Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/HiJ2d7huVFjEXGgiw_UqdSSAlss.roa
File: HiJ2d7huVFjEXGgiw_UqdSSAlss.roa (raw, json)
Hash identifier: cEYxJWphjQkKfKjD4Ji/JqRXlUWybWuj0g2wFw7etFQ=
Subject key identifier: 1E:22:76:77:B8:6E:54:58:C4:5C:68:22:C3:F5:2A:75:24:80:96:CB
Certificate issuer: /CN=97893182b16718983bc008c8d087f8ddca3d8614
Certificate serial: 018CC7260F4D81DFCDA35A2F21F22794D27E
Authority key identifier: 97:89:31:82:B1:67:18:98:3B:C0:08:C8:D0:87:F8:DD:CA:3D:86:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/HiJ2d7huVFjEXGgiw_UqdSSAlss.roa
Signing time: Mon 01 Jan 2024 22:30:09 +0000
ROA not before: Mon 01 Jan 2024 22:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133142
IP address blocks: 2a0b:1306:9::/48 maxlen: 48
2a0b:1302::/34 maxlen: 34
2a0b:1306:b::/48 maxlen: 48
2a0b:1302:4000::/48 maxlen: 48
2a0b:1306:400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 04:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:0f:4d:81:df:cd:a3:5a:2f:21:f2:27:94:d2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97893182b16718983bc008c8d087f8ddca3d8614
Validity
Not Before: Jan 1 22:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e227677b86e5458c45c6822c3f52a75248096cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c0:6f:c2:ae:3a:5b:10:69:17:fe:d8:7d:a0:
bb:7c:37:ae:e3:48:ba:ca:e6:42:63:20:5c:f8:84:
d8:91:c4:cf:92:5f:de:c9:64:3a:ab:9b:d4:25:12:
e5:04:69:85:50:0a:73:15:9e:c5:b7:0a:47:93:38:
a3:18:9f:d5:90:c4:2d:31:3f:47:d5:d8:63:e2:3f:
fd:9a:9e:66:27:5f:15:66:0b:25:0f:96:ab:50:82:
da:69:f0:62:c4:d7:dc:f3:4f:3c:31:f1:68:23:6d:
b6:16:77:08:dc:96:f7:dd:70:0b:82:66:1c:72:22:
63:30:4e:1e:e8:3a:b1:ed:d8:a7:f6:bc:ba:ae:b4:
5f:29:fc:2c:ca:0b:96:ed:ea:45:7c:f0:5e:d7:86:
56:c0:8e:5e:ed:7e:e0:22:0e:50:27:5b:f4:68:5b:
32:5d:b0:3a:23:3b:82:d8:67:51:40:57:cb:eb:12:
9c:57:5d:02:ef:39:07:84:5a:f6:be:17:c1:74:43:
7e:e9:fc:2a:18:e8:04:c7:a3:80:e5:90:76:d1:99:
a1:40:4d:fa:78:49:ab:31:0a:38:fe:42:4b:3d:da:
4b:43:d3:d1:a2:c5:9c:26:dd:45:cc:f2:54:8e:b7:
68:05:5c:76:66:b4:56:3b:b8:ed:65:23:2b:50:b1:
15:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:22:76:77:B8:6E:54:58:C4:5C:68:22:C3:F5:2A:75:24:80:96:CB
X509v3 Authority Key Identifier:
keyid:97:89:31:82:B1:67:18:98:3B:C0:08:C8:D0:87:F8:DD:CA:3D:86:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4kxgrFnGJg7wAjI0If43co9hhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/HiJ2d7huVFjEXGgiw_UqdSSAlss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/120043-1733-4c72-ad47-bc0e511c20ce/1/l4kxgrFnGJg7wAjI0If43co9hhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:1302::-2a0b:1302:4000:ffff:ffff:ffff:ffff:ffff
2a0b:1306:9::/48
2a0b:1306:b::/48
2a0b:1306:400::/48
Signature Algorithm: sha256WithRSAEncryption
2e:1c:ae:c5:9c:0f:a6:97:15:b0:fc:6b:7f:4d:7c:d8:c2:58:
69:04:d8:ee:04:6c:16:35:47:cb:c7:f3:ca:87:65:be:6f:5e:
ef:56:55:a8:c7:62:3a:8f:3e:d4:b3:d4:21:b8:9b:ad:ca:a0:
52:88:ca:6a:cb:fb:e4:21:30:f6:39:dd:29:40:37:04:88:88:
c3:15:40:e2:4e:0e:56:25:89:be:78:65:84:39:90:94:03:13:
e2:5d:04:19:d5:af:36:41:4f:6c:18:8e:5d:ba:93:a6:3c:8d:
52:8b:a1:e6:3d:1d:05:0d:69:cb:23:17:7c:2e:e5:73:30:df:
25:b6:5b:d1:d0:9b:8f:6c:0f:e5:4a:e5:5d:ae:c7:80:84:f8:
e7:31:a8:a3:cc:d0:75:e8:3d:ca:41:4d:fa:ce:a4:b4:b1:c8:
87:2b:bd:5c:a8:18:dd:cf:2b:67:75:cd:ab:0f:d6:c6:fc:f9:
27:17:b4:32:e0:c2:e3:d4:a2:a2:91:52:58:96:60:11:85:88:
2e:04:7e:43:9d:c7:0f:9e:4b:35:45:06:c9:6a:a1:33:7a:ca:
ce:17:ac:6d:38:7a:e0:66:64:37:ea:64:cf:6b:b0:59:e3:19:
9c:05:51:65:d8:2d:39:28:d2:73:67:6c:9e:c7:91:46:54:32:
fb:7a:fc:bb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJg9Ngd/No1ovIfInlNJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODkzMTgyYjE2NzE4OTgzYmMwMDhjOGQwODdmOGRkY2Ez
ZDg2MTQwHhcNMjQwMTAxMjIzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTIyNzY3N2I4NmU1NDU4YzQ1YzY4MjJjM2Y1MmE3NTI0ODA5NmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncBvwq46WxBpF/7YfaC7fDeu40i6
yuZCYyBc+ITYkcTPkl/eyWQ6q5vUJRLlBGmFUApzFZ7FtwpHkzijGJ/VkMQtMT9H
1dhj4j/9mp5mJ18VZgslD5arUILaafBixNfc8088MfFoI222FncI3Jb33XALgmYc
ciJjME4e6Dqx7din9ry6rrRfKfwsyguW7epFfPBe14ZWwI5e7X7gIg5QJ1v0aFsy
XbA6IzuC2GdRQFfL6xKcV10C7zkHhFr2vhfBdEN+6fwqGOgEx6OA5ZB20ZmhQE36
eEmrMQo4/kJLPdpLQ9PRosWcJt1FzPJUjrdoBVx2ZrRWO7jtZSMrULEVVQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFB4idne4blRYxFxoIsP1KnUkgJbLMB8GA1UdIwQY
MBaAFJeJMYKxZxiYO8AIyNCH+N3KPYYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRreGdyRm5HSmc3d0FqSTBJZjQzY285aGhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xMjAwNDMtMTczMy00YzcyLWFkNDct
YmMwZTUxMWMyMGNlLzEvSGlKMmQ3aHVWRmpFWEdnaXdfVXFkU1NBbHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xMjAwNDMtMTczMy00YzcyLWFkNDctYmMwZTUxMWMyMGNl
LzEvbDRreGdyRm5HSmc3d0FqSTBJZjQzY285aGhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtMBADBQEqCxMC
AwcAKgsTAkAAAwcAKgsTBgAJAwcAKgsTBgALAwcAKgsTBgQAMA0GCSqGSIb3DQEB
CwUAA4IBAQAuHK7FnA+mlxWw/Gt/TXzYwlhpBNjuBGwWNUfLx/PKh2W+b17vVlWo
x2I6jz7Us9QhuJutyqBSiMpqy/vkITD2Od0pQDcEiIjDFUDiTg5WJYm+eGWEOZCU
AxPiXQQZ1a82QU9sGI5dupOmPI1Si6HmPR0FDWnLIxd8LuVzMN8ltlvR0JuPbA/l
SuVdrseAhPjnMaijzNB16D3KQU36zqS0sciHK71cqBjdzytndc2rD9bG/PknF7Qy
4MLj1KKikVJYlmARhYguBH5DnccPnks1RQbJaqEzesrOF6xtOHrgZmQ36mTPa7BZ
4xmcBVFl2C05KNJzZ2yex5FGVDL7evy7
-----END CERTIFICATE-----
Generated at Wed Jun 26 12:15:08 2024 by rpki-client on console-ams.rpki-client.org