Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/HlITixtRJA5B8_rN76oqz12cZNY.roa
File: HlITixtRJA5B8_rN76oqz12cZNY.roa (raw, json)
Hash identifier: FYJbj0dEjph4PtdhNdd6lbDbwuY0kwH2cPLA1Y4Gb5c=
Subject key identifier: 1E:52:13:8B:1B:51:24:0E:41:F3:FA:CD:EF:AA:2A:CF:5D:9C:64:D6
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDDB582E089D5B7CEE7947053B792
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/HlITixtRJA5B8_rN76oqz12cZNY.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196705
IP address blocks: 194.187.148.0/22 maxlen: 22
188.191.20.0/24 maxlen: 24
188.191.21.0/24 maxlen: 24
188.191.22.0/24 maxlen: 24
188.191.23.0/24 maxlen: 24
188.191.20.0/22 maxlen: 22
188.191.28.0/24 maxlen: 24
188.191.28.0/22 maxlen: 24
91.215.60.0/22 maxlen: 22
91.215.60.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:dd:b5:82:e0:89:d5:b7:ce:e7:94:70:53:b7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e52138b1b51240e41f3facdefaa2acf5d9c64d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8b:12:cb:7e:00:50:4a:6c:3d:3d:e4:25:87:
12:d2:fa:45:e5:6a:65:e7:da:06:b2:73:f9:9c:62:
cb:a2:19:6e:00:35:99:6b:ea:b2:ff:00:58:c2:6b:
7b:d9:f7:21:1d:3c:b1:60:5f:ee:09:2a:02:91:11:
e1:22:6f:62:c6:53:52:37:e1:c5:6e:1a:06:e3:71:
3d:da:39:4e:b8:2b:dd:3b:b6:75:78:ec:ca:fb:10:
28:a4:a1:3c:00:95:5c:d0:b5:44:d7:10:30:f0:b4:
02:ca:29:31:2a:48:55:34:f3:ff:af:84:d2:fa:c3:
a0:86:7b:4b:0f:da:fb:45:4d:09:d9:73:2a:66:e3:
0d:e6:ec:d0:bc:51:f5:a1:c8:44:57:96:e3:09:fc:
aa:68:9f:f7:91:61:bd:48:47:d8:61:04:01:c7:60:
b0:e1:94:0a:fd:1e:12:a7:52:22:29:96:2c:9e:c7:
ef:28:ab:f5:3e:4b:3e:4a:25:c5:e2:ec:b6:30:84:
8f:11:8b:64:6c:77:dc:b7:b9:99:bc:7a:54:d4:d2:
58:70:b5:39:09:5c:46:ba:b7:e9:37:2c:6a:73:7f:
08:74:0e:f6:9a:ed:b9:75:a0:d9:8c:7b:a0:b1:c6:
af:6e:31:5e:16:c4:63:43:4a:b5:b9:fc:ac:fb:fd:
7f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:52:13:8B:1B:51:24:0E:41:F3:FA:CD:EF:AA:2A:CF:5D:9C:64:D6
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/HlITixtRJA5B8_rN76oqz12cZNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.60.0/22
188.191.20.0/22
188.191.28.0/22
194.187.148.0/22
Signature Algorithm: sha256WithRSAEncryption
14:ea:19:3b:6d:8a:75:c4:ea:8b:01:ca:81:76:bc:80:94:7b:
3e:11:af:28:69:1c:99:4d:3a:8c:95:e0:70:b4:e9:a6:95:79:
1c:98:24:97:e7:71:e2:ca:e5:00:d6:68:56:82:56:2b:f9:51:
59:1a:7a:ae:0a:66:04:ab:9d:41:0d:93:89:a6:4a:f2:5c:8e:
82:e8:16:9d:4e:9c:fd:b3:6f:e5:4c:93:7e:80:b1:9a:6a:2b:
c8:fa:19:fe:9b:a1:1f:bf:e5:86:fa:34:77:c3:69:a9:41:07:
4d:2a:53:04:53:dd:e4:9d:06:52:7c:9e:27:42:40:a8:f4:a1:
f8:53:fa:1a:82:c4:7c:3c:62:7e:2d:e8:33:17:4d:96:22:d0:
af:c5:b4:e1:94:e6:69:ad:37:3b:46:fb:7e:34:b5:8b:34:a4:
1c:01:50:9a:91:7b:48:fc:56:88:b0:34:53:6f:cb:e8:0c:5e:
f1:d1:7c:46:d7:2a:f4:de:3c:af:e3:95:45:05:fd:53:ff:08:
9a:ef:86:ae:0d:f2:f9:88:66:1c:e3:88:d9:76:51:0a:b8:ae:
e2:83:e9:20:92:82:63:b9:09:0d:4b:03:20:a6:05:54:dd:de:
09:29:6c:e3:6d:1f:88:d5:70:25:b0:61:d3:ca:d4:d9:ab:c7:
13:97:58:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3t21guCJ1bfO55RwU7eSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTUyMTM4YjFiNTEyNDBlNDFmM2ZhY2RlZmFhMmFjZjVkOWM2NGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YsSy34AUEpsPT3kJYcS0vpF5Wpl
59oGsnP5nGLLohluADWZa+qy/wBYwmt72fchHTyxYF/uCSoCkRHhIm9ixlNSN+HF
bhoG43E92jlOuCvdO7Z1eOzK+xAopKE8AJVc0LVE1xAw8LQCyikxKkhVNPP/r4TS
+sOghntLD9r7RU0J2XMqZuMN5uzQvFH1ochEV5bjCfyqaJ/3kWG9SEfYYQQBx2Cw
4ZQK/R4Sp1IiKZYsnsfvKKv1Pks+SiXF4uy2MISPEYtkbHfct7mZvHpU1NJYcLU5
CVxGurfpNyxqc38IdA72mu25daDZjHugscavbjFeFsRjQ0q1ufys+/1/PQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB5SE4sbUSQOQfP6ze+qKs9dnGTWMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvSGxJVGl4dFJKQTVCOF9yTjc2b3F6MTJjWk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9c8AwQC
vL8UAwQCvL8cAwQCwruUMA0GCSqGSIb3DQEBCwUAA4IBAQAU6hk7bYp1xOqLAcqB
dryAlHs+Ea8oaRyZTTqMleBwtOmmlXkcmCSX53HiyuUA1mhWglYr+VFZGnquCmYE
q51BDZOJpkryXI6C6BadTpz9s2/lTJN+gLGaaivI+hn+m6Efv+WG+jR3w2mpQQdN
KlMEU93knQZSfJ4nQkCo9KH4U/oagsR8PGJ+LegzF02WItCvxbThlOZprTc7Rvt+
NLWLNKQcAVCakXtI/FaIsDRTb8voDF7x0XxG1yr03jyv45VFBf1T/wia74auDfL5
iGYc44jZdlEKuK7ig+kgkoJjuQkNSwMgpgVU3d4JKWzjbR+I1XAlsGHTytTZq8cT
l1hs
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:40:28 2024 by rpki-client on console-ams.rpki-client.org