Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/HYflJPuqhJpfjPxnEYIhO2a_9oY.roa
File: HYflJPuqhJpfjPxnEYIhO2a_9oY.roa (raw, json)
Hash identifier: c6zoSi2WmlLuwlR+cgA1Q46WnIVF1Fbuyye1qhSgMB8=
Subject key identifier: 1D:87:E5:24:FB:AA:84:9A:5F:8C:FC:67:11:82:21:3B:66:BF:F6:86
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 019096354F2F5B5F8D6B6D3C6B9026BFF8DF
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/HYflJPuqhJpfjPxnEYIhO2a_9oY.roa
Signing time: Tue 09 Jul 2024 06:36:34 +0000
ROA not before: Tue 09 Jul 2024 06:36:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4637
IP address blocks: 146.101.0.0/16 maxlen: 24
146.101.64.0/24 maxlen: 24
146.101.65.0/24 maxlen: 24
154.8.0.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
154.32.0.0/16 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
193.82.159.0/24 maxlen: 24
193.82.192.0/19 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.19.0/24 maxlen: 24
195.153.74.0/24 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.124.0/24 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:35:4f:2f:5b:5f:8d:6b:6d:3c:6b:90:26:bf:f8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jul 9 06:36:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d87e524fbaa849a5f8cfc671182213b66bff686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:e4:00:92:e0:1d:b7:08:db:8f:64:b0:c2:
d0:42:c6:1f:0e:7a:7c:72:93:2d:97:70:64:9b:98:
e5:18:14:63:45:ba:08:31:dc:04:00:07:83:02:27:
61:37:9f:4e:e4:9b:51:51:4a:93:2c:35:4d:01:09:
89:9e:ac:08:30:64:ca:df:2c:37:2a:fa:39:af:58:
0e:06:45:44:66:98:da:26:21:e4:5c:ed:9f:5b:95:
22:b3:25:3f:ab:bc:3a:fe:45:64:8c:b4:fb:6f:1b:
85:46:eb:a8:c2:f5:2b:06:9d:d6:4c:bc:9e:bd:e7:
05:62:92:9a:1c:26:7a:8b:0d:24:2a:49:b0:34:06:
1f:27:fc:68:26:09:0b:72:48:f8:73:b8:53:9e:44:
b5:1b:66:9c:bf:c7:e8:fe:49:49:7c:52:fb:5e:7f:
ef:bf:35:09:25:63:88:c1:c9:57:fd:f3:63:58:cf:
36:18:5d:d6:f7:b3:cc:16:3c:d1:22:97:67:70:d1:
c5:ab:e7:35:ca:90:89:53:4c:13:04:ef:04:9f:9c:
c9:0b:14:7e:7b:2a:f6:1d:cc:4e:9f:8d:b2:f0:53:
8c:bf:a0:e6:f7:bf:06:c0:74:b0:95:76:86:32:48:
76:08:0a:cd:30:ba:6c:46:85:16:30:20:b6:8d:d9:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:87:E5:24:FB:AA:84:9A:5F:8C:FC:67:11:82:21:3B:66:BF:F6:86
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/HYflJPuqhJpfjPxnEYIhO2a_9oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
45:2b:11:6b:01:30:dc:d1:f3:44:07:e0:d0:63:df:ec:1c:76:
df:63:dc:fe:64:65:f9:64:36:2c:3f:9a:49:fd:1e:a2:c9:2b:
2d:61:d2:5c:71:21:d9:16:ff:28:89:2f:ac:51:62:ba:40:b3:
70:67:7d:bb:7d:ee:59:69:1d:0a:b3:b6:9e:38:a6:cb:35:8f:
1c:52:60:50:d8:bb:e7:9c:5f:82:6b:cd:13:d6:8e:0d:5c:32:
2a:fc:e9:aa:63:b6:32:6e:3c:7e:99:b7:76:45:aa:4a:54:4b:
9a:1e:b3:3b:67:56:d9:1f:4b:15:35:87:43:c6:2c:b3:79:87:
8c:fc:04:a3:9f:29:fe:fd:b2:52:dd:27:ad:40:fb:9d:3a:41:
7b:c7:49:67:89:5f:2a:23:cd:20:cd:e7:6b:88:28:68:9a:5d:
8e:75:da:00:12:3e:97:34:34:6f:2a:5e:61:c3:ed:b1:7c:0c:
2f:4c:62:fa:1a:d1:51:e5:d2:95:50:0c:88:82:00:f1:b2:e5:
39:18:86:29:8c:08:38:b4:4b:15:bd:44:d5:ab:75:31:71:c8:
a3:4b:aa:77:28:5f:22:ef:51:48:99:f3:e8:ab:7a:2a:72:a8:
9d:18:94:4e:d1:47:61:67:41:c1:ae:7d:b8:d7:9f:72:50:67:
3f:b5:77:20
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZCWNU8vW1+Na208a5Amv/jfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjQwNzA5MDYzNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg3ZTUyNGZiYWE4NDlhNWY4Y2ZjNjcxMTgyMjEzYjY2YmZmNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZfkAJLgHbcI249ksMLQQsYfDnp8
cpMtl3Bkm5jlGBRjRboIMdwEAAeDAidhN59O5JtRUUqTLDVNAQmJnqwIMGTK3yw3
Kvo5r1gOBkVEZpjaJiHkXO2fW5UisyU/q7w6/kVkjLT7bxuFRuuowvUrBp3WTLye
vecFYpKaHCZ6iw0kKkmwNAYfJ/xoJgkLckj4c7hTnkS1G2acv8fo/klJfFL7Xn/v
vzUJJWOIwclX/fNjWM82GF3W97PMFjzRIpdncNHFq+c1ypCJU0wTBO8En5zJCxR+
eyr2HcxOn42y8FOMv6Dm978GwHSwlXaGMkh2CArNMLpsRoUWMCC2jdmdIwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFB2H5ST7qoSaX4z8ZxGCITtmv/aGMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvSFlmbEpQdXFoSnBmalB4bkVZSWhPMmFfOW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMEAMOZEwME
AMOZSgMEAsOZbAMEAMOZfAMEAcOZ2AMEBNmXIDANBAIAAjAHAwUAKgIWIDANBgkq
hkiG9w0BAQsFAAOCAQEARSsRawEw3NHzRAfg0GPf7Bx232Pc/mRl+WQ2LD+aSf0e
oskrLWHSXHEh2Rb/KIkvrFFiukCzcGd9u33uWWkdCrO2njimyzWPHFJgUNi755xf
gmvNE9aODVwyKvzpqmO2Mm48fpm3dkWqSlRLmh6zO2dW2R9LFTWHQ8Yss3mHjPwE
o58p/v2yUt0nrUD7nTpBe8dJZ4lfKiPNIM3na4goaJpdjnXaABI+lzQ0bypeYcPt
sXwML0xi+hrRUeXSlVAMiIIA8bLlORiGKYwIOLRLFb1E1at1MXHIo0uqdyhfIu9R
SJnz6Kt6KnKonRiUTtFHYWdBwa59uNefclBnP7V3IA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:55:50 2024 by rpki-client on console-ams.rpki-client.org