Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/HmeEwSJz_v3hoRtH0uuRY4abuYA.roa
File: HmeEwSJz_v3hoRtH0uuRY4abuYA.roa (raw, json)
Hash identifier: SnvWuydpRzEc/tNo/HW2c8fpdOmpRbeT8RPEytQyLwk=
Subject key identifier: 1E:67:84:C1:22:73:FE:FD:E1:A1:1B:47:D2:EB:91:63:86:9B:B9:80
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 0192E3984A39511947CE0CF5E0CAC73C7549
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/HmeEwSJz_v3hoRtH0uuRY4abuYA.roa
Signing time: Thu 31 Oct 2024 17:21:01 +0000
ROA not before: Thu 31 Oct 2024 17:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
2a0d:280::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e3:98:4a:39:51:19:47:ce:0c:f5:e0:ca:c7:3c:75:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Oct 31 17:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e6784c12273fefde1a11b47d2eb9163869bb980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1f:95:5a:f3:59:62:cd:92:e3:5a:4f:08:4e:
b4:80:d1:f0:1b:37:ae:2a:5f:a6:25:ed:46:0b:5b:
69:a4:74:32:ab:02:d8:c0:79:9e:4c:8c:e7:a7:ac:
a9:dc:53:89:39:c0:8e:72:96:5b:38:90:77:95:fe:
4f:1c:4c:81:be:3a:66:5e:8b:2f:eb:19:82:ef:84:
ef:73:6c:a4:b5:7d:46:fc:78:00:9f:06:7f:44:21:
bd:d6:4e:98:f3:b9:be:75:d8:ab:d4:c9:8d:1d:e9:
b3:40:36:e4:93:7c:de:9f:59:01:8a:2d:fb:4e:44:
fd:87:7b:b8:eb:57:c6:47:15:20:04:43:12:8e:0b:
ee:27:2c:ab:2c:3a:a2:b7:5f:eb:76:ba:5c:d2:38:
68:a5:1d:de:48:29:83:39:36:ea:56:6e:7f:d6:9b:
e8:be:78:4f:60:dd:7c:92:e8:f1:16:0d:e5:c1:95:
41:33:80:72:a7:43:4f:79:58:17:88:e2:61:58:63:
ab:dc:c0:18:ab:8b:53:ee:2c:e9:06:ea:ee:d1:63:
58:90:e4:77:b7:2c:71:38:bf:0e:53:55:26:0c:c2:
e2:52:b1:44:c8:9a:75:ef:7d:16:84:51:ab:df:80:
c5:ce:e2:15:74:a9:69:99:ff:25:5b:e8:08:a0:c6:
41:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:67:84:C1:22:73:FE:FD:E1:A1:1B:47:D2:EB:91:63:86:9B:B9:80
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/HmeEwSJz_v3hoRtH0uuRY4abuYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0/23
193.3.191.0/24
IPv6:
2a0d:280::/48
Signature Algorithm: sha256WithRSAEncryption
2b:d1:1b:f6:cf:47:8e:f6:8b:0f:f0:05:a7:f4:16:d7:c3:6f:
26:34:c4:9b:30:de:a4:f9:17:b1:2b:ce:1e:f4:38:e3:a3:2b:
82:ab:3c:9c:ff:27:d0:70:18:b5:06:ac:ff:b0:32:06:b3:8f:
4c:2b:bc:c9:02:de:5c:83:c7:25:9d:90:59:76:96:3f:48:9b:
d4:7a:e8:fd:69:21:1f:e6:44:28:d0:ed:8a:73:78:64:9c:75:
9d:83:d9:35:b5:f2:9e:2c:4a:5e:25:55:5a:05:fc:00:83:f5:
43:e6:37:b0:b7:90:ca:62:54:1a:91:de:f6:66:d4:47:76:4a:
26:ae:4f:60:2c:76:f1:3b:70:b9:55:c3:43:00:a2:fb:e8:f4:
ba:09:0c:03:6e:45:86:87:02:09:ef:df:64:36:b0:4e:ae:82:
f8:86:a4:02:75:e4:6a:50:31:75:c6:9b:1f:ab:06:0f:22:3c:
64:2c:93:8c:72:89:19:7c:d4:94:22:ed:16:ac:30:76:02:ad:
b0:2e:33:7b:d5:98:6e:0c:b8:a8:1b:64:d4:b9:da:f7:81:5a:
17:04:05:01:b5:70:69:13:be:ac:b3:9b:92:e7:3e:d8:ab:87:
a5:87:ec:01:58:1f:98:68:6e:dd:18:d5:07:96:f4:bb:fb:0c:
f7:54:06:d9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZLjmEo5URlHzgz14MrHPHVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjQxMDMxMTcyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY3ODRjMTIyNzNmZWZkZTFhMTFiNDdkMmViOTE2Mzg2OWJiOTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR+VWvNZYs2S41pPCE60gNHwGzeu
Kl+mJe1GC1tppHQyqwLYwHmeTIznp6yp3FOJOcCOcpZbOJB3lf5PHEyBvjpmXosv
6xmC74Tvc2yktX1G/HgAnwZ/RCG91k6Y87m+ddir1MmNHemzQDbkk3zen1kBii37
TkT9h3u461fGRxUgBEMSjgvuJyyrLDqit1/rdrpc0jhopR3eSCmDOTbqVm5/1pvo
vnhPYN18kujxFg3lwZVBM4Byp0NPeVgXiOJhWGOr3MAYq4tT7izpBuru0WNYkOR3
tyxxOL8OU1UmDMLiUrFEyJp1730WhFGr34DFzuIVdKlpmf8lW+gIoMZBAQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB5nhMEic/794aEbR9LrkWOGm7mAMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvSG1lRXdTSnpfdjNob1J0SDB1dVJZNGFidVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBufMoAwQA
wQO/MA8EAgACMAkDBwAqDQKAAAAwDQYJKoZIhvcNAQELBQADggEBACvRG/bPR472
iw/wBaf0FtfDbyY0xJsw3qT5F7Erzh70OOOjK4KrPJz/J9BwGLUGrP+wMgazj0wr
vMkC3lyDxyWdkFl2lj9Im9R66P1pIR/mRCjQ7YpzeGScdZ2D2TW18p4sSl4lVVoF
/ACD9UPmN7C3kMpiVBqR3vZm1Ed2SiauT2AsdvE7cLlVw0MAovvo9LoJDANuRYaH
Agnv32Q2sE6ugviGpAJ15GpQMXXGmx+rBg8iPGQsk4xyiRl81JQi7RasMHYCrbAu
M3vVmG4MuKgbZNS52veBWhcEBQG1cGkTvqyzm5LnPtirh6WH7AFYH5hobt0Y1QeW
9Lv7DPdUBtk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:22 2024 by rpki-client on console-fra.rpki-client.org