Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/Hura5xYE7L9AySQAWRkppCNZte4.roa
File: Hura5xYE7L9AySQAWRkppCNZte4.roa (raw, json)
Hash identifier: GZ2i6D5W+o3EAP6fS5YmSLfpgkiMWLMKAGZAaMMjUlg=
Subject key identifier: 1E:EA:DA:E7:16:04:EC:BF:40:C9:24:00:59:19:29:A4:23:59:B5:EE
Certificate issuer: /CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Certificate serial: 019297364FAC8357501B20E7DCEF9E9F809E
Authority key identifier: FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/Hura5xYE7L9AySQAWRkppCNZte4.roa
Signing time: Wed 16 Oct 2024 21:22:51 +0000
ROA not before: Wed 16 Oct 2024 21:22:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 2.57.28.0/22 maxlen: 22
139.28.226.0/24 maxlen: 24
193.168.220.0/22 maxlen: 22
194.93.32.0/24 maxlen: 24
194.93.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:36:4f:ac:83:57:50:1b:20:e7:dc:ef:9e:9f:80:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Validity
Not Before: Oct 16 21:22:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eeadae71604ecbf40c92400591929a42359b5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a3:9d:65:12:ff:e6:bb:2f:6e:ab:11:3d:98:
92:1b:00:75:0f:cb:7c:79:41:5c:d0:83:06:2f:cb:
0a:4f:aa:88:36:fb:02:c3:01:ec:b0:e4:57:12:4c:
a8:86:bc:7e:41:54:62:96:75:b0:52:18:a7:77:9e:
6f:1b:fc:e2:8c:34:df:34:4a:55:f8:1f:ef:a1:83:
a1:38:ad:30:e9:68:ec:6f:7c:29:06:89:de:e0:2f:
eb:85:f5:d8:6d:a6:3a:bd:77:a0:2d:0d:d1:34:3d:
1d:ab:bb:3d:bf:25:be:99:42:33:77:2c:cf:3e:61:
b5:65:23:06:14:ce:b7:ea:1f:91:24:0a:de:91:29:
98:e1:29:34:f7:e0:22:05:14:5a:35:42:bc:c9:2d:
3d:ac:65:7b:80:c4:9b:e9:b7:3d:31:52:42:28:01:
7b:9a:84:9e:c2:90:c8:ea:74:ff:f5:b4:e3:a6:20:
c9:ad:a9:21:9b:f3:b3:ca:82:8a:d2:d7:10:04:9c:
e4:01:78:8d:6c:ce:8c:01:b4:02:25:ff:be:e4:95:
ea:35:0d:2a:69:6a:44:a3:0d:62:36:d6:b8:e4:2a:
4b:ca:d0:06:fc:ec:2d:82:80:e4:b0:c3:d3:d5:b5:
e7:aa:36:e5:c8:d2:59:72:f1:52:ea:69:90:62:24:
f0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EA:DA:E7:16:04:EC:BF:40:C9:24:00:59:19:29:A4:23:59:B5:EE
X509v3 Authority Key Identifier:
keyid:FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/Hura5xYE7L9AySQAWRkppCNZte4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.28.0/22
139.28.226.0/24
193.168.220.0/22
194.93.32.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:b7:40:2d:97:ca:13:c5:c1:c3:7f:12:32:39:39:f3:bd:61:
b1:37:d5:25:94:00:c3:22:11:f8:b5:dc:93:6d:5b:69:7d:f5:
db:81:68:e4:62:0f:47:01:a2:bd:d3:c3:d4:be:f4:06:38:83:
50:5c:21:39:9f:68:55:64:c4:9d:82:99:15:be:da:f9:08:73:
3b:73:a5:40:f4:4a:db:86:46:b8:ad:ae:63:3a:f0:93:a2:da:
90:99:a3:a0:ba:2b:9a:c2:31:60:7a:a6:34:2b:12:ab:a5:6f:
04:09:e5:0b:84:8a:d7:f2:0f:de:1a:2c:00:82:4c:f7:4a:ae:
b9:17:e4:da:e8:0a:c0:9a:da:86:42:d9:1c:9e:d4:da:38:7b:
f7:76:ee:7c:b4:83:87:1b:84:c8:ee:9e:41:97:7a:66:3f:31:
f4:28:fd:89:bc:3e:4e:9b:e5:06:84:26:a1:03:a3:64:06:10:
e1:e4:09:9f:1a:5a:a2:d5:9f:a9:8e:02:d7:41:84:20:6a:41:
08:64:2d:79:22:56:df:94:76:74:f8:44:fd:7f:8c:5e:f2:bd:
2e:20:e6:18:b9:36:3f:0f:88:6f:38:b7:d4:b6:dd:84:c0:9a:
ff:19:a0:3c:75:39:d8:19:7c:64:d9:18:bf:75:42:29:ac:8e:
4b:0e:e2:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKXNk+sg1dQGyDn3O+en4CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTk1YmQ2ODJhOGU5YTEyNGQ1ODUzZGM1ZTkwOGFhZTcz
MzliYWUwHhcNMjQxMDE2MjEyMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWVhZGFlNzE2MDRlY2JmNDBjOTI0MDA1OTE5MjlhNDIzNTliNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaOdZRL/5rsvbqsRPZiSGwB1D8t8
eUFc0IMGL8sKT6qINvsCwwHssORXEkyohrx+QVRilnWwUhind55vG/zijDTfNEpV
+B/voYOhOK0w6Wjsb3wpBone4C/rhfXYbaY6vXegLQ3RND0dq7s9vyW+mUIzdyzP
PmG1ZSMGFM636h+RJArekSmY4Sk09+AiBRRaNUK8yS09rGV7gMSb6bc9MVJCKAF7
moSewpDI6nT/9bTjpiDJrakhm/OzyoKK0tcQBJzkAXiNbM6MAbQCJf++5JXqNQ0q
aWpEow1iNta45CpLytAG/OwtgoDksMPT1bXnqjblyNJZcvFS6mmQYiTwqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB7q2ucWBOy/QMkkAFkZKaQjWbXuMB8GA1UdIwQY
MBaAFPwZW9aCqOmhJNWFPcXpCKrnM5uuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUt
Y2M3YjI4OTkwYjgxLzEvSHVyYTV4WUU3TDlBeVNRQVdSa3BwQ05adGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUtY2M3YjI4OTkwYjgx
LzEvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjkcAwQA
ixziAwQCwajcAwQBwl0gMA0GCSqGSIb3DQEBCwUAA4IBAQCLt0Atl8oTxcHDfxIy
OTnzvWGxN9UllADDIhH4tdyTbVtpffXbgWjkYg9HAaK908PUvvQGOINQXCE5n2hV
ZMSdgpkVvtr5CHM7c6VA9Erbhka4ra5jOvCTotqQmaOguiuawjFgeqY0KxKrpW8E
CeULhIrX8g/eGiwAgkz3Sq65F+Ta6ArAmtqGQtkcntTaOHv3du58tIOHG4TI7p5B
l3pmPzH0KP2JvD5Om+UGhCahA6NkBhDh5AmfGlqi1Z+pjgLXQYQgakEIZC15Ilbf
lHZ0+ET9f4xe8r0uIOYYuTY/D4hvOLfUtt2EwJr/GaA8dTnYGXxk2Ri/dUIprI5L
DuKc
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:58 2024 by rpki-client on console-fra.rpki-client.org