Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hMxwPvrxDWVJW9MMGYP5522W2hI.roa
File: hMxwPvrxDWVJW9MMGYP5522W2hI.roa (raw, json)
Hash identifier: Cj4+ow9FHC+5rf0OhVN6iHT0JnsVsSAo29qcdoKk43I=
Subject key identifier: 84:CC:70:3E:FA:F1:0D:65:49:5B:D3:0C:19:83:F9:E7:6D:96:DA:12
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019199391D990301AD61773EDBB4511BECED
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hMxwPvrxDWVJW9MMGYP5522W2hI.roa
Signing time: Wed 28 Aug 2024 13:42:22 +0000
ROA not before: Wed 28 Aug 2024 13:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29456
IP address blocks: 82.151.96.0/19 maxlen: 19
82.151.110.0/24 maxlen: 24
95.71.104.0/21 maxlen: 21
109.62.128.0/17 maxlen: 24
109.62.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:39:1d:99:03:01:ad:61:77:3e:db:b4:51:1b:ec:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 28 13:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84cc703efaf10d65495bd30c1983f9e76d96da12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1c:33:47:5c:99:67:73:33:9a:73:ff:5f:0f:
9d:3b:6b:7e:f2:b3:e5:1b:f7:13:d0:a3:c0:25:c4:
08:f2:c1:d9:09:81:bb:16:2a:7e:f9:15:07:31:e7:
cd:ca:a1:75:95:c0:96:ca:98:61:d6:a5:4e:35:ff:
14:a6:13:c6:1a:d4:06:00:b3:3c:eb:31:0d:87:c2:
1b:3b:c6:68:e7:ff:ef:dc:b6:c1:38:af:29:13:0b:
57:82:56:c9:c8:90:90:ad:5f:2b:9a:46:4e:10:69:
95:b1:78:4b:a5:44:4d:38:e1:a8:a6:8b:6a:ee:8b:
5c:14:bd:2a:76:bc:33:74:a0:d4:20:80:e7:62:f8:
f2:97:18:17:66:95:e3:5f:3d:60:08:94:1d:46:bc:
92:31:91:2f:68:12:fa:1f:02:89:67:67:56:92:5e:
91:ab:f0:9d:24:1f:94:39:e3:28:61:fa:95:5c:a3:
3a:97:12:b7:f2:2a:f1:df:4d:68:0c:2c:2f:25:16:
7d:a9:e3:d1:aa:51:04:fc:12:cb:38:05:35:c2:86:
98:b2:e0:92:47:b4:cd:dc:b3:34:e3:19:94:31:d5:
4d:71:71:da:12:06:7e:94:3d:c0:6f:ae:64:62:2c:
7c:8d:32:3c:7f:22:e3:33:18:1a:56:c8:69:30:0c:
9c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CC:70:3E:FA:F1:0D:65:49:5B:D3:0C:19:83:F9:E7:6D:96:DA:12
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/hMxwPvrxDWVJW9MMGYP5522W2hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.151.96.0/19
95.71.104.0/21
109.62.128.0/17
Signature Algorithm: sha256WithRSAEncryption
21:ff:9b:73:e4:fc:2f:fe:ce:97:a6:68:ba:31:fa:6a:3f:2f:
3f:d8:31:fd:d6:59:de:1b:9c:34:de:d8:25:f7:f3:5a:10:05:
13:d1:71:09:82:4a:6c:bd:a1:eb:60:01:68:b6:2c:9a:f1:f8:
df:8e:16:56:b2:6a:14:90:f5:43:87:a0:64:74:56:be:83:5e:
0d:ce:18:7f:3b:88:ae:6c:bb:77:39:0a:aa:f3:de:7c:84:02:
6d:55:a8:2e:bd:47:70:f5:99:65:14:3f:0f:04:0e:d0:f9:2a:
d1:67:ca:95:16:91:71:03:23:58:b1:55:62:95:d7:aa:cd:89:
11:5c:ff:49:ab:1f:0d:05:97:be:0c:91:8f:18:50:a2:3d:3e:
f9:da:97:7e:6f:59:43:71:3c:bb:30:21:ad:ab:22:54:8d:c5:
79:52:1c:35:aa:10:dd:15:09:46:51:4c:ac:66:6c:0e:c1:ab:
bb:c7:8c:62:b1:cd:ff:3c:f7:d7:46:3f:ab:ed:aa:9f:f1:46:
ce:8b:82:45:04:af:3c:12:83:56:26:47:27:c5:69:28:96:2f:
62:32:c3:81:00:5e:c9:4f:3b:fc:2a:ae:25:51:f2:f0:82:e2:
c8:1a:8c:6e:39:0d:57:97:c5:68:5c:c2:5b:a6:41:24:06:8e:
1f:e4:5b:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGZOR2ZAwGtYXc+27RRG+ztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI4MTM0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNjNzAzZWZhZjEwZDY1NDk1YmQzMGMxOTgzZjllNzZkOTZkYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBwzR1yZZ3MzmnP/Xw+dO2t+8rPl
G/cT0KPAJcQI8sHZCYG7Fip++RUHMefNyqF1lcCWyphh1qVONf8UphPGGtQGALM8
6zENh8IbO8Zo5//v3LbBOK8pEwtXglbJyJCQrV8rmkZOEGmVsXhLpURNOOGopotq
7otcFL0qdrwzdKDUIIDnYvjylxgXZpXjXz1gCJQdRrySMZEvaBL6HwKJZ2dWkl6R
q/CdJB+UOeMoYfqVXKM6lxK38irx301oDCwvJRZ9qePRqlEE/BLLOAU1woaYsuCS
R7TN3LM04xmUMdVNcXHaEgZ+lD3Ab65kYix8jTI8fyLjMxgaVshpMAyc7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITMcD768Q1lSVvTDBmD+edtltoSMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvaE14d1B2cnhEV1ZKVzlNTUdZUDU1MjJXMmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFUpdgAwQD
X0doAwQHbT6AMA0GCSqGSIb3DQEBCwUAA4IBAQAh/5tz5Pwv/s6Xpmi6MfpqPy8/
2DH91lneG5w03tgl9/NaEAUT0XEJgkpsvaHrYAFotiya8fjfjhZWsmoUkPVDh6Bk
dFa+g14Nzhh/O4iubLt3OQqq8958hAJtVaguvUdw9ZllFD8PBA7Q+SrRZ8qVFpFx
AyNYsVVildeqzYkRXP9Jqx8NBZe+DJGPGFCiPT752pd+b1lDcTy7MCGtqyJUjcV5
Uhw1qhDdFQlGUUysZmwOwau7x4xisc3/PPfXRj+r7aqf8UbOi4JFBK88EoNWJkcn
xWkoli9iMsOBAF7JTzv8Kq4lUfLwguLIGoxuOQ1Xl8VoXMJbpkEkBo4f5Fvb
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org