Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/HZJ3y4GpsMizOXHkulSvhXTkWSY.roa
File: HZJ3y4GpsMizOXHkulSvhXTkWSY.roa (raw, json)
Hash identifier: Vjl1UhgplnwuMHVpBjPsFabQSxI7yr2wKZz+AJzFUSs=
Subject key identifier: 1D:92:77:CB:81:A9:B0:C8:B3:39:71:E4:BA:54:AF:85:74:E4:59:26
Certificate issuer: /CN=1fa795167d2d9fb420941f17287bdf3c5eed8df9
Certificate serial: 018CC86FE2B20BFAAC611FB53C92119BBE9C
Authority key identifier: 1F:A7:95:16:7D:2D:9F:B4:20:94:1F:17:28:7B:DF:3C:5E:ED:8D:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/HZJ3y4GpsMizOXHkulSvhXTkWSY.roa
Signing time: Tue 02 Jan 2024 04:30:24 +0000
ROA not before: Tue 02 Jan 2024 04:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43571
IP address blocks: 178.19.48.0/20 maxlen: 24
91.220.138.0/24 maxlen: 24
213.181.96.0/19 maxlen: 24
46.182.184.0/21 maxlen: 24
185.111.36.0/22 maxlen: 24
149.126.80.0/21 maxlen: 24
185.152.116.0/22 maxlen: 24
185.40.120.0/22 maxlen: 24
78.40.248.0/21 maxlen: 24
157.97.0.0/19 maxlen: 24
2a01:6f00::/29 maxlen: 48
2a01:8280::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/H6eVFn0tn7QglB8XKHvfPF7tjfk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/H6eVFn0tn7QglB8XKHvfPF7tjfk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:e2:b2:0b:fa:ac:61:1f:b5:3c:92:11:9b:be:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa795167d2d9fb420941f17287bdf3c5eed8df9
Validity
Not Before: Jan 2 04:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d9277cb81a9b0c8b33971e4ba54af8574e45926
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:97:4d:71:f6:29:28:c2:82:1d:9b:04:c1:de:
c3:a2:40:db:b4:be:38:06:ee:5b:b4:c6:be:35:71:
df:de:18:09:0d:36:b3:42:75:84:a1:f0:02:99:22:
43:8e:02:b3:82:56:2d:85:0b:5e:b4:64:c6:83:a3:
55:74:90:87:50:6c:20:c1:76:ab:f6:9c:55:a1:ee:
e9:89:b8:37:cd:03:d9:23:be:57:52:10:e1:7d:de:
51:e5:dd:f2:3d:c6:69:08:28:44:77:a6:ee:35:35:
ff:98:17:eb:30:e2:19:6b:99:2c:91:25:a3:98:71:
c3:ee:63:e1:15:4e:e7:39:51:4c:ab:b2:59:06:ec:
41:0d:5f:1a:b0:ee:33:cc:2b:4c:2a:1e:1d:e2:d9:
1f:38:a7:0c:f0:d8:3b:f9:ff:4a:c2:32:08:ab:21:
22:cb:95:78:d3:99:c1:d8:cc:e7:83:f2:68:d7:ee:
d8:2b:73:a9:4c:2b:27:1c:69:c2:43:49:a3:fe:61:
bf:ae:dd:f6:68:b9:0d:97:94:04:58:a4:df:34:2c:
42:b5:85:1d:70:c9:dc:d6:4b:c7:55:24:0c:a7:90:
90:30:22:2b:ae:ed:3b:31:1b:99:a8:2c:96:04:56:
80:1a:c1:27:3d:1a:c6:66:45:8b:0f:9c:2c:33:e9:
9a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:92:77:CB:81:A9:B0:C8:B3:39:71:E4:BA:54:AF:85:74:E4:59:26
X509v3 Authority Key Identifier:
keyid:1F:A7:95:16:7D:2D:9F:B4:20:94:1F:17:28:7B:DF:3C:5E:ED:8D:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6eVFn0tn7QglB8XKHvfPF7tjfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/HZJ3y4GpsMizOXHkulSvhXTkWSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/83535a-e1bd-4fb7-9f09-7b7e976c8412/1/H6eVFn0tn7QglB8XKHvfPF7tjfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.184.0/21
78.40.248.0/21
91.220.138.0/24
149.126.80.0/21
157.97.0.0/19
178.19.48.0/20
185.40.120.0/22
185.111.36.0/22
185.152.116.0/22
213.181.96.0/19
IPv6:
2a01:6f00::/29
2a01:8280::/32
Signature Algorithm: sha256WithRSAEncryption
b4:06:8a:eb:29:11:ed:01:2d:44:20:cf:70:35:91:4b:1d:ed:
a5:b6:ba:1c:17:b0:3f:3e:e2:23:5e:7c:e6:55:14:ff:d6:94:
ba:e9:12:b6:f7:2c:95:f9:86:38:49:e0:c3:43:95:46:eb:3b:
39:bb:64:79:8d:75:2a:6a:11:73:5b:6d:81:b6:45:39:f6:ef:
d1:80:e1:78:53:35:93:b1:f4:8e:eb:d4:1e:2b:e0:87:9a:3f:
66:fe:1f:9e:ad:3f:38:ee:da:46:8f:29:bd:8f:3e:32:fa:56:
8c:30:c0:a6:ad:6d:a6:7c:1a:cd:a7:ec:f0:4a:09:ba:fc:09:
de:32:69:0b:1a:05:80:79:d1:a4:bb:a1:2a:ca:df:63:9f:ed:
c1:27:f5:90:c6:9f:52:f0:52:5c:87:8b:28:31:04:17:1a:ea:
f0:17:b4:81:05:88:db:1d:a7:bd:2f:8f:12:c3:5b:35:fa:a7:
97:2c:9d:09:c5:7e:83:82:30:6b:e8:a2:d6:2b:4f:4a:40:53:
d1:38:97:29:95:bf:c5:42:e4:cf:a0:71:6b:9c:64:b2:82:bc:
17:63:15:98:ec:7c:d5:3b:6d:7b:fd:af:ee:92:63:2a:4a:2f:
b4:f3:19:95:ab:33:4c:4c:55:53:8a:89:26:0c:9e:32:f8:12:
63:92:67:aa
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzIb+KyC/qsYR+1PJIRm76cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYTc5NTE2N2QyZDlmYjQyMDk0MWYxNzI4N2JkZjNjNWVl
ZDhkZjkwHhcNMjQwMTAyMDQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDkyNzdjYjgxYTliMGM4YjMzOTcxZTRiYTU0YWY4NTc0ZTQ1OTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5dNcfYpKMKCHZsEwd7DokDbtL44
Bu5btMa+NXHf3hgJDTazQnWEofACmSJDjgKzglYthQtetGTGg6NVdJCHUGwgwXar
9pxVoe7pibg3zQPZI75XUhDhfd5R5d3yPcZpCChEd6buNTX/mBfrMOIZa5kskSWj
mHHD7mPhFU7nOVFMq7JZBuxBDV8asO4zzCtMKh4d4tkfOKcM8Ng7+f9KwjIIqyEi
y5V405nB2Mzng/Jo1+7YK3OpTCsnHGnCQ0mj/mG/rt32aLkNl5QEWKTfNCxCtYUd
cMnc1kvHVSQMp5CQMCIrru07MRuZqCyWBFaAGsEnPRrGZkWLD5wsM+maWwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFB2Sd8uBqbDIszlx5LpUr4V05FkmMB8GA1UdIwQY
MBaAFB+nlRZ9LZ+0IJQfFyh73zxe7Y35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZlVkZuMHRuN1FnbEI4WEtIdmZQRjd0amZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84MzUzNWEtZTFiZC00ZmI3LTlmMDkt
N2I3ZTk3NmM4NDEyLzEvSFpKM3k0R3BzTWl6T1hIa3VsU3ZoWFRrV1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84MzUzNWEtZTFiZC00ZmI3LTlmMDktN2I3ZTk3NmM4NDEy
LzEvSDZlVkZuMHRuN1FnbEI4WEtIdmZQRjd0amZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDLra4AwQD
Tij4AwQAW9yKAwQDlX5QAwQFnWEAAwQEshMwAwQCuSh4AwQCuW8kAwQCuZh0AwQF
1bVgMBQEAgACMA4DBQMqAW8AAwUAKgGCgDANBgkqhkiG9w0BAQsFAAOCAQEAtAaK
6ykR7QEtRCDPcDWRSx3tpba6HBewPz7iI1585lUU/9aUuukStvcslfmGOEngw0OV
Rus7ObtkeY11KmoRc1ttgbZFOfbv0YDheFM1k7H0juvUHivgh5o/Zv4fnq0/OO7a
Ro8pvY8+MvpWjDDApq1tpnwazafs8EoJuvwJ3jJpCxoFgHnRpLuhKsrfY5/twSf1
kMafUvBSXIeLKDEEFxrq8Be0gQWI2x2nvS+PEsNbNfqnlyydCcV+g4Iwa+ii1itP
SkBT0TiXKZW/xULkz6Bxa5xksoK8F2MVmOx81Ttte/2v7pJjKkovtPMZlaszTExV
U4qJJgyeMvgSY5Jnqg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:55:40 2024 by rpki-client on console-ams.rpki-client.org