Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/HDG7qNHEGWTSrQjWLeGZzCtQRFg.roa
File: HDG7qNHEGWTSrQjWLeGZzCtQRFg.roa (raw, json)
Hash identifier: Dbdj+iLa6BznFabVJpoQj+HP21ak9l2CkTxCr8pJ5S4=
Subject key identifier: 1C:31:BB:A8:D1:C4:19:64:D2:AD:08:D6:2D:E1:99:CC:2B:50:44:58
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 018D3F211EACB606F2E13BF2338758E83EAE
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/HDG7qNHEGWTSrQjWLeGZzCtQRFg.roa
Signing time: Thu 25 Jan 2024 05:39:11 +0000
ROA not before: Thu 25 Jan 2024 05:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.198.117.0/24 maxlen: 24
185.109.132.0/24 maxlen: 24
185.109.133.0/24 maxlen: 24
185.109.134.0/24 maxlen: 24
185.109.135.0/24 maxlen: 24
185.146.152.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:10::/44 maxlen: 44
2a07:4f80:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:21:1e:ac:b6:06:f2:e1:3b:f2:33:87:58:e8:3e:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jan 25 05:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c31bba8d1c41964d2ad08d62de199cc2b504458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:17:49:41:a6:50:3b:af:f2:ad:75:90:58:7e:
17:24:1a:9f:5d:0a:88:34:60:5d:b0:c1:75:36:ce:
a7:39:fd:8c:3c:16:d0:e9:e8:1a:1c:db:9d:cf:38:
1c:23:64:a3:07:ab:c3:32:ba:44:0d:a1:7e:d4:c3:
fd:4e:f1:61:62:6c:e2:b2:7b:5f:a2:0b:9d:20:a0:
25:3a:46:31:31:8f:ae:2a:23:49:30:15:a0:36:3c:
ad:87:05:e8:50:a8:61:3b:15:53:ff:b9:71:fc:54:
82:a5:e1:27:19:be:7c:b2:56:a0:45:15:0c:9f:de:
5b:af:e4:a1:a4:22:59:99:59:d7:2f:46:3d:e5:c5:
d1:1e:17:1e:0d:c7:cc:78:c3:29:b5:a7:e5:8c:8c:
9b:3b:25:33:63:b9:6b:37:60:ce:3a:f5:99:c4:71:
75:1d:64:76:78:d7:d6:7c:53:15:1d:5e:e7:ff:7c:
76:1b:bd:99:3e:39:06:d0:2d:11:93:d5:1c:f2:51:
83:d9:f2:ce:25:d7:71:4f:63:b2:8b:c6:12:15:81:
02:50:d9:0c:0a:6f:44:7a:5d:99:98:56:7c:7e:ff:
6d:93:e6:dc:8d:d3:5c:5b:7a:b0:a5:af:ee:d7:0c:
91:28:ec:83:86:3e:37:45:89:10:fb:c9:77:5b:2b:
13:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:31:BB:A8:D1:C4:19:64:D2:AD:08:D6:2D:E1:99:CC:2B:50:44:58
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/HDG7qNHEGWTSrQjWLeGZzCtQRFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.117.0/24
185.109.132.0/22
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7a:df:a5:0a:85:55:f2:9c:d7:d3:88:b8:71:75:f0:75:9f:42:
32:f3:b2:ce:8f:a5:3f:b3:f9:f1:06:77:bd:d5:ea:b4:c1:ff:
0f:bf:c6:fa:79:37:84:f4:f5:aa:44:c5:b5:ef:dd:b5:0a:94:
b5:97:62:6f:9e:3a:c2:41:ed:7b:4f:54:75:85:04:e5:f8:4b:
1b:2e:02:13:3d:3e:63:7d:dd:de:35:be:48:ec:c2:ee:e7:89:
59:0e:a8:01:71:ce:d5:ca:d6:72:f9:0e:7b:12:0d:a5:7b:74:
ec:99:ca:59:1b:04:97:96:5d:12:8d:bb:01:65:77:9d:82:7b:
8a:ef:09:a4:d6:81:3d:b8:2f:f9:77:9f:23:be:3c:8f:89:bc:
a5:05:be:b6:a3:85:fa:20:85:ae:4d:c3:a6:12:17:3a:bf:7d:
85:0b:0f:06:29:a2:97:89:6c:94:c8:3d:cd:43:91:2a:7b:79:
6e:14:10:d2:d1:cd:73:6e:03:58:dd:45:d1:4f:e4:73:f9:e6:
0a:7a:26:89:52:d5:ff:35:78:62:63:5b:91:11:3e:f3:52:32:
e3:12:fe:64:b5:8f:ce:9c:2b:45:9c:5f:ff:bc:4a:63:b8:51:
fd:68:65:7e:d6:91:58:67:32:d6:52:74:b2:17:a5:f5:22:de:
1f:17:e4:cb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY0/IR6stgby4TvyM4dY6D6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjQwMTI1MDUzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMxYmJhOGQxYzQxOTY0ZDJhZDA4ZDYyZGUxOTljYzJiNTA0NDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBdJQaZQO6/yrXWQWH4XJBqfXQqI
NGBdsMF1Ns6nOf2MPBbQ6egaHNudzzgcI2SjB6vDMrpEDaF+1MP9TvFhYmzisntf
ogudIKAlOkYxMY+uKiNJMBWgNjythwXoUKhhOxVT/7lx/FSCpeEnGb58slagRRUM
n95br+ShpCJZmVnXL0Y95cXRHhceDcfMeMMptafljIybOyUzY7lrN2DOOvWZxHF1
HWR2eNfWfFMVHV7n/3x2G72ZPjkG0C0Rk9Uc8lGD2fLOJddxT2Oyi8YSFYECUNkM
Cm9Eel2ZmFZ8fv9tk+bcjdNcW3qwpa/u1wyRKOyDhj43RYkQ+8l3WysTbQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBwxu6jRxBlk0q0I1i3hmcwrUERYMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvSERHN3FOSEVHV1RTclFqV0xlR1p6Q3RRUkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAW8Z1AwQC
uW2EAwQAuZKYAwQBuZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZI
hvcNAQELBQADggEBAHrfpQqFVfKc19OIuHF18HWfQjLzss6PpT+z+fEGd73V6rTB
/w+/xvp5N4T09apExbXv3bUKlLWXYm+eOsJB7XtPVHWFBOX4SxsuAhM9PmN93d41
vkjswu7niVkOqAFxztXK1nL5DnsSDaV7dOyZylkbBJeWXRKNuwFld52Ce4rvCaTW
gT24L/l3nyO+PI+JvKUFvrajhfogha5Nw6YSFzq/fYULDwYpopeJbJTIPc1DkSp7
eW4UENLRzXNuA1jdRdFP5HP55gp6JolS1f81eGJjW5ERPvNSMuMS/mS1j86cK0Wc
X/+8SmO4Uf1oZX7WkVhnMtZSdLIXpfUi3h8X5Ms=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:00 2024 by rpki-client on console-ams.rpki-client.org