Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/hpvQuAXJehQSd49ElYBWNJUvXiM.roa
File: hpvQuAXJehQSd49ElYBWNJUvXiM.roa (raw, json)
Hash identifier: wnKaR7cWN/0z0e7OlXVyvxuvpp/DGgXE9QJo5vkxnsY=
Subject key identifier: 86:9B:D0:B8:05:C9:7A:14:12:77:8F:44:95:80:56:34:95:2F:5E:23
Certificate issuer: /CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Certificate serial: 0193481E10835641E7F59AB797082CD50FB5
Authority key identifier: F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/hpvQuAXJehQSd49ElYBWNJUvXiM.roa
Signing time: Wed 20 Nov 2024 05:49:09 +0000
ROA not before: Wed 20 Nov 2024 05:49:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30893
IP address blocks: 31.22.91.0/24 maxlen: 24
31.22.94.0/24 maxlen: 24
185.231.100.0/22 maxlen: 24
195.47.238.0/24 maxlen: 24
2a0c:5700::/29 maxlen: 48
2a0c:5700:3133::/48 maxlen: 48
2a0c:5700:5353::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:1e:10:83:56:41:e7:f5:9a:b7:97:08:2c:d5:0f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f60846f21c56a8513d31c155dd199197a3ffc7c0
Validity
Not Before: Nov 20 05:49:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869bd0b805c97a1412778f4495805634952f5e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:40:5f:a1:cb:df:57:da:c4:7d:6a:21:f8:
9c:ec:4b:d4:fc:b4:e4:b7:17:50:08:cc:4b:79:e1:
33:cc:d3:c1:eb:dc:3b:c6:cc:b7:89:42:7b:d4:4d:
9e:af:b6:e0:a2:82:c6:21:73:71:fb:93:60:88:e5:
45:16:80:50:bd:54:75:47:ed:f5:b9:9d:f9:6d:dc:
79:a2:94:93:7d:05:fd:c6:3a:c0:4b:12:3f:49:3f:
4b:4f:d7:66:45:92:84:28:c3:e7:4e:65:a8:bc:48:
4c:8c:65:17:cd:cf:ff:0f:50:5a:7f:c1:9f:8e:29:
2f:c1:d2:10:8b:2c:39:d5:86:59:df:ca:90:fb:16:
6b:b5:41:f1:f8:a7:e4:04:67:66:a3:b2:3a:07:82:
1d:5a:ab:d8:2b:b8:81:1f:e8:4e:5f:fe:95:13:8b:
68:7f:e4:d2:e6:d0:d7:e1:12:b8:2f:2c:9d:87:d2:
91:6e:32:6a:45:4b:6e:a3:4c:c8:a9:92:cc:91:a8:
7b:87:e7:a1:9f:bc:24:b3:d7:a1:1b:27:03:2b:da:
7d:26:51:ba:98:27:d1:ce:c6:fc:ee:11:47:e9:dd:
27:45:21:ba:be:cd:dc:fd:91:77:00:34:26:93:4e:
61:c1:d8:68:b2:b5:7d:05:d6:95:3a:71:40:31:a1:
67:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9B:D0:B8:05:C9:7A:14:12:77:8F:44:95:80:56:34:95:2F:5E:23
X509v3 Authority Key Identifier:
keyid:F6:08:46:F2:1C:56:A8:51:3D:31:C1:55:DD:19:91:97:A3:FF:C7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9ghG8hxWqFE9McFV3RmRl6P_x8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/hpvQuAXJehQSd49ElYBWNJUvXiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/a0f4be-4c0d-4df5-90c6-a6d45ef7d227/1/9ghG8hxWqFE9McFV3RmRl6P_x8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.91.0/24
31.22.94.0/24
185.231.100.0/22
195.47.238.0/24
IPv6:
2a0c:5700::/29
Signature Algorithm: sha256WithRSAEncryption
83:86:21:e8:b8:e9:55:43:32:8c:15:89:d9:82:64:be:84:cd:
3b:bd:e3:a7:c9:c3:a3:6d:a7:d5:97:9f:c4:57:bd:24:66:74:
85:0d:62:fd:74:20:6d:29:73:e0:15:58:27:40:6e:f8:1b:f0:
db:e0:ae:a0:de:5d:0a:0a:73:ef:20:82:f3:5f:32:ab:c0:e3:
f2:b4:b8:c0:dd:ac:68:98:4f:ed:10:3b:c2:33:6a:af:1b:7f:
2b:a2:0f:1c:4e:29:3c:8c:9b:82:fa:10:7e:3b:16:4a:54:06:
aa:0e:60:d6:82:f2:6f:8f:50:07:7a:0a:2a:30:ce:71:77:e5:
10:6d:b5:26:78:68:b5:ff:0c:c8:7c:12:02:a1:04:35:a8:0d:
67:e1:5e:a9:a2:08:10:f0:c4:db:59:7c:9e:7a:20:e7:3d:34:
a7:f5:1a:13:5e:b8:36:3f:6b:c5:fd:9f:17:50:f2:9b:a4:4b:
b5:9c:8a:e0:56:bf:45:e1:2a:42:52:03:37:b0:68:22:fd:61:
3d:e7:28:8e:f8:60:61:99:b0:bc:b8:0f:38:58:9c:57:f3:46:
64:d8:bf:69:e7:fa:80:f2:5b:eb:33:0e:15:70:43:9d:60:5f:
be:4a:0a:14:ce:47:63:d1:c9:0f:63:73:f1:f9:49:6a:ec:9c:
06:99:c8:7b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZNIHhCDVkHn9Zq3lwgs1Q+1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MDg0NmYyMWM1NmE4NTEzZDMxYzE1NWRkMTk5MTk3YTNm
ZmM3YzAwHhcNMjQxMTIwMDU0OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjliZDBiODA1Yzk3YTE0MTI3NzhmNDQ5NTgwNTYzNDk1MmY1ZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfxAX6HL31faxH1qIfic7EvU/LTk
txdQCMxLeeEzzNPB69w7xsy3iUJ71E2er7bgooLGIXNx+5NgiOVFFoBQvVR1R+31
uZ35bdx5opSTfQX9xjrASxI/ST9LT9dmRZKEKMPnTmWovEhMjGUXzc//D1Baf8Gf
jikvwdIQiyw51YZZ38qQ+xZrtUHx+KfkBGdmo7I6B4IdWqvYK7iBH+hOX/6VE4to
f+TS5tDX4RK4Lyydh9KRbjJqRUtuo0zIqZLMkah7h+ehn7wks9ehGycDK9p9JlG6
mCfRzsb87hFH6d0nRSG6vs3c/ZF3ADQmk05hwdhosrV9BdaVOnFAMaFnOwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIab0LgFyXoUEnePRJWAVjSVL14jMB8GA1UdIwQY
MBaAFPYIRvIcVqhRPTHBVd0ZkZej/8fAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYt
YTZkNDVlZjdkMjI3LzEvaHB2UXVBWEplaFFTZDQ5RWxZQldOSlV2WGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hMGY0YmUtNGMwZC00ZGY1LTkwYzYtYTZkNDVlZjdkMjI3
LzEvOWdoRzhoeFdxRkU5TWNGVjNSbVJsNlBfeDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHxZbAwQA
HxZeAwQCuedkAwQAwy/uMA0EAgACMAcDBQMqDFcAMA0GCSqGSIb3DQEBCwUAA4IB
AQCDhiHouOlVQzKMFYnZgmS+hM07veOnycOjbafVl5/EV70kZnSFDWL9dCBtKXPg
FVgnQG74G/Db4K6g3l0KCnPvIILzXzKrwOPytLjA3axomE/tEDvCM2qvG38rog8c
Tik8jJuC+hB+OxZKVAaqDmDWgvJvj1AHegoqMM5xd+UQbbUmeGi1/wzIfBICoQQ1
qA1n4V6poggQ8MTbWXyeeiDnPTSn9RoTXrg2P2vF/Z8XUPKbpEu1nIrgVr9F4SpC
UgM3sGgi/WE95yiO+GBhmbC8uA84WJxX80Zk2L9p5/qA8lvrMw4VcEOdYF++SgoU
zkdj0ckPY3Px+Ulq7JwGmch7
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:10 2024 by rpki-client on console-fra.rpki-client.org