Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/HTPfoLai5yprcQFdUPMzU2WVJXE.roa
File: HTPfoLai5yprcQFdUPMzU2WVJXE.roa (raw, json)
Hash identifier: kpl5nkLScj1q1oKorvqWRQbrdAUVlLzG0zUAvGRsGpE=
Subject key identifier: 1D:33:DF:A0:B6:A2:E7:2A:6B:71:01:5D:50:F3:33:53:65:95:25:71
Certificate issuer: /CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Certificate serial: 019306E2B6E9181E6B48ABE6110912F9C280
Authority key identifier: 10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/HTPfoLai5yprcQFdUPMzU2WVJXE.roa
Signing time: Thu 07 Nov 2024 13:49:01 +0000
ROA not before: Thu 07 Nov 2024 13:49:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59943
IP address blocks: 2.57.40.0/24 maxlen: 24
2.57.41.0/24 maxlen: 24
2.57.42.0/24 maxlen: 24
2.57.43.0/24 maxlen: 24
91.236.244.0/24 maxlen: 24
91.236.245.0/24 maxlen: 24
185.70.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:e2:b6:e9:18:1e:6b:48:ab:e6:11:09:12:f9:c2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Validity
Not Before: Nov 7 13:49:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d33dfa0b6a2e72a6b71015d50f3335365952571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f1:92:e6:70:da:d9:01:20:9e:c1:91:22:62:
a1:a7:22:e5:2b:77:f4:d1:12:de:93:fd:cd:bd:7d:
f8:a2:b9:0e:4f:01:9c:ae:13:ad:5d:72:fa:dd:f5:
af:af:88:67:a0:bc:28:b2:b3:7f:d6:29:2d:94:2f:
74:3f:be:00:b2:2c:75:11:3c:32:58:1a:74:05:b2:
08:3f:ef:54:83:80:fc:2f:fe:66:75:0e:94:e7:ad:
f2:43:12:5d:3f:69:a8:38:8c:d6:a8:ba:6c:4c:82:
b9:93:3c:91:69:5f:62:e5:04:6a:4e:e9:70:fb:2b:
07:09:4c:76:c4:d9:62:73:50:50:fa:09:59:5f:16:
5c:9a:65:2f:2e:7c:fb:8f:3f:e8:ca:bc:cc:e8:47:
8b:45:6c:37:65:83:d8:47:63:74:20:fc:bf:bf:57:
bb:61:51:89:3f:ce:97:73:6a:3a:90:7f:c2:98:1f:
d2:13:31:46:ea:df:83:e1:fd:fd:25:b4:66:22:f3:
96:2f:6d:16:87:a8:58:b2:96:9b:d0:ed:6c:79:66:
b7:94:c0:12:41:dd:2c:5a:4e:b7:63:d1:12:2d:b0:
00:90:fa:d2:ac:ae:8f:88:49:c6:3e:04:2a:8a:1c:
cd:05:db:f4:36:ec:e4:ba:22:19:34:84:a2:a3:70:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:DF:A0:B6:A2:E7:2A:6B:71:01:5D:50:F3:33:53:65:95:25:71
X509v3 Authority Key Identifier:
keyid:10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/HTPfoLai5yprcQFdUPMzU2WVJXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.40.0/22
91.236.244.0/23
185.70.44.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:70:9a:8b:c7:06:b2:c4:a8:ff:52:65:3c:88:5b:bd:42:44:
8d:05:b0:45:7b:80:0f:c5:80:ae:84:0f:ac:bb:2e:96:eb:14:
76:88:b2:8b:8e:1f:41:11:b6:6c:28:4f:d1:3e:61:86:05:38:
92:b2:57:43:4d:9a:8b:89:28:a7:c0:2f:c0:c3:cb:a9:45:ed:
bc:8d:bd:1c:93:56:20:7b:fe:a1:04:45:9f:bf:5a:c9:31:91:
23:a5:92:49:8d:43:bd:b5:49:af:35:fe:df:5d:dc:e7:33:52:
a6:54:9f:70:71:9e:4a:9e:26:31:99:db:0d:13:ee:f9:aa:ab:
4b:84:b0:c7:45:a3:93:34:90:e9:30:7a:cc:ca:a4:ac:f3:83:
b8:e2:2b:d2:69:40:36:05:a9:12:f9:e9:64:78:d9:aa:04:5a:
02:51:b2:d6:fd:a7:0f:45:4a:bf:7d:d9:0a:e8:62:ea:c8:c9:
a1:7d:fe:0a:52:82:dd:98:6b:18:2e:34:96:e6:74:d7:ce:cd:
aa:ee:07:b5:19:35:26:c2:9a:5a:bc:0a:e4:7a:4d:b1:95:65:
eb:2e:5f:a6:e1:ba:b9:d0:b9:68:a7:fc:43:b7:c5:78:26:13:
c0:da:de:5a:96:a9:a2:5b:60:63:50:d3:e4:d2:6b:a5:b0:b3:
32:7a:ff:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMG4rbpGB5rSKvmEQkS+cKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYThjNmU5MzA4YmIwMDA4MzEwMDE3MWUwMGRiYjYxNDBm
NGY1ODAwHhcNMjQxMTA3MTM0OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMzZGZhMGI2YTJlNzJhNmI3MTAxNWQ1MGYzMzM1MzY1OTUyNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/GS5nDa2QEgnsGRImKhpyLlK3f0
0RLek/3NvX34orkOTwGcrhOtXXL63fWvr4hnoLwosrN/1iktlC90P74Asix1ETwy
WBp0BbIIP+9Ug4D8L/5mdQ6U563yQxJdP2moOIzWqLpsTIK5kzyRaV9i5QRqTulw
+ysHCUx2xNlic1BQ+glZXxZcmmUvLnz7jz/oyrzM6EeLRWw3ZYPYR2N0IPy/v1e7
YVGJP86Xc2o6kH/CmB/SEzFG6t+D4f39JbRmIvOWL20Wh6hYspab0O1seWa3lMAS
Qd0sWk63Y9ESLbAAkPrSrK6PiEnGPgQqihzNBdv0NuzkuiIZNISio3CM0wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB0z36C2oucqa3EBXVDzM1NllSVxMB8GA1UdIwQY
MBaAFBCoxukwi7AAgxABceANu2FA9PWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYt
NmI0OTdiMmMwYjM4LzEvSFRQZm9MYWk1eXByY1FGZFVQTXpVMldWSlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYtNmI0OTdiMmMwYjM4
LzEvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjkoAwQB
W+z0AwQAuUYsMA0GCSqGSIb3DQEBCwUAA4IBAQDOcJqLxwayxKj/UmU8iFu9QkSN
BbBFe4APxYCuhA+suy6W6xR2iLKLjh9BEbZsKE/RPmGGBTiSsldDTZqLiSinwC/A
w8upRe28jb0ck1Yge/6hBEWfv1rJMZEjpZJJjUO9tUmvNf7fXdznM1KmVJ9wcZ5K
niYxmdsNE+75qqtLhLDHRaOTNJDpMHrMyqSs84O44ivSaUA2BakS+elkeNmqBFoC
UbLW/acPRUq/fdkK6GLqyMmhff4KUoLdmGsYLjSW5nTXzs2q7ge1GTUmwppavArk
ek2xlWXrLl+m4bq50Llop/xDt8V4JhPA2t5alqmiW2BjUNPk0mulsLMyev/N
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:10:37 2024 by rpki-client on console-ams.rpki-client.org