Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/HPJCy-NV7DcC2bxX_XPWJwYmQPs.roa
File: HPJCy-NV7DcC2bxX_XPWJwYmQPs.roa (raw, json)
Hash identifier: rYKgI7kZWbycdvRPUtg5796I0+RQSGsizgkRI77D+Iw=
Subject key identifier: 1C:F2:42:CB:E3:55:EC:37:02:D9:BC:57:FD:73:D6:27:06:26:40:FB
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 018CC649F594C798E52179A2CFE890E1D0A8
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/HPJCy-NV7DcC2bxX_XPWJwYmQPs.roa
Signing time: Mon 01 Jan 2024 18:29:44 +0000
ROA not before: Mon 01 Jan 2024 18:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61965
IP address blocks: 31.133.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:f5:94:c7:98:e5:21:79:a2:cf:e8:90:e1:d0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 18:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cf242cbe355ec3702d9bc57fd73d627062640fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:cf:16:e5:5a:e0:cb:25:5c:bb:12:d0:14:
98:b9:bd:65:8e:11:8a:b7:28:fe:a4:4e:97:58:fd:
6b:83:6b:9a:58:a2:b1:71:44:70:24:d0:f9:89:1c:
23:cb:f4:ed:8f:a9:d1:8a:9c:39:4a:ff:9f:30:f8:
c7:d1:97:7d:e1:19:4e:38:c3:ec:df:b5:d9:12:ee:
5f:70:71:fd:5c:fe:f0:14:97:91:e8:00:7c:e8:da:
de:7a:81:62:fe:47:d8:f4:8f:56:2d:82:ed:7a:58:
a2:ea:7c:e2:04:8d:0b:89:7b:5e:15:6d:e4:e5:f6:
19:f8:22:81:d2:b2:24:b4:80:93:f7:3d:4e:d9:bb:
24:b2:3f:96:89:62:29:7b:d9:f5:83:c4:fd:43:f7:
4d:9d:f3:e4:cc:44:39:c9:b2:4f:1d:17:83:42:63:
f3:97:a1:2e:83:c9:4b:87:3f:dc:87:0f:58:94:c1:
b9:9c:21:68:c7:2b:98:e5:fb:61:56:7b:94:54:f3:
2c:48:79:ab:31:85:7a:2c:9c:f8:8d:84:31:43:3e:
de:95:74:b2:d4:3a:d2:27:cf:8d:7c:3f:93:39:20:
5a:e9:db:71:a9:c6:43:e7:2b:97:0a:9d:ac:31:4e:
2c:65:5c:05:02:13:41:60:0f:42:3b:69:7c:c6:2d:
84:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F2:42:CB:E3:55:EC:37:02:D9:BC:57:FD:73:D6:27:06:26:40:FB
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/HPJCy-NV7DcC2bxX_XPWJwYmQPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.43.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:44:b7:7e:ef:90:01:ba:9f:76:57:f9:24:df:88:39:7e:68:
3b:7c:97:98:6c:a8:c2:70:0d:86:af:1f:b8:70:3e:84:e4:2c:
56:ed:88:e2:85:e8:18:f8:65:51:e2:ef:2d:14:fe:04:2b:36:
88:4b:d9:bf:4d:ea:ec:63:b8:c9:93:bd:6e:a4:e1:db:8c:40:
01:3c:d4:61:eb:a0:33:d1:a0:13:0b:19:0c:93:af:10:66:d4:
41:ed:dc:2e:38:f2:38:3d:e2:ab:ec:38:01:7f:3d:e1:43:d6:
67:c8:0d:63:be:19:89:19:d4:48:22:0a:c8:2a:6a:95:b8:12:
4b:66:73:8f:ba:08:06:27:9a:74:28:a8:5e:f3:a6:9c:ad:43:
a3:fa:b9:bc:ed:a0:5a:5b:61:2d:b8:a1:26:5a:87:fe:32:4b:
b5:af:e8:21:e6:7a:33:81:14:b2:b3:e8:92:c9:47:7b:80:11:
ec:4d:ff:a8:ba:8f:ad:cd:2b:34:9f:da:34:bc:e9:9e:a3:2e:
4f:64:49:cd:3e:69:42:46:65:77:b0:7c:29:84:c3:5d:03:42:
68:a2:49:4a:bf:18:b7:f9:a9:c0:48:b8:9d:fe:dd:02:6f:8a:
e9:43:77:bc:e8:7f:fe:b4:5b:02:ab:b6:5c:93:79:07:aa:75:
ae:2b:48:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSfWUx5jlIXmiz+iQ4dCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwMTAxMTgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2YyNDJjYmUzNTVlYzM3MDJkOWJjNTdmZDczZDYyNzA2MjY0MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3/PFuVa4MslXLsS0BSYub1ljhGK
tyj+pE6XWP1rg2uaWKKxcURwJND5iRwjy/Ttj6nRipw5Sv+fMPjH0Zd94RlOOMPs
37XZEu5fcHH9XP7wFJeR6AB86NreeoFi/kfY9I9WLYLtelii6nziBI0LiXteFW3k
5fYZ+CKB0rIktICT9z1O2bsksj+WiWIpe9n1g8T9Q/dNnfPkzEQ5ybJPHReDQmPz
l6Eug8lLhz/chw9YlMG5nCFoxyuY5fthVnuUVPMsSHmrMYV6LJz4jYQxQz7elXSy
1DrSJ8+NfD+TOSBa6dtxqcZD5yuXCp2sMU4sZVwFAhNBYA9CO2l8xi2EkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzyQsvjVew3Atm8V/1z1icGJkD7MB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvSFBKQ3ktTlY3RGNDMmJ4WF9YUFdKd1ltUVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4UrMA0G
CSqGSIb3DQEBCwUAA4IBAQAuRLd+75ABup92V/kk34g5fmg7fJeYbKjCcA2Grx+4
cD6E5CxW7YjihegY+GVR4u8tFP4EKzaIS9m/TersY7jJk71upOHbjEABPNRh66Az
0aATCxkMk68QZtRB7dwuOPI4PeKr7DgBfz3hQ9ZnyA1jvhmJGdRIIgrIKmqVuBJL
ZnOPuggGJ5p0KKhe86acrUOj+rm87aBaW2EtuKEmWof+Mku1r+gh5nozgRSys+iS
yUd7gBHsTf+ouo+tzSs0n9o0vOmeoy5PZEnNPmlCRmV3sHwphMNdA0JooklKvxi3
+anASLid/t0Cb4rpQ3e86H/+tFsCq7Zck3kHqnWuK0gq
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:04:22 2024 by rpki-client on console-fra.rpki-client.org