Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KHHPxCCj3A3pQVpBPDaSolz_xp8.roa
File: KHHPxCCj3A3pQVpBPDaSolz_xp8.roa (raw, json)
Hash identifier: 8CJr7ZLSORKIR1YAI/iMdg3K8P8X4pPPyAIYjasEnHM=
Subject key identifier: 28:71:CF:C4:20:A3:DC:0D:E9:41:5A:41:3C:36:92:A2:5C:FF:C6:9F
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018FEE2E12B0A29FDE6759236531FD6BC29A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KHHPxCCj3A3pQVpBPDaSolz_xp8.roa
Signing time: Thu 06 Jun 2024 15:32:27 +0000
ROA not before: Thu 06 Jun 2024 15:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204997
IP address blocks: 45.144.64.0/24 maxlen: 24
45.144.65.0/24 maxlen: 24
45.144.66.0/24 maxlen: 24
45.144.67.0/24 maxlen: 24
46.17.104.0/24 maxlen: 24
91.217.81.0/24 maxlen: 24
139.28.222.0/24 maxlen: 24
139.28.223.0/24 maxlen: 24
147.78.64.0/24 maxlen: 24
147.78.65.0/24 maxlen: 24
147.78.66.0/24 maxlen: 24
147.78.67.0/24 maxlen: 24
185.17.3.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.104.249.0/24 maxlen: 24
185.139.68.0/24 maxlen: 24
185.139.69.0/24 maxlen: 24
185.139.70.0/24 maxlen: 24
185.139.71.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
185.180.231.0/24 maxlen: 24
185.188.182.0/24 maxlen: 24
185.188.183.0/24 maxlen: 24
185.195.24.0/24 maxlen: 24
185.195.25.0/24 maxlen: 24
185.195.26.0/24 maxlen: 24
185.195.27.0/24 maxlen: 24
185.204.0.0/24 maxlen: 24
185.204.2.0/24 maxlen: 24
185.204.3.0/24 maxlen: 24
185.212.148.0/24 maxlen: 24
185.244.172.0/24 maxlen: 24
185.244.173.0/24 maxlen: 24
185.252.146.0/24 maxlen: 24
185.252.147.0/24 maxlen: 24
185.255.132.0/24 maxlen: 24
185.255.133.0/24 maxlen: 24
185.255.134.0/24 maxlen: 24
185.255.135.0/24 maxlen: 24
193.109.78.0/24 maxlen: 24
193.109.79.0/24 maxlen: 24
195.66.114.0/24 maxlen: 24
2a04:5200:ff00::/48 maxlen: 48
2a04:5200:ff10::/48 maxlen: 48
2a04:5200:fff1::/48 maxlen: 48
2a04:5200:fff2::/48 maxlen: 48
2a04:5200:fff3::/48 maxlen: 48
2a04:5200:fff4::/48 maxlen: 48
2a04:5200:fff5::/48 maxlen: 48
2a04:5200:fff6::/48 maxlen: 48
2a04:5200:fff7::/48 maxlen: 48
2a04:5200:fff8::/48 maxlen: 48
2a04:5200:fff9::/48 maxlen: 48
2a04:5200:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ee:2e:12:b0:a2:9f:de:67:59:23:65:31:fd:6b:c2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 6 15:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2871cfc420a3dc0de9415a413c3692a25cffc69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8c:dd:1e:d1:b5:59:a3:ef:86:7e:de:ea:5f:
3a:ee:1f:35:33:c2:39:2f:8b:c6:a0:83:65:7e:38:
01:9b:e7:33:6d:38:a3:f0:bf:79:75:b9:4f:77:82:
7f:68:01:fd:74:3a:f7:7c:41:ba:61:e5:c5:0c:71:
54:bf:18:8e:51:cd:17:ed:44:18:9f:b3:59:40:9c:
2f:72:c7:32:32:5e:8c:f1:b6:88:a3:a5:71:0f:36:
e8:88:75:bb:e0:f9:48:67:9c:35:5b:bc:8f:d9:e8:
05:09:64:ee:47:55:89:cc:31:74:cf:a3:fb:39:14:
50:83:99:8c:e0:e4:bd:93:d6:af:b5:85:03:6c:23:
ef:f3:f7:67:e5:2e:0f:78:6c:2b:3a:da:b6:ac:c1:
6e:3b:7a:7d:4e:7f:57:a7:ce:04:91:10:cd:3a:ed:
b1:90:60:3c:9d:91:dc:85:71:96:9c:12:a1:d4:23:
ad:2a:e6:11:80:71:15:bb:20:29:ed:9b:42:b9:82:
3d:d8:4d:e3:72:70:92:d2:bf:e1:5d:7a:54:9e:18:
6c:5b:50:27:8c:2f:1d:81:98:bd:39:b5:4a:81:34:
f6:a9:ba:8d:3d:71:5d:da:1e:fc:3d:4d:4c:97:c8:
d8:a6:0f:78:24:ec:45:5b:eb:44:75:0d:77:2d:dc:
c3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:71:CF:C4:20:A3:DC:0D:E9:41:5A:41:3C:36:92:A2:5C:FF:C6:9F
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KHHPxCCj3A3pQVpBPDaSolz_xp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.64.0/22
46.17.104.0/24
91.217.81.0/24
139.28.222.0/23
147.78.64.0/22
185.17.3.0/24
185.104.248.0/23
185.139.68.0/22
185.180.230.0/23
185.188.182.0/23
185.195.24.0/22
185.204.0.0/24
185.204.2.0/23
185.212.148.0/24
185.244.172.0/23
185.252.146.0/23
185.255.132.0/22
193.109.78.0/23
195.66.114.0/24
IPv6:
2a04:5200:ff00::/48
2a04:5200:ff10::/48
2a04:5200:fff1::-2a04:5200:fff9:ffff:ffff:ffff:ffff:ffff
2a04:5200:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
73:21:66:33:88:59:e8:44:6a:0b:b0:f5:8f:1f:11:cb:71:f7:
17:c4:e0:0e:dc:bd:f4:88:a4:0c:d0:f0:27:13:54:c4:d6:50:
b1:d8:98:2d:f8:44:aa:af:50:f4:bf:1c:b0:f4:f3:69:85:fb:
80:20:78:f2:4f:d2:50:6d:fc:84:e4:0e:55:15:92:08:4e:52:
cf:cf:21:b3:a8:ad:1c:97:33:ad:70:f5:e5:53:65:f5:43:15:
42:a1:c7:96:bd:10:08:96:39:19:5e:1a:4c:50:d7:73:1f:97:
30:90:c7:03:06:61:c8:2a:4b:03:13:13:b0:e5:58:45:cf:df:
91:5f:71:81:e1:10:44:4c:39:c5:31:f4:56:d1:21:b8:7c:3e:
c8:6f:05:4b:d4:ac:f6:d3:95:3e:fa:5b:be:ef:2b:06:5e:e2:
27:cc:fe:cd:ca:bd:58:1e:d1:95:25:d9:9e:97:eb:60:02:8d:
6c:91:f6:8b:27:b0:66:b9:52:68:1f:65:7b:a1:6f:a8:b9:44:
dd:07:57:91:8c:ac:fb:26:b3:41:7a:8e:58:06:49:f3:b6:01:
f3:cd:09:cd:f1:78:dc:c4:4e:3c:95:63:e2:a3:3c:05:84:70:
b9:26:26:31:ac:b8:6d:95:a6:1b:00:e3:cd:91:8b:6b:af:3d:
a4:ff:3d:cf
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY/uLhKwop/eZ1kjZTH9a8KaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNjA2MTUzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODcxY2ZjNDIwYTNkYzBkZTk0MTVhNDEzYzM2OTJhMjVjZmZjNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYzdHtG1WaPvhn7e6l867h81M8I5
L4vGoINlfjgBm+czbTij8L95dblPd4J/aAH9dDr3fEG6YeXFDHFUvxiOUc0X7UQY
n7NZQJwvcscyMl6M8baIo6VxDzboiHW74PlIZ5w1W7yP2egFCWTuR1WJzDF0z6P7
ORRQg5mM4OS9k9avtYUDbCPv8/dn5S4PeGwrOtq2rMFuO3p9Tn9Xp84EkRDNOu2x
kGA8nZHchXGWnBKh1COtKuYRgHEVuyAp7ZtCuYI92E3jcnCS0r/hXXpUnhhsW1An
jC8dgZi9ObVKgTT2qbqNPXFd2h78PU1Ml8jYpg94JOxFW+tEdQ13LdzDowIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFChxz8Qgo9wN6UFaQTw2kqJc/8afMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvS0hIUHhDQ2ozQTNwUVZwQlBEYVNvbHpfeHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB4BAIAATByAwQCLZBA
AwQALhFoAwQAW9lRAwQBixzeAwQCk05AAwQAuREDAwQBuWj4AwQCuYtEAwQBubTm
AwQBuby2AwQCucMYAwQAucwAAwQBucwCAwQAudSUAwQBufSsAwQBufySAwQCuf+E
AwQBwW1OAwQAw0JyMDUEAgACMC8DBwAqBFIA/wADBwAqBFIA/xAwEgMHACoEUgD/
8QMHASoEUgD/+AMHACoEUgD//zANBgkqhkiG9w0BAQsFAAOCAQEAcyFmM4hZ6ERq
C7D1jx8Ry3H3F8TgDty99IikDNDwJxNUxNZQsdiYLfhEqq9Q9L8csPTzaYX7gCB4
8k/SUG38hOQOVRWSCE5Sz88hs6itHJczrXD15VNl9UMVQqHHlr0QCJY5GV4aTFDX
cx+XMJDHAwZhyCpLAxMTsOVYRc/fkV9xgeEQREw5xTH0VtEhuHw+yG8FS9Ss9tOV
Pvpbvu8rBl7iJ8z+zcq9WB7RlSXZnpfrYAKNbJH2iyewZrlSaB9le6FvqLlE3QdX
kYys+yazQXqOWAZJ87YB880JzfF43MROPJVj4qM8BYRwuSYmMay4bZWmGwDjzZGL
a689pP89zw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:03:03 2024 by rpki-client on console-ams.rpki-client.org