Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/hvggmeB3jlPi8XA_L3ihMUOthwA.roa
File: hvggmeB3jlPi8XA_L3ihMUOthwA.roa (raw, json)
Hash identifier: 3jzN+xj2HAAs4SZXjTecZgYrjns9Q+K4FZHAm2m+mSM=
Subject key identifier: 86:F8:20:99:E0:77:8E:53:E2:F1:70:3F:2F:78:A1:31:43:AD:87:00
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 01919B4FC8E6FD27ABB6395AC1598B811ABB
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/hvggmeB3jlPi8XA_L3ihMUOthwA.roa
Signing time: Wed 28 Aug 2024 23:26:22 +0000
ROA not before: Wed 28 Aug 2024 23:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51859
IP address blocks: 87.237.200.0/21 maxlen: 24
87.237.201.0/24 maxlen: 24
87.237.202.0/23 maxlen: 24
87.237.203.0/24 maxlen: 24
87.237.204.0/22 maxlen: 24
87.237.204.0/24 maxlen: 24
91.214.200.0/22 maxlen: 24
91.222.4.0/22 maxlen: 24
92.249.52.0/22 maxlen: 24
92.249.52.0/24 maxlen: 24
185.29.100.0/22 maxlen: 24
188.93.120.0/22 maxlen: 24
2a04:2e40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9b:4f:c8:e6:fd:27:ab:b6:39:5a:c1:59:8b:81:1a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Aug 28 23:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86f82099e0778e53e2f1703f2f78a13143ad8700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:23:94:fb:03:e5:33:e7:b0:23:4e:c5:9f:
93:65:d9:a0:3f:5a:08:aa:e8:fc:61:61:f4:9d:db:
07:91:8b:8b:06:e6:1d:aa:f5:64:ed:ac:89:bd:a7:
9c:f0:54:82:13:7f:67:26:98:6d:d1:52:8c:f8:8a:
1c:4e:e7:9e:c4:62:45:6b:ed:5e:1c:38:c0:c0:8c:
5e:d4:49:67:b9:55:d5:2c:a8:5c:8d:39:6b:a9:47:
1f:6c:9b:51:d3:6d:b7:b0:2a:ff:46:25:07:45:fc:
d0:fc:6c:68:30:7c:90:cb:39:ea:be:94:50:ba:d7:
2f:c8:05:d3:a2:1a:0c:92:f7:bc:3e:20:74:3d:50:
e2:a9:37:0e:2f:91:ff:10:ed:96:86:23:41:ce:d3:
d6:24:5b:2b:e2:f1:2b:d1:f0:45:01:1e:df:a6:69:
9b:18:c3:dd:9c:cd:a8:2d:10:b6:ca:08:09:f9:34:
1c:9c:49:b8:ea:11:5d:ba:3a:2b:f9:1d:1c:02:b5:
4a:97:9c:7f:3d:65:e2:bf:69:4e:c2:0b:25:fe:0d:
bc:a1:29:76:47:37:fb:ed:91:c0:66:ce:bb:67:28:
e1:f8:5d:62:fa:61:f6:61:28:bb:a3:0a:35:79:af:
03:a7:0c:dd:1f:52:18:be:d1:93:3f:b7:4f:fe:87:
43:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F8:20:99:E0:77:8E:53:E2:F1:70:3F:2F:78:A1:31:43:AD:87:00
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/hvggmeB3jlPi8XA_L3ihMUOthwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.200.0/21
91.214.200.0/22
91.222.4.0/22
92.249.52.0/22
185.29.100.0/22
188.93.120.0/22
IPv6:
2a04:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:d9:8f:44:46:0c:e3:e5:c9:b1:cd:85:29:18:72:db:8b:92:
c0:8e:b6:58:df:b7:4a:81:f4:2b:dd:38:de:b8:40:7a:4b:97:
bb:89:78:6b:3b:4c:6b:0f:f9:7d:f6:b9:e2:eb:b0:89:6a:d7:
89:d3:02:73:0a:10:68:ec:ab:bf:d5:08:61:c9:73:b9:54:ad:
b5:4a:e3:56:a1:22:d0:83:25:08:ac:9a:5d:3d:76:94:f9:fe:
73:66:94:7f:e2:27:59:38:50:2d:26:c9:f5:89:5d:bc:98:7e:
c1:7f:07:27:5a:0b:21:4d:5f:fa:7f:71:a8:4b:7e:11:0a:6a:
b0:9f:d7:99:e0:be:aa:ef:a1:e9:8c:11:85:06:1a:6f:88:39:
75:61:f2:d1:13:f3:16:53:75:ac:49:4b:40:1d:e1:b9:ab:da:
b2:94:37:30:38:00:68:13:c5:f6:e9:3e:c8:eb:aa:d7:32:cc:
18:2d:1d:ac:cb:82:7b:84:2c:96:e3:da:b3:99:f8:88:ee:8d:
54:e7:81:d1:0b:28:c5:4c:fd:10:7c:24:45:8b:3d:bb:5c:63:
1a:a6:81:8f:a2:78:64:12:d5:e8:37:33:87:38:3b:f7:3c:17:
13:0a:a5:e8:96:a4:f7:6f:13:ae:d6:aa:fc:92:36:56:d5:77:
0d:3a:9d:0b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZGbT8jm/SertjlawVmLgRq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2YzYTQxZTZiZTUyNDExNWM2YzJiNTU4YmMyODAwNDNh
MDIyNGUwHhcNMjQwODI4MjMyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY4MjA5OWUwNzc4ZTUzZTJmMTcwM2YyZjc4YTEzMTQzYWQ4NzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUgjlPsD5TPnsCNOxZ+TZdmgP1oI
quj8YWH0ndsHkYuLBuYdqvVk7ayJvaec8FSCE39nJpht0VKM+IocTueexGJFa+1e
HDjAwIxe1ElnuVXVLKhcjTlrqUcfbJtR0223sCr/RiUHRfzQ/GxoMHyQyznqvpRQ
utcvyAXTohoMkve8PiB0PVDiqTcOL5H/EO2WhiNBztPWJFsr4vEr0fBFAR7fpmmb
GMPdnM2oLRC2yggJ+TQcnEm46hFdujor+R0cArVKl5x/PWXiv2lOwgsl/g28oSl2
Rzf77ZHAZs67Zyjh+F1i+mH2YSi7owo1ea8DpwzdH1IYvtGTP7dP/odD2wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIb4IJngd45T4vFwPy94oTFDrYcAMB8GA1UdIwQY
MBaAFOk/OkHmvlJBFcbCtVi8KABDoCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMt
MTBlMjQ2MjVhNGQ0LzEvaHZnZ21lQjNqbFBpOFhBX0wzaWhNVU90aHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMtMTBlMjQ2MjVhNGQ0
LzEvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV+3IAwQC
W9bIAwQCW94EAwQCXPk0AwQCuR1kAwQCvF14MA0EAgACMAcDBQMqBC5AMA0GCSqG
SIb3DQEBCwUAA4IBAQB62Y9ERgzj5cmxzYUpGHLbi5LAjrZY37dKgfQr3TjeuEB6
S5e7iXhrO0xrD/l99rni67CJateJ0wJzChBo7Ku/1QhhyXO5VK21SuNWoSLQgyUI
rJpdPXaU+f5zZpR/4idZOFAtJsn1iV28mH7BfwcnWgshTV/6f3GoS34RCmqwn9eZ
4L6q76HpjBGFBhpviDl1YfLRE/MWU3WsSUtAHeG5q9qylDcwOABoE8X26T7I66rX
MswYLR2sy4J7hCyW49qzmfiI7o1U54HRCyjFTP0QfCRFiz27XGMapoGPonhkEtXo
NzOHODv3PBcTCqXolqT3bxOu1qr8kjZW1XcNOp0L
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:14:10 2024 by rpki-client on console-ams.rpki-client.org