Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/g49_ht_UQkrOoz_NNRBwy0fJRuM.roa
File: g49_ht_UQkrOoz_NNRBwy0fJRuM.roa (raw, json)
Hash identifier: UjLB7wGn0LdbyLF4Q3xh9f0k1EbeE5tHH78pJ4K1/d8=
Subject key identifier: 83:8F:7F:86:DF:D4:42:4A:CE:A3:3F:CD:35:10:70:CB:47:C9:46:E3
Certificate issuer: /CN=134efe7c541f5406dc7e0ff268d05582baefc996
Certificate serial: 018CCA99592015C2015A4F8F7D29DE9F5027
Authority key identifier: 13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/g49_ht_UQkrOoz_NNRBwy0fJRuM.roa
Signing time: Tue 02 Jan 2024 14:34:56 +0000
ROA not before: Tue 02 Jan 2024 14:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 194.127.98.0/23 maxlen: 23
45.91.40.0/22 maxlen: 22
94.140.6.0/23 maxlen: 23
94.140.5.0/24 maxlen: 24
89.147.104.0/22 maxlen: 22
83.229.28.0/23 maxlen: 23
185.212.7.0/24 maxlen: 24
185.126.33.0/24 maxlen: 24
195.85.6.0/23 maxlen: 23
91.208.213.0/24 maxlen: 24
89.35.228.0/24 maxlen: 24
195.158.236.0/23 maxlen: 23
2a10:13c0:da7a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:59:20:15:c2:01:5a:4f:8f:7d:29:de:9f:50:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=134efe7c541f5406dc7e0ff268d05582baefc996
Validity
Not Before: Jan 2 14:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=838f7f86dfd4424acea33fcd351070cb47c946e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7c:7a:6f:3f:da:e5:1b:05:30:78:bb:11:95:
63:2f:25:75:2f:b1:78:3a:9a:36:01:69:3c:9c:71:
e3:ec:9d:13:6f:76:6d:43:34:09:3e:5d:8e:85:26:
a4:ea:82:85:2d:06:a0:ee:da:35:b5:57:4b:24:eb:
59:9c:b3:44:91:51:cb:f0:f5:15:82:05:12:54:2f:
a3:03:13:11:56:ba:9f:50:c6:1d:be:ca:b3:86:b0:
10:df:23:59:a7:b8:67:48:b8:37:19:48:d7:df:31:
3d:55:a3:4c:a9:e3:1e:19:6e:6b:dc:f4:c0:17:62:
9c:ab:ff:2a:71:9c:a4:6e:cc:8b:e1:77:44:b7:86:
49:7a:b5:ea:39:6e:e2:fe:b0:a9:f8:de:4d:7f:d7:
4e:76:eb:19:bd:c8:3a:31:82:3c:a2:90:12:b0:a3:
4b:45:05:8c:dc:a2:cc:64:56:00:cb:73:15:99:18:
26:2f:42:d5:83:62:70:b6:e1:8a:5d:17:c6:d7:84:
c7:29:03:fe:bd:fb:59:81:4c:12:ac:9d:fa:18:81:
ec:b8:6e:a0:87:d5:af:b1:8b:b3:d9:b6:7f:57:ca:
3a:6d:ce:a6:86:cc:fa:43:8a:05:ae:c8:ad:79:56:
3d:17:75:e3:56:a9:03:a0:4d:17:cd:4f:30:f1:e5:
d3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8F:7F:86:DF:D4:42:4A:CE:A3:3F:CD:35:10:70:CB:47:C9:46:E3
X509v3 Authority Key Identifier:
keyid:13:4E:FE:7C:54:1F:54:06:DC:7E:0F:F2:68:D0:55:82:BA:EF:C9:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E07-fFQfVAbcfg_yaNBVgrrvyZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/g49_ht_UQkrOoz_NNRBwy0fJRuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/93d297-8038-4b9a-8f7b-b36491ee6ee4/1/E07-fFQfVAbcfg_yaNBVgrrvyZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.40.0/22
83.229.28.0/23
89.35.228.0/24
89.147.104.0/22
91.208.213.0/24
94.140.5.0-94.140.7.255
185.126.33.0/24
185.212.7.0/24
194.127.98.0/23
195.85.6.0/23
195.158.236.0/23
IPv6:
2a10:13c0:da7a::/48
Signature Algorithm: sha256WithRSAEncryption
7a:88:3f:b2:a1:3b:b1:0c:ed:af:83:6c:c3:58:57:71:ab:27:
15:74:36:db:ba:09:3a:b9:9d:bd:41:36:c2:0d:67:0f:22:4b:
88:82:3e:38:43:c1:fc:9b:d2:26:6a:c1:03:5c:07:7a:07:06:
d8:54:fa:0d:5b:52:7e:80:7e:99:1e:b4:37:b3:a0:f7:57:36:
e6:e8:15:b6:44:a6:69:8b:e2:4d:66:3f:dd:86:51:ac:03:bf:
4a:32:ae:ac:ca:38:08:99:c8:99:7b:89:43:21:f9:a4:53:b1:
ea:27:43:82:23:51:e3:2c:4f:c6:97:05:48:7c:c9:c3:de:aa:
2b:e4:cb:5a:cc:c9:ac:a3:b4:b7:f2:68:02:a0:82:d9:eb:d0:
a3:f4:e0:ff:e4:46:aa:dd:85:b9:e0:e0:39:b2:aa:3f:ac:df:
d9:68:91:79:00:7c:7a:b2:1d:ee:e7:79:ec:1f:9c:30:63:03:
99:8b:60:8a:3e:aa:7e:88:7b:d3:4d:3f:62:02:6e:bf:a8:96:
5b:38:fb:c4:10:41:1e:62:a3:5a:4f:00:3e:39:12:77:f3:46:
21:3d:02:b4:b5:9e:2f:86:f0:00:dd:7a:bf:e0:b7:ff:23:32:
72:0c:d5:a0:b9:52:5f:46:a5:35:63:40:00:6e:27:c6:de:52:
92:fe:94:f0
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzKmVkgFcIBWk+PfSnen1AnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNGVmZTdjNTQxZjU0MDZkYzdlMGZmMjY4ZDA1NTgyYmFl
ZmM5OTYwHhcNMjQwMTAyMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhmN2Y4NmRmZDQ0MjRhY2VhMzNmY2QzNTEwNzBjYjQ3Yzk0NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHx6bz/a5RsFMHi7EZVjLyV1L7F4
Opo2AWk8nHHj7J0Tb3ZtQzQJPl2OhSak6oKFLQag7to1tVdLJOtZnLNEkVHL8PUV
ggUSVC+jAxMRVrqfUMYdvsqzhrAQ3yNZp7hnSLg3GUjX3zE9VaNMqeMeGW5r3PTA
F2Kcq/8qcZykbsyL4XdEt4ZJerXqOW7i/rCp+N5Nf9dOdusZvcg6MYI8opASsKNL
RQWM3KLMZFYAy3MVmRgmL0LVg2JwtuGKXRfG14THKQP+vftZgUwSrJ36GIHsuG6g
h9WvsYuz2bZ/V8o6bc6mhsz6Q4oFrsiteVY9F3XjVqkDoE0XzU8w8eXT8QIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFIOPf4bf1EJKzqM/zTUQcMtHyUbjMB8GA1UdIwQY
MBaAFBNO/nxUH1QG3H4P8mjQVYK678mWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTA3LWZGUWZWQWJjZmdfeWFOQlZncnJ2eVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85M2QyOTctODAzOC00YjlhLThmN2It
YjM2NDkxZWU2ZWU0LzEvZzQ5X2h0X1VRa3JPb3pfTk5SQnd5MGZKUnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85M2QyOTctODAzOC00YjlhLThmN2ItYjM2NDkxZWU2ZWU0
LzEvRTA3LWZGUWZWQWJjZmdfeWFOQlZncnJ2eVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBQBAIAATBKAwQCLVsoAwQB
U+UcAwQAWSPkAwQCWZNoAwQAW9DVMAwDBABejAUDBANejAADBAC5fiEDBAC51AcD
BAHCf2IDBAHDVQYDBAHDnuwwDwQCAAIwCQMHACoQE8DaejANBgkqhkiG9w0BAQsF
AAOCAQEAeog/sqE7sQztr4Nsw1hXcasnFXQ227oJOrmdvUE2wg1nDyJLiII+OEPB
/JvSJmrBA1wHegcG2FT6DVtSfoB+mR60N7Og91c25ugVtkSmaYviTWY/3YZRrAO/
SjKurMo4CJnImXuJQyH5pFOx6idDgiNR4yxPxpcFSHzJw96qK+TLWszJrKO0t/Jo
AqCC2evQo/Tg/+RGqt2FueDgObKqP6zf2WiReQB8erId7ud57B+cMGMDmYtgij6q
foh7000/YgJuv6iWWzj7xBBBHmKjWk8APjkSd/NGIT0CtLWeL4bwAN16v+C3/yMy
cgzVoLlSX0alNWNAAG4nxt5Skv6U8A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:26:58 2024 by rpki-client on console-ams.rpki-client.org