Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/1b710b-d2f1-4e15-aa3c-93260693add5/1/HjAjT39aXpYLw1z7v6rIupa-Ygk.roa
File: HjAjT39aXpYLw1z7v6rIupa-Ygk.roa (raw, json)
Hash identifier: XkaQZ5RK/xIryCN1D25OfDv6bzkrGzvh/7ttQ2ao2Mw=
Subject key identifier: 1E:30:23:4F:7F:5A:5E:96:0B:C3:5C:FB:BF:AA:C8:BA:96:BE:62:09
Certificate issuer: /CN=3fe484f7d0fff420f6b7713a93cdcb0c51007267
Certificate serial: 018D8302B4114B7EBC1D5D9FE3E0DECA1D18
Authority key identifier: 3F:E4:84:F7:D0:FF:F4:20:F6:B7:71:3A:93:CD:CB:0C:51:00:72:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-SE99D_9CD2t3E6k83LDFEAcmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/1b710b-d2f1-4e15-aa3c-93260693add5/1/HjAjT39aXpYLw1z7v6rIupa-Ygk.roa
Signing time: Wed 07 Feb 2024 10:00:08 +0000
ROA not before: Wed 07 Feb 2024 10:00:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12479
IP address blocks: 62.151.0.0/17 maxlen: 24
62.151.128.0/19 maxlen: 24
62.151.168.0/21 maxlen: 24
62.151.184.0/21 maxlen: 24
62.151.192.0/18 maxlen: 24
84.76.0.0/14 maxlen: 24
89.128.0.0/14 maxlen: 24
92.56.0.0/14 maxlen: 24
185.124.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/1b710b-d2f1-4e15-aa3c-93260693add5/1/P-SE99D_9CD2t3E6k83LDFEAcmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/1b710b-d2f1-4e15-aa3c-93260693add5/1/P-SE99D_9CD2t3E6k83LDFEAcmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-SE99D_9CD2t3E6k83LDFEAcmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:02:b4:11:4b:7e:bc:1d:5d:9f:e3:e0:de:ca:1d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fe484f7d0fff420f6b7713a93cdcb0c51007267
Validity
Not Before: Feb 7 10:00:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e30234f7f5a5e960bc35cfbbfaac8ba96be6209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:06:17:3e:1c:24:23:f4:b3:7c:f9:fd:28:
5a:27:b3:a1:ba:af:d2:e4:a0:48:a6:40:35:2e:75:
d5:85:18:3a:92:b8:ff:bd:c7:2d:81:e7:7d:26:33:
a0:e5:4c:f6:0a:79:7e:d6:68:b2:a2:39:a7:b7:e4:
ca:d5:80:a5:f6:58:c0:68:68:8b:5c:5b:7c:98:c9:
b4:49:6d:b6:6e:db:9b:63:ea:df:c1:b4:b7:e2:1b:
13:b3:bd:f3:1f:4d:08:ad:a8:2e:e0:36:34:4f:c5:
f0:c8:4a:ac:b4:fe:07:0a:d2:ef:03:30:61:e5:45:
d3:48:f1:da:4f:e9:69:3a:fe:7c:43:bd:ed:08:26:
7c:c7:bc:48:af:ca:df:19:a4:b6:b8:c4:f5:aa:b3:
8b:70:fe:1f:11:64:4b:f7:e6:94:2f:b8:3b:4d:b3:
4d:a6:c5:74:ae:d7:8d:00:75:d1:58:a2:6c:29:e2:
f9:bb:90:d1:c1:9e:9f:5b:02:7a:aa:63:1c:9c:e2:
33:f0:8a:27:36:8b:fb:ea:7d:3d:a4:4d:e8:c4:0a:
f6:7a:b9:86:5a:66:77:0e:52:77:81:d2:1b:ce:a5:
01:09:20:81:b5:61:ba:9e:88:57:a1:fc:d2:8e:ef:
5e:bf:e5:2e:73:fb:02:bb:71:3d:a4:3a:e7:6c:19:
ea:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:30:23:4F:7F:5A:5E:96:0B:C3:5C:FB:BF:AA:C8:BA:96:BE:62:09
X509v3 Authority Key Identifier:
keyid:3F:E4:84:F7:D0:FF:F4:20:F6:B7:71:3A:93:CD:CB:0C:51:00:72:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-SE99D_9CD2t3E6k83LDFEAcmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1b710b-d2f1-4e15-aa3c-93260693add5/1/HjAjT39aXpYLw1z7v6rIupa-Ygk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/1b710b-d2f1-4e15-aa3c-93260693add5/1/P-SE99D_9CD2t3E6k83LDFEAcmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.151.0.0-62.151.159.255
62.151.168.0/21
62.151.184.0-62.151.255.255
84.76.0.0/14
89.128.0.0/14
92.56.0.0/14
185.124.24.0/22
Signature Algorithm: sha256WithRSAEncryption
04:4f:ea:0a:29:a8:08:58:35:c5:2e:38:c0:a4:f9:c8:b6:0d:
61:6d:fd:45:1a:f0:a7:a1:ec:86:6c:70:79:be:ff:43:9f:cb:
3a:59:d7:eb:fc:e3:80:39:ba:a6:2a:2f:2f:5c:1d:a7:9e:0f:
dc:99:da:4a:d6:4e:8d:25:66:70:3d:d5:ab:6b:bf:11:49:13:
1e:14:88:76:26:d4:8e:89:af:36:3f:85:b6:1c:c7:32:28:65:
ed:22:05:46:b5:76:4c:99:9c:36:e9:5c:22:b8:cd:a3:c6:9a:
64:73:a5:8b:32:60:7d:8c:81:5b:97:c9:ad:cc:45:98:18:54:
90:a5:7d:c9:62:77:7c:ea:a7:66:c3:45:1c:96:1f:53:8c:45:
4d:e7:e0:30:ba:10:f7:1d:34:34:27:67:cd:48:dd:53:41:33:
db:c2:8a:94:c9:ba:43:97:ad:28:50:11:0d:43:79:f1:27:8c:
66:93:0d:50:7b:d4:df:4c:9c:45:36:6e:c2:53:39:b5:a6:c9:
55:31:f7:82:a2:de:ef:5e:7e:2b:ad:f7:95:e2:a5:3c:7b:91:
f0:0c:c5:f0:2b:cc:b9:e6:db:32:b1:8c:c6:62:70:e6:65:17:
11:34:f6:c7:63:bb:d3:5c:0a:6d:a3:3c:9f:fb:97:dc:a9:5c:
62:aa:5a:2e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY2DArQRS368HV2f4+Deyh0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZTQ4NGY3ZDBmZmY0MjBmNmI3NzEzYTkzY2RjYjBjNTEw
MDcyNjcwHhcNMjQwMjA3MTAwMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTMwMjM0ZjdmNWE1ZTk2MGJjMzVjZmJiZmFhYzhiYTk2YmU2MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOwGFz4cJCP0s3z5/ShaJ7Ohuq/S
5KBIpkA1LnXVhRg6krj/vcctged9JjOg5Uz2Cnl+1miyojmnt+TK1YCl9ljAaGiL
XFt8mMm0SW22btubY+rfwbS34hsTs73zH00Iragu4DY0T8XwyEqstP4HCtLvAzBh
5UXTSPHaT+lpOv58Q73tCCZ8x7xIr8rfGaS2uMT1qrOLcP4fEWRL9+aUL7g7TbNN
psV0rteNAHXRWKJsKeL5u5DRwZ6fWwJ6qmMcnOIz8IonNov76n09pE3oxAr2ermG
WmZ3DlJ3gdIbzqUBCSCBtWG6nohXofzSju9ev+Uuc/sCu3E9pDrnbBnqlwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFB4wI09/Wl6WC8Nc+7+qyLqWvmIJMB8GA1UdIwQY
MBaAFD/khPfQ//Qg9rdxOpPNywxRAHJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC1TRTk5RF85Q0QydDNFNms4M0xERkVBY21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xYjcxMGItZDJmMS00ZTE1LWFhM2Mt
OTMyNjA2OTNhZGQ1LzEvSGpBalQzOWFYcFlMdzF6N3Y2ckl1cGEtWWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xYjcxMGItZDJmMS00ZTE1LWFhM2MtOTMyNjA2OTNhZGQ1
LzEvUC1TRTk5RF85Q0QydDNFNms4M0xERkVBY21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1MAsDAwA+lwME
BT6XgAMEAz6XqDALAwQDPpe4AwMDPpADAwJUTAMDAlmAAwMCXDgDBAK5fBgwDQYJ
KoZIhvcNAQELBQADggEBAARP6gopqAhYNcUuOMCk+ci2DWFt/UUa8Keh7IZscHm+
/0OfyzpZ1+v844A5uqYqLy9cHaeeD9yZ2krWTo0lZnA91atrvxFJEx4UiHYm1I6J
rzY/hbYcxzIoZe0iBUa1dkyZnDbpXCK4zaPGmmRzpYsyYH2MgVuXya3MRZgYVJCl
fclid3zqp2bDRRyWH1OMRU3n4DC6EPcdNDQnZ81I3VNBM9vCipTJukOXrShQEQ1D
efEnjGaTDVB71N9MnEU2bsJTObWmyVUx94Ki3u9efiut95XipTx7kfAMxfArzLnm
2zKxjMZicOZlFxE09sdju9NcCm2jPJ/7l9ypXGKqWi4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:29:01 2024 by rpki-client on console-fra.rpki-client.org