Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/HdI-woqhyf2m6j2XcjGhe8o41S0.roa
File: HdI-woqhyf2m6j2XcjGhe8o41S0.roa (raw, json)
Hash identifier: IKj6pTv8BUzohJYXl1246xoLDwmMjvI6WjUdZMWci9c=
Subject key identifier: 1D:D2:3E:C2:8A:A1:C9:FD:A6:EA:3D:97:72:31:A1:7B:CA:38:D5:2D
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0190727F87C046EDAE8F2D91B7C84BD72114
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/HdI-woqhyf2m6j2XcjGhe8o41S0.roa
Signing time: Tue 02 Jul 2024 08:11:18 +0000
ROA not before: Tue 02 Jul 2024 08:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.182.72.0/22 maxlen: 24
45.136.32.0/22 maxlen: 24
45.146.224.0/22 maxlen: 24
45.149.117.0/24 maxlen: 24
45.149.118.0/24 maxlen: 24
77.81.167.0/24 maxlen: 24
92.114.36.0/24 maxlen: 24
92.114.53.0/24 maxlen: 24
92.114.83.0/24 maxlen: 24
141.98.36.0/22 maxlen: 24
141.98.52.0/22 maxlen: 24
185.44.28.0/22 maxlen: 24
185.94.248.0/22 maxlen: 24
185.114.64.0/22 maxlen: 24
185.123.136.0/22 maxlen: 24
185.126.232.0/22 maxlen: 24
185.128.192.0/22 maxlen: 24
185.150.80.0/22 maxlen: 24
185.151.176.0/22 maxlen: 24
185.198.108.0/22 maxlen: 24
185.230.0.0/22 maxlen: 24
185.248.208.0/22 maxlen: 24
193.39.216.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:7f:87:c0:46:ed:ae:8f:2d:91:b7:c8:4b:d7:21:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jul 2 08:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dd23ec28aa1c9fda6ea3d977231a17bca38d52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d0:32:9b:bc:d0:7b:4e:be:55:31:a6:64:50:
54:60:b1:17:79:e7:8d:db:c9:f3:bf:8a:eb:cd:9d:
4e:6d:56:4e:80:55:85:dd:2c:03:77:ce:90:6c:b0:
7c:64:87:d7:f9:1d:9e:f7:dc:54:6c:b9:85:6f:e9:
de:4e:8b:f2:c1:d8:87:16:91:0b:8d:3a:98:6c:a4:
19:9b:ae:12:cf:eb:f8:fc:5c:54:f2:85:49:fe:b7:
31:4a:ed:fd:a2:f2:9d:d4:fa:6c:ae:3c:56:eb:05:
0e:93:05:e9:39:71:a8:d0:1f:ac:ff:74:59:3f:a7:
9b:a6:68:82:95:91:ab:3d:b4:ae:1f:a6:1a:af:4f:
88:de:ae:19:0e:7e:54:5f:ea:2f:14:1c:6a:fb:c8:
c5:e0:e3:97:70:f1:90:8f:3b:84:91:b5:85:6c:9f:
fb:8b:14:65:76:b2:b4:21:38:a8:49:72:78:ac:87:
dc:ea:45:97:02:ac:d2:95:64:8d:d4:17:77:e1:28:
20:2a:66:1a:24:fa:24:de:27:91:ad:fd:6f:94:ab:
83:69:a4:8a:51:2d:6b:81:98:e0:69:87:d6:8b:3c:
80:4d:c6:6a:ce:29:a6:78:22:61:16:03:8f:26:de:
db:63:15:3d:3e:20:a0:d9:14:67:72:d7:8c:f1:c5:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D2:3E:C2:8A:A1:C9:FD:A6:EA:3D:97:72:31:A1:7B:CA:38:D5:2D
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/HdI-woqhyf2m6j2XcjGhe8o41S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.72.0/22
45.136.32.0/22
45.146.224.0/22
45.149.117.0-45.149.118.255
77.81.167.0/24
92.114.36.0/24
92.114.53.0/24
92.114.83.0/24
141.98.36.0/22
141.98.52.0/22
185.44.28.0/22
185.94.248.0/22
185.114.64.0/22
185.123.136.0/22
185.126.232.0/22
185.128.192.0/22
185.150.80.0/22
185.151.176.0/22
185.198.108.0/22
185.230.0.0/22
185.248.208.0/22
193.39.216.0/22
Signature Algorithm: sha256WithRSAEncryption
51:20:08:d0:65:1e:50:55:22:35:93:9d:b0:0e:a3:5e:fc:de:
f1:e2:f2:e8:6b:9a:fb:8a:3b:74:3d:d2:e1:3b:34:7d:c4:14:
ed:f5:70:fb:3f:79:b4:ee:82:eb:87:81:0c:64:c3:9e:f6:51:
f3:0c:3d:76:ad:4f:dc:5c:99:6b:2a:39:c1:0b:4c:36:04:b2:
69:92:52:3f:47:9d:38:73:5f:60:9d:20:4c:90:b8:ee:9d:8f:
85:d6:ad:36:ef:3b:2f:86:2d:8b:ce:08:31:0c:f6:53:22:91:
c7:09:2c:e1:7a:ef:e0:37:3d:ed:cf:83:32:fd:78:61:01:5d:
81:be:cc:9a:60:c1:8c:4d:a2:b8:cd:2d:ab:5d:5e:a7:9d:6b:
59:7d:b7:ce:77:e7:0d:69:aa:06:04:41:fb:9c:4b:ce:cb:c0:
48:dc:96:44:f4:e0:7e:67:79:a9:e9:05:9f:33:b2:73:da:69:
3e:40:dc:01:6c:47:dc:70:fb:4b:56:1f:96:b8:85:0c:11:1c:
1d:bb:59:42:ca:50:47:4e:53:d5:14:f3:2b:fa:cd:30:cb:ff:
ba:75:3c:0a:ba:28:c3:1d:fe:38:89:07:c4:90:ea:1b:bd:19:
84:61:63:a3:de:84:3c:e0:96:3f:08:88:b1:0f:b6:9c:28:99:
68:fd:99:58
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZByf4fARu2ujy2Rt8hL1yEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwNzAyMDgxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQyM2VjMjhhYTFjOWZkYTZlYTNkOTc3MjMxYTE3YmNhMzhkNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9Aym7zQe06+VTGmZFBUYLEXeeeN
28nzv4rrzZ1ObVZOgFWF3SwDd86QbLB8ZIfX+R2e99xUbLmFb+neTovywdiHFpEL
jTqYbKQZm64Sz+v4/FxU8oVJ/rcxSu39ovKd1PpsrjxW6wUOkwXpOXGo0B+s/3RZ
P6ebpmiClZGrPbSuH6Yar0+I3q4ZDn5UX+ovFBxq+8jF4OOXcPGQjzuEkbWFbJ/7
ixRldrK0ITioSXJ4rIfc6kWXAqzSlWSN1Bd34SggKmYaJPok3ieRrf1vlKuDaaSK
US1rgZjgaYfWizyATcZqzimmeCJhFgOPJt7bYxU9PiCg2RRncteM8cUB/QIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFB3SPsKKocn9puo9l3IxoXvKONUtMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvSGRJLXdvcWh5ZjJtNmoyWGNqR2hlOG80MVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAIF
tkgDBAItiCADBAItkuAwDAMEAC2VdQMEAC2VdgMEAE1RpwMEAFxyJAMEAFxyNQME
AFxyUwMEAo1iJAMEAo1iNAMEArksHAMEArle+AMEArlyQAMEArl7iAMEArl+6AME
ArmAwAMEArmWUAMEArmXsAMEArnGbAMEArnmAAMEArn40AMEAsEn2DANBgkqhkiG
9w0BAQsFAAOCAQEAUSAI0GUeUFUiNZOdsA6jXvze8eLy6Gua+4o7dD3S4Ts0fcQU
7fVw+z95tO6C64eBDGTDnvZR8ww9dq1P3FyZayo5wQtMNgSyaZJSP0edOHNfYJ0g
TJC47p2PhdatNu87L4Yti84IMQz2UyKRxwks4Xrv4Dc97c+DMv14YQFdgb7MmmDB
jE2iuM0tq11ep51rWX23znfnDWmqBgRB+5xLzsvASNyWRPTgfmd5qekFnzOyc9pp
PkDcAWxH3HD7S1YflriFDBEcHbtZQspQR05T1RTzK/rNMMv/unU8Croowx3+OIkH
xJDqG70ZhGFjo96EPOCWPwiIsQ+2nCiZaP2ZWA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:10 2024 by rpki-client on console-fra.rpki-client.org