Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/hDBWlLpcQ288clc6ex39x2G5VyY.roa
File: hDBWlLpcQ288clc6ex39x2G5VyY.roa (raw, json)
Hash identifier: giQxPsAyMgW6o5DOgHKwqgImMsQbBbxd6Q58aa20y0c=
Subject key identifier: 84:30:56:94:BA:5C:43:6F:3C:72:57:3A:7B:1D:FD:C7:61:B9:57:26
Certificate issuer: /CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Certificate serial: 018CC501066AD374E8CB287F817757B29654
Authority key identifier: D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/hDBWlLpcQ288clc6ex39x2G5VyY.roa
Signing time: Mon 01 Jan 2024 12:30:27 +0000
ROA not before: Mon 01 Jan 2024 12:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24611
IP address blocks: 89.41.248.0/21 maxlen: 24
89.37.200.0/21 maxlen: 24
80.92.64.0/19 maxlen: 24
94.177.88.0/21 maxlen: 24
31.216.144.0/21 maxlen: 24
2001:b20::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:06:6a:d3:74:e8:cb:28:7f:81:77:57:b2:96:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Validity
Not Before: Jan 1 12:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84305694ba5c436f3c72573a7b1dfdc761b95726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:17:b8:36:da:17:0f:35:db:34:a9:3d:0d:
53:d7:ec:bc:02:e1:b9:f0:65:3b:0d:0a:fc:71:6a:
f9:44:3e:08:8f:fc:fb:75:81:fd:0c:89:e7:c6:e8:
8d:d0:03:e2:12:84:a0:5c:ec:65:d6:a1:5e:3a:f5:
3b:17:05:48:0c:76:99:c4:92:ce:d9:5d:5a:82:f3:
a0:1b:6c:44:0d:e9:cd:28:98:cb:86:c3:2a:97:86:
ba:4b:38:a6:6c:63:bb:bc:00:90:86:19:de:2c:25:
22:f0:bc:67:0a:d0:92:af:97:1d:35:4f:28:bb:23:
ba:8f:8a:57:9d:5b:11:58:e0:b4:e5:a1:d3:b5:25:
29:08:e5:99:49:ab:80:ad:a1:dc:c4:31:0d:97:17:
4d:11:36:ad:66:d5:f7:1c:9e:8f:31:ab:e9:c8:38:
3d:1c:94:b2:86:3b:79:d2:24:23:ef:28:0b:00:12:
f7:70:64:1b:da:d0:7b:da:b0:aa:29:5a:99:a6:ef:
a8:99:a3:af:77:5b:db:3e:50:67:b1:29:8c:fe:57:
d6:c5:cd:fd:65:11:e0:30:7e:6b:c6:af:0b:f0:09:
80:5e:bc:32:15:28:54:97:eb:56:43:14:bf:c4:10:
59:b0:fe:43:24:f0:42:dd:7e:05:29:14:d6:37:5b:
a1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:30:56:94:BA:5C:43:6F:3C:72:57:3A:7B:1D:FD:C7:61:B9:57:26
X509v3 Authority Key Identifier:
keyid:D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/hDBWlLpcQ288clc6ex39x2G5VyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.144.0/21
80.92.64.0/19
89.37.200.0/21
89.41.248.0/21
94.177.88.0/21
IPv6:
2001:b20::/29
Signature Algorithm: sha256WithRSAEncryption
80:9e:f3:4a:a3:7d:b6:0c:0e:b3:51:7c:e3:89:0e:71:3f:ac:
b8:70:67:ff:3c:ab:d4:e6:ad:c5:69:05:40:f0:66:ea:9f:54:
19:4c:1b:aa:87:17:7d:5e:e9:d7:af:63:02:47:0a:87:22:62:
13:e6:8f:a7:50:0f:3f:e1:a8:1f:0a:67:a0:69:94:7f:a1:ed:
eb:57:13:3b:53:4a:73:92:d5:c6:e6:3f:c0:17:20:ca:24:40:
de:f8:6e:b8:c5:e7:20:08:af:05:ed:39:fa:68:21:29:db:2d:
14:ae:93:1d:7d:1e:b1:e1:bb:0c:ae:c1:fc:ac:ca:f6:f0:6d:
37:f5:c7:16:d4:84:32:81:bb:6e:93:cd:c5:ad:c1:3d:b0:29:
d8:a5:10:03:7a:48:df:e8:30:36:18:5c:b6:c2:22:d5:29:c7:
90:0b:70:db:3e:b1:91:c5:4c:83:47:26:61:1e:cc:ee:ae:de:
4b:9a:aa:3e:ba:b0:99:a1:e9:b5:fa:3f:bf:62:6b:40:6b:f5:
b6:01:3b:46:37:72:10:3a:26:f4:d6:a7:20:2b:7e:99:45:28:
6d:64:ef:1b:79:a6:87:d0:50:30:dd:e4:8c:a1:24:01:da:77:
a0:b7:96:db:5b:15:66:0d:53:8c:ae:0d:93:dc:e8:c2:4e:b3:
12:84:7a:b8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzFAQZq03Toyyh/gXdXspZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMDEwZGEzNTc2MjQyMzI0Y2VmYjJjODFjMTMzOWE2YzBl
M2I0MDMwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDMwNTY5NGJhNWM0MzZmM2M3MjU3M2E3YjFkZmRjNzYxYjk1NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFYXuDbaFw812zSpPQ1T1+y8AuG5
8GU7DQr8cWr5RD4Ij/z7dYH9DInnxuiN0APiEoSgXOxl1qFeOvU7FwVIDHaZxJLO
2V1agvOgG2xEDenNKJjLhsMql4a6SzimbGO7vACQhhneLCUi8LxnCtCSr5cdNU8o
uyO6j4pXnVsRWOC05aHTtSUpCOWZSauAraHcxDENlxdNETatZtX3HJ6PMavpyDg9
HJSyhjt50iQj7ygLABL3cGQb2tB72rCqKVqZpu+omaOvd1vbPlBnsSmM/lfWxc39
ZRHgMH5rxq8L8AmAXrwyFShUl+tWQxS/xBBZsP5DJPBC3X4FKRTWN1uhzQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIQwVpS6XENvPHJXOnsd/cdhuVcmMB8GA1UdIwQY
MBaAFNEBDaNXYkIyTO+yyBwTOabA47QDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAt
YTcwNDEyZmJjODMyLzEvaERCV2xMcGNRMjg4Y2xjNmV4Mzl4Mkc1VnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAtYTcwNDEyZmJjODMy
LzEvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDH9iQAwQF
UFxAAwQDWSXIAwQDWSn4AwQDXrFYMA0EAgACMAcDBQMgAQsgMA0GCSqGSIb3DQEB
CwUAA4IBAQCAnvNKo322DA6zUXzjiQ5xP6y4cGf/PKvU5q3FaQVA8Gbqn1QZTBuq
hxd9XunXr2MCRwqHImIT5o+nUA8/4agfCmegaZR/oe3rVxM7U0pzktXG5j/AFyDK
JEDe+G64xecgCK8F7Tn6aCEp2y0UrpMdfR6x4bsMrsH8rMr28G039ccW1IQygbtu
k83FrcE9sCnYpRADekjf6DA2GFy2wiLVKceQC3DbPrGRxUyDRyZhHszurt5Lmqo+
urCZoem1+j+/YmtAa/W2ATtGN3IQOib01qcgK36ZRShtZO8beaaH0FAw3eSMoSQB
2negt5bbWxVmDVOMrg2T3OjCTrMShHq4
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:56 2024 by rpki-client on console-fra.rpki-client.org