Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/HJCT8FQAmoYJWV7p00o2o5JDJRo.roa
File: HJCT8FQAmoYJWV7p00o2o5JDJRo.roa (raw, json)
Hash identifier: WQOwr4f9A9rh1CxIOLN8kIBNCPy0wKlUdThtQyhJsvg=
Subject key identifier: 1C:90:93:F0:54:00:9A:86:09:59:5E:E9:D3:4A:36:A3:92:43:25:1A
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 01910319BF3D130C76E41E4D164C10F976BF
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/HJCT8FQAmoYJWV7p00o2o5JDJRo.roa
Signing time: Tue 30 Jul 2024 10:05:04 +0000
ROA not before: Tue 30 Jul 2024 10:05:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198912
IP address blocks: 57.191.127.0/24 maxlen: 24
57.191.192.0/19 maxlen: 24
57.191.224.0/19 maxlen: 24
57.250.220.0/24 maxlen: 24
2a0a:90c2::/36 maxlen: 36
2a0a:90c2:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:19:bf:3d:13:0c:76:e4:1e:4d:16:4c:10:f9:76:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jul 30 10:05:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c9093f054009a8609595ee9d34a36a39243251a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:4f:8c:39:f1:6b:4b:4d:67:4b:d1:27:6e:
dc:dd:92:e6:a3:13:c8:ae:a0:ab:8e:a3:94:1b:64:
9b:b3:2a:03:0e:62:56:e6:c5:a6:2a:30:c8:25:67:
b7:10:8c:3b:c7:a9:3a:9a:b8:c2:3e:6b:61:be:1b:
bf:c3:4e:17:45:b3:98:2d:3f:d3:f7:f1:c9:e5:27:
9c:68:26:68:61:08:e1:25:45:2d:4c:c8:b4:71:bd:
a6:66:d2:63:df:47:15:82:30:e4:ff:50:f1:9f:f5:
97:cc:07:ff:3d:77:c2:7b:5e:1e:aa:18:76:24:2c:
3f:36:e3:8e:d2:0a:9d:40:64:ca:e4:80:29:6b:6a:
ca:b4:97:b6:72:4c:a4:e1:1a:4a:e5:b3:69:87:76:
c7:b6:ff:d3:6f:4d:04:20:d6:b7:50:2a:a4:99:72:
7e:d6:30:db:b4:9a:37:d2:36:dd:eb:2d:0c:67:58:
bc:2b:57:9c:33:8d:ea:69:79:06:ae:eb:bd:7f:53:
15:47:17:36:38:13:12:cb:67:5b:62:5a:a0:85:df:
62:83:c7:0d:86:a8:99:ec:f3:4c:3a:47:fe:8c:30:
85:39:f9:29:5b:a5:87:66:1b:61:29:9a:4c:d0:ca:
be:0e:b0:f2:f7:5d:b0:97:72:bb:7a:9c:b3:07:dd:
55:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:90:93:F0:54:00:9A:86:09:59:5E:E9:D3:4A:36:A3:92:43:25:1A
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/HJCT8FQAmoYJWV7p00o2o5JDJRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.191.127.0/24
57.191.192.0/18
57.250.220.0/24
IPv6:
2a0a:90c2::/35
Signature Algorithm: sha256WithRSAEncryption
05:c0:ce:33:19:f4:64:1b:74:64:c6:18:11:e3:ad:f6:a5:a8:
e2:08:92:34:c8:eb:4e:24:7b:b9:59:ea:bf:f9:5a:ba:1d:d1:
27:42:6f:f7:a6:93:89:75:bc:2f:f7:ce:3d:a1:c3:bf:3c:fa:
51:8d:14:7e:d9:0d:43:8c:54:fc:a0:2b:28:b2:1c:85:2b:80:
c6:e0:2e:a1:e1:cb:f2:d1:60:b3:23:99:dd:57:e9:93:90:d7:
d1:95:fa:9e:01:5b:37:08:4b:04:cc:25:d8:07:86:f9:3c:1c:
20:d4:47:63:4c:67:e5:b2:c8:93:13:1d:e3:23:fd:3e:98:d6:
9d:25:e4:60:eb:c0:74:bb:96:98:7e:e4:54:57:19:d6:c0:0d:
1c:29:fe:42:52:3d:80:f0:f0:7c:ba:db:49:b4:8a:97:a1:45:
59:be:ee:4b:22:83:68:32:9c:6e:f2:7a:2c:9b:cf:4b:3f:ae:
e1:ed:ad:14:72:6f:ad:05:56:65:42:12:74:7f:25:7f:8a:3f:
00:59:48:ef:6c:ce:32:ff:32:c4:14:a7:a7:fb:7b:3b:55:ab:
68:76:a5:53:f7:4b:22:73:c4:59:3a:52:92:80:26:ff:96:19:
78:87:7e:c4:f5:81:46:42:c4:eb:71:8c:5e:76:53:c2:3b:8f:
f2:70:7e:fd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZEDGb89Ewx25B5NFkwQ+Xa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwNzMwMTAwNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzkwOTNmMDU0MDA5YTg2MDk1OTVlZTlkMzRhMzZhMzkyNDMyNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpdPjDnxa0tNZ0vRJ27c3ZLmoxPI
rqCrjqOUG2SbsyoDDmJW5sWmKjDIJWe3EIw7x6k6mrjCPmthvhu/w04XRbOYLT/T
9/HJ5SecaCZoYQjhJUUtTMi0cb2mZtJj30cVgjDk/1Dxn/WXzAf/PXfCe14eqhh2
JCw/NuOO0gqdQGTK5IApa2rKtJe2ckyk4RpK5bNph3bHtv/Tb00EINa3UCqkmXJ+
1jDbtJo30jbd6y0MZ1i8K1ecM43qaXkGruu9f1MVRxc2OBMSy2dbYlqghd9ig8cN
hqiZ7PNMOkf+jDCFOfkpW6WHZhthKZpM0Mq+DrDy912wl3K7epyzB91VYQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFByQk/BUAJqGCVle6dNKNqOSQyUaMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvSEpDVDhGUUFtb1lKV1Y3cDAwbzJvNUpESlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAOb9/AwQG
Ob/AAwQAOfrcMA4EAgACMAgDBgUqCpDCADANBgkqhkiG9w0BAQsFAAOCAQEABcDO
Mxn0ZBt0ZMYYEeOt9qWo4giSNMjrTiR7uVnqv/lauh3RJ0Jv96aTiXW8L/fOPaHD
vzz6UY0UftkNQ4xU/KArKLIchSuAxuAuoeHL8tFgsyOZ3Vfpk5DX0ZX6ngFbNwhL
BMwl2AeG+TwcINRHY0xn5bLIkxMd4yP9PpjWnSXkYOvAdLuWmH7kVFcZ1sANHCn+
QlI9gPDwfLrbSbSKl6FFWb7uSyKDaDKcbvJ6LJvPSz+u4e2tFHJvrQVWZUISdH8l
f4o/AFlI72zOMv8yxBSnp/t7O1WraHalU/dLInPEWTpSkoAm/5YZeId+xPWBRkLE
63GMXnZTwjuP8nB+/Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:55:15 2024 by rpki-client on console-ams.rpki-client.org