Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/9H1hIqsDg5aRUt6PmFAY6d8JyM8.roa
File: 9H1hIqsDg5aRUt6PmFAY6d8JyM8.roa (raw, json)
Hash identifier: xLHNZ6I06czAXV8npRXAtOyCzvc1Vo/tWxby7WnChz4=
Subject key identifier: F4:7D:61:22:AB:03:83:96:91:52:DE:8F:98:50:18:E9:DF:09:C8:CF
Certificate issuer: /CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Certificate serial: 018CC2DB00F852F181C20F246B700602454B
Authority key identifier: 1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/9H1hIqsDg5aRUt6PmFAY6d8JyM8.roa
Signing time: Mon 01 Jan 2024 02:29:41 +0000
ROA not before: Mon 01 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39781
IP address blocks: 185.106.216.0/22 maxlen: 24
193.227.107.0/24 maxlen: 24
79.98.56.0/21 maxlen: 24
2a02:1758::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:00:f8:52:f1:81:c2:0f:24:6b:70:06:02:45:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cdab70524fd51313b84f5d8f46362a3d8c80814
Validity
Not Before: Jan 1 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f47d6122ab0383969152de8f985018e9df09c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9d:27:95:cd:e0:fd:12:01:ed:16:fe:e6:be:
ed:9c:46:a2:58:eb:4c:4e:26:8e:25:75:ed:6d:91:
a8:76:94:9b:f4:39:6b:d9:a9:3d:ce:e7:39:85:94:
7f:f6:60:6e:05:a4:cf:6a:eb:8a:ca:bf:04:04:a9:
f4:18:2e:dd:9f:7c:ca:ef:37:9e:c5:ac:26:ac:e8:
3f:d6:b8:2a:8c:ae:02:7a:38:07:4a:9f:c9:a9:a4:
f8:8e:eb:3d:ec:8e:ea:a7:ee:46:f0:ab:bd:64:eb:
2a:f1:44:6f:12:3d:a5:90:08:4b:73:f7:90:0b:f0:
76:98:4c:a9:a7:f1:6b:c9:d3:eb:be:46:fd:c5:67:
a3:b2:e0:e9:d6:cd:e1:df:f9:28:1c:0a:cb:a2:5e:
b6:09:79:bb:8f:4a:66:47:3d:b6:66:63:4a:70:ca:
bd:8e:9b:b9:40:f0:1b:4a:9a:e6:ca:09:25:7e:6a:
de:f3:01:ef:34:87:be:2a:22:fb:99:03:17:07:cf:
12:c0:9f:45:72:38:e4:02:2c:7a:3d:40:15:77:4b:
18:08:ef:ca:43:eb:6b:66:20:cc:96:82:ac:47:51:
c7:98:cf:09:2c:a0:5e:f8:6b:7b:46:c7:2d:ef:b1:
85:f5:25:4b:aa:b7:1a:e6:6f:e5:42:89:88:fe:34:
bb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7D:61:22:AB:03:83:96:91:52:DE:8F:98:50:18:E9:DF:09:C8:CF
X509v3 Authority Key Identifier:
keyid:1C:DA:B7:05:24:FD:51:31:3B:84:F5:D8:F4:63:62:A3:D8:C8:08:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNq3BST9UTE7hPXY9GNio9jICBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/9H1hIqsDg5aRUt6PmFAY6d8JyM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/19017a-4fcc-4fad-a572-99f693e45061/1/HNq3BST9UTE7hPXY9GNio9jICBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.56.0/21
185.106.216.0/22
193.227.107.0/24
IPv6:
2a02:1758::/29
Signature Algorithm: sha256WithRSAEncryption
89:84:93:91:fe:2a:e8:59:60:cd:ce:48:20:42:de:26:59:38:
6b:d0:59:0d:0e:cf:96:4f:d2:88:a0:d8:cd:62:83:5c:82:c9:
a6:9c:80:79:8f:c8:ab:9c:09:d5:72:cc:f9:b8:b8:c2:b4:24:
e4:3a:fd:6a:41:fa:91:b0:47:ae:62:38:64:20:bd:a5:7a:3e:
5d:f2:6d:63:5b:ea:d1:f9:f5:ee:64:6d:c2:2c:94:a9:25:0a:
02:42:eb:9c:8f:78:65:16:b3:34:68:fb:e2:34:00:b8:b1:fc:
33:be:7e:54:7d:79:c8:57:9a:79:a9:b5:15:3b:81:fa:21:f8:
3a:2f:a9:b7:ea:26:1d:a5:d0:b0:91:7b:c8:70:76:23:3d:9c:
c9:fd:3d:26:c2:13:ae:40:54:b3:fa:95:b3:a9:77:77:e0:3a:
a6:ae:2d:bf:97:de:40:8f:0d:c7:ad:a9:b2:e5:28:01:a6:8d:
7c:b4:59:af:fc:ab:e1:c0:08:ce:4a:33:19:2f:e8:08:a5:95:
47:3d:53:0a:e8:ee:cf:65:fb:8e:f5:0a:2b:1d:82:44:c0:f4:
ff:ed:93:6d:6a:d7:53:bf:af:cf:40:e6:dd:37:e7:05:ec:aa:
83:fa:a0:d2:a0:2c:5b:fe:c7:26:e5:e1:f9:f2:aa:2b:01:41:
03:fd:b0:92
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2wD4UvGBwg8ka3AGAkVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZGFiNzA1MjRmZDUxMzEzYjg0ZjVkOGY0NjM2MmEzZDhj
ODA4MTQwHhcNMjQwMTAxMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDdkNjEyMmFiMDM4Mzk2OTE1MmRlOGY5ODUwMThlOWRmMDljOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ0nlc3g/RIB7Rb+5r7tnEaiWOtM
TiaOJXXtbZGodpSb9Dlr2ak9zuc5hZR/9mBuBaTPauuKyr8EBKn0GC7dn3zK7zee
xawmrOg/1rgqjK4CejgHSp/JqaT4jus97I7qp+5G8Ku9ZOsq8URvEj2lkAhLc/eQ
C/B2mEypp/FrydPrvkb9xWejsuDp1s3h3/koHArLol62CXm7j0pmRz22ZmNKcMq9
jpu5QPAbSprmygklfmre8wHvNIe+KiL7mQMXB88SwJ9FcjjkAix6PUAVd0sYCO/K
Q+trZiDMloKsR1HHmM8JLKBe+Gt7Rsct77GF9SVLqrca5m/lQomI/jS7UQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPR9YSKrA4OWkVLej5hQGOnfCcjPMB8GA1UdIwQY
MBaAFBzatwUk/VExO4T12PRjYqPYyAgUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8xOTAxN2EtNGZjYy00ZmFkLWE1NzIt
OTlmNjkzZTQ1MDYxLzEvOUgxaElxc0RnNWFSVXQ2UG1GQVk2ZDhKeU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8xOTAxN2EtNGZjYy00ZmFkLWE1NzItOTlmNjkzZTQ1MDYx
LzEvSE5xM0JTVDlVVEU3aFBYWTlHTmlvOWpJQ0JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT2I4AwQC
uWrYAwQAweNrMA0EAgACMAcDBQMqAhdYMA0GCSqGSIb3DQEBCwUAA4IBAQCJhJOR
/iroWWDNzkggQt4mWThr0FkNDs+WT9KIoNjNYoNcgsmmnIB5j8irnAnVcsz5uLjC
tCTkOv1qQfqRsEeuYjhkIL2lej5d8m1jW+rR+fXuZG3CLJSpJQoCQuucj3hlFrM0
aPviNAC4sfwzvn5UfXnIV5p5qbUVO4H6Ifg6L6m36iYdpdCwkXvIcHYjPZzJ/T0m
whOuQFSz+pWzqXd34Dqmri2/l95Ajw3Hramy5SgBpo18tFmv/KvhwAjOSjMZL+gI
pZVHPVMK6O7PZfuO9QorHYJEwPT/7ZNtatdTv6/PQObdN+cF7KqD+qDSoCxb/scm
5eH58qorAUED/bCS
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:02 2024 by rpki-client on console-ams.rpki-client.org