Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/HLE4yP5PmaZ6WD3K6P5i3rbE1ko.roa
File: HLE4yP5PmaZ6WD3K6P5i3rbE1ko.roa (raw, json)
Hash identifier: ltpHmqdXLj7OtssznNeEcF2uByieb3WPy550Rxzt5Lc=
Subject key identifier: 1C:B1:38:C8:FE:4F:99:A6:7A:58:3D:CA:E8:FE:62:DE:B6:C4:D6:4A
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 01924993FF3EF725BF30A2999EB7DF99E1F5
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/HLE4yP5PmaZ6WD3K6P5i3rbE1ko.roa
Signing time: Tue 01 Oct 2024 19:34:48 +0000
ROA not before: Tue 01 Oct 2024 19:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35600
IP address blocks: 91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
185.48.132.0/22 maxlen: 24
185.49.123.0/24 maxlen: 24
185.56.176.0/22 maxlen: 22
194.117.246.0/23 maxlen: 23
2001:67c:184c::/48 maxlen: 48
2a00:4780::/32 maxlen: 32
2a02:5520::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.mft
rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:49:93:ff:3e:f7:25:bf:30:a2:99:9e:b7:df:99:e1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Oct 1 19:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cb138c8fe4f99a67a583dcae8fe62deb6c4d64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f4:2e:b8:b5:5c:d5:02:98:dc:51:e5:af:2b:
ae:29:49:55:33:78:43:8e:2f:ef:ff:b5:2e:6f:8c:
8e:4b:32:02:58:88:7d:72:8b:a1:99:e8:73:0c:00:
b6:bf:f3:29:37:23:00:8b:03:2d:24:30:2f:bb:79:
34:2a:49:b9:71:74:5f:6b:ae:17:24:77:40:09:b1:
c5:ba:d5:18:ae:cc:38:c5:e4:79:80:99:63:26:96:
99:50:8a:4b:70:86:26:8a:88:10:05:bc:39:85:17:
2a:da:67:83:c3:c4:c1:2d:19:89:ea:88:45:76:0b:
12:91:f1:cd:96:df:8b:47:9c:9f:63:96:21:40:f8:
4b:e7:21:58:aa:05:c5:c6:7f:a0:1b:92:41:2c:2f:
c8:3e:29:43:81:36:da:f3:7b:bd:04:31:c5:b0:d8:
fb:f7:ec:ae:23:5c:5d:ca:2a:b6:c4:4f:86:ad:68:
12:c9:6d:b0:a9:cd:8a:f9:f0:56:a3:d7:48:0b:75:
e4:15:cc:58:07:26:a3:39:36:37:cb:b4:3b:f7:18:
7b:c0:01:a2:f4:4f:ab:39:b9:7b:dd:47:5b:0c:e8:
91:9e:14:5d:bf:bb:68:aa:8c:37:cb:50:50:56:5b:
e6:0c:31:e8:0b:1c:26:f7:20:28:26:b4:0f:36:44:
4a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B1:38:C8:FE:4F:99:A6:7A:58:3D:CA:E8:FE:62:DE:B6:C4:D6:4A
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/HLE4yP5PmaZ6WD3K6P5i3rbE1ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.49.123.0/24
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
67:97:17:ff:e8:7a:49:07:68:2a:a8:f6:e5:6a:cd:96:89:c0:
2a:3d:81:ba:a7:29:68:09:e5:1b:fd:67:b2:d6:70:fe:25:42:
7e:af:18:01:a7:46:1f:33:2b:61:df:ab:75:f1:55:21:77:97:
73:98:95:1d:47:23:36:f5:cb:23:e0:79:b6:66:cc:6f:45:49:
c5:79:70:aa:7d:bb:85:64:56:56:93:01:f2:87:0d:16:81:38:
fd:d1:58:54:f1:57:89:8c:2e:52:d2:47:3d:8d:16:3f:e2:78:
f7:ff:44:f4:60:38:7e:b2:f3:bd:12:4a:f1:19:26:6a:d8:2b:
41:b0:0f:74:c1:ea:3f:53:e2:d7:43:e2:53:a7:fc:3d:0c:4c:
86:80:5b:b6:40:d3:9c:a0:ce:89:6d:72:d7:0d:8f:3d:95:35:
4b:13:02:d2:51:be:a8:4a:bd:ce:32:5c:66:97:48:6b:55:eb:
80:2f:13:f7:ca:a7:ce:99:5a:84:58:74:95:a0:75:b2:6a:89:
f4:2d:0b:26:f1:26:7a:fe:34:6b:73:e4:2b:e0:ce:88:d5:8a:
28:9e:06:2a:cf:e5:d7:c1:99:8f:04:61:b0:28:07:fd:20:78:
08:79:64:f5:88:db:25:a5:66:52:03:06:b6:42:d8:9d:03:6f:
13:1b:d8:95
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZJJk/8+9yW/MKKZnrffmeH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjQxMDAxMTkzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IxMzhjOGZlNGY5OWE2N2E1ODNkY2FlOGZlNjJkZWI2YzRkNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfQuuLVc1QKY3FHlryuuKUlVM3hD
ji/v/7Uub4yOSzICWIh9couhmehzDAC2v/MpNyMAiwMtJDAvu3k0Kkm5cXRfa64X
JHdACbHFutUYrsw4xeR5gJljJpaZUIpLcIYmiogQBbw5hRcq2meDw8TBLRmJ6ohF
dgsSkfHNlt+LR5yfY5YhQPhL5yFYqgXFxn+gG5JBLC/IPilDgTba83u9BDHFsNj7
9+yuI1xdyiq2xE+GrWgSyW2wqc2K+fBWo9dIC3XkFcxYByajOTY3y7Q79xh7wAGi
9E+rObl73UdbDOiRnhRdv7toqow3y1BQVlvmDDHoCxwm9yAoJrQPNkRKYQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFByxOMj+T5mmelg9yuj+Yt62xNZKMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvSExFNHlQNVBtYVo2V0QzSzZQNWkzcmJFMWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAqBAIAATAkAwQBW91cAwQB
W91qAwQCuTCEAwQAuTF7AwQCuTiwAwQBwnX2MCQEAgACMB4DBwAgAQZ8GEwDBQAq
AEeAAwUAKgJVIAMFAyoOrIAwDQYJKoZIhvcNAQELBQADggEBAGeXF//oekkHaCqo
9uVqzZaJwCo9gbqnKWgJ5Rv9Z7LWcP4lQn6vGAGnRh8zK2Hfq3XxVSF3l3OYlR1H
Izb1yyPgebZmzG9FScV5cKp9u4VkVlaTAfKHDRaBOP3RWFTxV4mMLlLSRz2NFj/i
ePf/RPRgOH6y870SSvEZJmrYK0GwD3TB6j9T4tdD4lOn/D0MTIaAW7ZA05ygzolt
ctcNjz2VNUsTAtJRvqhKvc4yXGaXSGtV64AvE/fKp86ZWoRYdJWgdbJqifQtCybx
Jnr+NGtz5CvgzojViiieBirP5dfBmY8EYbAoB/0geAh5ZPWI2yWlZlIDBrZC2J0D
bxMb2JU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:15 2024 by rpki-client on console-fra.rpki-client.org