Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h-nm03xOL8GT9Luo3AqIbusowyk.roa
File: h-nm03xOL8GT9Luo3AqIbusowyk.roa (raw, json)
Hash identifier: AdsrYxHDQLsT/bfIprlCRqz+mmVQcTmzgaYwo1blKos=
Subject key identifier: 87:E9:E6:D3:7C:4E:2F:C1:93:F4:BB:A8:DC:0A:88:6E:EB:28:C3:29
Certificate issuer: /CN=87958ba661c435ccd25c2060462ef600d2719ee0
Certificate serial: 018CC26D0440C19B0418164D5C067856B133
Authority key identifier: 87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h-nm03xOL8GT9Luo3AqIbusowyk.roa
Signing time: Mon 01 Jan 2024 00:29:33 +0000
ROA not before: Mon 01 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35356
IP address blocks: 80.93.144.0/21 maxlen: 21
80.93.144.0/20 maxlen: 20
80.93.147.0/24 maxlen: 24
80.93.146.0/24 maxlen: 24
80.93.154.0/24 maxlen: 24
80.93.155.0/24 maxlen: 24
80.93.159.0/24 maxlen: 24
80.93.156.0/24 maxlen: 24
80.93.157.0/24 maxlen: 24
83.142.252.0/23 maxlen: 23
83.142.248.0/22 maxlen: 22
83.142.254.0/24 maxlen: 24
83.142.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:04:40:c1:9b:04:18:16:4d:5c:06:78:56:b1:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87958ba661c435ccd25c2060462ef600d2719ee0
Validity
Not Before: Jan 1 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87e9e6d37c4e2fc193f4bba8dc0a886eeb28c329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:4d:fd:d7:1e:0b:7f:73:b1:09:4a:f3:7c:
49:41:0a:64:3e:19:e3:5c:c9:31:58:a3:5c:5c:33:
d0:c2:c9:b4:6a:1d:7e:dd:53:c6:cf:aa:fa:a0:86:
26:3d:c6:ef:c8:55:b9:48:2d:de:16:85:4f:78:60:
e1:f2:d8:db:5d:15:fa:b5:51:1a:ba:f8:57:05:1f:
05:35:2e:4a:94:15:3e:89:1b:10:a2:fa:e0:8a:0c:
59:99:77:b2:80:a5:f9:91:fa:b8:fc:8d:84:30:d5:
2a:a1:05:d2:f4:63:39:c2:f1:f0:bb:9b:08:b3:d7:
d9:b2:8c:a4:5d:24:a7:90:b8:d0:24:20:c4:5c:6f:
b9:47:8c:dd:e9:c5:c4:b5:4d:3d:94:de:9b:5c:97:
1f:26:14:f1:6c:87:be:e5:93:31:af:e3:b8:95:c4:
46:1c:12:71:c0:96:08:a5:b8:f1:d9:02:0a:60:78:
75:9a:04:4d:85:07:30:d5:95:1b:38:0b:c1:75:9c:
44:b0:81:9d:25:d7:fa:c4:b4:97:bc:3c:fe:41:5e:
7e:82:f6:9c:77:de:f1:58:bf:fd:cf:7a:b2:30:42:
34:9b:07:8c:b5:03:0c:81:63:d5:db:3b:fb:d0:5f:
21:a3:96:a0:bb:38:72:91:09:8e:1e:2c:d8:e2:bc:
17:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E9:E6:D3:7C:4E:2F:C1:93:F4:BB:A8:DC:0A:88:6E:EB:28:C3:29
X509v3 Authority Key Identifier:
keyid:87:95:8B:A6:61:C4:35:CC:D2:5C:20:60:46:2E:F6:00:D2:71:9E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h5WLpmHENczSXCBgRi72ANJxnuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h-nm03xOL8GT9Luo3AqIbusowyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/65cf0a-ade3-40b1-9987-8c34e4cf9026/1/h5WLpmHENczSXCBgRi72ANJxnuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.144.0/20
83.142.248.0/21
Signature Algorithm: sha256WithRSAEncryption
06:58:77:63:3b:59:0a:9a:e6:44:f5:ff:39:56:f1:72:df:1b:
4d:5c:4f:be:65:95:51:e0:06:43:94:08:37:bd:d9:1a:d7:71:
52:a0:c8:95:fa:7f:f6:a3:6b:f9:54:a0:c3:79:9c:92:ec:b9:
af:00:70:07:a1:43:21:52:7e:97:3f:55:c4:15:d5:da:ed:74:
9b:15:bb:cf:08:f9:d9:24:1b:ee:3b:48:ef:e7:43:c1:13:27:
2b:e5:b3:50:73:1e:30:ae:8a:5c:66:cb:eb:a3:e8:48:ab:e4:
ac:f2:2a:4c:53:c8:22:b8:6d:7b:bb:b2:5e:80:2d:cd:08:f1:
21:ae:ca:ca:9d:4d:8d:07:15:2b:29:59:76:6a:37:3f:a8:be:
e8:41:cf:e4:4c:d1:65:42:60:36:8b:ed:2c:28:77:8f:eb:c1:
aa:93:4e:d9:11:8b:74:52:89:03:57:ac:27:64:63:b1:65:1f:
d8:4a:d9:69:fd:91:0e:ce:74:7c:38:93:08:3f:68:ae:7f:f7:
08:51:97:46:66:98:ab:c8:ed:cb:8a:74:b1:8b:c2:73:ea:2a:
12:85:ed:e4:d0:6b:05:44:0d:3d:3d:f1:21:1c:2f:67:06:e6:
6b:7b:f5:09:fa:78:e7:07:19:ae:f2:14:9e:31:81:6b:98:c1:
28:56:4d:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbQRAwZsEGBZNXAZ4VrEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3OTU4YmE2NjFjNDM1Y2NkMjVjMjA2MDQ2MmVmNjAwZDI3
MTllZTAwHhcNMjQwMTAxMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U5ZTZkMzdjNGUyZmMxOTNmNGJiYThkYzBhODg2ZWViMjhjMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc9N/dceC39zsQlK83xJQQpkPhnj
XMkxWKNcXDPQwsm0ah1+3VPGz6r6oIYmPcbvyFW5SC3eFoVPeGDh8tjbXRX6tVEa
uvhXBR8FNS5KlBU+iRsQovrgigxZmXeygKX5kfq4/I2EMNUqoQXS9GM5wvHwu5sI
s9fZsoykXSSnkLjQJCDEXG+5R4zd6cXEtU09lN6bXJcfJhTxbIe+5ZMxr+O4lcRG
HBJxwJYIpbjx2QIKYHh1mgRNhQcw1ZUbOAvBdZxEsIGdJdf6xLSXvDz+QV5+gvac
d97xWL/9z3qyMEI0mweMtQMMgWPV2zv70F8ho5aguzhykQmOHizY4rwXZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIfp5tN8Ti/Bk/S7qNwKiG7rKMMpMB8GA1UdIwQY
MBaAFIeVi6ZhxDXM0lwgYEYu9gDScZ7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODct
OGMzNGU0Y2Y5MDI2LzEvaC1ubTAzeE9MOEdUOUx1bzNBcUlidXNvd3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82NWNmMGEtYWRlMy00MGIxLTk5ODctOGMzNGU0Y2Y5MDI2
LzEvaDVXTHBtSEVOY3pTWENCZ1JpNzJBTkp4bnVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUF2QAwQD
U474MA0GCSqGSIb3DQEBCwUAA4IBAQAGWHdjO1kKmuZE9f85VvFy3xtNXE++ZZVR
4AZDlAg3vdka13FSoMiV+n/2o2v5VKDDeZyS7LmvAHAHoUMhUn6XP1XEFdXa7XSb
FbvPCPnZJBvuO0jv50PBEycr5bNQcx4wropcZsvro+hIq+Ss8ipMU8giuG17u7Je
gC3NCPEhrsrKnU2NBxUrKVl2ajc/qL7oQc/kTNFlQmA2i+0sKHeP68Gqk07ZEYt0
UokDV6wnZGOxZR/YStlp/ZEOznR8OJMIP2iuf/cIUZdGZpiryO3LinSxi8Jz6ioS
he3k0GsFRA09PfEhHC9nBuZre/UJ+njnBxmu8hSeMYFrmMEoVk2B
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:31:25 2024 by rpki-client on console-ams.rpki-client.org