Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/8fe938-97e7-4bf1-9b1d-92fcdcfc0e08/1/H3GdPw9H1iG0nuUe6LLj0_39XSE.roa
File: H3GdPw9H1iG0nuUe6LLj0_39XSE.roa (raw, json)
Hash identifier: jGB+5hR97aUgIyxCBSUq60BZDzv4fBmwLux/6RF2ONM=
Subject key identifier: 1F:71:9D:3F:0F:47:D6:21:B4:9E:E5:1E:E8:B2:E3:D3:FD:FD:5D:21
Certificate issuer: /CN=7ccc95c952551b0f9054c74f7c139043bd3f6211
Certificate serial: 018E9DEE9F36224DD1A08365279FFF2A22FA
Authority key identifier: 7C:CC:95:C9:52:55:1B:0F:90:54:C7:4F:7C:13:90:43:BD:3F:62:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fMyVyVJVGw-QVMdPfBOQQ70_YhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/8fe938-97e7-4bf1-9b1d-92fcdcfc0e08/1/H3GdPw9H1iG0nuUe6LLj0_39XSE.roa
Signing time: Tue 02 Apr 2024 08:30:45 +0000
ROA not before: Tue 02 Apr 2024 08:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9026
IP address blocks: 62.212.0.0/19 maxlen: 24
185.120.40.0/22 maxlen: 24
2a02:20::/29 maxlen: 29
2a02:20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/8fe938-97e7-4bf1-9b1d-92fcdcfc0e08/1/fMyVyVJVGw-QVMdPfBOQQ70_YhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/8fe938-97e7-4bf1-9b1d-92fcdcfc0e08/1/fMyVyVJVGw-QVMdPfBOQQ70_YhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/fMyVyVJVGw-QVMdPfBOQQ70_YhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:ee:9f:36:22:4d:d1:a0:83:65:27:9f:ff:2a:22:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccc95c952551b0f9054c74f7c139043bd3f6211
Validity
Not Before: Apr 2 08:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f719d3f0f47d621b49ee51ee8b2e3d3fdfd5d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f5:9c:bc:30:a6:a1:41:10:9e:b7:c3:ca:56:
4a:71:91:45:b1:55:22:33:b1:39:0b:28:90:f0:5d:
32:b1:ef:5f:90:f8:54:95:ab:27:19:24:d6:45:c4:
0d:81:44:90:9f:5d:20:76:92:ca:31:a2:10:1d:ab:
6f:6a:a3:bc:e0:84:8a:d2:b5:d5:57:2b:04:5a:c7:
16:d1:3e:be:ef:c2:d9:cc:0d:53:d0:bf:22:25:6f:
e5:71:e0:15:89:b0:1d:09:86:c8:16:8c:e8:10:92:
74:6e:76:3c:97:61:f4:a5:62:df:64:b0:c7:97:28:
85:75:6d:3a:82:3d:65:48:a4:6d:e8:43:9c:7a:1f:
88:d4:f1:41:98:a6:85:48:b8:62:71:10:3c:a8:cc:
64:13:b2:a4:d9:72:c2:6e:5c:d0:15:6d:b6:5b:75:
aa:2f:fc:6e:eb:86:76:98:d2:ce:64:b9:51:88:94:
a3:44:a2:e4:5e:b4:0d:77:c1:1c:87:50:ab:6f:63:
e0:8a:90:af:92:aa:56:58:02:f4:74:43:66:be:7e:
32:92:6a:0e:a8:01:86:5a:7b:09:63:84:19:f0:c3:
47:fd:f9:8c:1e:66:a7:aa:20:17:35:b9:db:16:97:
81:f6:ef:aa:78:77:25:82:16:81:fa:a2:e5:2f:3a:
ae:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:71:9D:3F:0F:47:D6:21:B4:9E:E5:1E:E8:B2:E3:D3:FD:FD:5D:21
X509v3 Authority Key Identifier:
keyid:7C:CC:95:C9:52:55:1B:0F:90:54:C7:4F:7C:13:90:43:BD:3F:62:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fMyVyVJVGw-QVMdPfBOQQ70_YhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/8fe938-97e7-4bf1-9b1d-92fcdcfc0e08/1/H3GdPw9H1iG0nuUe6LLj0_39XSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/8fe938-97e7-4bf1-9b1d-92fcdcfc0e08/1/fMyVyVJVGw-QVMdPfBOQQ70_YhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.212.0.0/19
185.120.40.0/22
IPv6:
2a02:20::/29
Signature Algorithm: sha256WithRSAEncryption
97:4b:b4:9b:ae:7d:42:66:7f:af:ba:f1:14:66:c7:2b:42:f7:
0c:bb:c1:e7:97:19:86:b4:04:51:4b:fa:a8:77:83:8a:2a:d5:
d8:08:0a:d8:ff:52:c4:00:9b:af:23:81:d9:ca:85:fe:93:73:
40:3b:ee:e4:da:4a:32:dc:2c:fb:d3:c5:05:ea:30:ae:1e:56:
34:fb:05:92:f5:7f:05:95:04:a8:0a:1a:2f:5c:b2:0b:32:b5:
7c:dd:a9:fb:71:cb:2b:e0:a3:f0:11:ea:22:15:2b:27:34:41:
ac:bd:a1:ef:02:4b:60:66:c4:d3:64:1c:19:86:8a:9e:b2:e8:
cd:a9:b7:bb:b9:4a:79:d2:cb:f5:2c:f3:fe:d8:54:39:65:8f:
41:7e:02:85:b0:43:b5:d6:c4:39:73:58:9f:e3:51:27:d0:3d:
d3:08:c9:6c:47:3c:35:2f:7e:31:0f:fd:4c:7e:b1:9f:f1:cd:
86:23:c8:0a:2b:dc:7f:8a:ca:7f:ba:56:0f:af:34:b1:c4:1a:
aa:35:5b:8a:c7:7d:d7:f5:75:e8:70:7f:9a:30:a5:2b:c4:26:
b2:19:ee:c1:6b:c1:8e:51:d5:83:f1:65:35:cf:74:92:f1:3c:
9b:dc:0f:82:ea:82:8c:d1:6c:2e:a9:61:4a:9e:49:7b:9d:78:
f9:37:99:db
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY6d7p82Ik3RoINlJ5//KiL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2M5NWM5NTI1NTFiMGY5MDU0Yzc0ZjdjMTM5MDQzYmQz
ZjYyMTEwHhcNMjQwNDAyMDgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjcxOWQzZjBmNDdkNjIxYjQ5ZWU1MWVlOGIyZTNkM2ZkZmQ1ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vWcvDCmoUEQnrfDylZKcZFFsVUi
M7E5CyiQ8F0yse9fkPhUlasnGSTWRcQNgUSQn10gdpLKMaIQHatvaqO84ISK0rXV
VysEWscW0T6+78LZzA1T0L8iJW/lceAVibAdCYbIFozoEJJ0bnY8l2H0pWLfZLDH
lyiFdW06gj1lSKRt6EOceh+I1PFBmKaFSLhicRA8qMxkE7Kk2XLCblzQFW22W3Wq
L/xu64Z2mNLOZLlRiJSjRKLkXrQNd8Ech1Crb2PgipCvkqpWWAL0dENmvn4ykmoO
qAGGWnsJY4QZ8MNH/fmMHmanqiAXNbnbFpeB9u+qeHclghaB+qLlLzquQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB9xnT8PR9YhtJ7lHuiy49P9/V0hMB8GA1UdIwQY
MBaAFHzMlclSVRsPkFTHT3wTkEO9P2IRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk15VnlWSlZHdy1RVk1kUGZCT1FRNzBfWWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My84ZmU5MzgtOTdlNy00YmYxLTliMWQt
OTJmY2RjZmMwZTA4LzEvSDNHZFB3OUgxaUcwbnVVZTZMTGowXzM5WFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My84ZmU5MzgtOTdlNy00YmYxLTliMWQtOTJmY2RjZmMwZTA4
LzEvZk15VnlWSlZHdy1RVk1kUGZCT1FRNzBfWWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPtQAAwQC
uXgoMA0EAgACMAcDBQMqAgAgMA0GCSqGSIb3DQEBCwUAA4IBAQCXS7Sbrn1CZn+v
uvEUZscrQvcMu8HnlxmGtARRS/qod4OKKtXYCArY/1LEAJuvI4HZyoX+k3NAO+7k
2koy3Cz708UF6jCuHlY0+wWS9X8FlQSoChovXLILMrV83an7ccsr4KPwEeoiFSsn
NEGsvaHvAktgZsTTZBwZhoqesujNqbe7uUp50sv1LPP+2FQ5ZY9BfgKFsEO11sQ5
c1if41En0D3TCMlsRzw1L34xD/1MfrGf8c2GI8gKK9x/isp/ulYPrzSxxBqqNVuK
x33X9XXocH+aMKUrxCayGe7Ba8GOUdWD8WU1z3SS8Tyb3A+C6oKM0WwuqWFKnkl7
nXj5N5nb
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:05 2024 by rpki-client on console-ams.rpki-client.org