Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/H-1q34KVRZvsoX_6nZcQwhDpUHc.roa
File: H-1q34KVRZvsoX_6nZcQwhDpUHc.roa (raw, json)
Hash identifier: jq3GJpIVWlvUeLD3fbBxkItFCo/+OJY4mYkLapKDQrA=
Subject key identifier: 1F:ED:6A:DF:82:95:45:9B:EC:A1:7F:FA:9D:97:10:C2:10:E9:50:77
Certificate issuer: /CN=c4fbe8422432727d3874b1564baeac8a80557b2d
Certificate serial: 018CC64B1E08BFF8CC44594C0813899D7A1D
Authority key identifier: C4:FB:E8:42:24:32:72:7D:38:74:B1:56:4B:AE:AC:8A:80:55:7B:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/H-1q34KVRZvsoX_6nZcQwhDpUHc.roa
Signing time: Mon 01 Jan 2024 18:31:00 +0000
ROA not before: Mon 01 Jan 2024 18:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42201
IP address blocks: 91.240.64.0/24 maxlen: 24
91.240.65.0/24 maxlen: 24
45.130.84.0/24 maxlen: 24
45.130.85.0/24 maxlen: 24
45.130.87.0/24 maxlen: 24
45.148.7.0/24 maxlen: 24
45.148.5.0/24 maxlen: 24
45.130.86.0/24 maxlen: 24
2a10:a000:4::/48 maxlen: 48
2a10:a000:5::/48 maxlen: 48
2a10:a000:3::/48 maxlen: 48
2a10:a000:2::/48 maxlen: 48
2a10:a000::/48 maxlen: 48
2a10:a000:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1e:08:bf:f8:cc:44:59:4c:08:13:89:9d:7a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4fbe8422432727d3874b1564baeac8a80557b2d
Validity
Not Before: Jan 1 18:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fed6adf8295459beca17ffa9d9710c210e95077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:55:9c:bc:3e:c7:e9:84:fe:0c:03:fa:1f:e3:
69:c7:a0:e4:22:45:7a:4d:85:3b:d5:b6:63:23:40:
5f:79:27:74:31:c4:dd:9c:05:42:53:5d:34:33:c7:
49:dc:b9:c1:64:87:56:9b:c2:cb:a2:35:2d:8e:be:
17:16:f4:ac:fb:6b:08:7b:74:37:fd:de:c8:f0:11:
eb:46:3f:74:06:e1:8c:59:37:c4:4c:61:e5:84:3f:
a2:c0:39:08:cf:01:2b:c3:43:65:2f:12:5a:cf:ac:
f2:65:e1:93:93:33:a1:49:99:5f:1e:b9:6c:24:81:
7e:4b:e0:ec:7a:9a:12:2e:b9:7e:01:62:e8:7e:55:
07:e8:91:d2:3e:f6:94:ad:b4:7d:3e:23:27:f4:da:
8e:ee:48:a8:27:5c:75:88:86:44:98:e2:3a:c2:cd:
83:0a:2c:ab:1b:de:4d:4d:14:a6:93:08:a6:fa:d5:
02:06:b8:3e:25:58:2d:9b:0b:82:56:81:45:f6:d6:
0b:1f:85:f8:5f:dd:d4:2d:b8:e9:aa:be:b1:64:d4:
ad:b5:0d:16:95:30:dd:81:63:09:14:da:cc:0b:a3:
a6:e7:66:6b:2b:50:e8:ef:34:d1:a2:9f:14:de:55:
32:75:5e:d6:82:a3:62:db:d9:4a:2f:bf:4c:fb:f8:
7f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:ED:6A:DF:82:95:45:9B:EC:A1:7F:FA:9D:97:10:C2:10:E9:50:77
X509v3 Authority Key Identifier:
keyid:C4:FB:E8:42:24:32:72:7D:38:74:B1:56:4B:AE:AC:8A:80:55:7B:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPvoQiQycn04dLFWS66sioBVey0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/H-1q34KVRZvsoX_6nZcQwhDpUHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/bf2d8c-e38b-463a-b26b-ecf2217f9867/1/xPvoQiQycn04dLFWS66sioBVey0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.84.0/22
45.148.5.0/24
45.148.7.0/24
91.240.64.0/23
IPv6:
2a10:a000::-2a10:a000:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:fc:c2:6f:1b:6d:da:09:ba:bd:78:71:8f:07:ef:18:f3:21:
fd:9b:38:b9:07:fa:8f:95:6c:db:80:9a:57:8f:f6:aa:fc:b4:
a5:31:e3:0b:ea:3e:3c:7e:89:81:09:d2:b8:29:50:ca:2c:e6:
eb:2c:9c:46:6f:22:38:09:08:3b:6e:de:37:f6:66:d2:e4:7c:
ce:91:db:e6:64:7c:eb:99:b8:e3:98:92:33:7e:88:58:70:af:
b5:d7:0e:16:6c:06:1e:84:d4:19:24:e2:71:3c:34:f4:62:0d:
2a:19:04:c4:9e:ab:32:e2:1a:ce:b3:fc:df:13:86:fe:f7:2d:
ff:9e:58:cd:bd:68:60:85:d2:14:7c:77:dc:fc:48:d0:a3:cf:
30:9f:1b:94:09:9c:12:be:ec:7d:b1:f5:69:ff:61:43:f5:68:
8a:cb:77:c8:8a:05:e8:de:e5:85:b7:72:de:15:35:5c:17:dd:
19:d5:15:c2:cf:2a:59:78:f7:19:b8:ff:3d:d9:aa:f7:c5:3f:
fb:f7:a1:15:0c:88:ce:eb:66:49:00:be:76:23:f1:69:32:fc:
f4:f8:79:42:a3:dd:a1:c1:15:2b:17:f5:8a:71:c5:18:c3:cc:
72:15:8c:f0:d7:da:36:bb:8c:1d:cf:b4:bc:5b:80:00:e5:67:
02:62:45:ac
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzGSx4Iv/jMRFlMCBOJnXodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmJlODQyMjQzMjcyN2QzODc0YjE1NjRiYWVhYzhhODA1
NTdiMmQwHhcNMjQwMTAxMTgzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVkNmFkZjgyOTU0NTliZWNhMTdmZmE5ZDk3MTBjMjEwZTk1MDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFWcvD7H6YT+DAP6H+Npx6DkIkV6
TYU71bZjI0BfeSd0McTdnAVCU100M8dJ3LnBZIdWm8LLojUtjr4XFvSs+2sIe3Q3
/d7I8BHrRj90BuGMWTfETGHlhD+iwDkIzwErw0NlLxJaz6zyZeGTkzOhSZlfHrls
JIF+S+DsepoSLrl+AWLoflUH6JHSPvaUrbR9PiMn9NqO7kioJ1x1iIZEmOI6ws2D
CiyrG95NTRSmkwim+tUCBrg+JVgtmwuCVoFF9tYLH4X4X93ULbjpqr6xZNSttQ0W
lTDdgWMJFNrMC6Om52ZrK1Do7zTRop8U3lUydV7WgqNi29lKL79M+/h/PwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFB/tat+ClUWb7KF/+p2XEMIQ6VB3MB8GA1UdIwQY
MBaAFMT76EIkMnJ9OHSxVkuurIqAVXstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFB2b1FpUXljbjA0ZExGV1M2NnNpb0JWZXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9iZjJkOGMtZTM4Yi00NjNhLWIyNmIt
ZWNmMjIxN2Y5ODY3LzEvSC0xcTM0S1ZSWnZzb1hfNm5aY1F3aERwVUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9iZjJkOGMtZTM4Yi00NjNhLWIyNmItZWNmMjIxN2Y5ODY3
LzEveFB2b1FpUXljbjA0ZExGV1M2NnNpb0JWZXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAeBAIAATAYAwQCLYJUAwQA
LZQFAwQALZQHAwQBW/BAMBcEAgACMBEwDwMEBSoQoAMHASoQoAAABDANBgkqhkiG
9w0BAQsFAAOCAQEAQPzCbxtt2gm6vXhxjwfvGPMh/Zs4uQf6j5Vs24CaV4/2qvy0
pTHjC+o+PH6JgQnSuClQyizm6yycRm8iOAkIO27eN/Zm0uR8zpHb5mR865m445iS
M36IWHCvtdcOFmwGHoTUGSTicTw09GINKhkExJ6rMuIazrP83xOG/vct/55Yzb1o
YIXSFHx33PxI0KPPMJ8blAmcEr7sfbH1af9hQ/Voist3yIoF6N7lhbdy3hU1XBfd
GdUVws8qWXj3Gbj/Pdmq98U/+/ehFQyIzutmSQC+diPxaTL89Ph5QqPdocEVKxf1
inHFGMPMchWM8NfaNruMHc+0vFuAAOVnAmJFrA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:38:18 2024 by rpki-client on console-ams.rpki-client.org