0e:2140::/29 maxlen: 29
2a0c:2140::/29 maxlen: 29
2a0d:9b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cd:09:73:62:54:16:61:24:10:23:c7:e2:6b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b31004df135aa1a8b943033db14691b11a63dd
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c72e12f667ba1464e3e5bad6b45866ce0029566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ed:4c:1f:34:45:32:da:59:08:f5:8d:70:d8:
4e:84:48:2c:75:47:2d:c2:ec:2e:20:4b:93:ed:1e:
28:74:ac:ff:92:ff:cf:18:43:b1:98:79:15:f4:cd:
a5:e9:05:f0:2b:36:21:a0:1f:5a:05:70:5d:63:83:
65:a5:2c:53:ae:73:19:77:9a:3c:4e:7f:40:a6:7c:
f0:2d:b8:53:74:ca:a3:98:a7:25:e9:32:04:28:8e:
e9:c4:bc:aa:d2:73:89:03:89:9d:64:2d:e3:93:31:
0a:63:31:b0:ef:78:fb:db:d5:01:54:87:ae:ef:fc:
c2:c5:ae:bc:d9:48:bd:2d:5b:5f:74:e6:a2:8f:2b:
01:5f:c6:26:85:a1:f4:04:6b:a0:83:3b:8f:f0:68:
fb:2d:3c:db:bf:af:85:ff:52:38:17:98:a2:2b:a2:
ad:63:d9:6c:bd:5f:24:b2:bc:ee:0a:00:ec:10:49:
35:32:38:25:45:9c:e7:36:e1:66:96:24:b9:4e:a5:
97:f8:1e:0a:20:5d:b7:b5:75:9a:fe:e3:05:ea:4a:
64:4b:59:6d:58:b3:e0:fc:d2:aa:c6:4f:2a:88:2a:
10:06:9f:0f:dc:d6:e9:a9:9d:2f:5b:2e:23:41:7e:
34:00:ed:e8:29:90:51:cc:97:f8:a7:df:cc:e3:58:
43:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:72:E1:2F:66:7B:A1:46:4E:3E:5B:AD:6B:45:86:6C:E0:02:95:66
X509v3 Authority Key Identifier:
keyid:A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/fHLhL2Z7oUZOPluta0WGbOAClWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.100.0/22
45.92.148.0/22
62.192.148.0/22
91.241.86.0/23
185.186.92.0/22
185.252.52.0/22
192.166.252.0/24
192.172.232.0/24
192.188.248.0/24
192.207.14.0/24
193.23.114.0/24
194.143.142.0/23
195.88.230.0/23
195.88.234.0/23
217.26.180.0/22
IPv6:
2a0b:7380::/29
2a0c:2140::/29
2a0d:9b40::/29
2a0e:2140::/29
Signature Algorithm: sha256WithRSAEncryption
27:b7:2d:0c:78:24:b2:0b:1d:ca:95:19:8a:dc:b8:dc:22:8b:
30:a6:4f:b4:a6:bc:48:bc:92:02:f3:ea:35:bd:8e:69:c2:42:
1c:a8:2e:34:a4:9e:b5:65:af:d1:25:67:67:14:31:56:f3:88:
27:8d:07:cb:a1:f0:72:46:6e:aa:13:0a:ac:36:2a:0d:d5:bc:
be:69:e4:8a:8f:96:64:04:0f:42:8d:3c:13:65:b8:0b:93:bb:
c8:9f:2d:4b:c9:a8:00:6b:bf:4d:1d:34:5a:8a:84:7f:a0:6d:
e0:53:17:06:3a:b8:81:05:f7:9d:8d:96:74:77:f2:d6:31:46:
f2:7f:08:42:27:f7:77:75:cc:11:20:20:98:4a:61:14:9d:92:
c1:4b:44:e2:b9:dc:da:c4:30:83:6d:17:bb:5a:1b:ca:b4:d1:
1d:48:f5:2c:37:57:41:80:59:11:2f:9b:d4:76:d3:a6:fb:5e:
9d:bb:2b:76:dc:27:0f:90:70:61:63:91:98:e7:dd:e9:c1:cc:
fc:77:98:e0:86:0d:a4:cf:15:91:d8:70:36:dd:78:6a:98:b4:
42:09:be:68:11:88:89:22:1a:8e:33:50:8c:f1:ae:d7:46:65:
50:d2:e9:64:d3:fa:ff:ab:84:e3:e5:ef:45:0f:6f:1c:c4:ec:
d0:1e:64:ff
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzJvM0Jc2JUFmEkECPH4mutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjMxMDA0ZGYxMzVhYTFhOGI5NDMwMzNkYjE0NjkxYjEx
YTYzZGQwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzcyZTEyZjY2N2JhMTQ2NGUzZTViYWQ2YjQ1ODY2Y2UwMDI5NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu1MHzRFMtpZCPWNcNhOhEgsdUct
wuwuIEuT7R4odKz/kv/PGEOxmHkV9M2l6QXwKzYhoB9aBXBdY4NlpSxTrnMZd5o8
Tn9ApnzwLbhTdMqjmKcl6TIEKI7pxLyq0nOJA4mdZC3jkzEKYzGw73j729UBVIeu
7/zCxa682Ui9LVtfdOaijysBX8YmhaH0BGuggzuP8Gj7LTzbv6+F/1I4F5iiK6Kt
Y9lsvV8ksrzuCgDsEEk1MjglRZznNuFmliS5TqWX+B4KIF23tXWa/uMF6kpkS1lt
WLPg/NKqxk8qiCoQBp8P3NbpqZ0vWy4jQX40AO3oKZBRzJf4p9/M41hDsQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFHxy4S9me6FGTj5brWtFhmzgApVmMB8GA1UdIwQY
MBaAFKizEATfE1qhqLlDAz2xRpGxGmPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQt
YzJhNDNiMDgwZDZmLzEvZkhMaEwyWjdvVVpPUGx1dGEwV0diT0FDbFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQtYzJhNDNiMDgwZDZm
LzEvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBgBAIAATBaAwQCLUJk
AwQCLVyUAwQCPsCUAwQBW/FWAwQCubpcAwQCufw0AwQAwKb8AwQAwKzoAwQAwLz4
AwQAwM8OAwQAwRdyAwQBwo+OAwQBw1jmAwQBw1jqAwQC2Rq0MCIEAgACMBwDBQMq
C3OAAwUDKgwhQAMFAyoNm0ADBQMqDiFAMA0GCSqGSIb3DQEBCwUAA4IBAQAnty0M
eCSyCx3KlRmK3LjcIoswpk+0prxIvJIC8+o1vY5pwkIcqC40pJ61Za/RJWdnFDFW
84gnjQfLofByRm6qEwqsNioN1by+aeSKj5ZkBA9CjTwTZbgLk7vIny1LyagAa79N
HTRaioR/oG3gUxcGOriBBfedjZZ0d/LWMUbyfwhCJ/d3dcwRICCYSmEUnZLBS0Ti
udzaxDCDbRe7WhvKtNEdSPUsN1dBgFkRL5vUdtOm+16duyt23CcPkHBhY5GY593p
wcz8d5jghg2kzxWR2HA23XhqmLRCCb5oEYiJIhqOM1CM8a7XRmVQ0ulk0/r/q4Tj
5e9FD28cxOzQHmT/
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:48:01 2024 by rpki-client on console-fra.rpki-client.org