Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/HHTwwpsvtf9Dtb5GPgQHe2AgXZE.roa
File: HHTwwpsvtf9Dtb5GPgQHe2AgXZE.roa (raw, json)
Hash identifier: Gc1Zc7ubmxDea80uNmIji5aPnCH7HAS5zVmdWHdT6Hw=
Subject key identifier: 1C:74:F0:C2:9B:2F:B5:FF:43:B5:BE:46:3E:04:07:7B:60:20:5D:91
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 018CC6B7A2169953BEAFC8B547A57EACA1A6
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/HHTwwpsvtf9Dtb5GPgQHe2AgXZE.roa
Signing time: Mon 01 Jan 2024 20:29:32 +0000
ROA not before: Mon 01 Jan 2024 20:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49352
IP address blocks: 213.189.195.0/24 maxlen: 24
213.189.193.0/24 maxlen: 24
213.189.199.0/24 maxlen: 24
213.189.194.0/24 maxlen: 24
188.93.213.0/24 maxlen: 24
188.93.208.0/23 maxlen: 23
188.93.215.0/24 maxlen: 24
188.93.214.0/24 maxlen: 24
178.21.14.0/23 maxlen: 23
178.21.13.0/24 maxlen: 24
178.21.12.0/22 maxlen: 22
178.21.12.0/24 maxlen: 24
185.38.16.0/24 maxlen: 24
185.38.17.0/24 maxlen: 24
185.38.18.0/24 maxlen: 24
185.38.19.0/24 maxlen: 24
194.67.64.0/24 maxlen: 24
194.67.75.0/24 maxlen: 24
194.67.76.0/23 maxlen: 23
176.99.4.0/24 maxlen: 24
176.99.9.0/24 maxlen: 24
176.99.5.0/24 maxlen: 24
176.99.7.0/24 maxlen: 24
176.99.8.0/24 maxlen: 24
176.99.6.0/24 maxlen: 24
176.99.5.190/32 maxlen: 32
188.93.209.127/32 maxlen: 32
194.67.106.0/24 maxlen: 24
188.93.208.172/32 maxlen: 32
178.21.9.0/24 maxlen: 24
62.113.93.0/24 maxlen: 24
2a02:f20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a2:16:99:53:be:af:c8:b5:47:a5:7e:ac:a1:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Jan 1 20:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c74f0c29b2fb5ff43b5be463e04077b60205d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:c6:ce:df:9c:7f:8b:e3:08:3d:50:2e:b4:
b3:7f:b9:51:4a:91:0d:5a:ba:64:94:4c:0f:f0:d6:
45:fd:48:8d:ff:45:b6:d5:6e:3d:1b:a8:20:79:d1:
a6:03:23:b7:03:73:02:6e:72:b6:45:00:04:e0:64:
1b:e7:0c:7f:c9:e9:14:15:f7:8c:87:22:07:29:d9:
36:e1:aa:18:28:61:e2:96:35:a0:9d:90:20:5c:c3:
ee:e7:ae:e2:d3:ed:68:27:d0:c7:3b:3e:05:f6:3f:
5b:fa:3c:ba:5d:80:e7:d7:d8:03:95:70:8d:b2:b3:
89:60:7f:54:5c:1f:91:11:69:29:82:1e:5a:a4:9c:
3b:76:05:ef:57:4e:f3:2a:ac:da:7b:b9:37:f7:e5:
6a:23:98:b6:14:d2:6b:b3:09:0e:b5:0e:bf:37:48:
85:16:cc:9c:a1:dc:19:cb:23:4b:bc:3f:5c:b6:8a:
17:17:d7:6a:ac:6c:e1:ae:c9:49:60:03:cf:d0:10:
dd:5a:49:1c:41:aa:9b:46:51:5e:f9:70:ae:4f:c9:
38:86:b6:9a:34:68:2b:b4:f6:9f:08:35:44:e2:c6:
ab:ff:f6:c7:46:8d:86:b8:6b:2f:76:80:f2:b9:9d:
bf:63:f1:b5:11:9f:1a:7a:83:95:2a:1a:a7:42:9f:
73:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:74:F0:C2:9B:2F:B5:FF:43:B5:BE:46:3E:04:07:7B:60:20:5D:91
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/HHTwwpsvtf9Dtb5GPgQHe2AgXZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.93.0/24
176.99.4.0-176.99.9.255
178.21.9.0/24
178.21.12.0/22
185.38.16.0/22
188.93.208.0/23
188.93.213.0-188.93.215.255
194.67.64.0/24
194.67.75.0-194.67.77.255
194.67.106.0/24
213.189.193.0-213.189.195.255
213.189.199.0/24
IPv6:
2a02:f20::/32
Signature Algorithm: sha256WithRSAEncryption
e1:a9:00:bf:c8:c4:f3:e2:a7:20:10:36:25:e9:90:1d:b5:1d:
05:64:80:ba:76:10:4d:1a:19:06:e8:57:74:d9:dc:36:1c:72:
1c:9a:20:2d:1e:84:67:4e:07:df:78:fb:b2:7d:d8:d5:1b:f2:
35:c1:82:24:84:fa:dd:27:f6:fb:34:28:ae:db:9d:6b:bd:b5:
93:60:c7:6c:9c:e0:ac:a7:65:97:87:ea:29:66:41:20:6c:6f:
77:43:61:37:c1:e9:74:68:ee:0b:a6:4f:14:13:77:e9:69:be:
0f:5e:2b:1e:5e:5b:d3:b7:7b:4b:70:ad:03:f5:3f:a3:7a:e1:
73:76:8c:38:d4:b9:ad:53:e1:18:a4:a8:43:f6:85:83:d9:1f:
43:46:53:9a:4c:fb:0b:42:37:32:ed:2c:41:05:b6:8d:03:f6:
f3:c2:a6:91:38:98:21:4e:65:c3:4e:3a:d7:2c:f6:da:66:2f:
7c:a2:ca:aa:fd:1e:f1:63:fb:b8:15:34:28:b6:8d:c2:3e:2c:
0c:dc:f2:18:9d:00:1e:8c:1a:fc:20:ed:b6:67:c0:29:71:e6:
58:33:82:7b:9d:0a:f5:07:af:77:4e:09:2e:86:88:d0:de:21:
7b:ab:e8:9a:77:c2:e8:d5:72:ef:ac:47:c8:67:3f:a2:6d:a7:
48:f2:e5:2a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYzGt6IWmVO+r8i1R6V+rKGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjQwMTAxMjAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzc0ZjBjMjliMmZiNWZmNDNiNWJlNDYzZTA0MDc3YjYwMjA1ZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEDGzt+cf4vjCD1QLrSzf7lRSpEN
WrpklEwP8NZF/UiN/0W21W49G6ggedGmAyO3A3MCbnK2RQAE4GQb5wx/yekUFfeM
hyIHKdk24aoYKGHiljWgnZAgXMPu567i0+1oJ9DHOz4F9j9b+jy6XYDn19gDlXCN
srOJYH9UXB+REWkpgh5apJw7dgXvV07zKqzae7k39+VqI5i2FNJrswkOtQ6/N0iF
FsycodwZyyNLvD9ctooXF9dqrGzhrslJYAPP0BDdWkkcQaqbRlFe+XCuT8k4hraa
NGgrtPafCDVE4sar//bHRo2GuGsvdoDyuZ2/Y/G1EZ8aeoOVKhqnQp9ziwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFBx08MKbL7X/Q7W+Rj4EB3tgIF2RMB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEvSEhUd3dwc3Z0ZjlEdGI1R1BnUUhlMkFnWFpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAA+cV0w
DAMEArBjBAMEAbBjCAMEALIVCQMEArIVDAMEArkmEAMEAbxd0DAMAwQAvF3VAwQD
vF3QAwQAwkNAMAwDBADCQ0sDBAHCQ0wDBADCQ2owDAMEANW9wQMEAtW9wAMEANW9
xzANBAIAAjAHAwUAKgIPIDANBgkqhkiG9w0BAQsFAAOCAQEA4akAv8jE8+KnIBA2
JemQHbUdBWSAunYQTRoZBuhXdNncNhxyHJogLR6EZ04H33j7sn3Y1RvyNcGCJIT6
3Sf2+zQortuda721k2DHbJzgrKdll4fqKWZBIGxvd0NhN8HpdGjuC6ZPFBN36Wm+
D14rHl5b07d7S3CtA/U/o3rhc3aMONS5rVPhGKSoQ/aFg9kfQ0ZTmkz7C0I3Mu0s
QQW2jQP288KmkTiYIU5lw0461yz22mYvfKLKqv0e8WP7uBU0KLaNwj4sDNzyGJ0A
Howa/CDttmfAKXHmWDOCe50K9Qevd04JLoaI0N4he6vomnfC6NVy76xHyGc/om2n
SPLlKg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:53:35 2024 by rpki-client on console-fra.rpki-client.org