Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H_HBLEFH8Rt_ZZFLiBozyCtfLeA.roa
File: H_HBLEFH8Rt_ZZFLiBozyCtfLeA.roa (raw, json)
Hash identifier: BzJSQt6IUV4jxV3aTTtR/TjSoaT+ViZkMrTe5QnIiQE=
Subject key identifier: 1F:F1:C1:2C:41:47:F1:1B:7F:65:91:4B:88:1A:33:C8:2B:5F:2D:E0
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019228126CF70D5D2A918DBEFF131E20DC51
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H_HBLEFH8Rt_ZZFLiBozyCtfLeA.roa
Signing time: Wed 25 Sep 2024 07:25:49 +0000
ROA not before: Wed 25 Sep 2024 07:25:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
31.41.252.0/24 maxlen: 24
31.41.254.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.151.29.0/24 maxlen: 24
83.138.54.0/24 maxlen: 24
88.151.8.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
146.19.129.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
176.126.96.0/24 maxlen: 24
193.28.178.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:28:12:6c:f7:0d:5d:2a:91:8d:be:ff:13:1e:20:dc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Sep 25 07:25:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ff1c12c4147f11b7f65914b881a33c82b5f2de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:68:9f:e4:31:b8:be:be:a2:77:a8:84:3a:8c:
9d:7d:ee:db:c7:97:a5:ce:8e:e4:c7:85:95:c9:31:
a5:65:71:74:44:c2:91:79:58:db:4d:31:79:c9:46:
84:8f:12:39:19:ba:6c:ee:3d:d4:6d:1e:a8:da:1d:
e6:9d:6d:dc:a4:91:5e:48:5c:0c:f9:13:d6:8f:8e:
d5:e9:f0:5d:77:98:71:cd:e3:ba:94:6c:1d:2e:1c:
94:ee:d3:88:0d:22:24:95:7f:e3:50:e2:d9:a1:cd:
45:3f:4f:74:71:e0:0f:5b:7d:3c:cc:5a:27:ca:43:
0d:4d:13:c1:52:a4:24:43:ea:f7:a3:ec:cb:17:d4:
61:ec:98:96:d6:fc:c7:c8:33:b8:11:63:e0:a3:33:
09:80:c7:a0:f4:44:e3:ad:c8:50:c6:e6:c1:d3:85:
18:66:de:2c:b0:de:7f:b9:8e:5c:78:52:fe:ff:ce:
5b:f7:ce:1c:5d:6b:df:39:5a:b6:94:75:93:c2:97:
cb:c1:da:95:f8:9e:92:c9:f3:72:3d:2d:e7:ae:08:
82:6e:b2:fd:04:dc:f6:b1:4e:2f:2b:bd:0b:b7:d3:
2b:44:05:da:7d:af:19:7a:29:a4:4b:0d:41:42:76:
b4:f7:83:b9:6e:c8:83:61:9f:e7:3f:59:98:06:66:
fc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F1:C1:2C:41:47:F1:1B:7F:65:91:4B:88:1A:33:C8:2B:5F:2D:E0
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/H_HBLEFH8Rt_ZZFLiBozyCtfLeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0-31.41.252.255
31.41.254.0/24
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.128.255
45.151.29.0/24
83.138.54.0/24
88.151.8.0/24
94.154.190.0/24
146.19.129.0/24
176.116.15.0/24
176.126.96.0/24
193.28.178.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4a:61:b2:ec:fa:b5:c6:7f:9d:a1:2c:d5:d5:27:df:9f:ff:
4d:9a:1f:60:0a:17:26:cb:a2:9e:7a:ca:b1:65:79:33:52:1e:
62:ad:95:33:fc:35:65:df:f0:89:33:3f:88:56:cd:66:18:65:
88:fe:68:a0:09:c6:53:13:29:38:fb:54:10:47:3a:92:cc:ca:
96:9c:fc:75:a6:51:7d:42:97:a8:64:91:52:24:e3:98:e8:19:
47:04:a1:51:b7:d6:dc:27:5c:e0:9d:d9:e4:61:b8:a1:4c:85:
6a:04:f3:43:5f:63:e0:93:c8:9e:4a:d8:70:b9:02:c1:bd:a3:
84:a8:2c:52:9b:0c:34:30:bd:3f:2c:57:97:67:95:89:e7:f5:
4d:12:53:da:4b:99:ab:08:72:99:53:50:8c:f2:d4:9c:92:2c:
61:8b:cb:48:89:af:7c:02:09:14:3e:55:5a:21:c6:e4:63:6f:
81:a7:d1:9b:da:f5:f4:3d:ac:ed:23:40:87:38:c9:1d:cd:e2:
8b:06:54:b8:d0:d0:16:c4:7c:73:b8:bc:c5:ec:83:1b:26:a9:
3a:9b:5c:0a:c4:9b:27:37:9a:04:a1:59:82:4e:a7:4c:81:c2:
f1:3e:84:36:7b:4c:cd:2b:64:3f:c2:aa:51:45:40:0c:01:c7:
14:85:35:5e
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZIoEmz3DV0qkY2+/xMeINxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwOTI1MDcyNTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmYxYzEyYzQxNDdmMTFiN2Y2NTkxNGI4ODFhMzNjODJiNWYyZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Gif5DG4vr6id6iEOoydfe7bx5el
zo7kx4WVyTGlZXF0RMKReVjbTTF5yUaEjxI5Gbps7j3UbR6o2h3mnW3cpJFeSFwM
+RPWj47V6fBdd5hxzeO6lGwdLhyU7tOIDSIklX/jUOLZoc1FP090ceAPW308zFon
ykMNTRPBUqQkQ+r3o+zLF9Rh7JiW1vzHyDO4EWPgozMJgMeg9ETjrchQxubB04UY
Zt4ssN5/uY5ceFL+/85b984cXWvfOVq2lHWTwpfLwdqV+J6SyfNyPS3nrgiCbrL9
BNz2sU4vK70Lt9MrRAXafa8ZeimkSw1BQna094O5bsiDYZ/nP1mYBmb8GQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFB/xwSxBR/Ebf2WRS4gaM8grXy3gMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSF9IQkxFRkg4UnRfWlpGTGlCb3p5Q3RmTGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQAHyn7
AwQAHyn8AwQAHyn+AwQALVd+AwQALV8dMAwDBAAtgH0DBAAtgIADBAAtlx0DBABT
ijYDBABYlwgDBABemr4DBACSE4EDBACwdA8DBACwfmADBADBHLIDBADBu2kDBADC
O7swDQYJKoZIhvcNAQELBQADggEBABlKYbLs+rXGf52hLNXVJ9+f/02aH2AKFybL
op56yrFleTNSHmKtlTP8NWXf8IkzP4hWzWYYZYj+aKAJxlMTKTj7VBBHOpLMypac
/HWmUX1Cl6hkkVIk45joGUcEoVG31twnXOCd2eRhuKFMhWoE80NfY+CTyJ5K2HC5
AsG9o4SoLFKbDDQwvT8sV5dnlYnn9U0SU9pLmasIcplTUIzy1JySLGGLy0iJr3wC
CRQ+VVohxuRjb4Gn0Zva9fQ9rO0jQIc4yR3N4osGVLjQ0BbEfHO4vMXsgxsmqTqb
XArEmyc3mgShWYJOp0yBwvE+hDZ7TM0rZD/CqlFFQAwBxxSFNV4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:45:48 2024 by rpki-client on console-ams.rpki-client.org