Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/HxVAzVE5KntImrwbrVKnE5ZbF7I.roa
File: HxVAzVE5KntImrwbrVKnE5ZbF7I.roa (raw, json)
Hash identifier: pnox3TKVyRu81eTryLScqGFnlZepcJIrnYPI7HDm9IE=
Subject key identifier: 1F:15:40:CD:51:39:2A:7B:48:9A:BC:1B:AD:52:A7:13:96:5B:17:B2
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 01927B8A4461DFB6470BADD6E1F8593382A4
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/HxVAzVE5KntImrwbrVKnE5ZbF7I.roa
Signing time: Fri 11 Oct 2024 12:25:11 +0000
ROA not before: Fri 11 Oct 2024 12:25:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 86.110.42.0/24 maxlen: 24
86.110.48.0/24 maxlen: 24
86.110.49.0/24 maxlen: 24
86.110.50.0/24 maxlen: 24
86.110.51.0/24 maxlen: 24
86.110.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:8a:44:61:df:b6:47:0b:ad:d6:e1:f8:59:33:82:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Oct 11 12:25:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f1540cd51392a7b489abc1bad52a713965b17b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:b2:6e:13:ab:a8:7c:45:1a:5c:a8:ed:2a:
fd:48:f9:c0:2c:00:c2:18:7c:a0:80:a9:35:2b:8d:
ca:8b:55:bd:0e:6e:e0:32:d0:d1:2c:42:cf:91:45:
8c:3c:01:c5:97:1c:7e:b8:1a:65:f4:72:d3:23:c5:
61:0f:09:a7:17:d8:71:82:c9:e4:b6:6e:96:03:4f:
9c:cc:59:33:20:ce:e5:a7:3f:2b:d4:5b:66:b0:85:
76:79:08:04:5f:9d:f1:0c:06:23:8b:a5:57:e9:7b:
8d:fd:8d:15:5a:ad:55:79:cc:23:b1:d9:4a:28:80:
17:0d:b7:3d:2b:53:eb:db:06:a0:24:2b:49:77:24:
92:0f:fc:09:d1:a7:45:f5:98:3e:fa:15:8b:29:4a:
c5:97:5f:5c:37:01:9c:c9:bd:49:21:c6:aa:8d:ee:
71:c4:0c:78:3b:bc:81:0c:39:38:3f:73:99:b7:1e:
c5:f6:8f:5e:f1:af:5b:ae:79:f1:6a:81:48:7a:c1:
fb:41:83:67:1e:cf:e6:d2:6a:d5:ff:df:ba:26:e8:
9f:ad:e5:3e:8b:07:7c:a3:38:ac:35:40:7c:cc:82:
4e:16:57:7b:6b:cb:9d:dd:78:d7:ee:3d:f1:0c:7a:
8d:e2:e0:8f:ad:b5:d9:20:11:38:46:ef:2c:f7:f8:
fb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:15:40:CD:51:39:2A:7B:48:9A:BC:1B:AD:52:A7:13:96:5B:17:B2
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/HxVAzVE5KntImrwbrVKnE5ZbF7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.42.0/24
86.110.48.0/22
86.110.61.0/24
Signature Algorithm: sha256WithRSAEncryption
31:91:8a:92:fc:f1:7e:f0:ad:90:51:52:c6:36:e7:49:f1:7b:
e8:0b:9b:b6:3a:f8:2b:a8:41:3b:18:0a:00:58:1f:3c:b7:69:
b0:4c:21:a6:14:fa:b9:5d:c2:c5:66:51:7c:ef:fd:c9:c5:5e:
fd:4a:7c:6a:57:a2:a8:02:06:75:36:7c:56:28:43:cc:58:dd:
84:d0:d8:d7:17:20:61:8c:0e:8c:fa:8b:f4:db:67:78:bd:76:
76:d1:05:c6:f4:e6:91:94:5b:f5:0b:be:45:f5:cf:26:3f:d9:
58:fb:57:28:f2:46:cf:3e:b5:dd:9d:fb:18:b1:98:85:b5:b4:
2b:59:98:a4:7a:60:10:04:5e:8e:f0:5b:3e:de:59:46:0b:cd:
df:d3:2c:33:d2:4b:ab:45:4d:40:13:f8:38:3d:e8:82:27:43:
b2:bf:e9:dd:8c:97:fd:0d:c1:d2:f8:88:3a:87:94:3d:1e:ed:
b7:53:34:40:c9:6e:73:68:63:f3:73:18:46:c2:4e:00:4d:93:
5c:8f:2b:eb:dc:ad:ad:6d:dd:a3:e8:5a:ac:69:bb:5a:c4:34:
10:42:08:43:f4:d1:0c:47:93:cc:9f:38:a8:58:08:05:4f:12:
5d:60:40:a9:63:c5:22:1d:6d:de:30:7f:08:44:23:ad:e7:d4:
49:91:7a:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJ7ikRh37ZHC63W4fhZM4KkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMDExMTIyNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjE1NDBjZDUxMzkyYTdiNDg5YWJjMWJhZDUyYTcxMzk2NWIxN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuqybhOrqHxFGlyo7Sr9SPnALADC
GHyggKk1K43Ki1W9Dm7gMtDRLELPkUWMPAHFlxx+uBpl9HLTI8VhDwmnF9hxgsnk
tm6WA0+czFkzIM7lpz8r1FtmsIV2eQgEX53xDAYji6VX6XuN/Y0VWq1VecwjsdlK
KIAXDbc9K1Pr2wagJCtJdySSD/wJ0adF9Zg++hWLKUrFl19cNwGcyb1JIcaqje5x
xAx4O7yBDDk4P3OZtx7F9o9e8a9brnnxaoFIesH7QYNnHs/m0mrV/9+6JuifreU+
iwd8ozisNUB8zIJOFld7a8ud3XjX7j3xDHqN4uCPrbXZIBE4Ru8s9/j7dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB8VQM1ROSp7SJq8G61SpxOWWxeyMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvSHhWQXpWRTVLbnRJbXJ3YnJWS25FNVpiRjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVm4qAwQC
Vm4wAwQAVm49MA0GCSqGSIb3DQEBCwUAA4IBAQAxkYqS/PF+8K2QUVLGNudJ8Xvo
C5u2OvgrqEE7GAoAWB88t2mwTCGmFPq5XcLFZlF87/3JxV79SnxqV6KoAgZ1NnxW
KEPMWN2E0NjXFyBhjA6M+ov022d4vXZ20QXG9OaRlFv1C75F9c8mP9lY+1co8kbP
PrXdnfsYsZiFtbQrWZikemAQBF6O8Fs+3llGC83f0ywz0kurRU1AE/g4PeiCJ0Oy
v+ndjJf9DcHS+Ig6h5Q9Hu23UzRAyW5zaGPzcxhGwk4ATZNcjyvr3K2tbd2j6Fqs
abtaxDQQQghD9NEMR5PMnzioWAgFTxJdYECpY8UiHW3eMH8IRCOt59RJkXqr
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:52 2024 by rpki-client on console-ams.rpki-client.org