Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/hidou4NjGr__wZbjufdIjWf_0Mk.roa
File: hidou4NjGr__wZbjufdIjWf_0Mk.roa (raw, json)
Hash identifier: 4e6z3FB/v544PnpFtgvV8BIdRAmYKYHtEub/7ged18s=
Subject key identifier: 86:27:68:BB:83:63:1A:BF:FF:C1:96:E3:B9:F7:48:8D:67:FF:D0:C9
Certificate issuer: /CN=b4c41e59834da612d83ca24194f02ca6d7602448
Certificate serial: 01929A62C44CF4E19948CA5374E5262134BF
Authority key identifier: B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/hidou4NjGr__wZbjufdIjWf_0Mk.roa
Signing time: Thu 17 Oct 2024 12:10:16 +0000
ROA not before: Thu 17 Oct 2024 12:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214666
IP address blocks: 185.133.160.0/22 maxlen: 22
185.133.160.0/23 maxlen: 23
185.133.160.0/24 maxlen: 24
185.133.161.0/24 maxlen: 24
185.133.162.0/23 maxlen: 23
185.133.162.0/24 maxlen: 24
185.133.163.0/24 maxlen: 24
2a12:ff40::/32 maxlen: 32
2a12:ff40::/33 maxlen: 33
2a12:ff40:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Nov 2024 12:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9a:62:c4:4c:f4:e1:99:48:ca:53:74:e5:26:21:34:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4c41e59834da612d83ca24194f02ca6d7602448
Validity
Not Before: Oct 17 12:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=862768bb83631abfffc196e3b9f7488d67ffd0c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:87:45:52:0c:07:a0:bc:fa:2c:24:f1:a3:c0:
8b:be:be:be:85:94:90:d6:b5:1b:14:4b:ae:d4:fa:
83:06:6c:ef:3e:b7:98:e0:0f:fc:eb:53:fe:4c:7e:
16:5a:16:f5:ac:5e:26:e6:ae:e1:f0:40:15:44:f7:
9f:57:5c:94:6f:21:ec:b7:80:fe:73:2f:35:58:16:
bf:95:1d:05:f5:92:59:69:eb:e7:63:eb:32:3c:13:
82:f2:49:45:ec:ff:06:0f:cd:9b:36:27:ef:f6:b7:
34:af:b1:11:92:81:78:51:c5:ff:45:a7:0a:d4:b0:
87:6c:df:5e:18:ea:dc:41:be:c9:c6:7b:c0:b5:f7:
e7:c5:e1:d7:54:74:2f:51:c7:04:49:3f:84:a4:d7:
f4:6b:d2:5e:59:09:41:c8:82:78:81:94:2f:bf:24:
68:eb:97:14:2a:42:db:5c:a7:1d:fb:0a:4a:f9:dd:
03:cc:e6:ba:e0:72:bc:95:3e:9c:a5:2b:69:c0:9c:
a2:ad:12:f3:68:2b:82:e1:bd:b1:c7:37:2e:e9:20:
73:75:d1:35:9a:f9:72:5b:25:8e:d8:36:5a:c5:94:
15:7a:17:f8:02:7f:bf:71:20:f4:a2:2c:61:78:3a:
ec:42:90:e4:49:f6:52:fa:f1:f7:36:66:7d:9a:b5:
dc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:27:68:BB:83:63:1A:BF:FF:C1:96:E3:B9:F7:48:8D:67:FF:D0:C9
X509v3 Authority Key Identifier:
keyid:B4:C4:1E:59:83:4D:A6:12:D8:3C:A2:41:94:F0:2C:A6:D7:60:24:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMQeWYNNphLYPKJBlPAsptdgJEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/hidou4NjGr__wZbjufdIjWf_0Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a3baca-437d-4607-9c1a-557a4c31e02e/1/tMQeWYNNphLYPKJBlPAsptdgJEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.160.0/22
IPv6:
2a12:ff40::/32
Signature Algorithm: sha256WithRSAEncryption
8d:c3:89:c7:43:b8:ee:5c:82:30:48:de:9f:71:bd:85:9b:98:
8c:54:45:50:21:62:dd:8d:46:d0:c5:04:04:75:30:26:ad:1d:
dd:08:dd:a2:8d:1b:10:0f:29:4b:73:58:a5:5b:57:d4:bb:9f:
62:51:03:1e:94:93:28:d1:21:75:1b:5e:1d:6d:dc:bf:38:0a:
6e:d1:11:d0:9d:49:10:5b:42:ba:a9:65:19:12:cc:e7:98:8d:
fe:30:4e:c9:c4:07:79:b0:bd:0a:d4:90:a7:62:81:fc:8c:2c:
7e:0f:27:1c:55:7e:60:27:dd:81:c3:aa:9c:ae:a7:b1:fc:4b:
5f:ef:ff:f5:ca:dd:9f:dd:be:59:88:fa:5e:99:24:d3:7e:09:
a1:7c:c9:6f:40:1a:fb:1b:88:b0:7f:a4:08:0b:18:99:81:b2:
e8:0f:ab:45:17:1c:7f:ae:3f:fd:bf:8d:b6:10:16:37:82:83:
87:2c:ca:0a:57:43:3c:c5:1b:14:61:4c:2e:b4:bd:6d:71:12:
99:d6:1a:4d:51:18:b0:43:3a:08:a7:d5:92:25:8f:01:60:71:
47:23:1f:20:f2:b7:57:85:03:58:03:08:c3:be:50:83:03:af:
14:f2:5a:9b:9e:cb:d1:e8:6a:75:75:78:c0:03:fe:ff:cd:e1:
c4:bf:62:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKaYsRM9OGZSMpTdOUmITS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YzQxZTU5ODM0ZGE2MTJkODNjYTI0MTk0ZjAyY2E2ZDc2
MDI0NDgwHhcNMjQxMDE3MTIxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI3NjhiYjgzNjMxYWJmZmZjMTk2ZTNiOWY3NDg4ZDY3ZmZkMGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IdFUgwHoLz6LCTxo8CLvr6+hZSQ
1rUbFEuu1PqDBmzvPreY4A/861P+TH4WWhb1rF4m5q7h8EAVRPefV1yUbyHst4D+
cy81WBa/lR0F9ZJZaevnY+syPBOC8klF7P8GD82bNifv9rc0r7ERkoF4UcX/RacK
1LCHbN9eGOrcQb7JxnvAtffnxeHXVHQvUccEST+EpNf0a9JeWQlByIJ4gZQvvyRo
65cUKkLbXKcd+wpK+d0DzOa64HK8lT6cpStpwJyirRLzaCuC4b2xxzcu6SBzddE1
mvlyWyWO2DZaxZQVehf4An+/cSD0oixheDrsQpDkSfZS+vH3NmZ9mrXcowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIYnaLuDYxq//8GW47n3SI1n/9DJMB8GA1UdIwQY
MBaAFLTEHlmDTaYS2DyiQZTwLKbXYCRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEt
NTU3YTRjMzFlMDJlLzEvaGlkb3U0TmpHcl9fd1pianVmZElqV2ZfME1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hM2JhY2EtNDM3ZC00NjA3LTljMWEtNTU3YTRjMzFlMDJl
LzEvdE1RZVdZTk5waExZUEtKQmxQQXNwdGRnSkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYWgMA0E
AgACMAcDBQAqEv9AMA0GCSqGSIb3DQEBCwUAA4IBAQCNw4nHQ7juXIIwSN6fcb2F
m5iMVEVQIWLdjUbQxQQEdTAmrR3dCN2ijRsQDylLc1ilW1fUu59iUQMelJMo0SF1
G14dbdy/OApu0RHQnUkQW0K6qWUZEsznmI3+ME7JxAd5sL0K1JCnYoH8jCx+Dycc
VX5gJ92Bw6qcrqex/Etf7//1yt2f3b5ZiPpemSTTfgmhfMlvQBr7G4iwf6QICxiZ
gbLoD6tFFxx/rj/9v422EBY3goOHLMoKV0M8xRsUYUwutL1tcRKZ1hpNURiwQzoI
p9WSJY8BYHFHIx8g8rdXhQNYAwjDvlCDA68U8lqbnsvR6Gp1dXjAA/7/zeHEv2La
-----END CERTIFICATE-----
Generated at Mon Nov 4 20:37:06 2024 by rpki-client on console-ams.rpki-client.org