Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/Ht10fYxGyatT4XvAC1FhISS4rEk.roa
File: Ht10fYxGyatT4XvAC1FhISS4rEk.roa (raw, json)
Hash identifier: TsPAL5lJ5UqsphMGvB0C53qMIpN/78mjpCQ04mSsyug=
Subject key identifier: 1E:DD:74:7D:8C:46:C9:AB:53:E1:7B:C0:0B:51:61:21:24:B8:AC:49
Certificate issuer: /CN=292fb09f7e68afe95f23913114e6c0a6aa726fdd
Certificate serial: 0192570C05B9F660BA5680C864FFEBF2C842
Authority key identifier: 29:2F:B0:9F:7E:68:AF:E9:5F:23:91:31:14:E6:C0:A6:AA:72:6F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/Ht10fYxGyatT4XvAC1FhISS4rEk.roa
Signing time: Fri 04 Oct 2024 10:20:58 +0000
ROA not before: Fri 04 Oct 2024 10:20:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43967
IP address blocks: 91.200.180.0/24 maxlen: 24
91.200.181.0/24 maxlen: 24
91.200.182.0/24 maxlen: 24
91.200.183.0/24 maxlen: 24
178.159.224.0/24 maxlen: 24
178.159.225.0/24 maxlen: 24
178.159.226.0/24 maxlen: 24
178.159.227.0/24 maxlen: 24
178.159.228.0/24 maxlen: 24
178.159.229.0/24 maxlen: 24
178.159.230.0/24 maxlen: 24
178.159.231.0/24 maxlen: 24
178.159.232.0/24 maxlen: 24
178.159.233.0/24 maxlen: 24
178.159.234.0/24 maxlen: 24
178.159.235.0/24 maxlen: 24
178.159.236.0/24 maxlen: 24
178.159.237.0/24 maxlen: 24
178.159.238.0/24 maxlen: 24
178.159.239.0/24 maxlen: 24
193.160.97.0/24 maxlen: 24
194.31.44.0/22 maxlen: 22
194.31.44.0/24 maxlen: 24
194.31.45.0/24 maxlen: 24
194.31.46.0/24 maxlen: 24
194.31.47.0/24 maxlen: 24
195.211.136.0/24 maxlen: 24
195.211.137.0/24 maxlen: 24
195.211.138.0/24 maxlen: 24
195.211.139.0/24 maxlen: 24
195.211.140.0/24 maxlen: 24
195.211.141.0/24 maxlen: 24
195.211.142.0/24 maxlen: 24
195.211.143.0/24 maxlen: 24
195.211.144.0/24 maxlen: 24
195.211.145.0/24 maxlen: 24
195.211.146.0/24 maxlen: 24
195.211.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.mft
rsync://rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:57:0c:05:b9:f6:60:ba:56:80:c8:64:ff:eb:f2:c8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292fb09f7e68afe95f23913114e6c0a6aa726fdd
Validity
Not Before: Oct 4 10:20:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1edd747d8c46c9ab53e17bc00b51612124b8ac49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:c3:15:37:b1:17:df:79:55:b9:c7:a7:f4:
c4:56:fb:91:7e:fa:ca:e7:92:8b:21:c4:2b:d0:7b:
36:69:23:ff:62:7a:f6:15:3d:34:56:c8:fc:4b:5f:
8c:00:5f:ee:ef:14:58:be:9d:10:82:5f:66:f9:ad:
da:99:c9:64:6f:36:df:41:9b:40:f8:55:7a:92:5d:
55:6d:ae:05:f9:c4:24:d8:f8:f5:43:e8:c9:55:f4:
d3:95:08:24:cb:c6:51:24:ef:f9:bd:45:6e:08:d9:
a1:14:c2:d9:c6:38:fd:f6:f3:fd:30:6b:f1:f4:48:
6d:12:66:7e:fd:db:67:ca:c4:b5:98:3a:d9:e8:c4:
3e:96:d1:87:3e:0b:cf:62:f5:05:5d:38:6a:cd:f6:
d2:a5:13:5c:7b:0b:eb:c1:2a:b9:8d:d4:24:c4:1e:
6a:6c:c4:9b:a9:a1:f4:e6:a5:18:66:9a:dd:24:0c:
f6:08:b4:8f:41:19:4e:09:57:5c:db:a2:68:77:5b:
5d:f2:fa:65:b2:89:39:29:92:61:19:d2:b9:52:33:
b0:59:f5:0a:f2:0c:85:47:a5:8e:69:d2:86:35:e2:
29:41:18:00:36:e2:43:37:1e:af:fb:9c:36:0d:84:
74:80:a7:ba:e1:73:96:dd:25:4c:7f:c4:6a:f3:e2:
f1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DD:74:7D:8C:46:C9:AB:53:E1:7B:C0:0B:51:61:21:24:B8:AC:49
X509v3 Authority Key Identifier:
keyid:29:2F:B0:9F:7E:68:AF:E9:5F:23:91:31:14:E6:C0:A6:AA:72:6F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS-wn35or-lfI5ExFObApqpyb90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/Ht10fYxGyatT4XvAC1FhISS4rEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e13112-5758-4552-b2ad-ed1b9b8e6470/1/KS-wn35or-lfI5ExFObApqpyb90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.180.0/22
178.159.224.0/20
193.160.97.0/24
194.31.44.0/22
195.211.136.0-195.211.147.255
Signature Algorithm: sha256WithRSAEncryption
2a:0c:dd:b1:79:59:e7:85:4a:ce:2d:4b:c2:6e:14:3e:83:37:
06:f4:c5:67:23:35:f9:42:e3:78:1c:60:ea:6d:eb:d2:2d:05:
77:1b:48:88:4f:e2:f8:7d:3e:f1:7a:6d:81:4b:fc:41:35:b6:
20:0e:ef:7a:19:0b:80:9f:5d:be:fa:23:28:71:bd:2a:d4:dc:
f7:09:9f:8d:b9:da:c3:34:03:50:12:de:90:d2:9c:57:67:6e:
7b:45:34:d3:54:db:d3:24:66:60:d5:05:c2:08:5d:15:c7:06:
e8:7c:83:95:66:74:ad:70:60:d2:83:83:1a:9d:da:64:98:6a:
cc:24:ec:bf:4d:8a:b1:49:86:e9:4f:84:97:f6:f2:a7:f0:44:
db:20:a9:5e:d1:ef:76:98:be:bc:4a:09:13:76:f7:54:47:e5:
34:f4:8f:15:2b:de:5c:53:95:0f:6b:95:3d:d9:48:48:f9:e2:
b3:af:18:b7:e0:9a:c5:8b:93:bd:7d:f9:57:f9:67:0d:e5:2d:
1f:7c:7b:42:44:b6:38:97:f2:8b:83:ea:7b:0c:e7:03:62:d3:
89:53:01:47:71:c7:be:96:e7:a5:0f:90:2a:6a:e4:1e:fa:cc:
e3:87:35:d1:bf:a0:96:a3:79:78:cb:37:07:8d:e7:03:cf:ef:
31:3d:bf:49
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZJXDAW59mC6VoDIZP/r8shCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmZiMDlmN2U2OGFmZTk1ZjIzOTEzMTE0ZTZjMGE2YWE3
MjZmZGQwHhcNMjQxMDA0MTAyMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWRkNzQ3ZDhjNDZjOWFiNTNlMTdiYzAwYjUxNjEyMTI0YjhhYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+rDFTexF995VbnHp/TEVvuRfvrK
55KLIcQr0Hs2aSP/Ynr2FT00Vsj8S1+MAF/u7xRYvp0Qgl9m+a3amclkbzbfQZtA
+FV6kl1Vba4F+cQk2Pj1Q+jJVfTTlQgky8ZRJO/5vUVuCNmhFMLZxjj99vP9MGvx
9EhtEmZ+/dtnysS1mDrZ6MQ+ltGHPgvPYvUFXThqzfbSpRNcewvrwSq5jdQkxB5q
bMSbqaH05qUYZprdJAz2CLSPQRlOCVdc26Jod1td8vplsok5KZJhGdK5UjOwWfUK
8gyFR6WOadKGNeIpQRgANuJDNx6v+5w2DYR0gKe64XOW3SVMf8Rq8+LxnwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFB7ddH2MRsmrU+F7wAtRYSEkuKxJMB8GA1UdIwQY
MBaAFCkvsJ9+aK/pXyORMRTmwKaqcm/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Mtd24zNW9yLWxmSTVFeEZPYkFwcXB5YjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9lMTMxMTItNTc1OC00NTUyLWIyYWQt
ZWQxYjliOGU2NDcwLzEvSHQxMGZZeEd5YXRUNFh2QUMxRmhJU1M0ckVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9lMTMxMTItNTc1OC00NTUyLWIyYWQtZWQxYjliOGU2NDcw
LzEvS1Mtd24zNW9yLWxmSTVFeEZPYkFwcXB5YjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCW8i0AwQE
sp/gAwQAwaBhAwQCwh8sMAwDBAPD04gDBALD05AwDQYJKoZIhvcNAQELBQADggEB
ACoM3bF5WeeFSs4tS8JuFD6DNwb0xWcjNflC43gcYOpt69ItBXcbSIhP4vh9PvF6
bYFL/EE1tiAO73oZC4CfXb76IyhxvSrU3PcJn4252sM0A1AS3pDSnFdnbntFNNNU
29MkZmDVBcIIXRXHBuh8g5VmdK1wYNKDgxqd2mSYaswk7L9NirFJhulPhJf28qfw
RNsgqV7R73aYvrxKCRN291RH5TT0jxUr3lxTlQ9rlT3ZSEj54rOvGLfgmsWLk719
+Vf5Zw3lLR98e0JEtjiX8ouD6nsM5wNi04lTAUdxx76W56UPkCpq5B76zOOHNdG/
oJajeXjLNweN5wPP7zE9v0k=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:29 2024 by rpki-client on console-fra.rpki-client.org