Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PKHsjOvOcdlc_y5mG_drpwxHdbc.roa
File: PKHsjOvOcdlc_y5mG_drpwxHdbc.roa (raw, json)
Hash identifier: hbdJYigmCoIQhg2/iQ5VMHWL3khykxXVYtz+M1XpOF0=
Subject key identifier: 3C:A1:EC:8C:EB:CE:71:D9:5C:FF:2E:66:1B:F7:6B:A7:0C:47:75:B7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019428240C21D437119A9B8172FE4D51DDC6
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PKHsjOvOcdlc_y5mG_drpwxHdbc.roa
Signing time: Thu 02 Jan 2025 17:50:38 +0000
ROA not before: Thu 02 Jan 2025 17:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 31.186.176.0/22 maxlen: 24
82.163.60.0/22 maxlen: 24
82.163.104.0/21 maxlen: 24
92.114.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:0c:21:d4:37:11:9a:9b:81:72:fe:4d:51:dd:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 2 17:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca1ec8cebce71d95cff2e661bf76ba70c4775b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2b:17:bb:d2:f7:de:3c:67:63:5c:7f:e5:b8:
90:a1:39:61:72:1e:47:fe:d0:5d:da:7f:dc:c9:21:
76:80:de:1f:f9:5a:da:d6:20:96:43:59:c7:a9:41:
00:93:46:95:29:7a:64:14:0e:c4:5d:de:a9:13:13:
a9:af:e2:68:3f:d3:ae:2a:ba:9f:b5:51:91:df:f6:
ee:1e:9d:55:c2:60:ca:05:bf:26:0c:f3:e1:d5:b6:
fa:24:8f:0e:93:51:ba:f9:5b:79:ab:64:8e:1f:cb:
ef:85:28:96:51:3c:6f:47:6e:35:97:b9:4d:3d:4d:
68:29:e9:17:b6:e4:c2:6d:2d:ab:cf:7b:5a:67:d8:
c8:1a:bb:df:ce:db:c3:3c:f2:89:83:78:e2:be:7c:
b1:19:6e:d0:a9:e6:27:11:7e:f2:30:5b:d3:a4:64:
48:3d:13:76:5c:a9:94:a5:81:5f:b6:c0:86:34:a4:
0e:8c:ea:00:a0:06:9f:d3:12:bd:fe:2a:ca:2f:c9:
d7:b3:ad:7d:69:2d:5a:cb:cc:a5:9f:da:da:bf:f0:
b8:6e:c3:54:0c:51:c4:31:1a:b1:5f:da:3e:a8:7a:
4a:92:4e:f6:af:9d:2d:26:7a:a7:28:ce:9f:e7:0e:
cb:50:14:bf:36:a9:37:7b:28:21:28:2b:53:bf:9c:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:EC:8C:EB:CE:71:D9:5C:FF:2E:66:1B:F7:6B:A7:0C:47:75:B7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/PKHsjOvOcdlc_y5mG_drpwxHdbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
82.163.60.0/22
82.163.104.0/21
92.114.44.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:fb:f3:78:23:7a:05:93:5b:b9:79:83:6d:7d:1d:4f:1d:0d:
7f:d2:fb:08:55:bb:5a:a0:f5:cb:a1:ed:f7:a7:a6:12:61:06:
29:03:16:c7:d5:d0:84:42:df:ef:c5:31:f4:3e:c8:a0:b7:7d:
14:73:47:2a:81:04:e1:11:67:65:27:31:2b:c1:a4:6d:48:5d:
2c:57:68:17:69:96:81:00:23:94:17:18:7b:d1:23:f1:1b:e6:
67:24:37:1c:1c:e0:ba:34:d8:e4:88:0b:d0:98:2f:ce:56:cd:
7d:a9:a1:4d:cc:6b:fb:70:88:ff:e2:52:41:23:7d:8e:45:3c:
f6:f3:12:7a:a5:48:9c:0a:a8:be:c6:af:e9:6b:e8:91:7f:41:
a1:1e:a8:f4:93:20:76:4e:40:45:f3:f4:6b:7d:4f:c2:0d:98:
c0:e7:9c:41:72:32:0b:73:a8:7a:63:3b:0b:0d:89:44:89:f4:
06:8a:26:53:ee:a5:ca:5f:32:c1:01:2a:28:f2:8c:84:cc:1c:
b1:8d:6b:99:ef:28:3f:5c:64:98:d3:74:61:5e:8c:de:a7:33:
d4:cc:73:8e:94:fa:38:1d:c3:9a:e5:b6:d3:19:60:5d:05:6f:
48:0e:19:62:f9:37:1f:76:39:cb:f5:28:f8:2d:ef:25:b0:cb:
f9:ac:ef:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJAwh1DcRmpuBcv5NUd3GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwMTAyMTc1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ExZWM4Y2ViY2U3MWQ5NWNmZjJlNjYxYmY3NmJhNzBjNDc3NWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCsXu9L33jxnY1x/5biQoTlhch5H
/tBd2n/cySF2gN4f+Vra1iCWQ1nHqUEAk0aVKXpkFA7EXd6pExOpr+JoP9OuKrqf
tVGR3/buHp1VwmDKBb8mDPPh1bb6JI8Ok1G6+Vt5q2SOH8vvhSiWUTxvR241l7lN
PU1oKekXtuTCbS2rz3taZ9jIGrvfztvDPPKJg3jivnyxGW7QqeYnEX7yMFvTpGRI
PRN2XKmUpYFftsCGNKQOjOoAoAaf0xK9/irKL8nXs619aS1ay8yln9rav/C4bsNU
DFHEMRqxX9o+qHpKkk72r50tJnqnKM6f5w7LUBS/Nqk3eyghKCtTv5yTuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDyh7IzrznHZXP8uZhv3a6cMR3W3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvUEtIc2pPdk9jZGxjX3k1bUdfZHJwd3hIZGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQC
UqM8AwQDUqNoAwQCXHIsMA0GCSqGSIb3DQEBCwUAA4IBAQBP+/N4I3oFk1u5eYNt
fR1PHQ1/0vsIVbtaoPXLoe33p6YSYQYpAxbH1dCEQt/vxTH0Psigt30Uc0cqgQTh
EWdlJzErwaRtSF0sV2gXaZaBACOUFxh70SPxG+ZnJDccHOC6NNjkiAvQmC/OVs19
qaFNzGv7cIj/4lJBI32ORTz28xJ6pUicCqi+xq/pa+iRf0GhHqj0kyB2TkBF8/Rr
fU/CDZjA55xBcjILc6h6YzsLDYlEifQGiiZT7qXKXzLBASoo8oyEzByxjWuZ7yg/
XGSY03RhXozepzPUzHOOlPo4HcOa5bbTGWBdBW9IDhli+TcfdjnL9Sj4Le8lsMv5
rO9q
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:12 2025 by rpki-client