Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/hbcjkBOMBE2Iayhm5JG6zSDwj6Q.roa
File: hbcjkBOMBE2Iayhm5JG6zSDwj6Q.roa (raw, json)
Hash identifier: fDxH3vOUeDgDrME4I7jHqrZowBtr3oAmwbYL4F0823k=
Subject key identifier: 85:B7:23:90:13:8C:04:4D:88:6B:28:66:E4:91:BA:CD:20:F0:8F:A4
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 019368150BE58F3E6F50EA4465C5E4BEC922
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/hbcjkBOMBE2Iayhm5JG6zSDwj6Q.roa
Signing time: Tue 26 Nov 2024 10:47:10 +0000
ROA not before: Tue 26 Nov 2024 10:47:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201031
IP address blocks: 37.77.64.0/24 maxlen: 24
37.77.65.0/24 maxlen: 24
37.77.68.0/24 maxlen: 24
37.77.69.0/24 maxlen: 24
37.77.70.0/24 maxlen: 24
37.77.71.0/24 maxlen: 24
185.217.90.0/24 maxlen: 24
194.113.196.0/22 maxlen: 22
194.113.196.0/23 maxlen: 23
194.113.196.0/24 maxlen: 24
194.113.197.0/24 maxlen: 24
194.113.198.0/23 maxlen: 23
194.113.198.0/24 maxlen: 24
194.113.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:15:0b:e5:8f:3e:6f:50:ea:44:65:c5:e4:be:c9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Nov 26 10:47:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85b72390138c044d886b2866e491bacd20f08fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:3e:8e:0d:ef:0b:ba:7e:00:9c:6a:f6:a7:
0f:cb:2a:56:18:21:51:2d:0d:38:8b:6c:6e:38:d7:
f6:0b:d1:b0:80:b5:25:1a:72:71:b2:a4:3b:85:15:
1c:f1:51:e3:ab:87:4b:8f:71:85:3c:74:b7:e4:23:
d5:0a:c7:e5:c6:24:a4:20:f1:8c:40:bf:74:d8:a8:
55:b3:14:aa:1b:7b:db:d8:20:70:32:2f:35:65:4d:
cc:bd:13:58:da:d2:08:eb:5c:26:81:e6:26:6a:37:
b3:4d:ed:0b:90:1d:23:9a:ed:8b:45:39:97:0e:2f:
7b:3f:4b:23:dd:d1:fd:e5:7a:81:a5:be:2c:4a:a7:
da:8d:58:ba:8f:91:7d:7b:ba:48:1c:31:73:49:60:
ee:1b:2c:fa:3b:33:09:0d:dd:dc:30:39:6c:0e:8a:
c3:28:c3:4a:75:0c:99:02:93:fa:b9:00:7d:02:d2:
0a:f9:4c:03:83:35:84:0e:3b:2b:96:29:d8:4e:0f:
12:81:1f:72:b6:39:57:be:95:da:e3:a8:6b:77:fc:
cf:49:04:e1:da:d6:72:83:f4:0c:b6:4e:66:80:0f:
df:ed:ae:2d:e6:c5:c3:0b:c6:9c:8c:53:da:d8:43:
74:3a:b4:83:cd:3a:76:dd:54:4b:b7:e0:34:37:1f:
6f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B7:23:90:13:8C:04:4D:88:6B:28:66:E4:91:BA:CD:20:F0:8F:A4
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/hbcjkBOMBE2Iayhm5JG6zSDwj6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.64.0/23
37.77.68.0/22
185.217.90.0/24
194.113.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:46:8e:c1:8d:d0:92:87:71:c5:4d:c3:42:fc:91:6d:f5:ee:
e9:ad:27:db:32:5b:36:d6:d1:4e:fc:b9:7d:b0:2a:4e:b6:01:
b1:71:4c:cb:16:8e:9c:a5:64:cb:bd:f7:b0:66:6f:0b:a4:36:
b7:b6:26:6f:01:4e:02:a3:b3:e1:b5:81:3e:ab:c4:d8:ce:e8:
fe:d2:dd:f9:2c:3a:5c:98:f2:57:c4:93:30:af:ef:15:7b:fb:
05:ba:07:f9:16:be:d9:f8:97:a8:e3:53:24:71:43:c5:fe:e1:
6c:20:25:a6:d0:6b:4a:e6:a1:13:da:5e:62:b1:29:c5:a6:b1:
35:d4:55:98:b3:11:d3:a5:6d:a7:88:8f:fa:64:d0:32:89:e7:
77:0c:88:7a:bb:bf:0f:b0:98:fa:13:25:c1:f1:32:1e:1e:bb:
a8:9c:b6:87:b2:f6:f2:a3:46:ef:2d:a4:ad:d1:d9:0b:a2:94:
db:29:fc:b9:bb:d9:b8:5e:d7:40:00:02:8c:2a:3d:07:5a:ff:
79:78:52:51:b3:ba:af:c3:43:79:c7:b0:8a:c7:e7:3e:1d:6e:
cd:0c:d3:7a:d6:0f:e3:04:ff:30:6c:30:39:b5:e5:09:1c:ff:
6a:5e:3d:f8:9b:14:db:d1:48:2f:83:5f:80:25:7f:04:7e:0c:
e7:f1:50:d3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNoFQvljz5vUOpEZcXkvskiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjQxMTI2MTA0NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI3MjM5MDEzOGMwNDRkODg2YjI4NjZlNDkxYmFjZDIwZjA4ZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruA+jg3vC7p+AJxq9qcPyypWGCFR
LQ04i2xuONf2C9GwgLUlGnJxsqQ7hRUc8VHjq4dLj3GFPHS35CPVCsflxiSkIPGM
QL902KhVsxSqG3vb2CBwMi81ZU3MvRNY2tII61wmgeYmajezTe0LkB0jmu2LRTmX
Di97P0sj3dH95XqBpb4sSqfajVi6j5F9e7pIHDFzSWDuGyz6OzMJDd3cMDlsDorD
KMNKdQyZApP6uQB9AtIK+UwDgzWEDjsrlinYTg8SgR9ytjlXvpXa46hrd/zPSQTh
2tZyg/QMtk5mgA/f7a4t5sXDC8acjFPa2EN0OrSDzTp23VRLt+A0Nx9vVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIW3I5ATjARNiGsoZuSRus0g8I+kMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvaGJjamtCT01CRTJJYXlobTVKRzZ6U0R3ajZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBJU1AAwQC
JU1EAwQAudlaAwQCwnHEMA0GCSqGSIb3DQEBCwUAA4IBAQCcRo7BjdCSh3HFTcNC
/JFt9e7prSfbMls21tFO/Ll9sCpOtgGxcUzLFo6cpWTLvfewZm8LpDa3tiZvAU4C
o7PhtYE+q8TYzuj+0t35LDpcmPJXxJMwr+8Ve/sFugf5Fr7Z+Jeo41MkcUPF/uFs
ICWm0GtK5qET2l5isSnFprE11FWYsxHTpW2niI/6ZNAyied3DIh6u78PsJj6EyXB
8TIeHruonLaHsvbyo0bvLaSt0dkLopTbKfy5u9m4XtdAAAKMKj0HWv95eFJRs7qv
w0N5x7CKx+c+HW7NDNN61g/jBP8wbDA5teUJHP9qXj34mxTb0Ugvg1+AJX8Efgzn
8VDT
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:02:57 2024 by rpki-client on console-fra.rpki-client.org