Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/hnRzRLzc-5CxEo9D5FmeYAys5AA.roa
File: hnRzRLzc-5CxEo9D5FmeYAys5AA.roa (raw, json)
Hash identifier: icldKDzh3hx+/R6KGwTOvdGHoYprSQ7MBGewiswZ3KQ=
Subject key identifier: 86:74:73:44:BC:DC:FB:90:B1:12:8F:43:E4:59:9E:60:0C:AC:E4:00
Certificate issuer: /CN=7c3d8aa4383504a31aff4b006810a06bcf0305ae
Certificate serial: 018D7918F69BE3B2AAC5482F99BDCDF880CB
Authority key identifier: 7C:3D:8A:A4:38:35:04:A3:1A:FF:4B:00:68:10:A0:6B:CF:03:05:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/hnRzRLzc-5CxEo9D5FmeYAys5AA.roa
Signing time: Mon 05 Feb 2024 11:48:15 +0000
ROA not before: Mon 05 Feb 2024 11:48:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30886
IP address blocks: 31.43.64.0/19 maxlen: 19
31.43.64.0/24 maxlen: 24
31.43.65.0/24 maxlen: 24
31.43.66.0/24 maxlen: 24
31.43.67.0/24 maxlen: 24
31.43.68.0/24 maxlen: 24
31.43.69.0/24 maxlen: 24
31.43.70.0/24 maxlen: 24
31.43.71.0/24 maxlen: 24
31.43.72.0/24 maxlen: 24
31.43.73.0/24 maxlen: 24
31.43.74.0/24 maxlen: 24
31.43.75.0/24 maxlen: 24
31.43.76.0/24 maxlen: 24
31.43.77.0/24 maxlen: 24
31.43.78.0/24 maxlen: 24
31.43.79.0/24 maxlen: 24
31.43.80.0/24 maxlen: 24
31.43.81.0/24 maxlen: 24
31.43.82.0/24 maxlen: 24
31.43.83.0/24 maxlen: 24
31.43.84.0/24 maxlen: 24
31.43.85.0/24 maxlen: 24
31.43.86.0/24 maxlen: 24
31.43.87.0/24 maxlen: 24
31.43.88.0/24 maxlen: 24
31.43.89.0/24 maxlen: 24
31.43.90.0/24 maxlen: 24
31.43.91.0/24 maxlen: 24
31.43.92.0/24 maxlen: 24
31.43.93.0/24 maxlen: 24
31.43.94.0/24 maxlen: 24
31.43.95.0/24 maxlen: 24
91.196.52.0/22 maxlen: 22
91.196.52.0/24 maxlen: 24
91.196.53.0/24 maxlen: 24
91.196.54.0/24 maxlen: 24
91.196.55.0/24 maxlen: 24
94.231.64.0/20 maxlen: 20
94.231.64.0/24 maxlen: 24
94.231.65.0/24 maxlen: 24
94.231.66.0/24 maxlen: 24
94.231.67.0/24 maxlen: 24
94.231.68.0/24 maxlen: 24
94.231.69.0/24 maxlen: 24
94.231.70.0/24 maxlen: 24
94.231.71.0/24 maxlen: 24
94.231.72.0/24 maxlen: 24
94.231.73.0/24 maxlen: 24
94.231.74.0/24 maxlen: 24
94.231.75.0/24 maxlen: 24
94.231.76.0/24 maxlen: 24
94.231.77.0/24 maxlen: 24
94.231.78.0/24 maxlen: 24
94.231.79.0/24 maxlen: 24
193.27.208.0/23 maxlen: 23
193.27.208.0/24 maxlen: 24
193.27.209.0/24 maxlen: 24
193.84.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:18:f6:9b:e3:b2:aa:c5:48:2f:99:bd:cd:f8:80:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d8aa4383504a31aff4b006810a06bcf0305ae
Validity
Not Before: Feb 5 11:48:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86747344bcdcfb90b1128f43e4599e600cace400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:80:80:26:f4:60:2a:d8:a8:14:db:93:17:
15:05:39:1c:24:e9:52:41:0e:f3:93:30:57:ce:f3:
05:58:ca:05:6e:dc:24:2c:34:9f:c4:1d:0d:85:7e:
0f:93:3b:a2:2b:5f:1f:80:80:3e:58:f5:2e:a0:5b:
25:95:b8:56:91:57:42:42:ad:c0:f0:d7:12:c7:38:
4e:df:3e:4a:c4:13:27:d9:12:91:ba:af:54:34:df:
8c:4e:41:7d:7d:28:d5:3f:20:96:97:86:7e:e5:33:
9f:87:5a:99:6f:06:77:2d:93:f5:67:57:c5:1a:d9:
f9:88:cf:e7:7f:06:b4:cd:a7:14:f8:51:00:eb:2d:
21:f8:a9:bd:48:56:34:24:b6:72:24:5d:25:81:e5:
d7:4f:f5:45:75:3b:e3:ba:ef:59:79:2b:5e:b0:1a:
cc:5d:c5:e4:40:bb:38:21:93:ae:ca:98:ca:7f:40:
be:5a:24:27:ed:1f:09:18:ba:c6:0b:db:ac:f1:74:
cf:d4:af:cf:28:5d:82:dd:db:f0:b7:73:41:7f:86:
9e:04:f0:91:83:14:f5:2d:37:4c:d2:ac:7d:3c:57:
d5:96:05:19:41:ad:f0:56:74:29:4e:bb:95:61:41:
8c:8c:fc:a3:35:0e:7e:67:e2:16:3f:2f:45:14:b3:
d3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:74:73:44:BC:DC:FB:90:B1:12:8F:43:E4:59:9E:60:0C:AC:E4:00
X509v3 Authority Key Identifier:
keyid:7C:3D:8A:A4:38:35:04:A3:1A:FF:4B:00:68:10:A0:6B:CF:03:05:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD2KpDg1BKMa_0sAaBCga88DBa4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/hnRzRLzc-5CxEo9D5FmeYAys5AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/a42e94-15b7-4272-9eb0-99db21244edf/1/fD2KpDg1BKMa_0sAaBCga88DBa4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.64.0/19
91.196.52.0/22
94.231.64.0/20
193.27.208.0/23
193.84.22.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:a4:f2:4f:01:73:5d:32:2b:d0:d5:39:fb:bf:3f:91:95:1a:
60:7b:4c:5c:e2:2d:7f:af:0f:98:28:6f:04:1d:49:3d:4b:dd:
d1:19:7d:58:d1:9b:8b:25:23:b5:87:c8:18:92:65:6b:3e:01:
7f:f2:8e:36:08:9f:23:ec:a4:d2:a6:9b:2a:44:61:b1:96:0b:
79:71:f3:20:69:90:ca:85:e0:c2:66:cf:97:a9:07:bd:e4:27:
5e:78:ee:33:cc:0c:1f:32:3c:64:22:35:b3:64:8a:c8:35:3e:
25:a1:35:b3:50:41:6e:84:39:b0:cd:88:2b:c6:29:6b:62:75:
09:e6:05:54:70:ab:ca:6d:c7:6e:32:70:36:f6:ad:d4:c4:07:
6c:07:69:4d:eb:df:86:90:38:86:f9:f2:ee:63:39:b6:ed:66:
5d:9c:e1:db:a8:6c:ef:aa:be:3a:f1:e0:24:52:b5:44:d6:cf:
1f:14:85:8f:62:8d:8b:7d:75:c5:a0:d9:1d:02:70:be:db:b2:
06:65:69:4e:45:8b:55:75:c9:cc:36:fc:46:f5:03:35:db:8e:
c4:4e:e2:b2:45:79:c8:27:58:5d:33:00:e7:8f:3b:a2:6d:51:
99:82:d8:9f:5f:56:48:0f:8c:5f:a4:cc:e2:07:cb:88:26:b7:
58:40:8c:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY15GPab47KqxUgvmb3N+IDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2Q4YWE0MzgzNTA0YTMxYWZmNGIwMDY4MTBhMDZiY2Yw
MzA1YWUwHhcNMjQwMjA1MTE0ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njc0NzM0NGJjZGNmYjkwYjExMjhmNDNlNDU5OWU2MDBjYWNlNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2mAgCb0YCrYqBTbkxcVBTkcJOlS
QQ7zkzBXzvMFWMoFbtwkLDSfxB0NhX4PkzuiK18fgIA+WPUuoFsllbhWkVdCQq3A
8NcSxzhO3z5KxBMn2RKRuq9UNN+MTkF9fSjVPyCWl4Z+5TOfh1qZbwZ3LZP1Z1fF
Gtn5iM/nfwa0zacU+FEA6y0h+Km9SFY0JLZyJF0lgeXXT/VFdTvjuu9ZeStesBrM
XcXkQLs4IZOuypjKf0C+WiQn7R8JGLrGC9us8XTP1K/PKF2C3dvwt3NBf4aeBPCR
gxT1LTdM0qx9PFfVlgUZQa3wVnQpTruVYUGMjPyjNQ5+Z+IWPy9FFLPTlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIZ0c0S83PuQsRKPQ+RZnmAMrOQAMB8GA1UdIwQY
MBaAFHw9iqQ4NQSjGv9LAGgQoGvPAwWuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hNDJlOTQtMTViNy00MjcyLTllYjAt
OTlkYjIxMjQ0ZWRmLzEvaG5SelJMemMtNUN4RW85RDVGbWVZQXlzNUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hNDJlOTQtMTViNy00MjcyLTllYjAtOTlkYjIxMjQ0ZWRm
LzEvZkQyS3BEZzFCS01hXzBzQWFCQ2dhODhEQmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFHytAAwQC
W8Q0AwQEXudAAwQBwRvQAwQAwVQWMA0GCSqGSIb3DQEBCwUAA4IBAQCKpPJPAXNd
MivQ1Tn7vz+RlRpge0xc4i1/rw+YKG8EHUk9S93RGX1Y0ZuLJSO1h8gYkmVrPgF/
8o42CJ8j7KTSppsqRGGxlgt5cfMgaZDKheDCZs+XqQe95CdeeO4zzAwfMjxkIjWz
ZIrINT4loTWzUEFuhDmwzYgrxilrYnUJ5gVUcKvKbcduMnA29q3UxAdsB2lN69+G
kDiG+fLuYzm27WZdnOHbqGzvqr468eAkUrVE1s8fFIWPYo2LfXXFoNkdAnC+27IG
ZWlORYtVdcnMNvxG9QM1247ETuKyRXnIJ1hdMwDnjzuibVGZgtifX1ZID4xfpMzi
B8uIJrdYQIyW
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:13:29 2024 by rpki-client on console-ams.rpki-client.org