Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/HSyYYMdqyyN9uFMf9VkXO3x5bAo.roa
File: HSyYYMdqyyN9uFMf9VkXO3x5bAo.roa (raw, json)
Hash identifier: KusgKNuxbae/Yfo+GfkXgGmFMlkMqAgHXl0lrMy1+gM=
Subject key identifier: 1D:2C:98:60:C7:6A:CB:23:7D:B8:53:1F:F5:59:17:3B:7C:79:6C:0A
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019305605D1D61EF0C1F0D2D70292BAEBA9B
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/HSyYYMdqyyN9uFMf9VkXO3x5bAo.roa
Signing time: Thu 07 Nov 2024 06:47:01 +0000
ROA not before: Thu 07 Nov 2024 06:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44467
IP address blocks: 83.239.44.0/22 maxlen: 22
83.239.44.0/24 maxlen: 24
83.239.45.0/24 maxlen: 24
83.239.46.0/23 maxlen: 23
83.239.46.0/24 maxlen: 24
85.173.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:60:5d:1d:61:ef:0c:1f:0d:2d:70:29:2b:ae:ba:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Nov 7 06:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d2c9860c76acb237db8531ff559173b7c796c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:64:ae:7c:ca:13:03:cb:43:30:9e:84:b0:b0:
ca:4a:e8:e1:45:db:f5:e3:00:f5:34:51:95:d4:25:
6f:fc:69:6c:61:7b:0a:f5:7d:8f:bb:38:46:ac:ac:
ff:12:e4:ec:3c:7f:8b:81:f4:bf:1e:44:4b:8e:50:
fd:1b:79:db:3d:97:4c:38:11:65:1f:88:99:27:ad:
a0:ee:bc:51:fa:47:aa:6f:9f:fb:29:51:62:eb:81:
79:3d:f4:a0:69:de:31:7a:fe:43:c0:33:17:cb:29:
02:cd:6d:37:ba:ec:cf:bc:24:8f:29:ab:08:6c:80:
b4:48:e5:c3:27:5c:d1:db:b8:8f:a5:e4:f4:01:24:
a5:37:9f:b8:be:e8:6f:3c:e3:04:d7:c9:e8:43:26:
be:d9:3b:ae:1c:da:3d:e6:c3:a4:0b:19:b7:74:3a:
53:80:15:05:b5:ed:78:7f:5d:f7:f7:d4:b8:69:ed:
3d:4b:9d:e7:e2:6c:2d:7a:e3:cc:cf:49:ba:24:f2:
85:ab:ba:35:69:32:f7:03:08:ed:2c:bc:ca:33:43:
ef:4e:21:a1:92:32:a5:84:68:34:af:ff:88:06:59:
76:e5:d1:c3:ad:63:87:64:17:45:fe:c2:25:e7:6b:
39:cb:e7:6e:f2:4b:50:8f:f4:5c:10:32:26:71:57:
52:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2C:98:60:C7:6A:CB:23:7D:B8:53:1F:F5:59:17:3B:7C:79:6C:0A
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/HSyYYMdqyyN9uFMf9VkXO3x5bAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.44.0/22
85.173.3.0/24
Signature Algorithm: sha256WithRSAEncryption
53:73:16:ab:5e:76:f8:ff:54:f0:43:f1:63:7a:c9:34:3e:c4:
99:f9:ff:60:3b:f1:54:67:69:d1:a6:3b:20:26:64:e9:91:38:
6c:b3:80:f0:c6:c5:34:4b:86:2b:04:c4:a0:23:fd:94:10:ea:
95:2f:33:30:63:8e:c9:bb:93:59:36:b6:96:52:b3:f2:97:d6:
e2:e0:28:e0:56:08:e9:27:fc:30:6b:f7:46:e3:86:38:e1:b7:
51:fd:78:73:90:7e:f9:5b:d4:8c:15:06:a0:02:64:a6:16:5c:
3a:02:dc:cf:a2:dd:46:bc:05:6d:4c:28:f6:8e:f9:5d:ca:25:
40:3b:4f:1c:01:ed:22:63:c7:f7:5f:10:cd:84:75:bf:5a:0b:
85:ca:a6:89:04:34:74:ce:12:de:9e:3b:48:60:44:2b:25:66:
27:4c:85:aa:9e:e7:2f:9c:a9:87:10:e1:88:e6:5e:ba:33:29:
2b:ce:b3:23:3c:5a:b1:3f:92:26:fc:ce:b1:8d:78:d7:df:4f:
1e:94:a8:7d:80:f7:a7:1e:b2:c7:05:f3:07:22:02:86:3b:61:
b2:d4:9a:86:49:35:18:10:52:00:f4:6d:da:07:bf:23:05:ce:
90:7f:0a:27:6f:df:54:93:7b:fb:02:d6:e7:ec:75:36:ec:6b:
e7:93:6d:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMFYF0dYe8MHw0tcCkrrrqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMTA3MDY0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDJjOTg2MGM3NmFjYjIzN2RiODUzMWZmNTU5MTczYjdjNzk2YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmSufMoTA8tDMJ6EsLDKSujhRdv1
4wD1NFGV1CVv/GlsYXsK9X2PuzhGrKz/EuTsPH+LgfS/HkRLjlD9G3nbPZdMOBFl
H4iZJ62g7rxR+keqb5/7KVFi64F5PfSgad4xev5DwDMXyykCzW03uuzPvCSPKasI
bIC0SOXDJ1zR27iPpeT0ASSlN5+4vuhvPOME18noQya+2TuuHNo95sOkCxm3dDpT
gBUFte14f13399S4ae09S53n4mwteuPMz0m6JPKFq7o1aTL3AwjtLLzKM0PvTiGh
kjKlhGg0r/+IBll25dHDrWOHZBdF/sIl52s5y+du8ktQj/RcEDImcVdS+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0smGDHassjfbhTH/VZFzt8eWwKMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvSFN5WVlNZHF5eU45dUZNZjlWa1hPM3g1YkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCU+8sAwQA
Va0DMA0GCSqGSIb3DQEBCwUAA4IBAQBTcxarXnb4/1TwQ/Fjesk0PsSZ+f9gO/FU
Z2nRpjsgJmTpkThss4DwxsU0S4YrBMSgI/2UEOqVLzMwY47Ju5NZNraWUrPyl9bi
4CjgVgjpJ/wwa/dG44Y44bdR/XhzkH75W9SMFQagAmSmFlw6AtzPot1GvAVtTCj2
jvldyiVAO08cAe0iY8f3XxDNhHW/WguFyqaJBDR0zhLenjtIYEQrJWYnTIWqnucv
nKmHEOGI5l66MykrzrMjPFqxP5Im/M6xjXjX308elKh9gPenHrLHBfMHIgKGO2Gy
1JqGSTUYEFIA9G3aB78jBc6Qfwonb99Uk3v7Atbn7HU27Gvnk234
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org