Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hj7edpDc-HVCg4_LdE67dmi6ZCI.roa
File: hj7edpDc-HVCg4_LdE67dmi6ZCI.roa (raw, json)
Hash identifier: sMePwzi33uAnk3Di+v0ZbiU1WqfMzkcsreY2qZlhxG0=
Subject key identifier: 86:3E:DE:76:90:DC:F8:75:42:83:8F:CB:74:4E:BB:76:68:BA:64:22
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018CC9BC9EF22576AAA63EE6E3341FAF286C
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hj7edpDc-HVCg4_LdE67dmi6ZCI.roa
Signing time: Tue 02 Jan 2024 10:33:50 +0000
ROA not before: Tue 02 Jan 2024 10:33:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1104
IP address blocks: 145.116.48.0/20 maxlen: 20
194.171.96.0/21 maxlen: 21
145.107.4.0/22 maxlen: 22
145.107.12.0/22 maxlen: 22
145.110.0.0/16 maxlen: 16
145.102.132.0/22 maxlen: 22
145.116.208.0/21 maxlen: 21
2001:610:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:9e:f2:25:76:aa:a6:3e:e6:e3:34:1f:af:28:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 2 10:33:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=863ede7690dcf87542838fcb744ebb7668ba6422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a9:0e:a2:ac:01:79:3b:b4:68:ba:c9:e2:63:
01:ec:2b:32:9e:f0:4d:94:7e:de:09:5a:62:db:ed:
ce:b1:4c:c5:d2:71:e3:7d:bf:7c:cb:3e:63:c6:b1:
c1:fb:90:91:50:c5:31:13:b2:bc:74:c3:ce:eb:41:
58:b6:a8:ba:40:cd:3a:6c:98:00:6a:f7:ae:48:a6:
38:34:53:ab:65:55:fe:e0:87:51:5d:dd:6c:22:05:
d8:4b:56:93:f6:f5:88:cd:e7:01:b2:66:bc:fe:25:
90:5f:f8:1a:c7:f3:6e:db:d9:c4:a3:b5:bc:41:b4:
6c:32:6c:14:9c:9f:bf:1c:67:e1:9b:bb:58:fd:85:
fe:01:8d:1f:aa:b3:a5:98:9c:80:29:80:c5:4b:06:
14:f8:cd:df:f8:a3:45:48:fe:44:df:b6:e8:10:55:
6d:3e:17:a2:2a:1b:8b:e1:64:5e:ad:2d:14:93:fb:
81:a3:08:f1:63:16:3e:b4:e7:89:71:fa:a9:3f:7f:
f9:bb:ea:4a:dc:f1:45:5f:f0:84:4a:aa:69:e4:f2:
8b:4c:8a:b7:07:f2:79:63:51:e2:37:a6:ef:5e:8f:
31:fb:b6:35:2f:13:0d:b8:97:f5:d3:aa:bb:90:92:
4c:b6:46:14:b1:a3:d2:c5:85:6a:3e:80:25:7f:71:
52:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3E:DE:76:90:DC:F8:75:42:83:8F:CB:74:4E:BB:76:68:BA:64:22
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/hj7edpDc-HVCg4_LdE67dmi6ZCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.102.132.0/22
145.107.4.0/22
145.107.12.0/22
145.110.0.0/16
145.116.48.0/20
145.116.208.0/21
194.171.96.0/21
IPv6:
2001:610:120::/48
Signature Algorithm: sha256WithRSAEncryption
0e:ec:fd:98:9c:6e:27:7c:35:92:a2:db:e2:d3:1e:40:a0:d3:
f4:19:f6:dd:1a:07:3f:70:32:cc:1b:16:7c:fb:b8:95:7b:fc:
66:20:75:f7:9e:c7:92:1a:45:62:d9:ac:d0:3a:96:fc:e8:ff:
81:3d:54:1b:b5:87:f0:8d:3a:18:56:dc:e8:e5:e4:99:ca:97:
8d:b5:7f:62:a0:54:3d:15:5f:e4:66:bf:55:af:aa:63:bd:a2:
18:d5:1d:fe:8d:bf:99:da:3b:46:69:72:34:23:a3:bf:47:5b:
fa:1e:1a:ef:ef:b9:e2:8e:f6:d7:10:fd:74:e1:d4:71:24:22:
1b:b3:c4:88:50:ea:60:c4:da:ce:58:6a:c6:6b:b7:cc:c8:b0:
7b:f4:52:78:7d:42:f4:f6:43:2c:48:74:7a:3b:63:14:b4:c9:
34:15:49:b3:09:9b:4b:99:f1:ae:7a:cf:34:5c:8e:c8:97:27:
4f:9a:63:ed:92:6a:69:1a:37:56:a2:bf:5d:c4:5f:dc:64:4d:
6a:be:d3:35:96:e0:ef:b6:3f:f4:ea:22:77:98:26:b0:17:44:
ac:cc:f3:3f:8c:1e:76:49:51:17:88:65:78:3f:fc:b1:96:0b:
c9:ae:2c:83:09:da:16:97:78:dd:05:d1:c0:82:72:f6:94:01:
ff:81:18:30
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzJvJ7yJXaqpj7m4zQfryhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMTAyMTAzMzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjNlZGU3NjkwZGNmODc1NDI4MzhmY2I3NDRlYmI3NjY4YmE2NDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKkOoqwBeTu0aLrJ4mMB7CsynvBN
lH7eCVpi2+3OsUzF0nHjfb98yz5jxrHB+5CRUMUxE7K8dMPO60FYtqi6QM06bJgA
aveuSKY4NFOrZVX+4IdRXd1sIgXYS1aT9vWIzecBsma8/iWQX/gax/Nu29nEo7W8
QbRsMmwUnJ+/HGfhm7tY/YX+AY0fqrOlmJyAKYDFSwYU+M3f+KNFSP5E37boEFVt
PheiKhuL4WRerS0Uk/uBowjxYxY+tOeJcfqpP3/5u+pK3PFFX/CESqpp5PKLTIq3
B/J5Y1HiN6bvXo8x+7Y1LxMNuJf106q7kJJMtkYUsaPSxYVqPoAlf3FS2wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIY+3naQ3Ph1QoOPy3ROu3ZoumQiMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvaGo3ZWRwRGMtSFZDZzRfTGRFNjdkbWk2WkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAvBAIAATApAwQCkWaEAwQC
kWsEAwQCkWsMAwMAkW4DBASRdDADBAORdNADBAPCq2AwDwQCAAIwCQMHACABBhAB
IDANBgkqhkiG9w0BAQsFAAOCAQEADuz9mJxuJ3w1kqLb4tMeQKDT9Bn23RoHP3Ay
zBsWfPu4lXv8ZiB1957HkhpFYtms0DqW/Oj/gT1UG7WH8I06GFbc6OXkmcqXjbV/
YqBUPRVf5Ga/Va+qY72iGNUd/o2/mdo7RmlyNCOjv0db+h4a7++54o721xD9dOHU
cSQiG7PEiFDqYMTazlhqxmu3zMiwe/RSeH1C9PZDLEh0ejtjFLTJNBVJswmbS5nx
rnrPNFyOyJcnT5pj7ZJqaRo3VqK/XcRf3GRNar7TNZbg77Y/9Ooid5gmsBdErMzz
P4wedklRF4hleD/8sZYLya4sgwnaFpd43QXRwIJy9pQB/4EYMA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:33:09 2024 by rpki-client on console-ams.rpki-client.org