Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/hvaaOfvQFR47huGwTl5FShfG9kg.roa
File: hvaaOfvQFR47huGwTl5FShfG9kg.roa (raw, json)
Hash identifier: bw2ghQqQaRlaCgS6i5OeA3xDsuwrSX4qhyHEBIjLkK4=
Subject key identifier: 86:F6:9A:39:FB:D0:15:1E:3B:86:E1:B0:4E:5E:45:4A:17:C6:F6:48
Certificate issuer: /CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Certificate serial: 0193009B0C35B22332C8B9CDD20FBD3C3FB7
Authority key identifier: 39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/hvaaOfvQFR47huGwTl5FShfG9kg.roa
Signing time: Wed 06 Nov 2024 08:33:01 +0000
ROA not before: Wed 06 Nov 2024 08:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34285
IP address blocks: 185.197.244.0/22 maxlen: 22
217.12.16.0/24 maxlen: 24
217.12.17.0/24 maxlen: 24
217.12.18.0/24 maxlen: 24
217.12.19.0/24 maxlen: 24
217.12.20.0/22 maxlen: 22
217.12.20.0/23 maxlen: 23
217.12.22.0/23 maxlen: 23
217.12.24.0/22 maxlen: 22
217.12.24.0/24 maxlen: 24
217.12.25.0/24 maxlen: 24
217.12.26.0/24 maxlen: 24
217.12.27.0/24 maxlen: 24
217.12.28.0/22 maxlen: 22
217.12.28.0/24 maxlen: 24
217.12.29.0/24 maxlen: 24
217.12.30.0/24 maxlen: 24
217.12.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:9b:0c:35:b2:23:32:c8:b9:cd:d2:0f:bd:3c:3f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3939f92b825ce110903c31d522b0f50cafd74a6f
Validity
Not Before: Nov 6 08:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86f69a39fbd0151e3b86e1b04e5e454a17c6f648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:85:6f:48:15:ed:be:ab:02:6b:ce:8d:6a:70:
e0:3e:73:2e:40:ec:13:ee:dd:29:5d:16:f0:fa:55:
f7:ae:89:bb:1b:c2:37:0b:d8:3d:22:c9:f2:e0:2a:
e1:14:72:9e:65:32:78:64:bd:11:ff:61:6c:43:bc:
7a:7c:78:54:4e:cb:72:f5:20:99:fb:8b:f9:48:58:
b5:31:a0:64:68:f3:11:de:8a:3e:4b:6b:13:c1:67:
7e:11:48:92:68:d7:e2:9e:96:30:47:38:96:e2:91:
19:37:72:a6:f0:6a:27:f4:19:af:97:1d:53:b7:17:
c4:91:10:f8:be:68:dd:0c:a6:35:01:aa:0a:b7:8a:
e0:90:7b:a1:ab:12:63:aa:72:73:bb:02:73:1b:f1:
79:69:b1:74:c5:23:29:d0:56:43:66:16:4c:85:dd:
38:49:cd:24:6a:28:53:20:e3:a3:70:25:4d:c7:3a:
53:95:ad:89:ca:13:b7:b3:28:bf:bd:0f:8d:ec:c2:
cc:99:ca:2f:8f:b5:8b:22:f7:d1:b5:5f:5a:f3:14:
04:e7:c8:73:01:ca:c6:df:a0:5a:b6:40:95:d5:d4:
ae:f1:2d:52:53:d2:a2:ab:04:65:28:29:68:3a:a7:
cf:54:38:94:72:aa:0c:b8:09:8a:b0:62:ce:52:69:
67:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F6:9A:39:FB:D0:15:1E:3B:86:E1:B0:4E:5E:45:4A:17:C6:F6:48
X509v3 Authority Key Identifier:
keyid:39:39:F9:2B:82:5C:E1:10:90:3C:31:D5:22:B0:F5:0C:AF:D7:4A:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/hvaaOfvQFR47huGwTl5FShfG9kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/e75e41-a828-4dc5-8ed3-9fc36411accc/1/OTn5K4Jc4RCQPDHVIrD1DK_XSm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.244.0/22
217.12.16.0/20
Signature Algorithm: sha256WithRSAEncryption
21:be:b8:af:f4:7e:de:e4:e6:59:74:ba:e9:d7:d1:f0:a8:87:
10:d8:0e:a5:5e:56:26:cb:65:04:01:0d:69:d1:30:f2:ad:ed:
96:bf:52:3d:00:b8:af:42:1a:59:6a:cf:b1:8b:0d:a9:ef:a6:
3e:80:94:57:a3:6a:80:43:75:22:22:ed:9e:5d:4e:40:83:28:
ce:ae:b2:ba:a8:e9:06:8b:87:d7:96:81:1b:55:2f:e9:77:da:
61:03:21:1e:ea:99:b7:69:39:79:52:da:db:a5:d6:e4:90:08:
c8:20:27:26:3e:58:54:67:5d:07:52:69:62:92:cb:a6:fe:f5:
f3:35:26:1d:22:5a:41:92:af:f5:40:28:fd:bb:2a:f8:5f:f4:
f1:24:b2:db:af:ed:73:84:42:ce:70:1f:cd:00:c8:a4:26:8c:
4d:48:05:f4:60:b5:af:2a:dd:04:40:4c:05:a7:b5:e7:05:1c:
44:d4:fb:87:ae:d0:cd:8e:7f:7a:05:36:02:3e:dd:70:43:40:
46:0c:d6:e5:be:17:1d:9a:eb:1c:3f:a8:c2:ce:9d:58:c2:c5:
ed:91:64:ea:7c:a3:c4:97:75:a4:51:ca:12:d6:75:25:a1:74:
bb:b3:24:63:56:70:1c:a1:d4:20:60:7f:e6:52:5a:53:92:43:
e8:3b:e5:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMAmww1siMyyLnN0g+9PD+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzlmOTJiODI1Y2UxMTA5MDNjMzFkNTIyYjBmNTBjYWZk
NzRhNmYwHhcNMjQxMTA2MDgzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY2OWEzOWZiZDAxNTFlM2I4NmUxYjA0ZTVlNDU0YTE3YzZmNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioVvSBXtvqsCa86NanDgPnMuQOwT
7t0pXRbw+lX3rom7G8I3C9g9Isny4CrhFHKeZTJ4ZL0R/2FsQ7x6fHhUTsty9SCZ
+4v5SFi1MaBkaPMR3oo+S2sTwWd+EUiSaNfinpYwRziW4pEZN3Km8Gon9Bmvlx1T
txfEkRD4vmjdDKY1AaoKt4rgkHuhqxJjqnJzuwJzG/F5abF0xSMp0FZDZhZMhd04
Sc0kaihTIOOjcCVNxzpTla2JyhO3syi/vQ+N7MLMmcovj7WLIvfRtV9a8xQE58hz
AcrG36BatkCV1dSu8S1SU9KiqwRlKCloOqfPVDiUcqoMuAmKsGLOUmlndQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIb2mjn70BUeO4bhsE5eRUoXxvZIMB8GA1UdIwQY
MBaAFDk5+SuCXOEQkDwx1SKw9Qyv10pvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMt
OWZjMzY0MTFhY2NjLzEvaHZhYU9mdlFGUjQ3aHVHd1RsNUZTaGZHOWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lNzVlNDEtYTgyOC00ZGM1LThlZDMtOWZjMzY0MTFhY2Nj
LzEvT1RuNUs0SmM0UkNRUERIVklyRDFES19YU204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucX0AwQE
2QwQMA0GCSqGSIb3DQEBCwUAA4IBAQAhvriv9H7e5OZZdLrp19HwqIcQ2A6lXlYm
y2UEAQ1p0TDyre2Wv1I9ALivQhpZas+xiw2p76Y+gJRXo2qAQ3UiIu2eXU5AgyjO
rrK6qOkGi4fXloEbVS/pd9phAyEe6pm3aTl5UtrbpdbkkAjIICcmPlhUZ10HUmli
ksum/vXzNSYdIlpBkq/1QCj9uyr4X/TxJLLbr+1zhELOcB/NAMikJoxNSAX0YLWv
Kt0EQEwFp7XnBRxE1PuHrtDNjn96BTYCPt1wQ0BGDNblvhcdmuscP6jCzp1YwsXt
kWTqfKPEl3WkUcoS1nUloXS7syRjVnAcodQgYH/mUlpTkkPoO+U6
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:40 2024 by rpki-client on console-fra.rpki-client.org