Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/N-HIR8tb2G84PV5sJjY95rZvucM.roa
File: N-HIR8tb2G84PV5sJjY95rZvucM.roa (raw, json)
Hash identifier: DEZVBHtG/qqJmsooBl/1qs4w1TSw5XdxadxCcTiPJ0o=
Subject key identifier: 37:E1:C8:47:CB:5B:D8:6F:38:3D:5E:6C:26:36:3D:E6:B6:6F:B9:C3
Certificate issuer: /CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Certificate serial: 018CC9BCCC9B6C38DE12FAB47E74FA9ADC9B
Authority key identifier: D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/N-HIR8tb2G84PV5sJjY95rZvucM.roa
Signing time: Tue 02 Jan 2024 10:34:02 +0000
ROA not before: Tue 02 Jan 2024 10:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50616
IP address blocks: 185.156.12.0/22 maxlen: 23
31.22.48.0/22 maxlen: 23
31.22.52.0/22 maxlen: 23
31.22.56.0/22 maxlen: 23
31.22.60.0/22 maxlen: 23
109.234.232.0/22 maxlen: 23
109.234.236.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:cc:9b:6c:38:de:12:fa:b4:7e:74:fa:9a:dc:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Validity
Not Before: Jan 2 10:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37e1c847cb5bd86f383d5e6c26363de6b66fb9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fb:54:bb:e9:58:8e:f5:cc:f8:8b:4b:a3:0c:
1a:18:a4:78:e8:e8:fb:2c:51:03:cd:20:7f:2f:a3:
ed:16:c2:ce:d1:d8:9c:2b:4e:02:ab:31:14:3b:6a:
a3:d5:e2:4e:8c:d5:1b:a1:48:ca:ee:df:f7:7c:e7:
9e:e3:30:33:ee:57:64:80:53:26:47:13:88:12:4c:
42:fa:2f:6d:a2:aa:b6:87:81:0b:e5:ae:e5:44:16:
70:8a:6e:f3:d7:85:bb:33:00:1a:69:48:a7:52:92:
df:70:15:f7:52:18:67:56:39:00:4e:30:a6:c7:fc:
9c:6d:1f:ff:85:90:38:91:a9:e5:9d:43:c4:da:2c:
b5:9c:73:6c:f7:7e:8d:bb:cd:42:47:35:bc:67:a7:
22:25:7d:75:8c:79:24:e7:b3:33:13:c9:e5:e7:22:
7f:27:77:7c:d8:7d:69:b5:86:d2:d7:f2:cb:94:47:
3d:df:8b:df:3f:6e:a5:da:f7:6d:89:60:8c:5d:8a:
fd:56:ca:d3:d8:3f:ef:d8:fe:17:e5:40:94:62:68:
3e:de:af:f0:5e:5d:6a:41:b4:58:b2:a2:b3:a2:2c:
b6:b1:bd:6f:4f:ea:85:b1:3c:93:26:eb:a4:f8:55:
aa:07:72:79:4e:c4:ec:30:3e:57:d5:f3:7a:14:46:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:E1:C8:47:CB:5B:D8:6F:38:3D:5E:6C:26:36:3D:E6:B6:6F:B9:C3
X509v3 Authority Key Identifier:
keyid:D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/N-HIR8tb2G84PV5sJjY95rZvucM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.48.0/20
109.234.232.0/21
185.156.12.0/22
Signature Algorithm: sha256WithRSAEncryption
73:09:0d:ef:91:ab:c5:7e:ce:5c:a6:1a:21:d9:4c:ca:c6:d2:
02:33:e2:6f:f2:9c:73:7c:78:db:a7:ef:f1:35:75:53:28:ef:
48:71:e5:aa:2e:92:a7:49:87:76:50:ed:08:47:63:b2:03:78:
08:3e:99:c3:7e:70:6a:08:fa:6c:e8:09:9f:ae:a5:84:95:cd:
8d:f1:f5:30:3f:d0:81:43:66:0a:c9:2e:a7:17:51:e2:a8:b4:
c9:b0:a6:07:83:43:38:e5:00:b0:5d:40:a9:dd:b4:5f:a9:67:
c3:8d:52:20:e9:9a:87:38:af:b9:62:83:71:ea:73:af:57:19:
54:db:e4:d2:b3:02:c2:2d:fa:52:64:67:5e:5e:98:99:2c:9a:
d9:1a:be:2a:0a:bd:f3:c1:07:6f:99:78:15:41:3a:7b:b0:6b:
7c:e0:13:d9:7a:e3:84:4e:f6:7f:27:13:7f:a1:91:ad:e0:39:
68:86:b7:60:1e:f6:d9:cb:71:66:92:4a:7f:e7:41:72:d2:2f:
bb:0b:d6:1c:58:40:7a:0a:83:99:aa:02:a3:d9:96:42:52:ab:
b1:97:89:72:26:08:04:4c:ca:bf:37:99:9b:1e:99:7c:3c:ce:
f0:2c:de:33:e3:ca:1a:43:a0:a4:56:e6:b7:b3:93:fa:af:0d:
83:75:cd:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvMybbDjeEvq0fnT6mtybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTRlODFkNzJmNTljNjVhMGQxODE0NGExYjI2MDc5ODM1
MzZiNGEwHhcNMjQwMTAyMTAzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2UxYzg0N2NiNWJkODZmMzgzZDVlNmMyNjM2M2RlNmI2NmZiOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhftUu+lYjvXM+ItLowwaGKR46Oj7
LFEDzSB/L6PtFsLO0dicK04CqzEUO2qj1eJOjNUboUjK7t/3fOee4zAz7ldkgFMm
RxOIEkxC+i9toqq2h4EL5a7lRBZwim7z14W7MwAaaUinUpLfcBX3UhhnVjkATjCm
x/ycbR//hZA4kanlnUPE2iy1nHNs936Nu81CRzW8Z6ciJX11jHkk57MzE8nl5yJ/
J3d82H1ptYbS1/LLlEc934vfP26l2vdtiWCMXYr9VsrT2D/v2P4X5UCUYmg+3q/w
Xl1qQbRYsqKzoiy2sb1vT+qFsTyTJuuk+FWqB3J5TsTsMD5X1fN6FEb4OQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDfhyEfLW9hvOD1ebCY2Pea2b7nDMB8GA1UdIwQY
MBaAFNeU6B1y9ZxloNGBRKGyYHmDU2tKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYt
Y2NhNTJiNjI2ZmNhLzEvTi1ISVI4dGIyRzg0UFY1c0pqWTk1clp2dWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYtY2NhNTJiNjI2ZmNh
LzEvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEHxYwAwQD
beroAwQCuZwMMA0GCSqGSIb3DQEBCwUAA4IBAQBzCQ3vkavFfs5cphoh2UzKxtIC
M+Jv8pxzfHjbp+/xNXVTKO9IceWqLpKnSYd2UO0IR2OyA3gIPpnDfnBqCPps6Amf
rqWElc2N8fUwP9CBQ2YKyS6nF1HiqLTJsKYHg0M45QCwXUCp3bRfqWfDjVIg6ZqH
OK+5YoNx6nOvVxlU2+TSswLCLfpSZGdeXpiZLJrZGr4qCr3zwQdvmXgVQTp7sGt8
4BPZeuOETvZ/JxN/oZGt4DlohrdgHvbZy3Fmkkp/50Fy0i+7C9YcWEB6CoOZqgKj
2ZZCUquxl4lyJggETMq/N5mbHpl8PM7wLN4z48oaQ6CkVua3s5P6rw2Ddc3V
-----END CERTIFICATE-----
Generated at Fri May 17 18:22:10 2024 by rpki-client on console-ams.rpki-client.org