Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/HtqmSSvdvbP6q5lf76Rl7DRhYTM.roa
File: HtqmSSvdvbP6q5lf76Rl7DRhYTM.roa (raw, json)
Hash identifier: nODj5TloGOepOxFMrTCCd65l3aTmCNVbPr6h1rNzW6o=
Subject key identifier: 1E:DA:A6:49:2B:DD:BD:B3:FA:AB:99:5F:EF:A4:65:EC:34:61:61:33
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CC79533D61DD7EFE2F693DEBD990853F3
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/HtqmSSvdvbP6q5lf76Rl7DRhYTM.roa
Signing time: Tue 02 Jan 2024 00:31:33 +0000
ROA not before: Tue 02 Jan 2024 00:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56940
IP address blocks: 31.131.40.0/22 maxlen: 22
31.131.46.0/24 maxlen: 24
31.131.47.0/24 maxlen: 24
91.229.14.0/23 maxlen: 23
91.229.12.0/23 maxlen: 23
176.114.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:33:d6:1d:d7:ef:e2:f6:93:de:bd:99:08:53:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 2 00:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1edaa6492bddbdb3faab995fefa465ec34616133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:82:29:d8:ed:65:31:be:be:e3:39:6c:81:
0c:9d:9b:40:e7:c9:03:6e:df:a1:4e:22:1f:9b:16:
47:fc:82:e0:bd:4f:b6:98:8a:53:7f:66:be:2d:a1:
ba:9b:c7:45:3d:68:a2:59:2e:9b:c6:1f:6d:d3:9b:
33:ea:2d:6a:48:63:1b:59:99:9d:45:22:10:dd:b9:
e4:a9:4c:41:57:3b:ef:01:65:05:79:6c:20:96:f3:
0f:f5:c6:a6:74:87:f5:b2:17:a3:f2:b4:01:d7:12:
7c:75:8f:d3:b7:58:a3:97:58:84:b4:39:77:b1:9e:
de:38:c7:0c:75:e0:7b:52:f8:22:a6:7b:01:c6:79:
77:ce:fc:0b:ff:61:2b:08:97:f3:f3:88:24:8c:d6:
1c:27:e0:bf:7e:ef:d0:eb:28:13:a0:4d:24:46:f1:
81:f0:58:8b:9e:17:3b:b3:69:8a:54:79:e0:7f:7e:
01:c3:3c:f3:61:0b:27:24:da:8f:61:55:0b:55:95:
96:66:85:bf:30:7f:ef:b6:08:36:24:f1:c1:61:82:
01:40:7c:ac:d8:9d:cd:fc:03:9e:eb:af:50:ea:f0:
99:1d:63:5d:45:89:a7:c5:57:cd:a1:d3:74:2c:53:
80:6b:14:21:28:b6:07:98:41:16:42:d9:18:e2:b1:
ec:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DA:A6:49:2B:DD:BD:B3:FA:AB:99:5F:EF:A4:65:EC:34:61:61:33
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/HtqmSSvdvbP6q5lf76Rl7DRhYTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.40.0/22
31.131.46.0/23
91.229.12.0/22
176.114.56.0/21
Signature Algorithm: sha256WithRSAEncryption
55:35:40:6f:87:75:d9:23:af:cb:e9:d6:a0:92:f1:a5:4b:d7:
ee:a0:e6:69:21:45:13:13:05:fa:6c:16:5e:59:63:39:88:3e:
f7:72:99:8e:c4:51:72:11:5a:b5:fe:9b:5f:10:2f:aa:e8:85:
04:fe:a6:1d:58:70:6d:5a:ef:2f:b1:87:26:fb:65:65:76:8f:
de:da:36:54:85:f8:10:08:9b:e7:65:82:4c:bb:40:2c:a2:19:
80:c8:37:37:5b:0f:fd:34:27:1d:ce:ec:40:6f:9d:ae:38:53:
88:2c:f5:26:50:d9:fa:4d:5c:79:d9:bb:7d:4d:ad:5c:b9:5f:
fe:5d:c5:30:54:1f:09:e5:92:5d:34:c5:97:51:7a:71:c8:0d:
1d:73:ce:70:5b:18:76:70:10:d2:0a:00:a6:fe:a6:68:13:c4:
ac:78:4f:1a:20:60:2e:4a:9a:f4:6a:bb:38:08:a1:dd:b8:8f:
d4:2a:ab:aa:09:03:58:89:1b:f1:04:a8:57:67:a3:71:e0:6c:
e7:d4:93:73:b2:fd:be:54:be:65:a3:85:a3:77:e2:85:d4:d8:
e8:2f:24:aa:9e:f5:17:40:9c:03:32:7f:10:c3:64:b0:eb:65:
31:c4:97:20:de:02:0c:18:da:4c:6c:bd:1b:6e:09:1c:5e:fd:
b9:6e:36:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlTPWHdfv4vaT3r2ZCFPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRhYTY0OTJiZGRiZGIzZmFhYjk5NWZlZmE0NjVlYzM0NjE2MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKWCKdjtZTG+vuM5bIEMnZtA58kD
bt+hTiIfmxZH/ILgvU+2mIpTf2a+LaG6m8dFPWiiWS6bxh9t05sz6i1qSGMbWZmd
RSIQ3bnkqUxBVzvvAWUFeWwglvMP9camdIf1shej8rQB1xJ8dY/Tt1ijl1iEtDl3
sZ7eOMcMdeB7UvgipnsBxnl3zvwL/2ErCJfz84gkjNYcJ+C/fu/Q6ygToE0kRvGB
8FiLnhc7s2mKVHngf34BwzzzYQsnJNqPYVULVZWWZoW/MH/vtgg2JPHBYYIBQHys
2J3N/AOe669Q6vCZHWNdRYmnxVfNodN0LFOAaxQhKLYHmEEWQtkY4rHspwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB7apkkr3b2z+quZX++kZew0YWEzMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvSHRxbVNTdmR2YlA2cTVsZjc2Umw3RFJoWVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4MoAwQB
H4MuAwQCW+UMAwQDsHI4MA0GCSqGSIb3DQEBCwUAA4IBAQBVNUBvh3XZI6/L6dag
kvGlS9fuoOZpIUUTEwX6bBZeWWM5iD73cpmOxFFyEVq1/ptfEC+q6IUE/qYdWHBt
Wu8vsYcm+2Vldo/e2jZUhfgQCJvnZYJMu0AsohmAyDc3Ww/9NCcdzuxAb52uOFOI
LPUmUNn6TVx52bt9Ta1cuV/+XcUwVB8J5ZJdNMWXUXpxyA0dc85wWxh2cBDSCgCm
/qZoE8SseE8aIGAuSpr0ars4CKHduI/UKquqCQNYiRvxBKhXZ6Nx4Gzn1JNzsv2+
VL5lo4Wjd+KF1NjoLySqnvUXQJwDMn8Qw2Sw62UxxJcg3gIMGNpMbL0bbgkcXv25
bjYi
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:46:52 2024 by rpki-client on console-ams.rpki-client.org