Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/HGBM8GjXUx3lgxqRxAbMWDqEw04.roa
File: HGBM8GjXUx3lgxqRxAbMWDqEw04.roa (raw, json)
Hash identifier: iz8Ub8EFmzrdsNcEG50M90poRSbixzTEf/r4OBbsHZQ=
Subject key identifier: 1C:60:4C:F0:68:D7:53:1D:E5:83:1A:91:C4:06:CC:58:3A:84:C3:4E
Certificate issuer: /CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Certificate serial: 018E64FBC4DB29A7DC69CE98939DE2A9683D
Authority key identifier: 03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/HGBM8GjXUx3lgxqRxAbMWDqEw04.roa
Signing time: Fri 22 Mar 2024 07:06:45 +0000
ROA not before: Fri 22 Mar 2024 07:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50920
IP address blocks: 81.16.24.0/22 maxlen: 24
92.39.160.0/20 maxlen: 24
185.64.60.0/22 maxlen: 24
193.28.91.0/24 maxlen: 24
193.28.229.0/24 maxlen: 24
193.151.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:64:fb:c4:db:29:a7:dc:69:ce:98:93:9d:e2:a9:68:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0330d772ba83225bed588ccd1c5c96af03b3770f
Validity
Not Before: Mar 22 07:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c604cf068d7531de5831a91c406cc583a84c34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:9b:ca:53:2e:59:99:b7:11:92:6c:5e:68:
91:d2:bf:cb:36:77:47:fc:60:3b:51:38:89:dc:b2:
3d:06:7d:84:d3:70:9f:fd:4a:88:c1:c0:82:00:09:
7c:a6:ae:ad:df:b9:e2:da:f2:31:55:c2:00:e0:f3:
c1:3d:74:89:b0:2c:de:90:34:b6:d1:03:d3:b0:50:
76:b5:cb:b9:8f:cf:8f:a3:96:bf:71:f6:a6:98:8f:
fd:0b:39:b3:13:fe:11:0e:f3:3d:ad:7f:86:2a:b1:
70:b4:d0:4a:cd:c9:78:01:9f:06:f9:16:26:e6:7e:
28:1f:7f:e8:ba:cc:93:f9:93:d9:d7:f5:04:60:b8:
bd:88:14:a1:1b:3f:99:8e:11:99:54:92:cd:55:2f:
ee:ef:54:3f:9a:5e:0a:a2:63:c6:89:4d:66:89:84:
8a:4c:c3:7b:87:78:d8:44:57:c6:a1:74:2e:bd:a6:
3e:fb:47:5a:ab:96:e6:7f:a9:81:ae:13:fe:75:c0:
0b:95:98:b6:a3:fb:46:f7:3c:07:61:38:3c:f1:89:
b9:fd:dc:84:46:42:dc:e9:6c:49:7c:c4:f6:dc:cf:
c2:98:8d:be:2f:32:53:86:10:45:21:af:6b:0c:8a:
56:7e:11:cf:3a:e8:7a:65:d5:9b:f0:83:67:4a:a1:
8c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:60:4C:F0:68:D7:53:1D:E5:83:1A:91:C4:06:CC:58:3A:84:C3:4E
X509v3 Authority Key Identifier:
keyid:03:30:D7:72:BA:83:22:5B:ED:58:8C:CD:1C:5C:96:AF:03:B3:77:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AzDXcrqDIlvtWIzNHFyWrwOzdw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/HGBM8GjXUx3lgxqRxAbMWDqEw04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48cbcb-50de-4838-a887-7e451c80d56f/1/AzDXcrqDIlvtWIzNHFyWrwOzdw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.16.24.0/22
92.39.160.0/20
185.64.60.0/22
193.28.91.0/24
193.28.229.0/24
193.151.60.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:f6:71:15:fc:81:79:6e:d3:f2:78:60:9d:d3:4c:8e:08:34:
99:18:4e:4a:51:88:6d:58:2a:3b:d5:8e:8e:aa:28:59:91:bf:
e5:ce:2e:7e:e4:58:12:ab:33:96:fb:bb:26:19:e9:c3:df:3b:
73:64:d6:f0:16:b9:3c:e1:ff:a6:79:af:20:b7:2b:7c:2d:db:
b7:9d:fa:fc:70:94:6c:21:c3:fa:10:b2:66:f7:b4:74:70:95:
aa:b6:6a:96:bd:58:9c:6b:11:a1:1e:7f:30:0e:e4:15:0f:cf:
41:07:19:3d:09:79:1d:e7:cb:9d:79:d1:64:73:7a:1a:bf:01:
b4:ef:d3:fe:78:0b:7f:a8:91:e1:75:bc:ad:90:4c:9d:31:3d:
6d:0a:5f:fb:ce:f0:f9:4e:dd:cf:d1:66:03:4b:d3:ba:da:58:
e4:72:90:fa:68:36:52:49:46:f8:73:75:3e:78:d0:5c:9d:ea:
28:48:96:86:21:06:fa:e5:c6:05:66:79:96:45:21:91:08:c1:
9a:f8:db:40:b4:d6:97:e6:50:3c:0c:74:d4:fb:bc:c7:85:82:
1c:eb:e3:a2:cc:7c:d9:10:88:23:02:cb:23:21:42:38:3c:57:
bf:e0:60:a7:55:67:c0:56:af:f4:b3:15:70:27:cb:3e:d3:b6:
7b:82:29:b6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY5k+8TbKafcac6Yk53iqWg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMzBkNzcyYmE4MzIyNWJlZDU4OGNjZDFjNWM5NmFmMDNi
Mzc3MGYwHhcNMjQwMzIyMDcwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzYwNGNmMDY4ZDc1MzFkZTU4MzFhOTFjNDA2Y2M1ODNhODRjMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX+bylMuWZm3EZJsXmiR0r/LNndH
/GA7UTiJ3LI9Bn2E03Cf/UqIwcCCAAl8pq6t37ni2vIxVcIA4PPBPXSJsCzekDS2
0QPTsFB2tcu5j8+Po5a/cfammI/9CzmzE/4RDvM9rX+GKrFwtNBKzcl4AZ8G+RYm
5n4oH3/ousyT+ZPZ1/UEYLi9iBShGz+ZjhGZVJLNVS/u71Q/ml4KomPGiU1miYSK
TMN7h3jYRFfGoXQuvaY++0daq5bmf6mBrhP+dcALlZi2o/tG9zwHYTg88Ym5/dyE
RkLc6WxJfMT23M/CmI2+LzJThhBFIa9rDIpWfhHPOuh6ZdWb8INnSqGMywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBxgTPBo11Md5YMakcQGzFg6hMNOMB8GA1UdIwQY
MBaAFAMw13K6gyJb7ViMzRxclq8Ds3cPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODct
N2U0NTFjODBkNTZmLzEvSEdCTThHalhVeDNsZ3hxUnhBYk1XRHFFdzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGNiY2ItNTBkZS00ODM4LWE4ODctN2U0NTFjODBkNTZm
LzEvQXpEWGNycURJbHZ0V0l6TkhGeVdyd096ZHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCURAYAwQE
XCegAwQCuUA8AwQAwRxbAwQAwRzlAwQCwZc8MA0GCSqGSIb3DQEBCwUAA4IBAQBr
9nEV/IF5btPyeGCd00yOCDSZGE5KUYhtWCo71Y6OqihZkb/lzi5+5FgSqzOW+7sm
GenD3ztzZNbwFrk84f+mea8gtyt8Ldu3nfr8cJRsIcP6ELJm97R0cJWqtmqWvVic
axGhHn8wDuQVD89BBxk9CXkd58udedFkc3oavwG079P+eAt/qJHhdbytkEydMT1t
Cl/7zvD5Tt3P0WYDS9O62ljkcpD6aDZSSUb4c3U+eNBcneooSJaGIQb65cYFZnmW
RSGRCMGa+NtAtNaX5lA8DHTU+7zHhYIc6+OizHzZEIgjAssjIUI4PFe/4GCnVWfA
Vq/0sxVwJ8s+07Z7gim2
-----END CERTIFICATE-----
Generated at Fri Dec 27 20:56:17 2024 by rpki-client on console-fra.rpki-client.org