Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/hyL735o522OD-DVW2hPvO0kTnrs.roa
File: hyL735o522OD-DVW2hPvO0kTnrs.roa (raw, json)
Hash identifier: NWl0XrdbmmmfWpqITAUr9PZavB5keWVOhGqWwqsNSFU=
Subject key identifier: 87:22:FB:DF:9A:39:DB:63:83:F8:35:56:DA:13:EF:3B:49:13:9E:BB
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 018F5A1FAE325E6A6958C1E3FDBA933D5DA2
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/hyL735o522OD-DVW2hPvO0kTnrs.roa
Signing time: Wed 08 May 2024 21:32:56 +0000
ROA not before: Wed 08 May 2024 21:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 45.3.32.0/19 maxlen: 24
65.111.0.0/19 maxlen: 24
95.141.242.0/24 maxlen: 24
104.167.24.0/21 maxlen: 24
104.207.32.0/19 maxlen: 24
2a0a:1f40::/32 maxlen: 32
2a0a:1f41::/32 maxlen: 32
2a0a:da40::/29 maxlen: 29
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:1f:ae:32:5e:6a:69:58:c1:e3:fd:ba:93:3d:5d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: May 8 21:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8722fbdf9a39db6383f83556da13ef3b49139ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fe:dd:e6:0b:9b:87:0b:62:48:ee:a5:35:ef:
55:73:fa:17:a6:90:df:35:6d:ec:bd:30:88:15:90:
ba:81:31:0e:96:cd:48:6b:17:da:f3:65:30:71:52:
e5:c6:ce:05:c8:9b:0e:0f:77:06:41:a9:ce:cd:e1:
b9:c5:84:8e:80:e3:46:b8:6f:d1:2c:21:83:14:12:
e8:74:a5:3e:07:9f:74:02:df:1d:b6:2c:c1:5b:2f:
9a:c6:b8:39:7d:d4:26:03:45:48:87:3d:ae:53:29:
a4:52:83:31:51:f7:d2:dd:28:02:f6:28:29:5b:ed:
d2:76:9e:99:95:83:99:3b:e0:23:08:c9:87:e9:1a:
2b:51:2b:63:58:fb:db:d3:65:8b:82:6a:6b:fd:17:
e4:50:cb:1e:40:ce:b2:95:b0:57:63:5a:26:6d:56:
62:0e:ba:28:b8:1d:5d:a8:c8:4b:b7:11:b0:44:b3:
db:e7:3f:25:a1:3f:a9:65:05:6e:a3:ef:6f:73:96:
cf:7d:2d:ac:46:54:19:f8:33:dd:22:33:c2:bd:20:
57:e1:34:34:82:22:52:19:09:b5:d1:c9:34:d7:0b:
97:73:b7:ee:6f:63:45:c8:0e:44:e3:b2:b3:69:2f:
68:6f:a3:e0:6b:0d:15:fd:c1:31:f6:ad:6f:d1:fe:
8c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:22:FB:DF:9A:39:DB:63:83:F8:35:56:DA:13:EF:3B:49:13:9E:BB
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/hyL735o522OD-DVW2hPvO0kTnrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
65.111.0.0/19
95.141.242.0/24
104.167.24.0/21
104.207.32.0/19
IPv6:
2a0a:1f40::/31
2a0a:da40::/29
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a8:2e:3a:ee:2f:ff:6a:a8:02:09:a5:46:d3:15:d7:66:94:2a:
b8:a2:c1:f3:8b:fd:16:c2:ad:34:ca:cc:38:db:57:81:41:11:
e3:c8:f8:1b:3e:a9:36:5e:c7:ae:19:83:3e:17:6d:f0:72:ca:
59:eb:ce:d2:a9:0c:c9:8b:63:ab:81:6f:f6:a9:b9:77:e5:59:
08:0d:8f:8d:26:ea:29:ba:04:81:41:b2:cb:44:75:bc:d5:b4:
4d:17:a6:29:d8:ab:f4:68:02:a9:76:81:39:bf:80:c6:d9:32:
07:0b:5f:75:52:44:4b:2a:ec:d3:ca:1b:e2:11:ed:7a:67:83:
9e:71:ee:cd:86:65:d9:f3:14:9f:36:12:7d:78:37:e3:ff:cb:
d4:52:58:d0:ae:13:82:51:f4:3e:40:30:ea:15:03:c7:f4:36:
b9:bd:12:76:b0:73:c8:d2:c0:e3:bc:98:cf:83:22:bb:fe:8e:
16:f6:bc:48:4c:39:a4:c8:e7:5d:03:57:b7:71:4b:5f:24:61:
3a:2a:3e:42:21:44:61:c3:98:7c:cc:d2:51:af:6b:67:80:fb:
a0:ea:42:f0:d2:cf:1f:14:69:bb:f4:56:7b:45:65:e9:96:11:
0f:2b:09:34:36:87:6f:25:a0:6d:0d:2c:45:06:53:be:15:4b:
05:32:8d:2f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY9aH64yXmppWMHj/bqTPV2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjQwNTA4MjEzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzIyZmJkZjlhMzlkYjYzODNmODM1NTZkYTEzZWYzYjQ5MTM5ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf7d5gubhwtiSO6lNe9Vc/oXppDf
NW3svTCIFZC6gTEOls1Iaxfa82UwcVLlxs4FyJsOD3cGQanOzeG5xYSOgONGuG/R
LCGDFBLodKU+B590At8dtizBWy+axrg5fdQmA0VIhz2uUymkUoMxUffS3SgC9igp
W+3Sdp6ZlYOZO+AjCMmH6RorUStjWPvb02WLgmpr/RfkUMseQM6ylbBXY1ombVZi
DroouB1dqMhLtxGwRLPb5z8loT+pZQVuo+9vc5bPfS2sRlQZ+DPdIjPCvSBX4TQ0
giJSGQm10ck01wuXc7fub2NFyA5E47KzaS9ob6Pgaw0V/cEx9q1v0f6McQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFIci+9+aOdtjg/g1VtoT7ztJE567MB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvaHlMNzM1bzUyMk9ELURWVzJoUHZPMGtUbnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAkBAIAATAeAwQFLQMgAwQF
QW8AAwQAX43yAwQDaKcYAwQFaM8gMCsEAgACMCUDBQEqCh9AAwUDKgraQAMFACoT
P4AwDgMFACoTP4MDBQMqEz+AMA0GCSqGSIb3DQEBCwUAA4IBAQCoLjruL/9qqAIJ
pUbTFddmlCq4osHzi/0Wwq00ysw421eBQRHjyPgbPqk2XseuGYM+F23wcspZ687S
qQzJi2OrgW/2qbl35VkIDY+NJuopugSBQbLLRHW81bRNF6Yp2Kv0aAKpdoE5v4DG
2TIHC191UkRLKuzTyhviEe16Z4Oece7NhmXZ8xSfNhJ9eDfj/8vUUljQrhOCUfQ+
QDDqFQPH9Da5vRJ2sHPI0sDjvJjPgyK7/o4W9rxITDmkyOddA1e3cUtfJGE6Kj5C
IURhw5h8zNJRr2tngPug6kLw0s8fFGm79FZ7RWXplhEPKwk0NodvJaBtDSxFBlO+
FUsFMo0v
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:42:27 2024 by rpki-client on console-fra.rpki-client.org