Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/HyatT7_cHeXpYhaYKG-dkrS6fQA.roa
File: HyatT7_cHeXpYhaYKG-dkrS6fQA.roa (raw, json)
Hash identifier: Toh8kQm9SMWCtHXasCWphHJ2k3rzXbT5dpfS9257Wjg=
Subject key identifier: 1F:26:AD:4F:BF:DC:1D:E5:E9:62:16:98:28:6F:9D:92:B4:BA:7D:00
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 019135BCB27B8387025742ED229BE62B1358
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/HyatT7_cHeXpYhaYKG-dkrS6fQA.roa
Signing time: Fri 09 Aug 2024 06:04:04 +0000
ROA not before: Fri 09 Aug 2024 06:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48327
IP address blocks: 31.135.32.0/23 maxlen: 23
31.135.34.0/23 maxlen: 23
31.135.36.0/22 maxlen: 22
31.135.40.0/21 maxlen: 21
31.135.48.0/21 maxlen: 21
31.135.56.0/21 maxlen: 21
94.232.104.0/21 maxlen: 21
94.232.104.0/22 maxlen: 22
94.232.108.0/23 maxlen: 23
94.232.110.0/24 maxlen: 24
94.232.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:35:bc:b2:7b:83:87:02:57:42:ed:22:9b:e6:2b:13:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Aug 9 06:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f26ad4fbfdc1de5e9621698286f9d92b4ba7d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:e1:4b:c0:3a:e7:56:de:12:50:77:bf:2b:
14:fe:01:65:98:c0:13:e7:76:4a:2f:79:aa:44:5b:
ea:6a:1c:26:2b:e7:55:ec:05:1b:45:32:17:fa:e7:
a1:91:c0:d9:e3:ec:d0:1a:93:f3:61:53:e9:8e:31:
1d:e9:89:19:d8:5b:c4:fa:41:eb:1c:76:b6:7c:b8:
5b:ae:42:8e:ef:07:0e:13:b9:33:cd:ef:52:57:38:
a0:ac:e8:f6:94:1c:d0:19:84:78:15:2f:9e:e9:65:
9d:bf:3a:d9:8a:4d:d3:cc:99:15:4a:82:42:01:42:
d3:60:43:9d:9c:92:db:a7:c1:1a:10:9b:87:fa:3e:
96:3c:46:cf:04:56:37:f3:5c:55:f9:1a:8d:f3:49:
7e:3f:c9:ca:1b:67:d2:7c:d8:df:27:0b:cc:34:d6:
31:d8:0a:14:3d:1c:b5:bd:09:cd:2a:10:c5:c8:da:
10:ef:f8:c9:74:70:08:08:7e:93:90:02:fd:63:f7:
4c:ea:eb:d4:50:74:27:6c:5a:f6:f5:7c:26:8b:fa:
8a:4f:6e:bf:d9:14:fc:fe:5e:ad:1c:0e:5f:12:2f:
07:e2:43:00:74:08:38:23:67:11:44:60:66:02:ba:
7e:49:03:29:c0:3a:68:ae:34:2c:92:bd:b1:31:df:
0c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:26:AD:4F:BF:DC:1D:E5:E9:62:16:98:28:6F:9D:92:B4:BA:7D:00
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/HyatT7_cHeXpYhaYKG-dkrS6fQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.32.0/19
94.232.104.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:31:25:3e:71:21:b5:f6:2c:9d:4c:e4:a3:4c:8b:49:e1:b6:
b5:b1:eb:90:42:86:25:34:49:90:9a:44:7f:5b:a8:8e:31:e8:
25:94:9f:a6:db:f5:f3:cd:ce:6c:e5:44:24:44:8d:71:8c:0e:
b0:cf:cd:6f:82:ce:96:0e:b6:ca:4d:b3:12:65:80:e0:84:6b:
f6:19:60:0e:5b:fb:18:65:2d:b2:21:a2:a2:44:9a:b3:ae:09:
20:cd:83:9e:c4:6e:90:ac:fa:2d:4f:ec:56:c6:96:12:38:68:
1f:41:21:22:09:0e:7d:0a:ae:5e:ff:83:b3:5e:dd:46:3d:58:
13:c3:ad:8d:83:8e:c5:05:55:0c:df:1b:d5:5c:1b:3a:99:1c:
42:38:7b:d2:29:25:44:1a:d8:20:3d:79:84:4a:2f:17:85:d0:
b9:26:d2:9f:e7:28:ca:38:a9:f5:5c:72:59:4c:5d:78:dc:44:
d6:b8:2b:f9:d0:69:99:ac:d7:c9:93:58:6d:99:de:a1:0f:62:
1d:4a:17:a6:a9:26:b8:ce:bd:c1:3f:72:9c:c5:49:c3:c6:60:
22:33:77:eb:e6:e0:5c:c3:85:e5:a8:5b:31:34:23:aa:a1:a7:
61:a6:2d:47:d5:1e:58:eb:0e:0a:9d:ca:33:9d:1f:fc:62:e5:
95:01:7d:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZE1vLJ7g4cCV0LtIpvmKxNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjQwODA5MDYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI2YWQ0ZmJmZGMxZGU1ZTk2MjE2OTgyODZmOWQ5MmI0YmE3ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+vhS8A651beElB3vysU/gFlmMAT
53ZKL3mqRFvqahwmK+dV7AUbRTIX+uehkcDZ4+zQGpPzYVPpjjEd6YkZ2FvE+kHr
HHa2fLhbrkKO7wcOE7kzze9SVzigrOj2lBzQGYR4FS+e6WWdvzrZik3TzJkVSoJC
AULTYEOdnJLbp8EaEJuH+j6WPEbPBFY381xV+RqN80l+P8nKG2fSfNjfJwvMNNYx
2AoUPRy1vQnNKhDFyNoQ7/jJdHAICH6TkAL9Y/dM6uvUUHQnbFr29Xwmi/qKT26/
2RT8/l6tHA5fEi8H4kMAdAg4I2cRRGBmArp+SQMpwDporjQskr2xMd8MUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB8mrU+/3B3l6WIWmChvnZK0un0AMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEvSHlhdFQ3X2NIZVhwWWhhWUtHLWRrclM2ZlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFH4cgAwQD
XuhoMA0GCSqGSIb3DQEBCwUAA4IBAQCKMSU+cSG19iydTOSjTItJ4ba1seuQQoYl
NEmQmkR/W6iOMegllJ+m2/Xzzc5s5UQkRI1xjA6wz81vgs6WDrbKTbMSZYDghGv2
GWAOW/sYZS2yIaKiRJqzrgkgzYOexG6QrPotT+xWxpYSOGgfQSEiCQ59Cq5e/4Oz
Xt1GPVgTw62Ng47FBVUM3xvVXBs6mRxCOHvSKSVEGtggPXmESi8XhdC5JtKf5yjK
OKn1XHJZTF143ETWuCv50GmZrNfJk1htmd6hD2IdShemqSa4zr3BP3KcxUnDxmAi
M3fr5uBcw4XlqFsxNCOqoadhpi1H1R5Y6w4KncoznR/8YuWVAX0b
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:27 2024 by rpki-client on console-fra.rpki-client.org