Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/HVFukbDrhHFYDEUH8ZVFmAqdQEk.roa
File: HVFukbDrhHFYDEUH8ZVFmAqdQEk.roa (raw, json)
Hash identifier: mkL/5YbX62qLF+xtQQL1gOTHtX5zU6LG02CdBxrukWA=
Subject key identifier: 1D:51:6E:91:B0:EB:84:71:58:0C:45:07:F1:95:45:98:0A:9D:40:49
Certificate issuer: /CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Certificate serial: 018CC9BCBA45759F8A1EA94E7E451527EDD0
Authority key identifier: 13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/HVFukbDrhHFYDEUH8ZVFmAqdQEk.roa
Signing time: Tue 02 Jan 2024 10:33:58 +0000
ROA not before: Tue 02 Jan 2024 10:33:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210095
IP address blocks: 85.31.42.0/24 maxlen: 24
85.31.41.0/24 maxlen: 24
85.31.40.0/24 maxlen: 24
85.31.43.0/24 maxlen: 24
2a0d:da40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ba:45:75:9f:8a:1e:a9:4e:7e:45:15:27:ed:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Validity
Not Before: Jan 2 10:33:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d516e91b0eb8471580c4507f19545980a9d4049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:57:e3:b7:a8:d7:cd:b4:a2:6d:dd:7c:21:37:
fa:4b:97:1b:09:86:ec:ae:38:59:af:3f:97:70:49:
74:85:1f:09:ce:65:5c:4c:e9:41:eb:6c:f0:8b:e9:
ba:18:fc:36:97:d1:7c:72:f0:b8:2a:57:bb:91:4c:
f4:48:4b:c1:a3:a8:c2:21:ce:da:a8:5b:91:97:7e:
03:4a:e7:d3:a4:c5:bd:5d:78:5f:3b:ad:0e:ae:20:
40:59:cc:21:a4:fc:d5:b0:3a:13:77:f1:36:ae:2d:
f3:30:f8:eb:eb:3c:a8:2b:b3:ab:64:5c:07:5f:9a:
4e:80:2b:b5:3c:e0:6d:97:ef:b3:7a:c6:6f:27:c0:
a2:7b:ef:50:cb:34:f9:05:b6:3c:3d:40:bc:59:50:
a7:e5:3b:6a:65:f2:77:65:1b:c6:e9:01:04:22:ed:
96:6c:de:e5:be:0a:e7:1a:b3:30:c6:cf:48:6c:6c:
85:be:49:e9:51:44:dc:ef:3a:0a:27:2e:dc:a9:6d:
10:b5:c4:57:5a:4c:45:85:7e:91:d1:d8:d3:eb:ac:
a0:a8:d1:d8:04:7b:50:65:4b:7a:1c:79:e6:8b:3f:
7b:7d:73:1a:4b:1b:ef:90:16:1b:cc:1e:6b:1c:3c:
c5:07:4a:16:ec:db:3e:65:0a:b5:41:16:39:47:e6:
9b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:51:6E:91:B0:EB:84:71:58:0C:45:07:F1:95:45:98:0A:9D:40:49
X509v3 Authority Key Identifier:
keyid:13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/HVFukbDrhHFYDEUH8ZVFmAqdQEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.40.0/22
IPv6:
2a0d:da40::/29
Signature Algorithm: sha256WithRSAEncryption
6f:72:05:4e:14:6b:85:99:31:18:6a:f1:9b:a1:db:38:f0:41:
7c:8b:9e:45:40:f9:0d:ea:ee:28:07:24:53:ef:de:42:6d:d2:
12:3a:a3:ae:67:38:04:77:ca:e0:b2:ad:4b:b1:67:d2:9b:c2:
ba:90:d1:28:9b:70:52:4c:c8:c3:bd:77:bd:da:36:19:0b:ff:
5a:20:d7:33:46:f9:6c:6c:5c:01:e0:fc:98:54:be:9c:5c:94:
09:7d:66:4a:5d:17:1a:74:50:7c:65:f3:ed:ec:0b:8c:51:99:
8c:50:7c:80:29:7f:49:5a:3f:63:f4:33:1e:bc:9b:95:a5:75:
e5:07:77:ed:61:77:8d:75:75:b3:3a:94:5e:12:57:b2:76:aa:
48:6c:9b:33:2e:e6:66:8f:28:88:b5:17:be:30:e3:55:58:dc:
e9:9c:d9:3b:bd:88:7d:fd:ba:fd:de:3d:81:68:7f:c3:23:df:
19:95:22:7f:3a:65:75:66:b9:af:9f:72:d0:44:9c:97:61:ac:
43:4e:cb:3d:b3:1f:a4:2d:8e:b3:50:46:91:08:eb:c4:f4:0d:
60:28:a7:10:63:e2:bb:3e:7a:f7:eb:d9:78:1a:03:67:0e:cf:
47:e4:7c:90:d7:e7:12:e0:e3:e1:a7:b7:73:73:c4:10:0c:8f:
4d:5c:f6:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvLpFdZ+KHqlOfkUVJ+3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjRmNmI5MDE2N2I3MWJkNjYzZmEwMzkxZTAzOGEwMTU1
YmI5MzkwHhcNMjQwMTAyMTAzMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDUxNmU5MWIwZWI4NDcxNTgwYzQ1MDdmMTk1NDU5ODBhOWQ0MDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1fjt6jXzbSibd18ITf6S5cbCYbs
rjhZrz+XcEl0hR8JzmVcTOlB62zwi+m6GPw2l9F8cvC4Kle7kUz0SEvBo6jCIc7a
qFuRl34DSufTpMW9XXhfO60OriBAWcwhpPzVsDoTd/E2ri3zMPjr6zyoK7OrZFwH
X5pOgCu1POBtl++zesZvJ8Cie+9QyzT5BbY8PUC8WVCn5TtqZfJ3ZRvG6QEEIu2W
bN7lvgrnGrMwxs9IbGyFvknpUUTc7zoKJy7cqW0QtcRXWkxFhX6R0djT66ygqNHY
BHtQZUt6HHnmiz97fXMaSxvvkBYbzB5rHDzFB0oW7Ns+ZQq1QRY5R+abaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB1RbpGw64RxWAxFB/GVRZgKnUBJMB8GA1UdIwQY
MBaAFBO09rkBZ7cb1mP6A5HgOKAVW7k5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODkt
Y2IzZmE0MDdlMGY0LzEvSFZGdWtiRHJoSEZZREVVSDhaVkZtQXFkUUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODktY2IzZmE0MDdlMGY0
LzEvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVR8oMA0E
AgACMAcDBQMqDdpAMA0GCSqGSIb3DQEBCwUAA4IBAQBvcgVOFGuFmTEYavGbods4
8EF8i55FQPkN6u4oByRT795CbdISOqOuZzgEd8rgsq1LsWfSm8K6kNEom3BSTMjD
vXe92jYZC/9aINczRvlsbFwB4PyYVL6cXJQJfWZKXRcadFB8ZfPt7AuMUZmMUHyA
KX9JWj9j9DMevJuVpXXlB3ftYXeNdXWzOpReEleydqpIbJszLuZmjyiItRe+MONV
WNzpnNk7vYh9/br93j2BaH/DI98ZlSJ/OmV1Zrmvn3LQRJyXYaxDTss9sx+kLY6z
UEaRCOvE9A1gKKcQY+K7Pnr369l4GgNnDs9H5HyQ1+cS4OPhp7dzc8QQDI9NXPaP
-----END CERTIFICATE-----
Generated at Sat May 18 13:54:46 2024 by rpki-client on console-ams.rpki-client.org