Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/H6LotvfmjyBwGbYIP0Wa_ki81v4.roa
File: H6LotvfmjyBwGbYIP0Wa_ki81v4.roa (raw, json)
Hash identifier: aQwlIjbsG81K3zHgGKzJ+RfutSSQ0EFd4ANCexpqrdQ=
Subject key identifier: 1F:A2:E8:B6:F7:E6:8F:20:70:19:B6:08:3F:45:9A:FE:48:BC:D6:FE
Certificate issuer: /CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Certificate serial: 018CC8DE7DB47D170053BA65048C217D0F56
Authority key identifier: C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/H6LotvfmjyBwGbYIP0Wa_ki81v4.roa
Signing time: Tue 02 Jan 2024 06:31:13 +0000
ROA not before: Tue 02 Jan 2024 06:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36384
IP address blocks: 89.207.224.0/24 maxlen: 24
89.207.229.0/24 maxlen: 24
2a00:79e1::/32 maxlen: 32
2a00:79e1:f00::/40 maxlen: 40
2a00:79e1:800::/42 maxlen: 42
2a00:79e1:f000::/38 maxlen: 38
2a00:79e1:abc::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.mft
rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:7d:b4:7d:17:00:53:ba:65:04:8c:21:7d:0f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Validity
Not Before: Jan 2 06:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fa2e8b6f7e68f207019b6083f459afe48bcd6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:86:88:02:c7:14:5f:ec:6c:46:e1:76:27:85:
c8:9c:2f:c1:d5:e2:28:2b:79:61:5b:e5:39:0f:db:
b7:5f:cc:22:f6:6d:30:8c:0e:ed:30:80:13:1b:b7:
1c:3f:40:81:7c:93:13:44:36:3f:12:dd:87:9f:5c:
a9:58:c4:92:fa:af:25:80:b3:d7:2f:69:ec:45:23:
42:e5:91:ce:81:b2:08:89:88:16:1b:d3:c7:fa:95:
62:8d:c0:99:0b:ff:63:44:d2:5f:ec:91:1b:7e:29:
a2:93:55:fd:cb:a8:db:9a:d1:d8:aa:4c:7b:9f:a2:
d9:14:ea:b2:bc:e6:61:5b:23:1e:4e:7e:57:fe:84:
5f:47:e2:73:f8:7d:6e:3f:f3:7e:70:f6:1c:55:ce:
1f:06:e3:11:21:30:9b:22:e7:f6:b8:f7:a3:43:60:
11:00:73:82:d5:26:af:63:cf:ed:64:09:b1:d8:3a:
de:bd:f9:cc:c9:59:6a:26:42:74:31:aa:61:5e:ad:
b1:9a:c8:d6:af:f7:ef:71:89:40:f4:d9:7f:c8:98:
15:61:4a:e8:99:ef:a3:03:58:e3:d3:41:bb:67:fb:
2f:20:08:05:b3:c3:97:fd:1c:7a:a3:52:64:90:c2:
91:0a:54:d7:47:a6:3c:d5:0a:94:49:46:51:c6:3a:
5d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A2:E8:B6:F7:E6:8F:20:70:19:B6:08:3F:45:9A:FE:48:BC:D6:FE
X509v3 Authority Key Identifier:
keyid:C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/H6LotvfmjyBwGbYIP0Wa_ki81v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.224.0/24
89.207.229.0/24
IPv6:
2a00:79e1::/32
Signature Algorithm: sha256WithRSAEncryption
01:d0:4c:a7:09:48:cf:4a:81:89:a5:a5:b6:2b:1b:e6:29:2e:
2b:67:e5:1c:cd:8d:99:92:6b:c6:87:62:63:d1:c1:08:da:07:
4a:c6:bf:af:53:ed:14:64:73:8c:5c:e5:c8:1a:d9:4d:e0:ba:
22:14:f0:62:8c:32:6b:9b:ed:85:5a:09:e5:0a:59:fd:bb:ca:
ae:26:fc:7a:81:f3:f9:40:c6:f3:d3:a1:3d:10:8a:9c:80:b8:
d3:25:d8:a1:ef:ae:64:c3:e5:f8:ab:5b:a7:4e:50:35:a8:49:
a3:8c:e0:89:b0:2e:78:7b:0b:7a:25:9e:dd:1b:63:cb:fb:17:
a6:af:91:40:65:89:0e:94:3d:40:b8:6a:98:ca:61:a8:ac:e1:
65:72:5f:25:59:3d:82:dd:48:63:56:cd:f8:c0:5b:01:c9:30:
4e:47:40:6a:43:9a:27:1b:0e:8c:21:19:fe:2e:0f:bc:ae:04:
3f:33:33:56:5c:bf:57:b2:0c:ee:5a:5b:80:26:3d:4b:6e:76:
94:9b:95:c5:d1:06:74:97:dd:f1:bc:e7:2c:58:fb:77:e3:d8:
6d:89:8e:0c:24:a2:9a:95:e4:50:52:1a:35:93:ea:93:bd:15:
ab:83:50:78:70:cb:72:a8:74:22:f0:5f:cd:ae:29:a6:0b:d2:
e2:5e:d2:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3n20fRcAU7plBIwhfQ9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzQ3ZmJlMjZjOWNkZDc2MjhhZGZlZGI1N2I3OGJlOGRl
NzVlMjkwHhcNMjQwMTAyMDYzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmEyZThiNmY3ZTY4ZjIwNzAxOWI2MDgzZjQ1OWFmZTQ4YmNkNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYaIAscUX+xsRuF2J4XInC/B1eIo
K3lhW+U5D9u3X8wi9m0wjA7tMIATG7ccP0CBfJMTRDY/Et2Hn1ypWMSS+q8lgLPX
L2nsRSNC5ZHOgbIIiYgWG9PH+pVijcCZC/9jRNJf7JEbfimik1X9y6jbmtHYqkx7
n6LZFOqyvOZhWyMeTn5X/oRfR+Jz+H1uP/N+cPYcVc4fBuMRITCbIuf2uPejQ2AR
AHOC1SavY8/tZAmx2DrevfnMyVlqJkJ0MaphXq2xmsjWr/fvcYlA9Nl/yJgVYUro
me+jA1jj00G7Z/svIAgFs8OX/Rx6o1JkkMKRClTXR6Y81QqUSUZRxjpdIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB+i6Lb35o8gcBm2CD9Fmv5IvNb+MB8GA1UdIwQY
MBaAFMB0f74myc3XYorf7bV7eL6N514pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDIt
MzY4NjA4Mzg1ODgzLzEvSDZMb3R2Zm1qeUJ3R2JZSVAwV2Ffa2k4MXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDItMzY4NjA4Mzg1ODgz
LzEvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWc/gAwQA
Wc/lMA0EAgACMAcDBQAqAHnhMA0GCSqGSIb3DQEBCwUAA4IBAQAB0EynCUjPSoGJ
paW2KxvmKS4rZ+UczY2ZkmvGh2Jj0cEI2gdKxr+vU+0UZHOMXOXIGtlN4LoiFPBi
jDJrm+2FWgnlCln9u8quJvx6gfP5QMbz06E9EIqcgLjTJdih765kw+X4q1unTlA1
qEmjjOCJsC54ewt6JZ7dG2PL+xemr5FAZYkOlD1AuGqYymGorOFlcl8lWT2C3Uhj
Vs34wFsByTBOR0BqQ5onGw6MIRn+Lg+8rgQ/MzNWXL9XsgzuWluAJj1LbnaUm5XF
0QZ0l93xvOcsWPt349htiY4MJKKaleRQUho1k+qTvRWrg1B4cMtyqHQi8F/Nrimm
C9LiXtJ1
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:31:42 2024 by rpki-client on console-ams.rpki-client.org