Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/h81o7e7452I3p0eIwB0D9--i7k8.roa
File: h81o7e7452I3p0eIwB0D9--i7k8.roa (raw, json)
Hash identifier: u0+QHKVrDwUZMdEcci0nRfEGM1/z0/iCj8yohL0NfHw=
Subject key identifier: 87:CD:68:ED:EE:F8:E7:62:37:A7:47:88:C0:1D:03:F7:EF:A2:EE:4F
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018CC801AE2A2450E120107929AD4560ADCF
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/h81o7e7452I3p0eIwB0D9--i7k8.roa
Signing time: Tue 02 Jan 2024 02:30:02 +0000
ROA not before: Tue 02 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39529
IP address blocks: 194.50.9.0/24 maxlen: 24
91.214.83.0/24 maxlen: 24
91.214.82.0/24 maxlen: 24
91.214.81.0/24 maxlen: 24
31.40.144.0/24 maxlen: 24
31.40.148.0/24 maxlen: 24
31.40.149.0/24 maxlen: 24
31.40.147.0/24 maxlen: 24
31.40.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ae:2a:24:50:e1:20:10:79:29:ad:45:60:ad:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87cd68edeef8e76237a74788c01d03f7efa2ee4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:63:e1:39:94:89:d4:2a:15:75:c7:f5:e7:d6:
3a:51:d2:40:54:55:d3:a9:c8:2f:c8:3d:7f:a6:72:
fc:7e:6f:6b:62:a7:e9:9c:29:6c:21:66:32:b3:17:
8f:3a:dd:9d:dc:82:1c:02:9f:40:70:1d:36:18:86:
1a:ad:9d:7d:1e:e2:25:ba:09:44:67:7f:5f:0d:81:
c3:8a:d5:44:65:78:3f:56:cd:2b:69:ab:5e:d0:b9:
ac:32:4b:28:8e:60:02:8d:b2:95:c2:a3:f6:4e:0f:
0e:e0:95:e5:48:a2:aa:f0:3d:80:2d:df:54:58:8d:
59:43:ab:e1:87:86:e3:50:df:d2:3e:d7:08:32:6c:
75:fb:da:90:b1:2e:92:ae:a0:38:aa:56:a5:76:44:
79:d4:a8:00:24:90:18:ff:3a:77:bd:44:b3:c9:e4:
15:66:54:81:c4:0b:12:0c:c7:8b:fa:9b:93:e2:d5:
72:b9:55:86:ce:05:22:51:af:0a:73:ab:9c:f9:d4:
71:7a:25:06:7e:76:d6:aa:52:1f:9b:9c:f3:54:65:
de:35:b4:37:b4:56:f2:34:d7:93:17:6b:c3:24:02:
40:61:b0:6a:a1:0e:c4:78:08:b2:83:79:f1:a9:4d:
6b:77:1d:fc:5a:ab:20:42:e9:ce:52:a1:c9:ec:79:
3e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CD:68:ED:EE:F8:E7:62:37:A7:47:88:C0:1D:03:F7:EF:A2:EE:4F
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/h81o7e7452I3p0eIwB0D9--i7k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.144.0/24
31.40.147.0-31.40.149.255
31.40.155.0/24
91.214.81.0-91.214.83.255
194.50.9.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ac:d5:83:c4:f7:37:63:2e:8f:41:82:44:37:d5:1e:9f:52:
4d:01:4d:e3:48:d6:fe:74:f3:1c:30:cc:78:e4:79:9e:85:bf:
a8:df:f7:b1:29:3a:58:9a:f5:ca:0c:5f:1a:a8:74:a8:9d:33:
f9:07:89:93:e5:3b:08:93:f5:ae:79:c8:77:f8:9f:2d:8e:be:
1b:d5:7f:81:2a:97:2d:25:86:4d:8e:62:01:4c:4e:f9:ac:7d:
53:79:b6:63:b9:6e:76:7f:b2:92:b2:e5:e9:cc:4e:76:79:05:
97:98:68:72:46:44:d1:67:b1:00:1b:22:34:5f:c5:d2:3b:e5:
c9:30:2d:73:18:fb:1f:ca:76:42:5b:38:96:73:c1:60:b6:ef:
b3:7e:2e:34:1e:3e:c9:ec:61:e7:c7:4d:e2:9f:8a:ad:c6:50:
b1:5b:06:87:d1:dc:d5:31:da:53:5c:4b:33:b0:fb:60:3f:97:
39:e9:7c:48:4a:3b:f9:1d:92:e9:d9:7c:9e:91:93:6b:d2:62:
4c:4e:6a:ad:24:fa:d6:6d:18:3a:b7:d2:a9:fb:2f:2d:e3:ff:
b5:8f:1d:0a:06:f7:4e:b1:c7:a9:4f:d2:55:a9:75:8e:c2:4a:
a5:aa:6a:41:0a:83:07:70:7e:d0:03:0c:34:a0:45:e8:fc:91:
2a:57:d8:b7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzIAa4qJFDhIBB5Ka1FYK3PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMTAyMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2NkNjhlZGVlZjhlNzYyMzdhNzQ3ODhjMDFkMDNmN2VmYTJlZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWPhOZSJ1CoVdcf159Y6UdJAVFXT
qcgvyD1/pnL8fm9rYqfpnClsIWYysxePOt2d3IIcAp9AcB02GIYarZ19HuIluglE
Z39fDYHDitVEZXg/Vs0raate0LmsMksojmACjbKVwqP2Tg8O4JXlSKKq8D2ALd9U
WI1ZQ6vhh4bjUN/SPtcIMmx1+9qQsS6SrqA4qlaldkR51KgAJJAY/zp3vUSzyeQV
ZlSBxAsSDMeL+puT4tVyuVWGzgUiUa8Kc6uc+dRxeiUGfnbWqlIfm5zzVGXeNbQ3
tFbyNNeTF2vDJAJAYbBqoQ7EeAiyg3nxqU1rdx38WqsgQunOUqHJ7Hk+cQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIfNaO3u+OdiN6dHiMAdA/fvou5PMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvaDgxbzdlNzQ1MkkzcDBlSXdCMEQ5LS1pN2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAHyiQMAwD
BAAfKJMDBAEfKJQDBAAfKJswDAMEAFvWUQMEAlvWUAMEAMIyCTANBgkqhkiG9w0B
AQsFAAOCAQEAN6zVg8T3N2Muj0GCRDfVHp9STQFN40jW/nTzHDDMeOR5noW/qN/3
sSk6WJr1ygxfGqh0qJ0z+QeJk+U7CJP1rnnId/ifLY6+G9V/gSqXLSWGTY5iAUxO
+ax9U3m2Y7ludn+ykrLl6cxOdnkFl5hockZE0WexABsiNF/F0jvlyTAtcxj7H8p2
Qls4lnPBYLbvs34uNB4+yexh58dN4p+KrcZQsVsGh9Hc1THaU1xLM7D7YD+XOel8
SEo7+R2S6dl8npGTa9JiTE5qrST61m0YOrfSqfsvLeP/tY8dCgb3TrHHqU/SVal1
jsJKpapqQQqDB3B+0AMMNKBF6PyRKlfYtw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:33 2024 by rpki-client on console-fra.rpki-client.org