Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_HFrzwQRTv_KTWt8xEXP-Lyf628.roa
File: _HFrzwQRTv_KTWt8xEXP-Lyf628.roa (raw, json)
Hash identifier: lYt3KbRkLaAMe/zn7I1x+srr2akuq4AfMIC7LwmEzqY=
Subject key identifier: FC:71:6B:CF:04:11:4E:FF:CA:4D:6B:7C:C4:45:CF:F8:BC:9F:EB:6F
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D68FE6C6199F293BE4019A7BF6EB7
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_HFrzwQRTv_KTWt8xEXP-Lyf628.roa
Signing time: Mon 01 Jan 2024 00:29:59 +0000
ROA not before: Mon 01 Jan 2024 00:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206180
IP address blocks: 213.16.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:68:fe:6c:61:99:f2:93:be:40:19:a7:bf:6e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc716bcf04114effca4d6b7cc445cff8bc9feb6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:98:90:19:0f:1c:23:30:06:0e:50:36:34:ba:
42:99:69:51:1a:1b:41:c1:37:62:2f:3b:55:a2:5e:
7f:9f:38:e0:ec:28:06:bc:6f:2a:eb:5c:35:7e:62:
2d:48:53:96:1a:0f:17:06:80:8b:ca:90:42:02:55:
29:1a:d1:62:7e:27:f3:2b:f3:09:ad:c7:20:84:f4:
12:15:b5:96:e2:5b:dd:f5:9d:15:32:da:d1:0e:3b:
e7:c3:c9:a1:6e:e9:2b:3a:d9:9b:ae:20:6a:49:67:
4a:63:7b:d4:de:51:43:e2:c2:4f:73:68:49:93:c7:
72:fe:37:ce:58:1e:79:23:68:dc:07:d2:f5:a2:d9:
6e:1b:27:39:92:e8:e8:f6:26:6c:a0:5f:54:36:3e:
d2:5a:c8:bd:31:d4:1e:ae:e1:7a:85:4f:14:6a:f4:
83:83:7a:04:da:42:38:00:da:ba:e3:a4:50:cd:44:
57:f6:e7:0f:ee:9d:05:5a:8d:86:e4:80:04:90:d8:
89:d3:37:35:6a:ab:1b:5a:56:cf:f5:97:98:04:be:
de:08:93:4e:60:b1:96:f6:df:23:c9:90:bd:1b:b9:
b8:81:b5:b3:1f:c2:86:65:6a:96:0c:53:ea:0e:44:
f3:67:74:a7:f3:4f:e5:74:8e:58:3e:f4:be:b4:14:
a7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:71:6B:CF:04:11:4E:FF:CA:4D:6B:7C:C4:45:CF:F8:BC:9F:EB:6F
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/_HFrzwQRTv_KTWt8xEXP-Lyf628.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.16.38.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5d:31:ae:48:e0:28:b7:70:8c:d9:0c:9f:89:d9:31:c5:0c:
7e:98:53:3a:11:9f:a0:11:5a:40:b7:a9:95:03:fa:22:5c:b8:
f2:b1:49:da:87:81:62:68:56:ff:22:68:4f:bb:47:7d:e8:e1:
1a:7b:c1:e0:52:3d:6a:15:53:4c:1e:7f:e9:9a:ac:d0:7f:c6:
36:4c:cd:8b:0a:a8:2b:ab:09:a3:cb:ec:d3:51:df:4f:9e:2d:
17:b0:3f:43:74:bc:5d:1d:d4:ea:15:db:ab:ee:88:b4:11:d5:
fd:4f:45:0d:c2:9b:dd:1f:ba:b4:1b:c8:26:2c:ca:b7:38:79:
90:c7:71:80:1c:34:4b:60:25:18:b0:27:12:e1:de:a9:5e:b2:
ab:03:4e:9f:a5:e0:f9:35:4e:ea:93:8a:8c:78:49:50:f4:49:
9e:0e:f5:72:a1:fb:85:04:64:7e:ec:c4:12:4e:b1:12:34:40:
b5:51:b4:bd:50:ed:86:9e:ac:c3:2a:a6:63:e8:f4:48:c3:3a:
d3:d9:a6:ad:4f:35:0b:96:d0:da:ec:90:7d:fc:21:46:cd:38:
fd:42:4f:99:08:ee:5b:e2:05:b2:bd:99:e9:56:e8:7f:f8:fb:
3b:a8:c2:98:e8:33:7c:ec:6c:0f:75:dd:3b:d6:bc:93:6e:8f:
96:e3:ee:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbWj+bGGZ8pO+QBmnv263MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzcxNmJjZjA0MTE0ZWZmY2E0ZDZiN2NjNDQ1Y2ZmOGJjOWZlYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5iQGQ8cIzAGDlA2NLpCmWlRGhtB
wTdiLztVol5/nzjg7CgGvG8q61w1fmItSFOWGg8XBoCLypBCAlUpGtFififzK/MJ
rccghPQSFbWW4lvd9Z0VMtrRDjvnw8mhbukrOtmbriBqSWdKY3vU3lFD4sJPc2hJ
k8dy/jfOWB55I2jcB9L1otluGyc5kujo9iZsoF9UNj7SWsi9MdQeruF6hU8UavSD
g3oE2kI4ANq646RQzURX9ucP7p0FWo2G5IAEkNiJ0zc1aqsbWlbP9ZeYBL7eCJNO
YLGW9t8jyZC9G7m4gbWzH8KGZWqWDFPqDkTzZ3Sn80/ldI5YPvS+tBSn8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxxa88EEU7/yk1rfMRFz/i8n+tvMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvX0hGcnp3UVJUdl9LVFd0OHhFWFAtTHlmNjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1RAmMA0G
CSqGSIb3DQEBCwUAA4IBAQBqXTGuSOAot3CM2QyfidkxxQx+mFM6EZ+gEVpAt6mV
A/oiXLjysUnah4FiaFb/ImhPu0d96OEae8HgUj1qFVNMHn/pmqzQf8Y2TM2LCqgr
qwmjy+zTUd9Pni0XsD9DdLxdHdTqFdur7oi0EdX9T0UNwpvdH7q0G8gmLMq3OHmQ
x3GAHDRLYCUYsCcS4d6pXrKrA06fpeD5NU7qk4qMeElQ9EmeDvVyofuFBGR+7MQS
TrESNEC1UbS9UO2GnqzDKqZj6PRIwzrT2aatTzULltDa7JB9/CFGzTj9Qk+ZCO5b
4gWyvZnpVuh/+Ps7qMKY6DN87GwPdd071ryTbo+W4+5l
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:11:17 2024 by rpki-client on console-ams.rpki-client.org