Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/1hwrFPr-J6BWBsBUT12V2WGgMY4.roa
File: 1hwrFPr-J6BWBsBUT12V2WGgMY4.roa (raw, json)
Hash identifier: 7sY5jJx3P1fc3zohk2olNo5Zn3q8JNnR2MNQ0qIbJPc=
Subject key identifier: D6:1C:2B:14:FA:FE:27:A0:56:06:C0:54:4F:5D:95:D9:61:A0:31:8E
Certificate issuer: /CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Certificate serial: 018CCA2A13836856E9212BB48D721FEC400F
Authority key identifier: 34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/1hwrFPr-J6BWBsBUT12V2WGgMY4.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399114
IP address blocks: 185.162.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:13:83:68:56:e9:21:2b:b4:8d:72:1f:ec:40:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d61c2b14fafe27a05606c0544f5d95d961a0318e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f9:69:7c:6f:a7:e7:48:6f:83:fb:94:60:b9:
22:4d:49:c6:9d:55:eb:52:66:06:39:be:cf:a0:69:
cd:2e:82:c4:5e:23:f8:8b:92:7f:e2:f6:de:e6:b6:
d9:a7:2b:c8:3a:53:d5:d2:96:3f:f6:6f:41:61:16:
1b:09:98:dc:21:4e:22:ef:8c:30:6b:ee:f3:a0:b1:
e4:13:29:2f:0a:5e:fa:1d:ea:e0:25:c0:5d:e6:52:
74:00:e3:b7:b2:53:f3:ad:a5:34:b3:5b:b9:8e:d0:
9d:45:ba:5b:47:ee:d7:33:71:84:24:fd:d3:aa:af:
3c:7b:a2:c5:cf:fd:4e:a9:47:a7:e9:bf:0c:57:62:
8d:50:5d:2b:f6:ef:2d:d9:2d:97:df:e6:81:01:b0:
d3:a3:35:cc:4e:c2:14:18:dd:22:5a:0b:fd:33:58:
5b:f1:88:da:3f:3c:82:bf:25:1e:3f:2d:da:91:6c:
d6:70:40:f5:1f:49:9f:e9:3d:a4:90:78:4c:c8:8d:
9a:89:81:25:35:3d:7e:46:9a:8b:d1:55:eb:d0:b6:
5e:5d:6d:c2:a8:a3:6e:2c:b0:29:1d:36:14:14:94:
54:23:94:02:d1:68:0f:82:1b:e8:7e:8b:bc:ce:ec:
b5:6d:93:b2:d4:a1:29:02:be:62:d2:ae:d1:28:1e:
bb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:1C:2B:14:FA:FE:27:A0:56:06:C0:54:4F:5D:95:D9:61:A0:31:8E
X509v3 Authority Key Identifier:
keyid:34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/1hwrFPr-J6BWBsBUT12V2WGgMY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.75.0/24
Signature Algorithm: sha256WithRSAEncryption
43:9d:af:aa:b2:0d:4b:63:a8:65:4f:58:0a:18:ea:58:65:dc:
bc:cd:53:ab:1e:3b:a2:99:b1:7d:f8:34:ce:2b:6a:6c:56:d5:
f7:f3:a1:3f:b8:65:56:42:28:3d:a2:50:9f:20:da:03:be:1d:
47:92:3f:e2:8b:b6:31:ed:b9:1e:b2:9b:c5:98:dd:9f:18:4a:
e5:40:72:bb:cd:da:ce:b0:b0:ba:ef:77:0c:e7:3b:66:51:da:
97:73:b6:ad:51:52:71:a4:da:07:1a:70:98:ea:34:7c:b7:0e:
e3:f1:14:14:16:9c:25:ae:2d:81:7f:9b:cb:d3:51:93:c0:be:
74:3d:79:fc:3d:62:b6:d9:50:3b:6e:30:d6:d1:f9:d2:e6:5e:
3b:b3:68:10:2a:4a:f2:34:58:58:4f:0e:c4:7c:ca:41:06:4f:
d6:26:3e:b9:cc:71:ec:76:57:c6:71:72:8d:87:1e:4c:72:ee:
ac:3e:d6:e0:27:17:06:a3:3a:95:79:3a:1c:a3:70:b6:fc:c9:
1d:cc:92:60:fc:62:03:cf:fe:56:5e:13:fb:43:63:63:89:69:
bb:18:d3:cc:2d:db:6a:11:13:a0:87:b5:6e:46:cf:10:6c:ce:
ec:a9:f0:13:bc:76:d5:c5:6a:40:c2:47:c4:4a:e6:15:0d:49:
01:03:da:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhODaFbpISu0jXIf7EAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZkMmM0MzljY2JjYjc4YTgyZDVjYjJiNGMzZmY2ZTk5
MzRiOTYwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjFjMmIxNGZhZmUyN2EwNTYwNmMwNTQ0ZjVkOTVkOTYxYTAzMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPlpfG+n50hvg/uUYLkiTUnGnVXr
UmYGOb7PoGnNLoLEXiP4i5J/4vbe5rbZpyvIOlPV0pY/9m9BYRYbCZjcIU4i74ww
a+7zoLHkEykvCl76HergJcBd5lJ0AOO3slPzraU0s1u5jtCdRbpbR+7XM3GEJP3T
qq88e6LFz/1OqUen6b8MV2KNUF0r9u8t2S2X3+aBAbDTozXMTsIUGN0iWgv9M1hb
8YjaPzyCvyUePy3akWzWcED1H0mf6T2kkHhMyI2aiYElNT1+RpqL0VXr0LZeXW3C
qKNuLLApHTYUFJRUI5QC0WgPghvofou8zuy1bZOy1KEpAr5i0q7RKB67pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYcKxT6/iegVgbAVE9dldlhoDGOMB8GA1UdIwQY
MBaAFDQG0sQ5zLy3ioLVyytMP/bpk0uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAt
N2I4ODBjMDYzMzY3LzEvMWh3ckZQci1KNkJXQnNCVVQxMlYyV0dnTVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAtN2I4ODBjMDYzMzY3
LzEvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaJLMA0G
CSqGSIb3DQEBCwUAA4IBAQBDna+qsg1LY6hlT1gKGOpYZdy8zVOrHjuimbF9+DTO
K2psVtX386E/uGVWQig9olCfINoDvh1Hkj/ii7Yx7bkespvFmN2fGErlQHK7zdrO
sLC673cM5ztmUdqXc7atUVJxpNoHGnCY6jR8tw7j8RQUFpwlri2Bf5vL01GTwL50
PXn8PWK22VA7bjDW0fnS5l47s2gQKkryNFhYTw7EfMpBBk/WJj65zHHsdlfGcXKN
hx5Mcu6sPtbgJxcGozqVeToco3C2/MkdzJJg/GIDz/5WXhP7Q2NjiWm7GNPMLdtq
EROgh7VuRs8QbM7sqfATvHbVxWpAwkfESuYVDUkBA9qx
-----END CERTIFICATE-----
Generated at Sat Apr 27 20:28:28 2024 by rpki-client on console-ams.rpki-client.org