Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/KhxHEzHaThoochQrhW_7S5zJowc.roa
File: KhxHEzHaThoochQrhW_7S5zJowc.roa (raw, json)
Hash identifier: Fy356FrwVsBLkaM4zzsVZu/fh7Tv4g4qFoPpDFpXUoc=
Subject key identifier: 2A:1C:47:13:31:DA:4E:1A:28:72:14:2B:85:6F:FB:4B:9C:C9:A3:07
Certificate issuer: /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial: 018DC7A389601C31D285768AB211F3539469
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/KhxHEzHaThoochQrhW_7S5zJowc.roa
Signing time: Tue 20 Feb 2024 17:49:59 +0000
ROA not before: Tue 20 Feb 2024 17:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 79.140.136.0/24 maxlen: 24
79.140.139.0/24 maxlen: 24
82.195.139.0/24 maxlen: 24
82.195.141.0/24 maxlen: 24
84.51.229.0/24 maxlen: 24
212.78.237.0/24 maxlen: 24
212.78.239.0/24 maxlen: 24
212.78.241.0/24 maxlen: 24
212.84.40.0/24 maxlen: 24
212.84.43.0/24 maxlen: 24
212.84.44.0/24 maxlen: 24
212.84.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:a3:89:60:1c:31:d2:85:76:8a:b2:11:f3:53:94:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Validity
Not Before: Feb 20 17:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a1c471331da4e1a2872142b856ffb4b9cc9a307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:66:18:40:5e:7d:e5:c6:76:1a:7c:00:52:
06:4a:2e:db:15:d0:23:9e:31:34:a1:67:5e:52:51:
06:a5:1f:25:d0:bf:0a:a3:64:1b:60:0d:a6:9f:fa:
27:18:63:b6:ae:7a:96:97:3c:74:50:77:4a:0a:e8:
d3:75:e1:7e:a8:fb:e8:58:62:9a:45:31:ff:bd:04:
16:09:84:7f:cf:4c:2e:33:c4:d2:fc:59:42:90:e4:
0c:e2:34:34:4d:86:6a:99:27:24:9a:cb:4b:26:29:
59:ab:59:a4:76:9f:b4:45:2c:de:d6:ae:fe:15:04:
0a:12:af:81:09:ef:7a:df:7f:13:a9:4a:77:08:37:
e4:0f:7c:d9:6e:52:cd:b1:72:4f:7d:41:d1:5a:d5:
04:cb:a3:d8:95:48:ca:cb:a4:3a:55:d9:b1:70:e8:
39:6d:fc:cd:49:77:3a:91:75:c8:db:8a:16:61:91:
61:27:f4:e0:6f:0c:73:ec:cc:a4:c1:11:91:09:2a:
d7:40:df:fa:7b:4e:95:79:41:c5:8a:4b:26:3b:fe:
d8:87:c9:bd:b6:2d:c5:bb:9b:75:dc:85:47:c3:a3:
64:5a:69:d0:da:51:53:25:49:ce:ca:bd:10:34:8c:
6e:f8:e2:90:85:fc:d1:3a:60:6a:c1:c1:6f:41:a8:
f6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1C:47:13:31:DA:4E:1A:28:72:14:2B:85:6F:FB:4B:9C:C9:A3:07
X509v3 Authority Key Identifier:
keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/KhxHEzHaThoochQrhW_7S5zJowc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.136.0/24
79.140.139.0/24
82.195.139.0/24
82.195.141.0/24
84.51.229.0/24
212.78.237.0/24
212.78.239.0/24
212.78.241.0/24
212.84.40.0/24
212.84.43.0-212.84.45.255
Signature Algorithm: sha256WithRSAEncryption
66:36:06:6e:fb:34:9c:d8:40:1e:eb:d3:c8:e1:be:07:ab:06:
06:74:a6:dd:8c:0a:ef:03:af:b7:5e:bd:7e:e3:26:ba:80:f4:
cb:2c:af:8a:22:59:52:32:4a:c2:31:a2:5c:d8:22:9b:be:dd:
3b:be:a3:ec:62:11:0b:55:76:66:18:fb:18:bb:70:1b:ab:36:
6d:7e:0c:9b:58:e1:8f:47:5f:da:0e:25:0e:0d:16:09:ef:55:
b4:ce:be:da:4e:2a:99:ff:fb:04:39:42:55:4e:08:c7:9c:1f:
b9:4e:db:70:3a:91:6d:eb:cd:48:ff:7e:f7:df:3d:cc:a2:89:
23:0d:42:9e:be:b0:ad:ca:84:96:87:1e:44:0a:27:35:e8:e7:
72:4c:05:43:60:9d:07:62:85:b3:4e:40:79:6c:8c:ed:27:65:
be:5a:8f:6a:e7:aa:b7:a4:c7:6f:e8:aa:e0:81:e6:58:20:a3:
3c:b7:c9:8b:d0:48:7f:90:2a:7b:70:1f:17:fd:a2:62:07:51:
94:c7:2d:d4:d9:96:fd:ac:4f:6c:1e:e5:5d:0d:a7:87:88:95:
6b:ae:e3:06:7e:fd:89:b9:37:d5:ee:6d:77:44:46:f1:ab:00:
a9:6d:c8:53:d9:6d:62:39:96:89:49:ea:ed:72:f1:1a:dd:0c:
d9:95:a4:55
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY3Ho4lgHDHShXaKshHzU5RpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzN2YxMmFiYWY2MTM5NzNmZWIzMDczZDhjZTYzN2YxYjAw
Y2JmYTkwHhcNMjQwMjIwMTc0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTFjNDcxMzMxZGE0ZTFhMjg3MjE0MmI4NTZmZmI0YjljYzlhMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1VmGEBefeXGdhp8AFIGSi7bFdAj
njE0oWdeUlEGpR8l0L8Ko2QbYA2mn/onGGO2rnqWlzx0UHdKCujTdeF+qPvoWGKa
RTH/vQQWCYR/z0wuM8TS/FlCkOQM4jQ0TYZqmSckmstLJilZq1mkdp+0RSze1q7+
FQQKEq+BCe96338TqUp3CDfkD3zZblLNsXJPfUHRWtUEy6PYlUjKy6Q6VdmxcOg5
bfzNSXc6kXXI24oWYZFhJ/Tgbwxz7MykwRGRCSrXQN/6e06VeUHFiksmO/7Yh8m9
ti3Fu5t13IVHw6NkWmnQ2lFTJUnOyr0QNIxu+OKQhfzROmBqwcFvQaj2mwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCocRxMx2k4aKHIUK4Vv+0ucyaMHMB8GA1UdIwQY
MBaAFJN/EquvYTlz/rMHPYzmN/GwDL+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgt
YTFhZTU4OTJkNDIxLzEvS2h4SEV6SGFUaG9vY2hRcmhXXzdTNXpKb3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgtYTFhZTU4OTJkNDIx
LzEvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAT4yIAwQA
T4yLAwQAUsOLAwQAUsONAwQAVDPlAwQA1E7tAwQA1E7vAwQA1E7xAwQA1FQoMAwD
BADUVCsDBAHUVCwwDQYJKoZIhvcNAQELBQADggEBAGY2Bm77NJzYQB7r08jhvger
BgZ0pt2MCu8Dr7devX7jJrqA9Mssr4oiWVIySsIxolzYIpu+3Tu+o+xiEQtVdmYY
+xi7cBurNm1+DJtY4Y9HX9oOJQ4NFgnvVbTOvtpOKpn/+wQ5QlVOCMecH7lO23A6
kW3rzUj/fvffPcyiiSMNQp6+sK3KhJaHHkQKJzXo53JMBUNgnQdihbNOQHlsjO0n
Zb5aj2rnqrekx2/oquCB5lggozy3yYvQSH+QKntwHxf9omIHUZTHLdTZlv2sT2we
5V0Np4eIlWuu4wZ+/Ym5N9XubXdERvGrAKltyFPZbWI5lolJ6u1y8RrdDNmVpFU=
-----END CERTIFICATE-----
Generated at Thu May 2 16:36:30 2024 by rpki-client on console-fra.rpki-client.org