Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HnqDySvvBSULvWz1P8vNATKWW2U.roa
File: HnqDySvvBSULvWz1P8vNATKWW2U.roa (raw, json)
Hash identifier: tLHhlghQ1PChoSDbWk7/6sH0RRyruskzALo5IUPwCxk=
Subject key identifier: 1E:7A:83:C9:2B:EF:05:25:0B:BD:6C:F5:3F:CB:CD:01:32:96:5B:65
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01925742CE0D6EB3E6B61BA1CAFB303E6938
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HnqDySvvBSULvWz1P8vNATKWW2U.roa
Signing time: Fri 04 Oct 2024 11:20:48 +0000
ROA not before: Fri 04 Oct 2024 11:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:57:42:ce:0d:6e:b3:e6:b6:1b:a1:ca:fb:30:3e:69:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 4 11:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e7a83c92bef05250bbd6cf53fcbcd0132965b65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ae:2c:d4:eb:10:41:b3:54:d5:ab:9c:f5:65:
09:1b:04:26:77:0c:d5:97:9d:15:0c:dd:6b:66:96:
12:bd:a8:c2:5c:ec:f6:7b:9a:54:1e:a9:19:1b:b6:
57:d9:9b:f1:90:c4:64:f1:0d:f7:12:7f:de:47:8d:
08:5e:ee:8a:62:2c:c5:99:68:5a:48:e2:c3:ef:dc:
c0:49:d2:f8:aa:ed:53:5c:81:4e:25:bb:4d:97:2b:
28:51:f8:33:14:35:f1:1f:b6:b5:80:8a:fc:56:b1:
af:88:1b:89:ef:00:8a:10:d1:c7:3a:99:c0:a9:36:
66:40:e0:54:9c:7f:ae:05:f4:97:9a:06:e0:00:80:
56:8c:69:67:70:5b:19:4f:0b:1c:2f:54:d8:ba:94:
a0:42:38:9d:37:5e:36:d9:87:65:7c:35:9e:34:ef:
1d:f5:93:97:2d:3b:b7:9b:05:2e:62:2f:bd:cf:d7:
5a:0d:51:2e:a0:26:41:bc:29:55:f1:c7:0e:ba:39:
42:73:ba:97:26:39:47:74:f8:64:63:11:00:d1:40:
aa:fc:d9:44:a2:0b:0d:49:b5:ff:a5:2e:74:96:cc:
98:67:16:84:d8:f2:4c:9e:a7:c7:fb:98:e0:48:a7:
b5:ea:03:fa:99:cb:08:f9:1c:e8:3b:5f:97:d7:f5:
13:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7A:83:C9:2B:EF:05:25:0B:BD:6C:F5:3F:CB:CD:01:32:96:5B:65
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HnqDySvvBSULvWz1P8vNATKWW2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
Signature Algorithm: sha256WithRSAEncryption
74:aa:f1:1b:c4:72:ec:1b:a0:39:89:e7:8a:dd:18:16:6e:60:
5f:cf:45:f6:ca:80:85:c8:ff:78:3a:e2:66:1c:a4:ef:de:ea:
81:d4:e1:8f:14:63:79:e7:a0:15:e2:33:c8:db:52:bd:39:aa:
9b:12:68:ae:01:72:9e:65:1d:1b:c3:12:aa:8c:64:9c:85:eb:
de:f7:77:3a:46:19:ec:aa:f3:08:88:0a:dc:3d:25:f1:4c:11:
2e:e1:b9:3b:11:d5:37:ce:67:6c:ce:49:50:f5:a1:6f:d0:c6:
73:86:f9:b3:e8:70:0d:78:af:f1:77:9d:36:a6:cb:ab:5e:28:
f0:79:f6:4a:d1:d8:5f:dd:ff:48:51:4d:6e:43:7b:a5:8c:51:
e2:f7:c1:f8:05:65:e8:06:82:cf:fb:55:c5:74:71:d0:c4:8e:
6a:57:68:2f:91:9a:87:8f:f6:43:36:41:d5:c9:9e:e6:b5:7d:
f6:9b:f1:87:27:5c:02:07:27:00:27:4f:a5:11:dc:d0:79:3f:
d5:c9:e0:19:19:13:7e:0c:ae:e8:8f:96:2b:36:4f:6c:d9:47:
c1:df:b0:81:3b:5c:2e:fd:ed:1c:61:f8:fa:93:f0:2a:45:25:
7f:eb:0e:cc:ac:a5:48:40:f6:3a:7d:aa:5c:da:4c:c9:05:7f:
af:66:df:ec
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJXQs4NbrPmthuhyvswPmk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjQxMDA0MTEyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTdhODNjOTJiZWYwNTI1MGJiZDZjZjUzZmNiY2QwMTMyOTY1YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K4s1OsQQbNU1auc9WUJGwQmdwzV
l50VDN1rZpYSvajCXOz2e5pUHqkZG7ZX2ZvxkMRk8Q33En/eR40IXu6KYizFmWha
SOLD79zASdL4qu1TXIFOJbtNlysoUfgzFDXxH7a1gIr8VrGviBuJ7wCKENHHOpnA
qTZmQOBUnH+uBfSXmgbgAIBWjGlncFsZTwscL1TYupSgQjidN1422YdlfDWeNO8d
9ZOXLTu3mwUuYi+9z9daDVEuoCZBvClV8ccOujlCc7qXJjlHdPhkYxEA0UCq/NlE
ogsNSbX/pS50lsyYZxaE2PJMnqfH+5jgSKe16gP6mcsI+RzoO1+X1/UTLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB56g8kr7wUlC71s9T/LzQEylltlMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSG5xRHlTdnZCU1VMdld6MVA4dk5BVEtXVzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAJcrBMAwD
BAAlysMDBAElysgwDQYJKoZIhvcNAQELBQADggEBAHSq8RvEcuwboDmJ54rdGBZu
YF/PRfbKgIXI/3g64mYcpO/e6oHU4Y8UY3nnoBXiM8jbUr05qpsSaK4Bcp5lHRvD
EqqMZJyF6973dzpGGeyq8wiICtw9JfFMES7huTsR1TfOZ2zOSVD1oW/QxnOG+bPo
cA14r/F3nTamy6teKPB59krR2F/d/0hRTW5De6WMUeL3wfgFZegGgs/7VcV0cdDE
jmpXaC+RmoeP9kM2QdXJnua1ffab8YcnXAIHJwAnT6UR3NB5P9XJ4BkZE34MruiP
lis2T2zZR8HfsIE7XC797Rxh+PqT8CpFJX/rDsyspUhA9jp9qlzaTMkFf69m3+w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:55 2024 by rpki-client on console-fra.rpki-client.org