Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/K9FjluNOdxDSyLLuE1qxEh-hut4.roa
File: K9FjluNOdxDSyLLuE1qxEh-hut4.roa (raw, json)
Hash identifier: ngySlJevCzZPqm+OMO2yAeRcDNNXjX04a+P91zeP08M=
Subject key identifier: 2B:D1:63:96:E3:4E:77:10:D2:C8:B2:EE:13:5A:B1:12:1F:A1:BA:DE
Certificate issuer: /CN=9478ed3ead627fce16c5180250c466217318d65c
Certificate serial: 018CC8DF516A38C2A3815A23C9FBFDAE3E19
Authority key identifier: 94:78:ED:3E:AD:62:7F:CE:16:C5:18:02:50:C4:66:21:73:18:D6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHjtPq1if84WxRgCUMRmIXMY1lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/K9FjluNOdxDSyLLuE1qxEh-hut4.roa
Signing time: Tue 02 Jan 2024 06:32:07 +0000
ROA not before: Tue 02 Jan 2024 06:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25148
IP address blocks: 89.250.112.0/20 maxlen: 20
79.171.80.0/21 maxlen: 21
195.28.172.0/23 maxlen: 23
109.68.88.0/21 maxlen: 21
46.31.184.0/22 maxlen: 22
194.24.252.0/23 maxlen: 23
81.93.160.0/20 maxlen: 20
46.31.188.0/22 maxlen: 22
195.225.0.0/19 maxlen: 19
2a01:600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/lHjtPq1if84WxRgCUMRmIXMY1lw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/lHjtPq1if84WxRgCUMRmIXMY1lw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHjtPq1if84WxRgCUMRmIXMY1lw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:51:6a:38:c2:a3:81:5a:23:c9:fb:fd:ae:3e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9478ed3ead627fce16c5180250c466217318d65c
Validity
Not Before: Jan 2 06:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bd16396e34e7710d2c8b2ee135ab1121fa1bade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b5:86:34:10:c2:57:b9:d7:56:5f:7e:54:c5:
e1:b2:40:21:21:0d:e4:08:d6:dd:cd:f9:6e:b4:35:
c8:6b:31:e6:89:21:86:2e:0b:b6:f8:f7:77:e2:01:
87:c6:2e:d9:ff:df:76:ca:f4:67:bc:01:71:e9:f2:
af:17:07:8c:fa:f6:0b:76:da:80:df:fb:a3:bf:9d:
74:c2:23:2a:57:26:0f:fe:7e:f9:3a:9b:39:64:dd:
30:62:b7:33:e2:ac:a9:b1:c6:b2:f1:fa:79:36:ca:
84:c2:94:3c:e5:2b:4a:f1:98:75:19:de:cb:7d:e2:
bd:1c:36:6d:35:e9:a3:51:09:c7:50:37:bf:cd:65:
37:c0:62:32:3d:13:65:9f:1f:fd:26:16:2f:de:93:
0d:c9:27:89:dc:2b:b7:70:1d:13:0b:2d:ee:39:46:
58:b0:58:c4:04:26:61:34:ec:0c:99:a0:5b:69:3f:
1e:3e:54:01:1d:41:b6:fa:a6:fe:45:18:33:cc:93:
52:80:0f:8b:b4:21:a5:2d:a8:a7:a8:28:0e:76:50:
6d:7f:86:88:ac:32:bf:ff:8d:2a:52:7a:cc:d1:90:
d5:b1:4a:c1:1e:17:31:a7:4a:65:51:1d:ee:64:44:
94:5c:d9:d1:c3:02:ce:9e:6f:17:dc:6a:69:61:58:
0c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D1:63:96:E3:4E:77:10:D2:C8:B2:EE:13:5A:B1:12:1F:A1:BA:DE
X509v3 Authority Key Identifier:
keyid:94:78:ED:3E:AD:62:7F:CE:16:C5:18:02:50:C4:66:21:73:18:D6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHjtPq1if84WxRgCUMRmIXMY1lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/K9FjluNOdxDSyLLuE1qxEh-hut4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/e4be23-b536-4e30-9a5b-5d5d02bb7199/1/lHjtPq1if84WxRgCUMRmIXMY1lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.184.0/21
79.171.80.0/21
81.93.160.0/20
89.250.112.0/20
109.68.88.0/21
194.24.252.0/23
195.28.172.0/23
195.225.0.0/19
IPv6:
2a01:600::/32
Signature Algorithm: sha256WithRSAEncryption
5b:99:d7:c8:0a:14:86:dd:26:b3:e3:0d:ec:d9:fd:f1:37:1e:
c2:81:2f:54:40:02:66:b9:af:92:bc:d6:a5:b8:02:16:47:80:
4d:99:44:fd:b3:23:6e:71:9e:46:fc:7c:41:c8:52:e4:f3:be:
e7:db:ec:96:f7:5a:31:d0:c7:a5:0a:e0:5b:59:60:c0:83:1f:
15:e3:12:a7:26:23:13:1f:33:f8:14:43:c0:c7:b0:63:30:ed:
a6:d2:aa:1d:06:82:00:0f:63:2c:56:30:24:89:9c:b7:2e:e3:
59:c7:57:92:c1:48:57:b1:b9:a5:79:45:eb:ba:a5:2e:ce:fc:
7e:06:ca:c0:53:7d:23:2e:21:44:c5:7a:55:1a:60:43:ec:0f:
83:8f:10:a9:d5:41:73:a0:fd:52:16:1a:d5:6e:ee:c5:40:1f:
c7:85:af:8a:a6:54:38:d1:f6:9b:71:46:4f:0b:56:7d:da:d8:
b2:b7:b0:25:af:c0:96:40:1e:81:f0:4b:dc:30:49:5f:ff:bf:
f2:b1:89:59:75:67:af:c5:8f:77:c2:5d:81:4f:e4:14:69:c0:
32:fd:5c:39:8e:a4:48:f3:0d:e2:ca:29:34:aa:d4:fd:54:62:
fa:64:20:01:e0:4a:56:46:4f:31:13:26:b7:88:9a:d1:c9:ba:
42:29:8c:57
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzI31FqOMKjgVojyfv9rj4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzhlZDNlYWQ2MjdmY2UxNmM1MTgwMjUwYzQ2NjIxNzMx
OGQ2NWMwHhcNMjQwMTAyMDYzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQxNjM5NmUzNGU3NzEwZDJjOGIyZWUxMzVhYjExMjFmYTFiYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LWGNBDCV7nXVl9+VMXhskAhIQ3k
CNbdzflutDXIazHmiSGGLgu2+Pd34gGHxi7Z/992yvRnvAFx6fKvFweM+vYLdtqA
3/ujv510wiMqVyYP/n75Ops5ZN0wYrcz4qypscay8fp5NsqEwpQ85StK8Zh1Gd7L
feK9HDZtNemjUQnHUDe/zWU3wGIyPRNlnx/9JhYv3pMNySeJ3Cu3cB0TCy3uOUZY
sFjEBCZhNOwMmaBbaT8ePlQBHUG2+qb+RRgzzJNSgA+LtCGlLainqCgOdlBtf4aI
rDK//40qUnrM0ZDVsUrBHhcxp0plUR3uZESUXNnRwwLOnm8X3GppYVgMhwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCvRY5bjTncQ0siy7hNasRIfobreMB8GA1UdIwQY
MBaAFJR47T6tYn/OFsUYAlDEZiFzGNZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhqdFBxMWlmODRXeFJnQ1VNUm1JWE1ZMWx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lNGJlMjMtYjUzNi00ZTMwLTlhNWIt
NWQ1ZDAyYmI3MTk5LzEvSzlGamx1Tk9keERTeUxMdUUxcXhFaC1odXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lNGJlMjMtYjUzNi00ZTMwLTlhNWItNWQ1ZDAyYmI3MTk5
LzEvbEhqdFBxMWlmODRXeFJnQ1VNUm1JWE1ZMWx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDLh+4AwQD
T6tQAwQEUV2gAwQEWfpwAwQDbURYAwQBwhj8AwQBwxysAwQFw+EAMA0EAgACMAcD
BQAqAQYAMA0GCSqGSIb3DQEBCwUAA4IBAQBbmdfIChSG3Saz4w3s2f3xNx7CgS9U
QAJmua+SvNaluAIWR4BNmUT9syNucZ5G/HxByFLk877n2+yW91ox0MelCuBbWWDA
gx8V4xKnJiMTHzP4FEPAx7BjMO2m0qodBoIAD2MsVjAkiZy3LuNZx1eSwUhXsbml
eUXruqUuzvx+BsrAU30jLiFExXpVGmBD7A+DjxCp1UFzoP1SFhrVbu7FQB/Hha+K
plQ40fabcUZPC1Z92tiyt7Alr8CWQB6B8EvcMElf/7/ysYlZdWevxY93wl2BT+QU
acAy/Vw5jqRI8w3iyik0qtT9VGL6ZCAB4EpWRk8xEya3iJrRybpCKYxX
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:48:18 2024 by rpki-client on console-ams.rpki-client.org