Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/V3HWMgvnxoIiWvaGEK35KxskN4M.roa
File: V3HWMgvnxoIiWvaGEK35KxskN4M.roa (raw, json)
Hash identifier: jm1B0O6vz3VVXp2aVO0KVI854bhNb3109n3/Og8AIuo=
Subject key identifier: 57:71:D6:32:0B:E7:C6:82:22:5A:F6:86:10:AD:F9:2B:1B:24:37:83
Certificate issuer: /CN=1fa8ac37f9695169627f75e098963396de9638cc
Certificate serial: 018CC26D19D46B1B9DFCB1B1CA7912DFE311
Authority key identifier: 1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/V3HWMgvnxoIiWvaGEK35KxskN4M.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51728
IP address blocks: 185.40.89.0/24 maxlen: 24
185.40.88.0/24 maxlen: 24
185.40.91.0/24 maxlen: 24
185.40.90.0/24 maxlen: 24
146.66.24.0/21 maxlen: 21
91.190.192.0/21 maxlen: 21
80.66.160.0/20 maxlen: 20
2a00:ac00::/32 maxlen: 32
2a00:ac01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 07:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:19:d4:6b:1b:9d:fc:b1:b1:ca:79:12:df:e3:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa8ac37f9695169627f75e098963396de9638cc
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5771d6320be7c682225af68610adf92b1b243783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:bf:4d:17:63:c7:90:21:36:ac:69:b7:70:
42:27:aa:62:8f:db:96:46:f1:73:57:cb:3f:1c:6c:
a7:4e:fb:49:29:ba:83:28:b8:2d:85:5e:62:81:be:
23:05:6e:ba:13:90:12:93:64:3c:fc:96:fd:df:34:
b2:92:dc:c1:fc:46:31:0c:5c:c5:4a:3b:38:08:60:
9d:e0:f6:1a:54:6a:98:07:48:29:a4:67:76:7a:bf:
7e:d9:8d:ad:93:e4:ee:81:c8:22:17:14:4f:d8:23:
1a:8b:4e:9b:b9:2a:0a:c7:f8:82:a7:46:92:7d:90:
87:2b:eb:58:a6:e5:4f:9d:d6:33:02:9e:36:ff:07:
7a:96:74:87:a7:f5:97:84:59:5b:d0:0e:b8:58:5b:
3b:67:57:e1:06:c8:25:21:af:de:14:54:ab:8e:13:
61:ce:fc:2a:ed:f1:0e:81:aa:0e:ea:3e:d2:74:de:
59:21:4a:69:80:bc:34:14:38:c1:4f:25:5b:2f:87:
cd:af:f1:d1:a1:ca:ca:b2:57:5b:4c:64:94:ad:43:
b1:f0:07:c6:93:fb:ea:ba:08:1c:9f:9a:0c:14:0b:
40:c9:37:e2:84:33:e0:b1:d6:31:e2:cb:3c:05:ee:
62:97:59:8e:77:c2:3f:e0:2b:7b:cf:fe:85:d6:db:
ce:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:71:D6:32:0B:E7:C6:82:22:5A:F6:86:10:AD:F9:2B:1B:24:37:83
X509v3 Authority Key Identifier:
keyid:1F:A8:AC:37:F9:69:51:69:62:7F:75:E0:98:96:33:96:DE:96:38:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6isN_lpUWlif3XgmJYzlt6WOMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/V3HWMgvnxoIiWvaGEK35KxskN4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/5bc1cc-d02c-48ee-9935-023b6c0793f1/1/H6isN_lpUWlif3XgmJYzlt6WOMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.160.0/20
91.190.192.0/21
146.66.24.0/21
185.40.88.0/22
IPv6:
2a00:ac00::/31
Signature Algorithm: sha256WithRSAEncryption
a0:10:98:21:32:eb:cb:8c:af:5c:8d:f3:36:d9:8e:86:8e:c8:
09:96:f1:fa:ab:19:4e:4b:36:af:48:45:68:5b:13:fb:16:83:
d4:6a:ce:ec:02:12:e7:e9:7a:48:ce:75:03:33:0a:4e:12:1e:
0a:8b:b3:61:82:86:38:09:17:8b:98:9d:7e:35:29:3e:f8:f2:
53:08:34:1a:28:79:6d:56:e7:3c:91:dc:fa:e4:dd:53:18:05:
b6:a6:94:09:5d:3c:e4:90:be:3c:78:f7:75:40:4d:f1:9e:0a:
c5:a1:2e:a3:0d:0e:3f:a1:92:99:b0:fb:cb:08:7e:35:25:f3:
b6:3f:8e:ee:29:53:07:be:46:5b:4d:14:e6:8e:7e:f0:49:54:
78:e1:e0:be:5a:eb:f8:2d:8e:3c:42:dd:71:cb:9f:6f:91:51:
6d:8d:bd:eb:bb:c8:e1:ec:ca:c0:81:8e:de:ef:e0:2f:d2:38:
17:a2:3b:2d:28:d8:f1:e1:ce:c7:45:36:3a:7a:e7:2b:44:da:
ad:37:0a:c4:e3:d6:0e:db:6d:08:4c:96:e6:8e:70:52:27:6b:
06:39:c9:56:11:28:77:bd:1b:8b:bc:97:ec:c7:9f:65:cd:35:
5e:17:23:58:3e:0d:c2:32:ce:9d:5a:27:54:ca:e2:cd:65:14:
81:49:9a:07
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbRnUaxud/LGxynkS3+MRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYThhYzM3Zjk2OTUxNjk2MjdmNzVlMDk4OTYzMzk2ZGU5
NjM4Y2MwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzcxZDYzMjBiZTdjNjgyMjI1YWY2ODYxMGFkZjkyYjFiMjQzNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsba/TRdjx5AhNqxpt3BCJ6pij9uW
RvFzV8s/HGynTvtJKbqDKLgthV5igb4jBW66E5ASk2Q8/Jb93zSyktzB/EYxDFzF
Sjs4CGCd4PYaVGqYB0gppGd2er9+2Y2tk+TugcgiFxRP2CMai06buSoKx/iCp0aS
fZCHK+tYpuVPndYzAp42/wd6lnSHp/WXhFlb0A64WFs7Z1fhBsglIa/eFFSrjhNh
zvwq7fEOgaoO6j7SdN5ZIUppgLw0FDjBTyVbL4fNr/HRocrKsldbTGSUrUOx8AfG
k/vquggcn5oMFAtAyTfihDPgsdYx4ss8Be5il1mOd8I/4Ct7z/6F1tvO8QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFdx1jIL58aCIlr2hhCt+SsbJDeDMB8GA1UdIwQY
MBaAFB+orDf5aVFpYn914JiWM5beljjMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZpc05fbHBVV2xpZjNYZ21KWXpsdDZXT013LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi81YmMxY2MtZDAyYy00OGVlLTk5MzUt
MDIzYjZjMDc5M2YxLzEvVjNIV01ndm54b0lpV3ZhR0VLMzVLeHNrTjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi81YmMxY2MtZDAyYy00OGVlLTk5MzUtMDIzYjZjMDc5M2Yx
LzEvSDZpc05fbHBVV2xpZjNYZ21KWXpsdDZXT013LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEKgAwQD
W77AAwQDkkIYAwQCuShYMA0EAgACMAcDBQEqAKwAMA0GCSqGSIb3DQEBCwUAA4IB
AQCgEJghMuvLjK9cjfM22Y6GjsgJlvH6qxlOSzavSEVoWxP7FoPUas7sAhLn6XpI
znUDMwpOEh4Ki7NhgoY4CReLmJ1+NSk++PJTCDQaKHltVuc8kdz65N1TGAW2ppQJ
XTzkkL48ePd1QE3xngrFoS6jDQ4/oZKZsPvLCH41JfO2P47uKVMHvkZbTRTmjn7w
SVR44eC+Wuv4LY48Qt1xy59vkVFtjb3ru8jh7MrAgY7e7+Av0jgXojstKNjx4c7H
RTY6eucrRNqtNwrE49YO220ITJbmjnBSJ2sGOclWESh3vRuLvJfsx59lzTVeFyNY
Pg3CMs6dWidUyuLNZRSBSZoH
-----END CERTIFICATE-----
Generated at Thu May 23 11:49:11 2024 by rpki-client on console-ams.rpki-client.org