Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/HaTV1FF0w0qmRQkPiFdiHZ_o7kQ.roa
File: HaTV1FF0w0qmRQkPiFdiHZ_o7kQ.roa (raw, json)
Hash identifier: 0+cimVRpZ3A9FWcNG69XNm1EIzYFMrASax+cyrwY1zQ=
Subject key identifier: 1D:A4:D5:D4:51:74:C3:4A:A6:45:09:0F:88:57:62:1D:9F:E8:EE:44
Certificate issuer: /CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Certificate serial: 0190C01C8A2BB6A46C4DFEDB4BE218F7DA0C
Authority key identifier: F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/HaTV1FF0w0qmRQkPiFdiHZ_o7kQ.roa
Signing time: Wed 17 Jul 2024 09:53:34 +0000
ROA not before: Wed 17 Jul 2024 09:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57511
IP address blocks: 91.132.164.0/23 maxlen: 32
91.132.165.0/24 maxlen: 32
91.132.166.0/23 maxlen: 23
91.132.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:1c:8a:2b:b6:a4:6c:4d:fe:db:4b:e2:18:f7:da:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Validity
Not Before: Jul 17 09:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da4d5d45174c34aa645090f8857621d9fe8ee44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:32:35:8d:28:bf:ed:4b:94:80:11:9a:38:c7:
15:e2:fa:66:e5:df:97:4d:36:85:9d:25:54:97:92:
a2:95:e6:37:5d:69:d4:36:0d:93:09:8b:ae:ec:17:
a7:0e:3a:57:e9:72:6f:5f:22:f0:f6:45:76:88:f3:
0b:97:27:e5:af:73:7c:c5:7f:ab:53:0a:b6:64:3b:
dc:c7:19:f8:e5:3c:59:28:7f:12:4b:f6:2c:9a:ec:
4c:8c:0a:5e:7d:c4:cd:1c:69:4e:fa:2f:62:0e:7d:
04:38:7e:d9:14:dc:d9:7a:b3:c4:f1:f6:e4:a3:78:
27:d4:41:96:a5:92:2d:9b:6e:99:cb:ad:ef:61:89:
d3:67:a6:3e:ea:4a:e7:48:0f:7c:9f:7a:9c:11:34:
6d:7d:e0:1c:be:18:2d:63:f5:3b:7e:c3:86:ad:5e:
e7:49:b3:c7:c6:1e:5d:59:46:a0:01:0e:1c:18:2a:
df:3a:9a:20:50:68:33:73:d2:c6:95:21:9b:15:3e:
2e:27:dc:44:ad:4c:a0:e8:6f:43:85:7f:ec:14:ed:
52:86:12:30:30:f8:d9:4f:df:5f:45:3a:49:1f:06:
a7:9b:a0:3e:78:2d:f8:10:07:52:33:e5:14:00:d7:
8f:8a:53:5d:1c:da:bd:f4:54:5b:88:7a:52:46:34:
71:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A4:D5:D4:51:74:C3:4A:A6:45:09:0F:88:57:62:1D:9F:E8:EE:44
X509v3 Authority Key Identifier:
keyid:F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/HaTV1FF0w0qmRQkPiFdiHZ_o7kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.164.0/22
Signature Algorithm: sha256WithRSAEncryption
55:d9:a6:c8:29:62:a1:64:c4:e0:bb:32:2d:d0:5f:4b:e8:be:
10:0a:f8:22:cd:7d:2d:b4:3e:fe:55:3f:96:ce:e8:21:2b:f8:
2a:90:ef:ea:67:ad:19:83:22:a6:6a:2d:ad:95:0b:32:c3:09:
43:45:75:c1:48:47:37:a9:fd:e8:09:b6:ec:ed:2f:c1:42:ae:
23:41:05:5d:c1:d2:01:4a:75:20:33:e8:c7:ed:2a:63:fd:d3:
bf:e5:9c:af:c1:42:0b:e6:29:75:f1:57:7a:55:48:84:b5:dd:
97:75:05:b2:19:0d:ab:11:77:37:ec:f4:cb:d5:7d:b9:01:20:
7b:c1:b9:2a:53:6a:bf:26:a8:ab:2e:9f:03:31:8c:16:69:03:
64:99:64:e8:99:17:9b:c4:f2:69:9a:2f:50:17:c7:46:6a:d3:
0c:6f:b1:dc:bb:c2:eb:b7:7b:9d:8b:b2:43:48:0d:bb:23:f4:
2f:7e:75:fd:12:66:e7:ad:63:91:31:03:c7:91:9f:07:38:3f:
f4:54:2a:6a:d7:7e:c6:c4:e0:2c:55:6a:ce:ce:65:92:c1:65:
76:92:9a:08:24:29:7c:36:27:4e:c6:b1:68:af:0b:73:96:b8:
d5:74:06:a9:39:3a:3e:91:15:eb:30:5f:95:04:17:df:85:38:
1f:f9:a2:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDAHIortqRsTf7bS+IY99oMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NDUwYzYzNzY2NTVlZWMxZGQyZGE0YmQyMWQ1ZjEwNGE5
NmQ5MDQwHhcNMjQwNzE3MDk1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGE0ZDVkNDUxNzRjMzRhYTY0NTA5MGY4ODU3NjIxZDlmZThlZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9zI1jSi/7UuUgBGaOMcV4vpm5d+X
TTaFnSVUl5KileY3XWnUNg2TCYuu7BenDjpX6XJvXyLw9kV2iPMLlyflr3N8xX+r
Uwq2ZDvcxxn45TxZKH8SS/YsmuxMjApefcTNHGlO+i9iDn0EOH7ZFNzZerPE8fbk
o3gn1EGWpZItm26Zy63vYYnTZ6Y+6krnSA98n3qcETRtfeAcvhgtY/U7fsOGrV7n
SbPHxh5dWUagAQ4cGCrfOpogUGgzc9LGlSGbFT4uJ9xErUyg6G9DhX/sFO1ShhIw
MPjZT99fRTpJHwanm6A+eC34EAdSM+UUANePilNdHNq99FRbiHpSRjRxZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2k1dRRdMNKpkUJD4hXYh2f6O5EMB8GA1UdIwQY
MBaAFPVFDGN2ZV7sHdLaS9IdXxBKltkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgt
NmQxZjYwNTQzZTljLzEvSGFUVjFGRjB3MHFtUlFrUGlGZGlIWl9vN2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iMTIyYjAtZDQ2MS00MDlkLWJiZDgtNmQxZjYwNTQzZTlj
LzEvOVVVTVkzWmxYdXdkMHRwTDBoMWZFRXFXMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW4SkMA0G
CSqGSIb3DQEBCwUAA4IBAQBV2abIKWKhZMTguzIt0F9L6L4QCvgizX0ttD7+VT+W
zughK/gqkO/qZ60ZgyKmai2tlQsywwlDRXXBSEc3qf3oCbbs7S/BQq4jQQVdwdIB
SnUgM+jH7Spj/dO/5ZyvwUIL5il18Vd6VUiEtd2XdQWyGQ2rEXc37PTL1X25ASB7
wbkqU2q/JqirLp8DMYwWaQNkmWTomRebxPJpmi9QF8dGatMMb7Hcu8Lrt3udi7JD
SA27I/QvfnX9EmbnrWORMQPHkZ8HOD/0VCpq137GxOAsVWrOzmWSwWV2kpoIJCl8
NidOxrForwtzlrjVdAapOTo+kRXrMF+VBBffhTgf+aKL
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:34 2024 by rpki-client on console-ams.rpki-client.org