Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/HZLrDIiS_ar13JtWOypXTzOk3PM.roa
File: HZLrDIiS_ar13JtWOypXTzOk3PM.roa (raw, json)
Hash identifier: WTm/gDlehMw+G6L/MFMnbxqEJtdC0dkUDViFfcfioF4=
Subject key identifier: 1D:92:EB:0C:88:92:FD:AA:F5:DC:9B:56:3B:2A:57:4F:33:A4:DC:F3
Certificate issuer: /CN=ccd7947ec83136ef9446316235686a9102562c44
Certificate serial: 0192481638D352243F805E05739BBF6874C9
Authority key identifier: CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/HZLrDIiS_ar13JtWOypXTzOk3PM.roa
Signing time: Tue 01 Oct 2024 12:37:48 +0000
ROA not before: Tue 01 Oct 2024 12:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202617
IP address blocks: 84.247.18.0/24 maxlen: 24
93.113.103.0/24 maxlen: 24
93.113.109.0/24 maxlen: 24
185.159.0.0/22 maxlen: 22
185.159.0.0/24 maxlen: 24
185.159.1.0/24 maxlen: 24
185.159.2.0/24 maxlen: 24
2a07:b0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/zNeUfsgxNu-URjFiNWhqkQJWLEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/zNeUfsgxNu-URjFiNWhqkQJWLEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:16:38:d3:52:24:3f:80:5e:05:73:9b:bf:68:74:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd7947ec83136ef9446316235686a9102562c44
Validity
Not Before: Oct 1 12:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d92eb0c8892fdaaf5dc9b563b2a574f33a4dcf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ac:f4:67:03:dc:41:31:d8:21:8d:e7:8b:7d:
72:2c:21:28:32:01:58:77:56:96:6a:9a:a8:c7:33:
1d:1f:98:aa:2d:9c:6e:b1:c3:7e:12:91:af:79:b1:
93:08:32:59:77:84:6c:cf:dd:61:5f:74:59:63:1c:
8f:d9:68:fe:c2:21:eb:15:17:fd:66:9f:7e:7f:25:
c5:6f:5c:6d:f1:93:9c:9b:79:a3:a7:47:17:4f:10:
31:f6:4b:6e:c5:e6:84:d5:00:d5:12:9e:c9:19:c8:
6c:e7:dd:d0:1b:c4:37:49:7e:52:21:56:d4:04:8b:
c6:c9:35:91:53:e3:75:f1:bf:4e:39:33:58:bf:21:
49:04:96:47:bd:92:fc:b2:a4:1d:4d:52:53:c3:7d:
dd:ce:4a:6c:3d:57:1d:bf:64:c6:6b:3e:31:ad:7e:
76:87:cc:99:6e:c6:13:9c:fe:8b:03:41:b9:45:c0:
97:e3:32:15:a7:60:fa:f2:e8:c2:fd:8a:80:9e:79:
e8:2d:2f:97:cb:e7:17:22:ef:e0:98:e9:b1:06:b2:
10:15:84:13:45:65:7f:72:e5:f3:aa:e9:71:d2:5d:
f8:cd:5a:7d:ca:16:cb:de:c3:b2:95:c3:d3:ee:1a:
2a:b3:dc:f4:c9:f0:a8:18:c9:70:d1:cd:30:b2:74:
7e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:92:EB:0C:88:92:FD:AA:F5:DC:9B:56:3B:2A:57:4F:33:A4:DC:F3
X509v3 Authority Key Identifier:
keyid:CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/HZLrDIiS_ar13JtWOypXTzOk3PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/zNeUfsgxNu-URjFiNWhqkQJWLEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.18.0/24
93.113.103.0/24
93.113.109.0/24
185.159.0.0/22
IPv6:
2a07:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
43:6e:8c:a1:49:67:32:9f:13:d1:8d:01:54:86:40:be:d1:b8:
84:52:13:2f:5f:bb:86:46:f7:8c:ac:99:de:85:91:89:e2:37:
87:c5:9d:b6:32:2e:fa:3f:1f:de:47:42:41:59:0c:fb:0c:c2:
2c:d2:78:d4:f3:77:cc:c3:54:35:26:66:b6:85:dc:90:07:cb:
2a:74:76:ea:03:4f:4a:cf:a0:cd:dc:86:a0:0c:1c:12:e0:31:
db:76:99:19:8a:a0:c3:be:db:34:d3:2e:db:06:be:f5:5e:a2:
c2:79:09:9f:e6:16:cd:50:3e:0e:c9:67:5b:79:9e:d0:fb:fb:
b9:79:6c:0e:69:57:4b:39:8c:af:4e:ba:c5:9d:5b:d4:2b:05:
b5:79:4f:56:2c:93:66:36:c2:d4:75:0b:23:c8:f7:3f:74:2c:
14:41:75:96:16:8b:26:11:fd:0f:dc:a4:ab:48:a5:24:04:5d:
09:d0:1c:5e:11:45:b3:b2:28:b4:8f:24:9a:a1:eb:a8:e0:60:
c8:2a:50:41:62:0a:7c:dc:72:6a:3a:4a:69:81:d9:95:d2:2e:
4e:a5:9c:1c:69:61:f3:df:a4:0d:cb:d3:7a:83:16:70:93:60:
eb:00:26:d9:e2:e3:f3:25:80:7a:75:5d:3e:f3:91:92:d8:c2:
fe:fa:9d:b4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJIFjjTUiQ/gF4Fc5u/aHTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc5NDdlYzgzMTM2ZWY5NDQ2MzE2MjM1Njg2YTkxMDI1
NjJjNDQwHhcNMjQxMDAxMTIzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkyZWIwYzg4OTJmZGFhZjVkYzliNTYzYjJhNTc0ZjMzYTRkY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaz0ZwPcQTHYIY3ni31yLCEoMgFY
d1aWapqoxzMdH5iqLZxuscN+EpGvebGTCDJZd4Rsz91hX3RZYxyP2Wj+wiHrFRf9
Zp9+fyXFb1xt8ZOcm3mjp0cXTxAx9ktuxeaE1QDVEp7JGchs593QG8Q3SX5SIVbU
BIvGyTWRU+N18b9OOTNYvyFJBJZHvZL8sqQdTVJTw33dzkpsPVcdv2TGaz4xrX52
h8yZbsYTnP6LA0G5RcCX4zIVp2D68ujC/YqAnnnoLS+Xy+cXIu/gmOmxBrIQFYQT
RWV/cuXzqulx0l34zVp9yhbL3sOylcPT7hoqs9z0yfCoGMlw0c0wsnR+eQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFB2S6wyIkv2q9dybVjsqV08zpNzzMB8GA1UdIwQY
MBaAFMzXlH7IMTbvlEYxYjVoapECVixEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5lVWZzZ3hOdS1VUmpGaU5XaHFrUUpXTEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9lYWI3N2QtODMxYS00M2JjLThjYmUt
Mjg4NzY2MDYxZDk4LzEvSFpMckRJaVNfYXIxM0p0V095cFhUek9rM1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9lYWI3N2QtODMxYS00M2JjLThjYmUtMjg4NzY2MDYxZDk4
LzEvek5lVWZzZ3hOdS1VUmpGaU5XaHFrUUpXTEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAVPcSAwQA
XXFnAwQAXXFtAwQCuZ8AMA0EAgACMAcDBQMqB7DAMA0GCSqGSIb3DQEBCwUAA4IB
AQBDboyhSWcynxPRjQFUhkC+0biEUhMvX7uGRveMrJnehZGJ4jeHxZ22Mi76Px/e
R0JBWQz7DMIs0njU83fMw1Q1Jma2hdyQB8sqdHbqA09Kz6DN3IagDBwS4DHbdpkZ
iqDDvts00y7bBr71XqLCeQmf5hbNUD4OyWdbeZ7Q+/u5eWwOaVdLOYyvTrrFnVvU
KwW1eU9WLJNmNsLUdQsjyPc/dCwUQXWWFosmEf0P3KSrSKUkBF0J0BxeEUWzsii0
jySaoeuo4GDIKlBBYgp83HJqOkppgdmV0i5OpZwcaWHz36QNy9N6gxZwk2DrACbZ
4uPzJYB6dV0+85GS2ML++p20
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:43 2024 by rpki-client on console-fra.rpki-client.org