Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/M89MQdx37fMtZS1HINz8vNUl1oI.roa
File: M89MQdx37fMtZS1HINz8vNUl1oI.roa (raw, json)
Hash identifier: /jEhNu9yHzeQxfAr/4l8QQSp799xVjHCYW/CYW93qIc=
Subject key identifier: 33:CF:4C:41:DC:77:ED:F3:2D:65:2D:47:20:DC:FC:BC:D5:25:D6:82
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 01904E4EA232BEBF090F90EA2D6762D0AB47
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/M89MQdx37fMtZS1HINz8vNUl1oI.roa
Signing time: Tue 25 Jun 2024 07:31:34 +0000
ROA not before: Tue 25 Jun 2024 07:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207614
IP address blocks: 45.128.236.0/22 maxlen: 24
185.133.4.0/22 maxlen: 24
185.238.84.0/22 maxlen: 24
185.238.85.0/24 maxlen: 24
185.238.86.0/24 maxlen: 24
2a0f:4200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:4e:a2:32:be:bf:09:0f:90:ea:2d:67:62:d0:ab:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Jun 25 07:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33cf4c41dc77edf32d652d4720dcfcbcd525d682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1b:99:17:5a:22:29:3c:e4:2f:20:0d:a6:c0:
b1:05:58:26:23:ad:d8:53:b1:43:ab:7f:4f:4e:1d:
1a:7c:3e:6f:91:ab:63:76:1f:62:10:0a:7d:66:eb:
d8:d1:31:f6:ab:6b:c0:ae:b5:fe:d4:2b:3a:88:cb:
3f:ce:f0:93:be:54:31:a5:d9:09:6a:bf:8f:c2:f0:
73:d1:7e:1b:f1:9a:39:a7:db:79:ba:88:3c:ea:92:
fc:6a:ec:b2:b2:67:30:7d:c7:46:66:cf:d2:3f:24:
f8:a9:bb:22:53:e8:b1:b5:16:22:ac:d3:ed:ec:f0:
42:75:ae:87:06:69:17:11:bd:50:0e:30:ae:6b:17:
cb:c2:46:1f:13:e9:07:75:c5:90:9a:d8:b4:82:dd:
3e:29:13:80:6e:5c:47:ad:34:ce:09:30:83:bb:ab:
c9:4a:cb:a9:fc:53:98:67:cb:d7:7b:bb:11:c2:8d:
79:b5:b4:bb:1f:16:c3:ad:c7:46:b7:2f:81:15:02:
fa:68:70:e0:d0:39:c1:cc:a0:ce:07:f2:31:13:b7:
31:ad:ff:43:a7:d3:b5:11:53:0d:2a:f7:8c:f6:10:
55:01:21:77:43:a7:5a:16:47:37:ca:be:16:02:a8:
b4:27:27:37:94:17:27:63:60:25:9f:42:aa:69:fc:
e5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CF:4C:41:DC:77:ED:F3:2D:65:2D:47:20:DC:FC:BC:D5:25:D6:82
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/M89MQdx37fMtZS1HINz8vNUl1oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.236.0/22
185.133.4.0/22
185.238.84.0/22
IPv6:
2a0f:4200::/29
Signature Algorithm: sha256WithRSAEncryption
74:32:13:91:2e:3a:f1:1e:02:b7:9b:26:db:79:0a:05:07:4b:
6f:a1:23:21:26:b6:ea:1c:2d:86:6b:8e:8f:5a:77:c3:6f:e7:
37:4a:1c:20:2d:3a:8a:f3:a1:51:00:d6:0a:09:20:fc:39:d9:
29:f8:64:7a:d6:6b:36:26:a4:3e:b0:21:ff:8e:45:ae:dc:5b:
cf:a9:b6:94:15:16:6b:a3:b6:ce:96:7d:2d:dc:d7:99:73:d3:
20:72:4f:14:fc:cd:aa:29:2e:3a:38:ef:a0:08:09:5f:a7:4a:
92:9c:8a:05:14:18:d3:c6:91:82:b5:ce:38:79:e5:97:c3:d8:
41:a5:ea:7e:0a:9a:4f:af:7a:b3:bc:ec:c4:71:e7:87:07:e0:
9e:86:4c:92:d9:91:33:82:3f:21:ec:2b:fc:c7:94:0e:c5:d7:
9b:c9:1e:db:ce:af:b6:70:34:eb:85:57:22:f4:00:c7:ac:ca:
2e:01:8b:f0:22:97:69:ef:af:8e:8d:7a:fd:98:b2:12:a5:26:
4c:f5:b9:f6:89:6b:28:65:47:f3:c2:65:3d:b6:3a:44:33:d6:
43:6f:12:5c:ce:dd:e1:5e:05:fb:c9:81:37:4e:3f:17:7f:8e:
60:de:b7:7c:24:e8:5c:b4:36:4b:8b:97:5a:a4:6a:4a:d4:c5:
80:d1:c8:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZBOTqIyvr8JD5DqLWdi0KtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjQwNjI1MDczMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2NmNGM0MWRjNzdlZGYzMmQ2NTJkNDcyMGRjZmNiY2Q1MjVkNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xuZF1oiKTzkLyANpsCxBVgmI63Y
U7FDq39PTh0afD5vkatjdh9iEAp9ZuvY0TH2q2vArrX+1Cs6iMs/zvCTvlQxpdkJ
ar+PwvBz0X4b8Zo5p9t5uog86pL8auyysmcwfcdGZs/SPyT4qbsiU+ixtRYirNPt
7PBCda6HBmkXEb1QDjCuaxfLwkYfE+kHdcWQmti0gt0+KROAblxHrTTOCTCDu6vJ
Ssup/FOYZ8vXe7sRwo15tbS7HxbDrcdGty+BFQL6aHDg0DnBzKDOB/IxE7cxrf9D
p9O1EVMNKveM9hBVASF3Q6daFkc3yr4WAqi0Jyc3lBcnY2Aln0KqafzlNQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDPPTEHcd+3zLWUtRyDc/LzVJdaCMB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvTTg5TVFkeDM3Zk10WlMxSElOejh2TlVsMW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYDsAwQC
uYUEAwQCue5UMA0EAgACMAcDBQMqD0IAMA0GCSqGSIb3DQEBCwUAA4IBAQB0MhOR
LjrxHgK3mybbeQoFB0tvoSMhJrbqHC2Ga46PWnfDb+c3ShwgLTqK86FRANYKCSD8
Odkp+GR61ms2JqQ+sCH/jkWu3FvPqbaUFRZro7bOln0t3NeZc9Mgck8U/M2qKS46
OO+gCAlfp0qSnIoFFBjTxpGCtc44eeWXw9hBpep+CppPr3qzvOzEceeHB+CehkyS
2ZEzgj8h7Cv8x5QOxdebyR7bzq+2cDTrhVci9ADHrMouAYvwIpdp76+OjXr9mLIS
pSZM9bn2iWsoZUfzwmU9tjpEM9ZDbxJczt3hXgX7yYE3Tj8Xf45g3rd8JOhctDZL
i5dapGpK1MWA0ci9
-----END CERTIFICATE-----
Generated at Sun Sep 29 02:00:50 2024 by rpki-client on console-ams.rpki-client.org