Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/hgHE2YcNDPx46nF-478-JA9tM_U.roa
File: hgHE2YcNDPx46nF-478-JA9tM_U.roa (raw, json)
Hash identifier: 9RsBK40tolHjCTY6WH1gvTZezdYEibJNU29/AGbo5qA=
Subject key identifier: 86:01:C4:D9:87:0D:0C:FC:78:EA:71:7E:E3:BF:3E:24:0F:6D:33:F5
Certificate issuer: /CN=086282e751286fbbecc75ea6edcc254192c55c76
Certificate serial: 018CC424FE8B4E7014E2F007E4AFEC270C86
Authority key identifier: 08:62:82:E7:51:28:6F:BB:EC:C7:5E:A6:ED:CC:25:41:92:C5:5C:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGKC51Eob7vsx16m7cwlQZLFXHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/hgHE2YcNDPx46nF-478-JA9tM_U.roa
Signing time: Mon 01 Jan 2024 08:30:07 +0000
ROA not before: Mon 01 Jan 2024 08:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34086
IP address blocks: 160.44.0.0/16 maxlen: 24
217.150.144.0/20 maxlen: 24
94.100.240.0/20 maxlen: 24
46.29.96.0/21 maxlen: 24
93.188.240.0/21 maxlen: 24
82.192.98.0/23 maxlen: 24
160.44.192.0/20 maxlen: 24
160.44.192.0/21 maxlen: 21
160.44.200.0/21 maxlen: 21
185.9.216.0/22 maxlen: 24
2a00:da8:fffb::/48 maxlen: 48
2a00:da8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/CGKC51Eob7vsx16m7cwlQZLFXHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/CGKC51Eob7vsx16m7cwlQZLFXHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CGKC51Eob7vsx16m7cwlQZLFXHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:fe:8b:4e:70:14:e2:f0:07:e4:af:ec:27:0c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=086282e751286fbbecc75ea6edcc254192c55c76
Validity
Not Before: Jan 1 08:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8601c4d9870d0cfc78ea717ee3bf3e240f6d33f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:77:cc:1c:b5:1d:ae:b6:50:77:20:a3:ab:2c:
fe:d8:92:d7:77:f5:63:12:bd:38:89:2b:43:8b:cf:
b1:1b:02:39:1b:54:65:3f:96:fd:2c:e3:ac:84:a7:
77:32:9d:91:7d:0b:60:6a:28:a5:17:18:94:6c:c5:
f9:3f:c1:aa:7f:e1:35:e6:b4:23:57:de:25:20:c6:
86:63:ff:99:e3:9a:29:1f:e9:d7:b2:5f:2f:db:4d:
6a:5a:30:21:f2:dc:60:bf:9e:34:7a:52:c3:61:62:
6d:e7:a9:85:d3:59:6c:50:14:9c:e0:11:9e:7c:49:
40:64:60:4b:63:b1:a4:7e:1b:1d:c1:78:e7:c9:34:
65:90:9b:3b:96:3f:13:25:59:09:37:e2:b1:34:a2:
cd:44:fb:c8:b4:b0:02:d4:b0:4f:05:82:29:f8:c9:
dd:e1:50:49:1e:08:dc:2a:27:f6:69:2c:2e:8e:48:
93:38:7e:88:e9:4b:d2:c6:67:ff:1e:53:c2:0d:8f:
7d:9b:c6:97:d8:f5:33:ec:04:ff:d9:44:bb:83:88:
ac:6c:b2:bb:e7:46:f1:55:76:04:49:fd:71:a5:9f:
99:88:cf:ed:7b:55:ba:9b:e9:15:d2:11:5c:45:aa:
cf:f0:c8:2b:fc:0d:ba:9a:f2:42:79:b1:93:f5:19:
75:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:01:C4:D9:87:0D:0C:FC:78:EA:71:7E:E3:BF:3E:24:0F:6D:33:F5
X509v3 Authority Key Identifier:
keyid:08:62:82:E7:51:28:6F:BB:EC:C7:5E:A6:ED:CC:25:41:92:C5:5C:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGKC51Eob7vsx16m7cwlQZLFXHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/hgHE2YcNDPx46nF-478-JA9tM_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9d8598-e9e2-4709-b535-6b04aadeef10/1/CGKC51Eob7vsx16m7cwlQZLFXHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.96.0/21
82.192.98.0/23
93.188.240.0/21
94.100.240.0/20
160.44.0.0/16
185.9.216.0/22
217.150.144.0/20
IPv6:
2a00:da8::/32
Signature Algorithm: sha256WithRSAEncryption
af:7e:e0:fb:d2:80:9e:f7:2b:ed:00:fa:10:0c:25:fe:a7:a1:
dc:2e:50:9c:47:f2:72:b9:9c:ec:52:f9:6a:72:f2:b4:11:eb:
8e:10:4b:86:81:8e:5a:bc:84:30:ed:43:f0:24:c7:d8:bc:98:
92:e0:07:0b:0f:cf:d3:46:c9:03:24:75:fa:9b:52:91:11:a5:
ef:b3:0d:27:16:0c:c4:93:b1:de:a4:ee:e8:4d:92:f1:e9:e0:
aa:8d:dc:76:f6:c2:b9:fa:04:2e:6b:63:5e:e6:f1:21:a0:3b:
36:4f:93:fb:f0:d3:f4:47:ab:6f:59:35:e7:87:dd:36:a0:66:
d5:07:01:97:ef:3d:06:c1:f9:9b:9a:e9:40:09:86:16:a0:76:
3f:04:54:be:c0:6c:b0:96:e9:3f:a3:96:1c:f7:df:62:ab:5c:
dd:0f:45:77:72:d9:4d:da:96:01:f1:73:2f:97:5b:b3:aa:8b:
cb:3d:25:17:4b:a0:a9:72:2c:1c:1f:67:d1:44:bb:14:e5:79:
0c:c0:a3:8b:44:48:d1:7c:19:21:38:d1:c4:67:a5:a7:7a:42:
b2:5e:64:76:c2:63:bc:f7:3b:ec:20:90:68:06:1b:2a:77:14:
0a:2a:0b:91:ff:66:b2:88:7d:a1:4d:ca:7d:3f:97:e5:d6:47:
56:eb:ca:f5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzEJP6LTnAU4vAH5K/sJwyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NjI4MmU3NTEyODZmYmJlY2M3NWVhNmVkY2MyNTQxOTJj
NTVjNzYwHhcNMjQwMTAxMDgzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAxYzRkOTg3MGQwY2ZjNzhlYTcxN2VlM2JmM2UyNDBmNmQzM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXfMHLUdrrZQdyCjqyz+2JLXd/Vj
Er04iStDi8+xGwI5G1RlP5b9LOOshKd3Mp2RfQtgaiilFxiUbMX5P8Gqf+E15rQj
V94lIMaGY/+Z45opH+nXsl8v201qWjAh8txgv540elLDYWJt56mF01lsUBSc4BGe
fElAZGBLY7GkfhsdwXjnyTRlkJs7lj8TJVkJN+KxNKLNRPvItLAC1LBPBYIp+Mnd
4VBJHgjcKif2aSwujkiTOH6I6UvSxmf/HlPCDY99m8aX2PUz7AT/2US7g4isbLK7
50bxVXYESf1xpZ+ZiM/te1W6m+kV0hFcRarP8Mgr/A26mvJCebGT9Rl1zQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIYBxNmHDQz8eOpxfuO/PiQPbTP1MB8GA1UdIwQY
MBaAFAhigudRKG+77Mdepu3MJUGSxVx2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0dLQzUxRW9iN3ZzeDE2bTdjd2xRWkxGWEhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZDg1OTgtZTllMi00NzA5LWI1MzUt
NmIwNGFhZGVlZjEwLzEvaGdIRTJZY05EUHg0Nm5GLTQ3OC1KQTl0TV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZDg1OTgtZTllMi00NzA5LWI1MzUtNmIwNGFhZGVlZjEw
LzEvQ0dLQzUxRW9iN3ZzeDE2bTdjd2xRWkxGWEhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQDLh1gAwQB
UsBiAwQDXbzwAwQEXmTwAwMAoCwDBAK5CdgDBATZlpAwDQQCAAIwBwMFACoADagw
DQYJKoZIhvcNAQELBQADggEBAK9+4PvSgJ73K+0A+hAMJf6nodwuUJxH8nK5nOxS
+Wpy8rQR644QS4aBjlq8hDDtQ/Akx9i8mJLgBwsPz9NGyQMkdfqbUpERpe+zDScW
DMSTsd6k7uhNkvHp4KqN3Hb2wrn6BC5rY17m8SGgOzZPk/vw0/RHq29ZNeeH3Tag
ZtUHAZfvPQbB+Zua6UAJhhagdj8EVL7AbLCW6T+jlhz332KrXN0PRXdy2U3algHx
cy+XW7Oqi8s9JRdLoKlyLBwfZ9FEuxTleQzAo4tESNF8GSE40cRnpad6QrJeZHbC
Y7z3O+wgkGgGGyp3FAoqC5H/ZrKIfaFNyn0/l+XWR1bryvU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:31 2024 by rpki-client on console-fra.rpki-client.org