Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/h-_HO7ltEUIaizV_k_7QYQmXsQY.roa
File: h-_HO7ltEUIaizV_k_7QYQmXsQY.roa (raw, json)
Hash identifier: pywYnMcbGoSgVxVP2r5A0HUEelAOaXvFvyqMzWimmJs=
Subject key identifier: 87:EF:C7:3B:B9:6D:11:42:1A:8B:35:7F:93:FE:D0:61:09:97:B1:06
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 019144CA75C0F56BB324687F701C922369E7
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/h-_HO7ltEUIaizV_k_7QYQmXsQY.roa
Signing time: Mon 12 Aug 2024 04:13:24 +0000
ROA not before: Mon 12 Aug 2024 04:13:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21282
IP address blocks: 80.241.0.0/20 maxlen: 20
80.241.1.0/24 maxlen: 24
80.241.2.0/24 maxlen: 24
80.241.3.0/24 maxlen: 24
80.241.4.0/24 maxlen: 24
2a01:7640::/38 maxlen: 38
2a01:7640::/48 maxlen: 48
2a01:7640::/64 maxlen: 64
2a01:7640:0:1::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:44:ca:75:c0:f5:6b:b3:24:68:7f:70:1c:92:23:69:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Aug 12 04:13:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87efc73bb96d11421a8b357f93fed0610997b106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:45:62:80:0b:01:13:7e:93:82:35:a9:f6:c2:
8f:19:43:1e:e6:c4:6a:bb:b2:82:4e:6b:cb:07:4b:
96:e1:02:20:27:12:79:26:ce:e5:d3:30:28:60:a3:
fe:38:bd:4b:f0:cc:ef:52:d3:f6:90:78:bc:e1:5e:
e8:ab:38:0c:a3:aa:b5:f3:75:6d:48:ff:58:78:a2:
07:dc:e9:0e:38:e8:5d:e7:d6:a4:60:57:f5:6f:c2:
3a:94:75:c6:51:41:68:0d:5b:1e:a4:82:0a:57:a6:
bf:3e:4d:75:bb:05:48:59:0f:ae:ec:ac:d3:0b:56:
12:39:e2:db:3f:a4:af:c2:3a:9b:53:19:16:fa:dc:
d4:35:4a:b9:e4:1f:c5:28:d9:eb:4c:e0:77:db:74:
94:10:30:43:d5:5e:f0:bb:c9:90:9e:f2:fb:ea:f4:
19:67:6f:fa:2f:eb:e3:5b:5b:16:cc:aa:d7:d1:a8:
96:20:06:02:17:c0:9f:b4:33:99:a0:97:2f:a8:f5:
f5:5f:4f:82:8f:b6:9d:2e:e5:a0:fb:42:6c:2e:6e:
8c:01:5a:47:43:f4:5f:26:35:19:62:b0:27:f9:40:
16:17:2b:2b:16:ce:0f:ea:3c:28:5f:b0:31:b8:c4:
a5:b4:c1:07:94:73:27:14:d7:b5:54:03:1a:a7:e7:
4f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EF:C7:3B:B9:6D:11:42:1A:8B:35:7F:93:FE:D0:61:09:97:B1:06
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/h-_HO7ltEUIaizV_k_7QYQmXsQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.0.0/20
IPv6:
2a01:7640::/38
Signature Algorithm: sha256WithRSAEncryption
57:5d:65:49:23:70:29:d3:b3:ad:af:68:56:2f:30:91:4a:ae:
a3:d3:cd:d5:47:bf:0a:05:4a:2c:51:56:75:4d:71:25:ef:79:
8f:bc:b8:22:a4:d8:f9:87:ff:ed:3a:2a:39:6d:8e:fd:94:02:
9a:ca:07:61:b0:4a:9f:e0:e9:cb:99:19:22:86:98:c1:63:49:
a9:c1:cf:5e:5a:ab:fb:35:af:47:35:09:23:af:28:d9:26:82:
eb:76:20:d6:e8:60:6a:cb:00:ec:32:c8:9f:4a:8c:9b:bb:c5:
7c:79:73:57:d8:80:8c:f4:83:4f:03:23:83:08:e7:5a:db:b9:
5d:81:74:37:64:2c:9c:cf:b1:54:cd:c8:21:f9:80:d4:d0:0e:
1a:be:6f:cb:f8:51:69:60:ea:e6:d3:82:2d:12:7d:24:4e:0d:
76:db:23:91:73:08:b4:79:11:af:31:f3:4f:bb:cd:a5:4a:dd:
06:50:6c:6c:a7:66:9e:52:41:a9:e4:9d:2f:29:d1:29:a2:18:
ce:c4:bd:2f:ba:0a:f9:b2:d1:94:d0:38:95:c5:c9:70:e4:c2:
c9:06:4b:03:27:f3:a8:57:c5:2f:eb:5e:5e:bc:16:d3:21:d4:
29:de:b3:3f:92:3b:44:22:c4:ab:ea:a3:1c:6c:ce:ef:25:28:
8e:59:7c:49
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZFEynXA9WuzJGh/cBySI2nnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGVjNjQxMDUxYjAyNmI5NWM4NDU5MTUwY2E0N2RkYWVj
ODk2NjgwHhcNMjQwODEyMDQxMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VmYzczYmI5NmQxMTQyMWE4YjM1N2Y5M2ZlZDA2MTA5OTdiMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUVigAsBE36TgjWp9sKPGUMe5sRq
u7KCTmvLB0uW4QIgJxJ5Js7l0zAoYKP+OL1L8MzvUtP2kHi84V7oqzgMo6q183Vt
SP9YeKIH3OkOOOhd59akYFf1b8I6lHXGUUFoDVsepIIKV6a/Pk11uwVIWQ+u7KzT
C1YSOeLbP6SvwjqbUxkW+tzUNUq55B/FKNnrTOB323SUEDBD1V7wu8mQnvL76vQZ
Z2/6L+vjW1sWzKrX0aiWIAYCF8CftDOZoJcvqPX1X0+Cj7adLuWg+0JsLm6MAVpH
Q/RfJjUZYrAn+UAWFysrFs4P6jwoX7AxuMSltMEHlHMnFNe1VAMap+dPMwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIfvxzu5bRFCGos1f5P+0GEJl7EGMB8GA1UdIwQY
MBaAFJTexkEFGwJrlchFkVDKR92uyJZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYt
OWVhNjQ4NjJhOWFiLzEvaC1fSE83bHRFVUlhaXpWX2tfN1FZUW1Yc1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYtOWVhNjQ4NjJhOWFi
LzEvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEUPEAMA4E
AgACMAgDBgIqAXZAADANBgkqhkiG9w0BAQsFAAOCAQEAV11lSSNwKdOzra9oVi8w
kUquo9PN1Ue/CgVKLFFWdU1xJe95j7y4IqTY+Yf/7ToqOW2O/ZQCmsoHYbBKn+Dp
y5kZIoaYwWNJqcHPXlqr+zWvRzUJI68o2SaC63Yg1uhgassA7DLIn0qMm7vFfHlz
V9iAjPSDTwMjgwjnWtu5XYF0N2QsnM+xVM3IIfmA1NAOGr5vy/hRaWDq5tOCLRJ9
JE4NdtsjkXMItHkRrzHzT7vNpUrdBlBsbKdmnlJBqeSdLynRKaIYzsS9L7oK+bLR
lNA4lcXJcOTCyQZLAyfzqFfFL+teXrwW0yHUKd6zP5I7RCLEq+qjHGzO7yUojll8
SQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:52 2024 by rpki-client on console-fra.rpki-client.org