Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HNuTe20Dcr6vmEUn2DDNB1-oIAI.roa
File: HNuTe20Dcr6vmEUn2DDNB1-oIAI.roa (raw, json)
Hash identifier: dxEgHair37ta4NOEcnQnkJVAqZSw35Vb4WXeHIIrtqQ=
Subject key identifier: 1C:DB:93:7B:6D:03:72:BE:AF:98:45:27:D8:30:CD:07:5F:A8:20:02
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0191C297EFDA8A888763A6BF0901C40B0C0D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HNuTe20Dcr6vmEUn2DDNB1-oIAI.roa
Signing time: Thu 05 Sep 2024 14:30:22 +0000
ROA not before: Thu 05 Sep 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3399
IP address blocks: 192.36.22.0/24 maxlen: 24
192.36.208.0/24 maxlen: 24
192.165.178.0/23 maxlen: 23
193.180.23.0/24 maxlen: 24
193.180.96.0/22 maxlen: 22
193.180.164.0/23 maxlen: 23
193.181.248.0/22 maxlen: 22
193.182.111.0/24 maxlen: 24
193.183.116.0/24 maxlen: 24
194.68.170.0/23 maxlen: 23
194.68.170.0/24 maxlen: 24
194.68.171.0/24 maxlen: 24
194.68.220.0/23 maxlen: 23
194.71.216.0/23 maxlen: 23
194.71.216.0/24 maxlen: 24
194.71.217.0/24 maxlen: 24
194.103.80.0/22 maxlen: 22
194.132.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:97:ef:da:8a:88:87:63:a6:bf:09:01:c4:0b:0c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 5 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cdb937b6d0372beaf984527d830cd075fa82002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:24:08:e4:d1:a4:de:ac:f1:d2:3e:f8:dd:06:
d2:2c:ad:9a:41:0c:47:59:4f:e8:c1:d8:27:ab:51:
83:ab:cd:33:5f:a8:ca:a7:4d:7c:5a:ee:24:e3:14:
1a:6b:6c:84:ba:12:51:7c:e3:86:b9:cd:8d:e4:26:
60:a0:ee:7a:52:28:e8:09:4b:62:99:62:ce:8c:66:
b9:47:75:7d:82:b4:a6:5d:fb:88:c3:3f:3e:10:7a:
fe:52:4d:8c:45:dc:54:89:1b:a3:ad:72:ce:b9:9e:
31:d2:e7:18:ae:0b:e7:83:ea:d1:64:8b:76:24:c9:
1e:6f:b6:b5:a8:58:d8:2e:f8:5a:db:23:68:0b:5c:
14:de:5b:43:d9:80:f8:3d:a1:69:e2:f9:29:c5:e0:
a8:88:dd:29:94:81:22:d4:ea:9e:d4:d6:b8:fd:73:
86:10:82:1b:9f:d0:ff:f8:13:91:37:68:7e:b2:28:
8a:8f:85:e2:b0:bc:cc:bc:ba:e8:88:72:d1:c8:54:
d2:23:4e:7b:b5:55:2b:e3:07:18:03:f0:f9:58:90:
ec:f7:72:57:91:bf:c1:40:64:09:73:a2:bc:dc:11:
f7:6c:86:d2:8c:ba:4d:11:3e:14:9d:e9:d3:f6:09:
a9:0d:8e:21:34:32:14:61:21:8d:66:f0:49:24:9a:
5a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DB:93:7B:6D:03:72:BE:AF:98:45:27:D8:30:CD:07:5F:A8:20:02
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HNuTe20Dcr6vmEUn2DDNB1-oIAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.22.0/24
192.36.208.0/24
192.165.178.0/23
193.180.23.0/24
193.180.96.0/22
193.180.164.0/23
193.181.248.0/22
193.182.111.0/24
193.183.116.0/24
194.68.170.0/23
194.68.220.0/23
194.71.216.0/23
194.103.80.0/22
194.132.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:0d:c1:c0:f8:9a:b1:48:37:12:18:80:a4:32:ea:8a:d3:c6:
45:f8:db:21:e6:20:82:52:9f:79:8a:f6:a5:9b:05:36:60:e6:
89:43:22:f8:86:4f:33:3f:a0:03:59:30:37:93:36:c0:ac:98:
4e:77:11:9e:ee:22:be:44:a9:87:47:b3:be:84:15:49:e8:38:
d0:f1:82:db:3c:a7:7d:0c:7a:ef:0e:cd:1d:47:9d:aa:93:a2:
b5:be:aa:92:0d:e1:51:a3:56:e5:48:f6:e6:bc:07:a3:a0:64:
57:2a:6d:6b:49:e0:38:a1:cf:d4:98:12:23:4f:c4:e3:e1:38:
85:af:26:8f:d3:b3:76:2b:d2:7d:ce:45:70:46:db:aa:17:e5:
13:c6:b7:b3:82:11:fe:7d:e5:28:1b:1e:01:7f:6a:f2:3e:a3:
97:e7:96:c3:04:6d:85:c7:f8:b4:3f:97:83:61:70:2f:64:3a:
ce:64:8f:93:52:38:51:b8:69:1f:61:0b:1d:34:d3:59:65:1c:
fd:ab:41:66:b1:3f:0f:8f:db:e3:71:92:22:7f:a5:4f:6b:16:
bb:d3:33:63:f3:07:a8:30:6c:32:5d:3a:a5:2c:66:7c:cd:b1:
fa:01:89:47:2f:d2:29:6c:d8:2c:a1:e3:5f:6c:be:5d:5e:17:
bd:a4:65:1e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZHCl+/aioiHY6a/CQHECwwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwOTA1MTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RiOTM3YjZkMDM3MmJlYWY5ODQ1MjdkODMwY2QwNzVmYTgyMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriQI5NGk3qzx0j743QbSLK2aQQxH
WU/owdgnq1GDq80zX6jKp018Wu4k4xQaa2yEuhJRfOOGuc2N5CZgoO56UijoCUti
mWLOjGa5R3V9grSmXfuIwz8+EHr+Uk2MRdxUiRujrXLOuZ4x0ucYrgvng+rRZIt2
JMkeb7a1qFjYLvha2yNoC1wU3ltD2YD4PaFp4vkpxeCoiN0plIEi1Oqe1Na4/XOG
EIIbn9D/+BORN2h+siiKj4XisLzMvLroiHLRyFTSI057tVUr4wcYA/D5WJDs93JX
kb/BQGQJc6K83BH3bIbSjLpNET4UnenT9gmpDY4hNDIUYSGNZvBJJJpaKQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFBzbk3ttA3K+r5hFJ9gwzQdfqCACMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSE51VGUyMERjcjZ2bUVVbjJERE5CMS1vSUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAwCQWAwQA
wCTQAwQBwKWyAwQAwbQXAwQCwbRgAwQBwbSkAwQCwbX4AwQAwbZvAwQAwbd0AwQB
wkSqAwQBwkTcAwQBwkfYAwQCwmdQAwQCwoQoMA0GCSqGSIb3DQEBCwUAA4IBAQA6
DcHA+JqxSDcSGICkMuqK08ZF+Nsh5iCCUp95ivalmwU2YOaJQyL4hk8zP6ADWTA3
kzbArJhOdxGe7iK+RKmHR7O+hBVJ6DjQ8YLbPKd9DHrvDs0dR52qk6K1vqqSDeFR
o1blSPbmvAejoGRXKm1rSeA4oc/UmBIjT8Tj4TiFryaP07N2K9J9zkVwRtuqF+UT
xrezghH+feUoGx4Bf2ryPqOX55bDBG2Fx/i0P5eDYXAvZDrOZI+TUjhRuGkfYQsd
NNNZZRz9q0FmsT8Pj9vjcZIif6VPaxa70zNj8weoMGwyXTqlLGZ8zbH6AYlHL9Ip
bNgsoeNfbL5dXhe9pGUe
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:30 2024 by rpki-client on console-fra.rpki-client.org