Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hU5hJnmXMqOuCMNi3CxC_NIUHPQ.roa
File: hU5hJnmXMqOuCMNi3CxC_NIUHPQ.roa (raw, json)
Hash identifier: KCJMxEPhIqamI11Klv71Us5CikENYeu1RSQG1psS1Jg=
Subject key identifier: 85:4E:61:26:79:97:32:A3:AE:08:C3:62:DC:2C:42:FC:D2:14:1C:F4
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 018F05BEE97D0926ADFD14ACA486DBE49F9A
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hU5hJnmXMqOuCMNi3CxC_NIUHPQ.roa
Signing time: Mon 22 Apr 2024 12:19:08 +0000
ROA not before: Mon 22 Apr 2024 12:19:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6696
IP address blocks: 109.69.218.0/24 maxlen: 24
128.127.180.0/24 maxlen: 24
185.99.48.0/24 maxlen: 24
185.99.49.0/24 maxlen: 24
185.99.50.0/24 maxlen: 24
185.192.44.0/22 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.45.0/24 maxlen: 24
193.105.133.0/24 maxlen: 24
193.138.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:be:e9:7d:09:26:ad:fd:14:ac:a4:86:db:e4:9f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Apr 22 12:19:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=854e6126799732a3ae08c362dc2c42fcd2141cf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:f0:4f:b2:ca:1c:01:14:13:01:2b:4a:e7:
5b:81:a9:b9:a2:82:86:8b:7d:ba:b8:bc:14:9d:72:
c0:69:c1:04:ee:67:8e:7c:4d:5c:52:90:5d:8f:c5:
9b:62:2f:b2:7d:b2:be:30:95:b2:86:a9:22:4d:60:
2d:04:88:c1:03:92:01:f8:a3:42:e0:bb:9e:ca:97:
a8:ff:d4:ad:ac:56:94:9f:12:74:6f:31:04:97:12:
e5:a3:69:fd:b3:86:1a:a2:f8:65:88:c9:fc:78:79:
0c:bf:ab:06:97:30:7d:2b:d7:2f:26:41:ca:df:3c:
85:da:89:05:e3:b2:c1:87:fe:25:08:32:34:d4:8e:
89:58:2d:d3:82:95:62:77:32:c3:47:ca:86:cc:ea:
38:10:e4:83:ef:e8:a9:af:d7:0e:25:4c:59:9c:5a:
3b:78:6e:81:62:20:8f:04:ea:3f:3d:28:f3:eb:45:
78:a8:56:83:49:76:c1:90:1a:a6:4d:e6:32:2d:53:
3c:87:ba:d1:54:fc:68:84:6c:04:3f:aa:e9:ee:9d:
a1:cb:8f:6e:5c:ff:2b:c1:04:ef:07:64:97:0d:fb:
10:98:3d:90:3e:5f:7f:34:c0:78:ff:48:8c:8f:9c:
10:d0:40:da:3a:ff:a9:a9:16:20:ca:31:31:49:b5:
c4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4E:61:26:79:97:32:A3:AE:08:C3:62:DC:2C:42:FC:D2:14:1C:F4
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hU5hJnmXMqOuCMNi3CxC_NIUHPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.218.0/24
128.127.180.0/24
185.99.48.0-185.99.50.255
185.192.44.0/22
193.105.133.0/24
193.138.101.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ab:0f:f7:1d:f8:6e:7c:58:fe:7a:cc:b9:91:12:57:62:1e:
c7:3b:4e:61:a6:69:70:0d:3e:14:1e:17:10:9b:b1:13:28:44:
67:ec:00:b8:04:e9:53:16:a7:a0:85:4d:89:f1:4c:00:4e:dd:
ea:ec:63:69:0c:9c:94:34:23:b5:f3:ff:5a:e4:af:b6:64:0f:
00:95:ff:6f:47:1b:fa:c0:c0:6a:bb:2e:fa:52:9c:d4:12:35:
6e:3b:f9:ac:22:53:d9:61:64:80:42:7b:8f:55:81:0e:3b:d4:
a1:5d:f6:7f:9d:eb:03:49:c9:69:bf:2e:c1:52:f6:91:13:22:
40:42:48:c1:a8:0e:c5:ac:65:f3:90:ca:de:58:2b:a2:96:d2:
7e:45:b7:8f:ee:75:f9:03:b7:b7:f5:5a:4e:c8:fb:f2:61:2a:
9f:f9:13:53:9b:5e:58:72:e9:61:66:0a:08:e7:88:fa:4a:0d:
4d:92:9c:54:92:88:9b:06:eb:0e:ed:5d:89:b5:a3:25:c6:68:
c3:fe:19:a2:66:ac:4a:46:72:eb:26:a3:77:be:1a:1a:b7:31:
52:22:0e:8e:5b:9a:86:a6:d6:2d:b3:da:4b:f0:b3:05:3e:6f:
74:83:b1:bc:cc:54:37:5a:1e:95:2d:d2:5f:94:0e:35:5e:08:
b1:0e:b2:81
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY8Fvul9CSat/RSspIbb5J+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNDU2Y2RiNGQxNDAzNDVjM2RjYWViZmM3NjM0ZDRlN2Nk
Y2I5MTMwHhcNMjQwNDIyMTIxOTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRlNjEyNjc5OTczMmEzYWUwOGMzNjJkYzJjNDJmY2QyMTQxY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYTwT7LKHAEUEwErSudbgam5ooKG
i326uLwUnXLAacEE7meOfE1cUpBdj8WbYi+yfbK+MJWyhqkiTWAtBIjBA5IB+KNC
4Lueypeo/9StrFaUnxJ0bzEElxLlo2n9s4YaovhliMn8eHkMv6sGlzB9K9cvJkHK
3zyF2okF47LBh/4lCDI01I6JWC3TgpVidzLDR8qGzOo4EOSD7+ipr9cOJUxZnFo7
eG6BYiCPBOo/PSjz60V4qFaDSXbBkBqmTeYyLVM8h7rRVPxohGwEP6rp7p2hy49u
XP8rwQTvB2SXDfsQmD2QPl9/NMB4/0iMj5wQ0EDaOv+pqRYgyjExSbXEjQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIVOYSZ5lzKjrgjDYtwsQvzSFBz0MB8GA1UdIwQY
MBaAFN5FbNtNFANFw9yuv8djTU583LkTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEt
OTI4ZTdiYzY5NTcwLzEvaFU1aEpubVhNcU91Q01OaTNDeENfTklVSFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8yMGNiMzMtZTJiZi00NmFhLWFiZmEtOTI4ZTdiYzY5NTcw
LzEvM2tWczIwMFVBMFhEM0s2X3gyTk5UbnpjdVJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAbUXaAwQA
gH+0MAwDBAS5YzADBAC5YzIDBAK5wCwDBADBaYUDBADBimUwDQYJKoZIhvcNAQEL
BQADggEBAGurD/cd+G58WP56zLmREldiHsc7TmGmaXANPhQeFxCbsRMoRGfsALgE
6VMWp6CFTYnxTABO3ersY2kMnJQ0I7Xz/1rkr7ZkDwCV/29HG/rAwGq7LvpSnNQS
NW47+awiU9lhZIBCe49VgQ471KFd9n+d6wNJyWm/LsFS9pETIkBCSMGoDsWsZfOQ
yt5YK6KW0n5Ft4/udfkDt7f1Wk7I+/JhKp/5E1ObXlhy6WFmCgjniPpKDU2SnFSS
iJsG6w7tXYm1oyXGaMP+GaJmrEpGcusmo3e+Ghq3MVIiDo5bmoam1i2z2kvwswU+
b3SDsbzMVDdaHpUt0l+UDjVeCLEOsoE=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:31:28 2024 by rpki-client on console-ams.rpki-client.org