Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/HZ79KS0pMsBgKjYWTvo-bPfKqKA.roa
File: HZ79KS0pMsBgKjYWTvo-bPfKqKA.roa (raw, json)
Hash identifier: deD0urEz1rdMuyzJ79Cd3utiOFOYJYTkb8g0CPXgvGs=
Subject key identifier: 1D:9E:FD:29:2D:29:32:C0:60:2A:36:16:4E:FA:3E:6C:F7:CA:A8:A0
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 0193440B479B34D5C48E198518D2C1C71337
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/HZ79KS0pMsBgKjYWTvo-bPfKqKA.roa
Signing time: Tue 19 Nov 2024 10:50:10 +0000
ROA not before: Tue 19 Nov 2024 10:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201942
IP address blocks: 46.226.144.0/21 maxlen: 21
185.58.196.0/22 maxlen: 22
185.119.112.0/22 maxlen: 22
185.232.41.0/24 maxlen: 24
193.46.216.0/24 maxlen: 24
193.163.117.0/24 maxlen: 24
194.26.143.0/24 maxlen: 24
195.182.205.0/24 maxlen: 24
195.184.72.0/24 maxlen: 24
212.23.223.0/24 maxlen: 24
2a02:6520::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:0b:47:9b:34:d5:c4:8e:19:85:18:d2:c1:c7:13:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Nov 19 10:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d9efd292d2932c0602a36164efa3e6cf7caa8a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:06:2a:ae:b7:49:90:a9:3c:97:99:0c:45:a7:
b7:58:fc:f4:cc:2f:24:34:59:5c:19:93:8e:f6:70:
67:1b:db:29:68:3a:11:2b:be:b0:8b:b4:0b:54:a9:
b9:36:02:a9:bd:49:76:84:d7:98:f5:49:40:87:9e:
2e:93:14:26:4b:5e:4a:a3:ce:c1:92:b2:ac:33:b1:
8c:4e:8a:5b:f6:6e:6e:8f:10:03:24:c3:4e:28:0c:
20:88:b3:9b:fb:8c:e7:f7:18:bf:5a:9a:f2:99:fc:
2a:65:34:90:79:15:3e:ef:7d:bb:79:1b:8d:27:c2:
a4:6f:91:32:20:b3:b0:41:25:ce:a8:c6:78:97:e6:
3f:3c:b1:77:01:58:c0:65:d9:40:66:45:84:f3:57:
d9:94:14:c6:48:45:e0:63:46:a9:53:67:21:72:d9:
86:6a:78:4b:c8:c7:7a:dc:b8:04:1d:53:ee:f9:a9:
04:a7:f4:b5:e1:1f:44:62:fe:15:22:d4:0a:d4:f7:
56:a8:90:d4:b4:2f:51:4e:a9:0a:30:92:f4:83:03:
fe:25:7a:36:c9:8a:92:b0:aa:3b:60:fa:5c:01:2d:
25:d6:f1:91:09:96:2d:86:4a:a0:c1:3c:ef:47:7c:
e4:9f:c2:85:6a:46:15:5b:b7:ab:2c:48:db:dc:90:
69:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9E:FD:29:2D:29:32:C0:60:2A:36:16:4E:FA:3E:6C:F7:CA:A8:A0
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/HZ79KS0pMsBgKjYWTvo-bPfKqKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.144.0/21
185.58.196.0/22
185.119.112.0/22
185.232.41.0/24
193.46.216.0/24
193.163.117.0/24
194.26.143.0/24
195.182.205.0/24
195.184.72.0/24
212.23.223.0/24
IPv6:
2a02:6520::/32
Signature Algorithm: sha256WithRSAEncryption
65:fd:b7:8d:b7:c1:73:34:e1:b7:58:0f:00:a7:e0:80:7e:4a:
d2:4b:df:37:ee:c8:12:9f:75:99:97:e2:93:e5:65:88:08:39:
48:7c:3d:c9:9b:a1:80:af:f3:d2:17:db:29:26:2e:d9:ba:5b:
1c:62:f1:fe:21:d7:a3:09:37:46:d4:c7:ce:b3:6f:59:5e:d2:
07:75:d6:76:1c:ce:b9:f1:0a:82:c7:e9:61:c3:22:f8:89:2b:
4a:17:58:fc:51:fa:e3:15:63:7c:b3:b5:7c:e3:1b:31:24:e5:
36:94:5d:68:79:e3:a9:0d:d6:16:3c:49:cb:8f:e6:d8:77:c0:
91:6b:8a:ea:29:f4:12:35:3a:28:26:dd:97:4b:81:c5:fb:b5:
71:cb:fa:40:3a:18:bf:d6:4b:ad:87:1b:aa:90:2c:de:e2:a6:
ae:61:ab:c5:db:de:93:9b:4f:28:2f:7a:4f:0d:49:b4:28:30:
a7:55:38:9f:2d:25:58:59:7e:c3:90:60:f6:b9:66:73:8d:0b:
6e:5f:17:17:8d:ed:e4:2d:b6:6d:93:2d:3b:f0:f5:95:92:44:
7f:34:b7:5e:dd:5c:34:02:63:f5:e2:ae:14:40:8a:e1:55:e9:
a6:2c:8a:fb:92:1b:a7:0e:73:af:30:87:3d:74:86:5b:89:83:
41:2d:c1:75
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZNEC0ebNNXEjhmFGNLBxxM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQxMTE5MTA1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDllZmQyOTJkMjkzMmMwNjAyYTM2MTY0ZWZhM2U2Y2Y3Y2FhOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QYqrrdJkKk8l5kMRae3WPz0zC8k
NFlcGZOO9nBnG9spaDoRK76wi7QLVKm5NgKpvUl2hNeY9UlAh54ukxQmS15Ko87B
krKsM7GMTopb9m5ujxADJMNOKAwgiLOb+4zn9xi/WprymfwqZTSQeRU+7327eRuN
J8Kkb5EyILOwQSXOqMZ4l+Y/PLF3AVjAZdlAZkWE81fZlBTGSEXgY0apU2chctmG
anhLyMd63LgEHVPu+akEp/S14R9EYv4VItQK1PdWqJDUtC9RTqkKMJL0gwP+JXo2
yYqSsKo7YPpcAS0l1vGRCZYthkqgwTzvR3zkn8KFakYVW7erLEjb3JBpyQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFB2e/SktKTLAYCo2Fk76Pmz3yqigMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvSFo3OUtTMHBNc0JnS2pZV1R2by1iUGZLcUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDLuKQAwQC
uTrEAwQCuXdwAwQAuegpAwQAwS7YAwQAwaN1AwQAwhqPAwQAw7bNAwQAw7hIAwQA
1BffMA0EAgACMAcDBQAqAmUgMA0GCSqGSIb3DQEBCwUAA4IBAQBl/beNt8FzNOG3
WA8Ap+CAfkrSS9837sgSn3WZl+KT5WWICDlIfD3Jm6GAr/PSF9spJi7ZulscYvH+
IdejCTdG1MfOs29ZXtIHddZ2HM658QqCx+lhwyL4iStKF1j8UfrjFWN8s7V84xsx
JOU2lF1oeeOpDdYWPEnLj+bYd8CRa4rqKfQSNTooJt2XS4HF+7Vxy/pAOhi/1kut
hxuqkCze4qauYavF296Tm08oL3pPDUm0KDCnVTifLSVYWX7DkGD2uWZzjQtuXxcX
je3kLbZtky078PWVkkR/NLde3Vw0AmP14q4UQIrhVemmLIr7khunDnOvMIc9dIZb
iYNBLcF1
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:26:38 2024 by rpki-client on console-ams.rpki-client.org