Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/HSb-Krl9aPi7nBDLWWJ9GGrGVr0.roa
File: HSb-Krl9aPi7nBDLWWJ9GGrGVr0.roa (raw, json)
Hash identifier: tr++QyId1pquJ4XOImxP96SG39p0LJVTgKfixRnm12g=
Subject key identifier: 1D:26:FE:2A:B9:7D:68:F8:BB:9C:10:CB:59:62:7D:18:6A:C6:56:BD
Certificate issuer: /CN=08149ab3f18ec3ed36ff2a81d489af10699cb392
Certificate serial: 01900DE33C9E381394061F27ED00C956F1ED
Authority key identifier: 08:14:9A:B3:F1:8E:C3:ED:36:FF:2A:81:D4:89:AF:10:69:9C:B3:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBSas_GOw-02_yqB1ImvEGmcs5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/HSb-Krl9aPi7nBDLWWJ9GGrGVr0.roa
Signing time: Wed 12 Jun 2024 19:18:34 +0000
ROA not before: Wed 12 Jun 2024 19:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12941
IP address blocks: 192.109.53.0/24 maxlen: 24
193.141.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/CBSas_GOw-02_yqB1ImvEGmcs5I.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/CBSas_GOw-02_yqB1ImvEGmcs5I.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBSas_GOw-02_yqB1ImvEGmcs5I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:e3:3c:9e:38:13:94:06:1f:27:ed:00:c9:56:f1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08149ab3f18ec3ed36ff2a81d489af10699cb392
Validity
Not Before: Jun 12 19:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d26fe2ab97d68f8bb9c10cb59627d186ac656bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f7:a6:c6:a5:04:3e:41:77:21:e7:73:2d:f8:
8a:fb:7d:d4:ac:57:ea:5b:1c:ea:9c:ae:05:73:ff:
67:51:f6:1c:fc:27:7c:f6:75:e8:a8:ff:c6:28:b3:
1a:cf:a4:3f:9e:1d:58:e1:6c:6e:87:aa:e9:15:db:
7e:18:69:33:4f:9c:64:2e:d3:12:20:0e:17:4d:c5:
69:6d:5f:c2:67:9d:0b:c9:b6:07:f3:c9:7d:f9:d1:
ec:a9:d0:4d:66:96:53:32:5d:2c:07:be:6e:f3:b6:
a8:bc:ab:ce:38:0d:20:c3:fe:a3:73:67:16:47:2c:
1d:5e:49:9f:33:4d:ac:3d:6d:a9:71:d4:1b:fd:5f:
d2:e1:0a:82:a9:23:b6:a4:86:ad:67:c9:59:5b:28:
5c:b2:3c:79:6a:3e:cc:2d:03:2a:f6:5a:71:a0:d4:
2b:53:89:ad:0a:4c:fd:b8:77:04:95:e6:57:4b:14:
45:11:86:e3:f8:fd:5e:58:9f:2c:ab:28:ea:6d:3d:
8b:b7:f5:40:8f:cf:b1:d5:39:b4:96:64:92:1a:e6:
00:57:67:c6:e3:b0:24:df:ae:55:89:44:d6:46:27:
dd:b2:eb:38:e5:4d:24:38:43:db:31:62:3b:9e:f6:
36:ac:11:8c:40:23:38:ab:2d:b1:55:2e:53:ef:71:
9b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:26:FE:2A:B9:7D:68:F8:BB:9C:10:CB:59:62:7D:18:6A:C6:56:BD
X509v3 Authority Key Identifier:
keyid:08:14:9A:B3:F1:8E:C3:ED:36:FF:2A:81:D4:89:AF:10:69:9C:B3:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBSas_GOw-02_yqB1ImvEGmcs5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/HSb-Krl9aPi7nBDLWWJ9GGrGVr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/911a25-a383-48c2-bf63-d87112ca99ae/1/CBSas_GOw-02_yqB1ImvEGmcs5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.53.0/24
193.141.107.0/24
Signature Algorithm: sha256WithRSAEncryption
30:1a:0d:b0:25:72:d4:d3:31:52:bc:d1:eb:39:0e:5a:e6:39:
8d:27:ca:32:43:00:7c:7a:c5:0c:30:2e:4a:5b:fa:20:8a:d4:
bc:32:7c:1e:06:27:1e:1f:18:25:9d:14:81:cf:94:89:4e:27:
29:4b:31:c3:9b:85:7f:7b:4f:c7:fc:15:1e:9c:81:c4:97:7a:
5b:a3:82:82:2f:7c:8b:a6:76:17:86:1e:71:13:d2:22:5f:ab:
59:06:78:96:2b:4d:eb:d2:f0:49:da:60:35:69:8b:dc:55:3b:
6d:d3:d9:ae:06:8e:be:42:f9:c1:31:ab:af:99:0a:fc:89:23:
a8:fa:17:0c:df:c7:0a:3f:66:5f:3d:28:04:ac:59:48:ca:a1:
62:08:f9:02:34:a4:b4:97:6a:09:54:30:7d:a2:03:3f:77:d1:
0e:eb:22:a8:19:17:a6:1b:73:61:10:52:5e:4e:e2:29:2c:8c:
df:c4:6e:14:3c:d5:ab:95:f0:cc:0b:5e:d4:84:3e:ec:5c:17:
1e:e6:57:f4:02:01:5f:f4:c1:39:e5:f4:e6:ca:7e:a2:c4:b9:
30:9d:79:61:b5:50:aa:5c:6f:41:1e:32:69:66:18:99:5e:fc:
86:99:04:80:cf:5c:6a:b7:a0:7a:45:52:aa:d2:36:fe:a5:b8:
8e:30:53:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAN4zyeOBOUBh8n7QDJVvHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTQ5YWIzZjE4ZWMzZWQzNmZmMmE4MWQ0ODlhZjEwNjk5
Y2IzOTIwHhcNMjQwNjEyMTkxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI2ZmUyYWI5N2Q2OGY4YmI5YzEwY2I1OTYyN2QxODZhYzY1NmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofemxqUEPkF3IedzLfiK+33UrFfq
WxzqnK4Fc/9nUfYc/Cd89nXoqP/GKLMaz6Q/nh1Y4Wxuh6rpFdt+GGkzT5xkLtMS
IA4XTcVpbV/CZ50LybYH88l9+dHsqdBNZpZTMl0sB75u87aovKvOOA0gw/6jc2cW
RywdXkmfM02sPW2pcdQb/V/S4QqCqSO2pIatZ8lZWyhcsjx5aj7MLQMq9lpxoNQr
U4mtCkz9uHcEleZXSxRFEYbj+P1eWJ8sqyjqbT2Lt/VAj8+x1Tm0lmSSGuYAV2fG
47Ak365ViUTWRifdsus45U0kOEPbMWI7nvY2rBGMQCM4qy2xVS5T73GbXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0m/iq5fWj4u5wQy1lifRhqxla9MB8GA1UdIwQY
MBaAFAgUmrPxjsPtNv8qgdSJrxBpnLOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JTYXNfR093LTAyX3lxQjFJbXZFR21jczVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy85MTFhMjUtYTM4My00OGMyLWJmNjMt
ZDg3MTEyY2E5OWFlLzEvSFNiLUtybDlhUGk3bkJETFdXSjlHR3JHVnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy85MTFhMjUtYTM4My00OGMyLWJmNjMtZDg3MTEyY2E5OWFl
LzEvQ0JTYXNfR093LTAyX3lxQjFJbXZFR21jczVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwG01AwQA
wY1rMA0GCSqGSIb3DQEBCwUAA4IBAQAwGg2wJXLU0zFSvNHrOQ5a5jmNJ8oyQwB8
esUMMC5KW/ogitS8MnweBiceHxglnRSBz5SJTicpSzHDm4V/e0/H/BUenIHEl3pb
o4KCL3yLpnYXhh5xE9IiX6tZBniWK03r0vBJ2mA1aYvcVTtt09muBo6+QvnBMauv
mQr8iSOo+hcM38cKP2ZfPSgErFlIyqFiCPkCNKS0l2oJVDB9ogM/d9EO6yKoGRem
G3NhEFJeTuIpLIzfxG4UPNWrlfDMC17UhD7sXBce5lf0AgFf9ME55fTmyn6ixLkw
nXlhtVCqXG9BHjJpZhiZXvyGmQSAz1xqt6B6RVKq0jb+pbiOMFOb
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:39:39 2024 by rpki-client on console-ams.rpki-client.org