Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hcq483UibR0dRYHW5pHtUFJa89c.roa
File: Hcq483UibR0dRYHW5pHtUFJa89c.roa (raw, json)
Hash identifier: 5uJjfGd27+BXfVKcUPBMbPaObPY4d40eqwcfkYoZyxk=
Subject key identifier: 1D:CA:B8:F3:75:22:6D:1D:1D:45:81:D6:E6:91:ED:50:52:5A:F3:D7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0192FD4A5C738D1901B29D98092500007ED2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hcq483UibR0dRYHW5pHtUFJa89c.roa
Signing time: Tue 05 Nov 2024 17:06:01 +0000
ROA not before: Tue 05 Nov 2024 17:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 80.240.88.0/21 maxlen: 24
81.168.122.0/24 maxlen: 24
82.152.131.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.19.0/24 maxlen: 24
82.163.24.0/21 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.108.0/23 maxlen: 24
89.213.110.0/24 maxlen: 24
89.213.122.0/24 maxlen: 24
89.213.126.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.194.0/23 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.240.0/23 maxlen: 24
89.213.249.0/24 maxlen: 24
89.213.250.0/24 maxlen: 24
109.176.230.0/24 maxlen: 24
213.210.16.0/24 maxlen: 24
213.210.18.0/24 maxlen: 24
213.210.33.0/24 maxlen: 24
213.210.51.0/24 maxlen: 24
213.218.220.0/24 maxlen: 24
217.144.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:4a:5c:73:8d:19:01:b2:9d:98:09:25:00:00:7e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 5 17:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dcab8f375226d1d1d4581d6e691ed50525af3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:12:5a:e9:55:e9:5c:89:d9:9f:17:22:aa:7c:
b8:fd:8b:fa:f0:f8:08:fd:d3:2c:d8:07:79:0b:8f:
35:9f:f2:4e:40:e8:35:3e:02:18:a9:ab:ae:15:e4:
16:bc:71:46:09:f0:3b:12:e8:9e:6a:f9:dc:e0:7e:
16:23:7d:df:21:ac:62:66:c2:b3:25:51:c9:0b:2f:
2b:c9:8b:16:2a:8e:ac:2a:d2:a3:d4:ff:98:d3:f7:
56:d7:3c:c7:b3:f0:a6:02:98:8f:de:e5:a7:4a:79:
bf:0f:5b:be:e4:83:c4:75:ab:78:93:c6:31:5d:74:
a8:ca:78:0e:a9:8f:22:a1:b6:da:60:4d:b9:e7:b0:
b0:fd:48:fb:9f:86:53:2a:4a:2b:29:f8:44:19:a6:
a7:d1:75:65:a4:ba:d6:5c:5b:66:8a:3c:5c:7c:e7:
b0:f7:af:a1:9b:c6:3b:ff:2e:48:2a:26:db:50:a1:
7c:82:33:31:cc:6b:9f:68:55:3c:57:34:dd:1e:4a:
d9:c0:36:2f:4c:16:a0:02:7f:9d:f6:bd:c6:a9:11:
77:52:2c:7c:7c:17:97:0d:e1:ab:a6:0b:6d:08:ff:
79:81:8d:e1:31:9b:32:3a:22:02:5f:91:28:fb:79:
0a:2e:6d:cc:fc:64:b3:83:88:10:2d:86:dc:3e:e7:
d7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CA:B8:F3:75:22:6D:1D:1D:45:81:D6:E6:91:ED:50:52:5A:F3:D7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Hcq483UibR0dRYHW5pHtUFJa89c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
81.168.122.0/24
82.152.131.0/24
82.152.174.0/23
82.153.208.0/22
82.163.19.0/24
82.163.24.0/21
89.213.58.0/24
89.213.60.0/23
89.213.108.0-89.213.110.255
89.213.122.0/24
89.213.126.0/24
89.213.143.0/24
89.213.147.0/24
89.213.181.0/24
89.213.194.0/23
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.240.0/23
89.213.249.0-89.213.250.255
109.176.230.0/24
213.210.16.0/24
213.210.18.0/24
213.210.33.0/24
213.210.51.0/24
213.218.220.0/24
217.144.151.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:8c:3a:da:80:08:80:3b:35:ab:7a:47:3b:2e:0b:12:6c:dc:
20:83:b8:fc:9f:50:18:6f:db:be:41:53:bf:04:b3:54:78:73:
94:3e:09:86:5e:f4:93:51:fa:cd:d9:9d:eb:aa:e9:eb:db:3c:
74:f9:05:86:ec:e0:57:49:db:35:79:58:09:da:1a:8e:9e:a7:
71:ee:36:96:52:83:43:61:cd:90:1c:56:ee:93:d3:73:0d:74:
0e:58:2f:47:07:06:8f:3e:82:aa:86:01:ce:3e:41:a6:24:aa:
c1:a7:cd:55:06:2b:70:2e:e5:50:f5:f6:c9:6e:2e:63:02:8c:
1e:7c:e0:65:13:c0:f5:2f:43:03:96:d1:ad:c7:eb:67:01:16:
49:88:2a:df:6a:4d:62:ec:94:fb:71:66:1e:50:da:4c:74:3f:
df:0f:3f:b3:bc:25:42:d6:69:c8:25:e7:9b:68:ee:d7:bc:11:
60:76:e6:b0:48:3a:33:08:35:68:17:d5:cd:eb:42:91:ae:a9:
a6:a5:30:f6:00:e5:83:c4:c6:ac:7e:44:ce:78:3e:cf:d5:b1:
fe:54:91:bb:4d:4d:aa:c6:17:7d:4a:83:27:4b:3d:44:7e:6c:
d0:a2:df:a4:d7:8f:ae:ad:5c:6d:90:b8:46:ad:f3:10:d3:c9:
cb:2c:1e:b5
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZL9SlxzjRkBsp2YCSUAAH7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTA1MTcwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNhYjhmMzc1MjI2ZDFkMWQ0NTgxZDZlNjkxZWQ1MDUyNWFmM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixJa6VXpXInZnxciqny4/Yv68PgI
/dMs2Ad5C481n/JOQOg1PgIYqauuFeQWvHFGCfA7Euieavnc4H4WI33fIaxiZsKz
JVHJCy8ryYsWKo6sKtKj1P+Y0/dW1zzHs/CmApiP3uWnSnm/D1u+5IPEdat4k8Yx
XXSoyngOqY8iobbaYE2557Cw/Uj7n4ZTKkorKfhEGaan0XVlpLrWXFtmijxcfOew
96+hm8Y7/y5IKibbUKF8gjMxzGufaFU8VzTdHkrZwDYvTBagAn+d9r3GqRF3Uix8
fBeXDeGrpgttCP95gY3hMZsyOiICX5Eo+3kKLm3M/GSzg4gQLYbcPufXbwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFB3KuPN1Im0dHUWB1uaR7VBSWvPXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSGNxNDgzVWliUjBkUllIVzVwSHRVRkphODljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBANQ
8FgDBABRqHoDBABSmIMDBAFSmK4DBAJSmdADBABSoxMDBANSoxgDBABZ1ToDBAFZ
1TwwDAMEAlnVbAMEAFnVbgMEAFnVegMEAFnVfgMEAFnVjwMEAFnVkwMEAFnVtQME
AVnVwjAMAwQBWdXGAwQBWdXMAwQAWdXkAwQBWdXwMAwDBABZ1fkDBABZ1foDBABt
sOYDBADV0hADBADV0hIDBADV0iEDBADV0jMDBADV2twDBADZkJcwDQYJKoZIhvcN
AQELBQADggEBAFqMOtqACIA7Nat6RzsuCxJs3CCDuPyfUBhv275BU78Es1R4c5Q+
CYZe9JNR+s3Zneuq6evbPHT5BYbs4FdJ2zV5WAnaGo6ep3HuNpZSg0NhzZAcVu6T
03MNdA5YL0cHBo8+gqqGAc4+QaYkqsGnzVUGK3Au5VD19sluLmMCjB584GUTwPUv
QwOW0a3H62cBFkmIKt9qTWLslPtxZh5Q2kx0P98PP7O8JULWacgl55to7te8EWB2
5rBIOjMINWgX1c3rQpGuqaalMPYA5YPExqx+RM54Ps/Vsf5UkbtNTarGF31KgydL
PUR+bNCi36TXj66tXG2QuEat8xDTycssHrU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:28 2024 by rpki-client on console-ams.rpki-client.org