Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/066dbd-b447-4b59-8936-c3bc5c521bc5/1/h20u2QWGWGt_GuyRKG7Cif5pCqU.roa
File: h20u2QWGWGt_GuyRKG7Cif5pCqU.roa (raw, json)
Hash identifier: ch11LaY6G2BN8seRyYH7ZOIULH+aChWideO/hlkZVvE=
Subject key identifier: 87:6D:2E:D9:05:86:58:6B:7F:1A:EC:91:28:6E:C2:89:FE:69:0A:A5
Certificate issuer: /CN=1d83fa89a4920ebab6a8196fa7d330744140ae75
Certificate serial: 018CC2DB42573F0472B0E95B034CB0A641DB
Authority key identifier: 1D:83:FA:89:A4:92:0E:BA:B6:A8:19:6F:A7:D3:30:74:41:40:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYP6iaSSDrq2qBlvp9MwdEFArnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/066dbd-b447-4b59-8936-c3bc5c521bc5/1/h20u2QWGWGt_GuyRKG7Cif5pCqU.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51784
IP address blocks: 46.63.96.0/20 maxlen: 24
46.63.0.0/18 maxlen: 23
46.63.112.0/21 maxlen: 24
46.63.120.0/21 maxlen: 21
185.177.188.0/22 maxlen: 24
46.63.64.0/19 maxlen: 24
46.63.64.0/18 maxlen: 18
2a03:69e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/066dbd-b447-4b59-8936-c3bc5c521bc5/1/HYP6iaSSDrq2qBlvp9MwdEFArnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/066dbd-b447-4b59-8936-c3bc5c521bc5/1/HYP6iaSSDrq2qBlvp9MwdEFArnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYP6iaSSDrq2qBlvp9MwdEFArnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 22:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:42:57:3f:04:72:b0:e9:5b:03:4c:b0:a6:41:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d83fa89a4920ebab6a8196fa7d330744140ae75
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=876d2ed90586586b7f1aec91286ec289fe690aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:55:9e:bf:96:7f:07:cf:9e:07:e8:ce:05:c4:
af:f5:e9:ae:6d:f1:27:f2:bd:eb:a1:e3:ee:e1:e1:
3a:32:a1:03:f3:26:b8:54:04:7c:0f:29:68:97:5d:
96:fb:87:a9:4c:b2:0f:b1:79:6d:93:b1:fa:1e:44:
37:64:62:65:03:97:60:1c:52:99:96:0c:86:43:16:
63:5e:00:53:d6:9d:58:86:c4:1f:8c:cf:c9:ec:cc:
9f:cc:d8:84:e4:c0:05:b0:f6:8e:0d:fe:c6:5d:05:
13:1b:24:9b:3e:69:51:e1:0e:57:e0:fb:4a:c6:c7:
b0:de:bb:8d:eb:7a:f5:af:ae:c3:e5:4a:70:25:b5:
e1:3a:b7:07:31:15:52:74:5f:7e:dd:2b:49:2b:28:
7d:f9:d9:72:d5:bb:af:3c:5b:5e:c3:49:ee:c7:dc:
d7:0f:3b:5c:29:ec:0e:81:3f:3f:5a:98:89:f4:e6:
34:57:e5:6e:c8:c3:d5:fc:f2:e1:2f:c1:9f:df:33:
d3:5e:f7:42:a6:4b:5d:9d:e5:e2:19:66:f2:bc:e0:
98:1a:a3:59:f5:33:dd:ed:09:02:06:33:3c:d5:a6:
b1:4d:ca:f3:3b:ca:fa:08:79:52:cc:92:66:55:fc:
25:12:6d:bc:74:7f:af:be:c8:18:6f:68:86:fa:fe:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6D:2E:D9:05:86:58:6B:7F:1A:EC:91:28:6E:C2:89:FE:69:0A:A5
X509v3 Authority Key Identifier:
keyid:1D:83:FA:89:A4:92:0E:BA:B6:A8:19:6F:A7:D3:30:74:41:40:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYP6iaSSDrq2qBlvp9MwdEFArnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/066dbd-b447-4b59-8936-c3bc5c521bc5/1/h20u2QWGWGt_GuyRKG7Cif5pCqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/066dbd-b447-4b59-8936-c3bc5c521bc5/1/HYP6iaSSDrq2qBlvp9MwdEFArnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.63.0.0/17
185.177.188.0/22
IPv6:
2a03:69e0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:1e:b0:f2:49:96:72:7d:0d:4c:e5:fa:d0:a9:b6:0e:2a:00:
37:9a:12:ca:41:4c:bf:0b:d4:1e:10:51:22:3d:d8:0f:4c:6a:
78:5a:18:9c:36:33:b0:87:6f:6f:e0:ec:5a:cc:f6:47:df:ce:
d3:98:5c:9d:36:b7:cd:b2:18:0b:4e:a0:14:bc:92:d1:ce:d5:
ff:71:76:05:c9:ec:29:80:c1:9c:ad:6d:95:f8:ac:2c:75:81:
55:db:0f:b1:02:ac:e7:d2:43:b3:52:41:fc:61:97:ed:e2:ae:
96:79:16:b5:70:9b:1c:2e:f9:a6:f1:0a:e3:6f:01:3d:1e:cb:
41:d6:db:bf:44:68:49:01:e4:9a:bf:f3:c8:96:bf:db:f0:73:
27:e6:dd:0e:49:32:5f:ab:08:3f:43:0e:b3:f4:18:56:b9:19:
b0:4c:8f:18:12:00:d8:ad:c4:bb:34:a0:94:d4:59:a1:3d:66:
98:3c:87:bd:b3:c6:2e:90:a1:50:97:d0:d8:ae:b1:52:66:92:
6a:9d:de:2d:df:40:8e:ce:71:41:6c:3f:4d:e0:1b:a2:84:b8:
98:c3:e2:b9:c1:d8:8d:81:0c:d1:99:d4:98:3f:73:e5:d8:c8:
dc:e9:80:b8:e4:c6:6d:e8:c8:26:f1:87:0b:bb:a9:34:5a:b9:
e9:df:2a:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC20JXPwRysOlbA0ywpkHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODNmYTg5YTQ5MjBlYmFiNmE4MTk2ZmE3ZDMzMDc0NDE0
MGFlNzUwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZkMmVkOTA1ODY1ODZiN2YxYWVjOTEyODZlYzI4OWZlNjkwYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFWev5Z/B8+eB+jOBcSv9emubfEn
8r3roePu4eE6MqED8ya4VAR8Dylol12W+4epTLIPsXltk7H6HkQ3ZGJlA5dgHFKZ
lgyGQxZjXgBT1p1YhsQfjM/J7MyfzNiE5MAFsPaODf7GXQUTGySbPmlR4Q5X4PtK
xsew3ruN63r1r67D5UpwJbXhOrcHMRVSdF9+3StJKyh9+dly1buvPFtew0nux9zX
DztcKewOgT8/WpiJ9OY0V+VuyMPV/PLhL8Gf3zPTXvdCpktdneXiGWbyvOCYGqNZ
9TPd7QkCBjM81aaxTcrzO8r6CHlSzJJmVfwlEm28dH+vvsgYb2iG+v6VRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIdtLtkFhlhrfxrskShuwon+aQqlMB8GA1UdIwQY
MBaAFB2D+omkkg66tqgZb6fTMHRBQK51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlQNmlhU1NEcnEycUJsdnA5TXdkRUZBcm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNjZkYmQtYjQ0Ny00YjU5LTg5MzYt
YzNiYzVjNTIxYmM1LzEvaDIwdTJRV0dXR3RfR3V5UktHN0NpZjVwQ3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wNjZkYmQtYjQ0Ny00YjU5LTg5MzYtYzNiYzVjNTIxYmM1
LzEvSFlQNmlhU1NEcnEycUJsdnA5TXdkRUZBcm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHLj8AAwQC
ubG8MA0EAgACMAcDBQAqA2ngMA0GCSqGSIb3DQEBCwUAA4IBAQBPHrDySZZyfQ1M
5frQqbYOKgA3mhLKQUy/C9QeEFEiPdgPTGp4WhicNjOwh29v4OxazPZH387TmFyd
NrfNshgLTqAUvJLRztX/cXYFyewpgMGcrW2V+KwsdYFV2w+xAqzn0kOzUkH8YZft
4q6WeRa1cJscLvmm8QrjbwE9HstB1tu/RGhJAeSav/PIlr/b8HMn5t0OSTJfqwg/
Qw6z9BhWuRmwTI8YEgDYrcS7NKCU1FmhPWaYPIe9s8YukKFQl9DYrrFSZpJqnd4t
30COznFBbD9N4BuihLiYw+K5wdiNgQzRmdSYP3Pl2Mjc6YC45MZt6Mgm8YcLu6k0
Wrnp3yqo
-----END CERTIFICATE-----
Generated at Wed Dec 4 07:15:03 2024 by rpki-client on console-fra.rpki-client.org