Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/hMwTtPSrw2gxXPztxEsu2oZsSc0.roa
File: hMwTtPSrw2gxXPztxEsu2oZsSc0.roa (raw, json)
Hash identifier: lk3R1ru3NOvrntJMVeEZFAj7U5JBojmUMTrHJ51wPLM=
Subject key identifier: 84:CC:13:B4:F4:AB:C3:68:31:5C:FC:ED:C4:4B:2E:DA:86:6C:49:CD
Certificate issuer: /CN=1734db5c41e711b73d8f29dac12e9b8364cd1fbd
Certificate serial: 018CCA29A35D113E4E5B175EA6A4D85E6A0D
Authority key identifier: 17:34:DB:5C:41:E7:11:B7:3D:8F:29:DA:C1:2E:9B:83:64:CD:1F:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FzTbXEHnEbc9jynawS6bg2TNH70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/hMwTtPSrw2gxXPztxEsu2oZsSc0.roa
Signing time: Tue 02 Jan 2024 12:32:55 +0000
ROA not before: Tue 02 Jan 2024 12:32:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1945
IP address blocks: 192.33.153.0/24 maxlen: 24
192.33.162.0/24 maxlen: 24
140.77.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/FzTbXEHnEbc9jynawS6bg2TNH70.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/FzTbXEHnEbc9jynawS6bg2TNH70.mft
rsync://rpki.ripe.net/repository/DEFAULT/FzTbXEHnEbc9jynawS6bg2TNH70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:a3:5d:11:3e:4e:5b:17:5e:a6:a4:d8:5e:6a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1734db5c41e711b73d8f29dac12e9b8364cd1fbd
Validity
Not Before: Jan 2 12:32:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84cc13b4f4abc368315cfcedc44b2eda866c49cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:12:00:ea:f9:e9:06:35:e8:e8:7b:2f:c5:c9:
cb:d7:7b:df:17:22:32:c4:5a:12:d3:cd:11:58:81:
46:67:d8:7d:17:4d:b8:6f:29:19:43:19:41:08:86:
99:22:ba:b5:33:08:0f:69:7b:fd:f2:0b:64:79:eb:
82:a8:9d:68:bb:e5:44:f3:72:c5:8e:bb:6f:f0:e8:
32:8e:eb:7f:c8:f0:ea:67:3f:16:11:18:4e:9d:f9:
41:1e:09:ec:7d:54:f9:b2:c0:f5:b0:35:52:e1:86:
23:ce:2e:ad:62:db:ae:a3:06:e8:74:93:58:25:8a:
89:bd:fe:3d:41:b8:ab:d5:1d:c3:30:f8:38:82:90:
23:f7:02:6a:05:ac:2a:57:4d:cb:99:bb:9d:38:bd:
4e:bd:a3:10:98:9f:29:bb:9a:e1:d8:dd:1c:3c:5e:
80:4d:17:dc:f4:c3:26:bf:d3:7a:8c:b7:e7:77:dc:
f6:b9:57:e5:5c:76:82:89:9a:e6:fb:7a:10:ac:79:
2d:bb:f2:e3:7d:35:4a:b7:9e:01:40:1a:3b:1e:9b:
15:c4:ed:15:15:8e:b3:48:d6:54:37:f8:ab:b6:b0:
3f:9d:7f:55:af:09:cd:84:90:56:56:c3:57:20:b9:
eb:fd:ad:ad:c5:96:4c:44:32:17:eb:eb:0f:99:1a:
f6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CC:13:B4:F4:AB:C3:68:31:5C:FC:ED:C4:4B:2E:DA:86:6C:49:CD
X509v3 Authority Key Identifier:
keyid:17:34:DB:5C:41:E7:11:B7:3D:8F:29:DA:C1:2E:9B:83:64:CD:1F:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FzTbXEHnEbc9jynawS6bg2TNH70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/hMwTtPSrw2gxXPztxEsu2oZsSc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/925259-2527-45eb-b916-5f2650c9012d/1/FzTbXEHnEbc9jynawS6bg2TNH70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.77.0.0/16
192.33.153.0/24
192.33.162.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ef:17:d5:08:c8:35:7e:53:7e:b6:1c:0d:a9:0b:90:a9:c5:
e1:ea:1d:27:60:5a:13:7f:ac:12:3b:58:c7:96:e4:80:4e:8a:
09:cc:b9:a4:0e:35:c4:f1:5d:25:d1:62:02:3d:0e:f9:fc:b9:
d2:80:f1:c0:58:1b:ae:68:ea:06:6b:f9:47:35:75:b9:bb:6f:
ad:a3:df:37:5d:5f:5b:0c:fb:7d:61:de:f5:53:63:f9:fd:00:
a0:ee:0a:53:8c:7c:6c:f3:02:0b:99:60:fa:83:c3:3a:2f:62:
e7:aa:35:41:2a:60:64:bd:6e:b1:16:d7:f6:59:55:2c:3a:31:
83:0a:81:95:2f:5e:f3:cf:57:75:99:c2:83:94:71:98:98:27:
59:a9:8d:39:3f:f6:66:60:83:cd:74:cf:97:7f:96:d2:f2:9b:
fa:5e:85:21:13:4f:d0:59:da:41:33:d8:68:8f:99:c7:83:19:
fb:62:18:c4:53:bf:39:ed:a1:a1:73:76:75:6b:fa:b0:05:46:
2b:91:37:b5:5f:a6:84:b2:a4:f6:a2:68:c2:79:8d:cf:36:88:
cc:3e:0f:03:33:17:e9:65:6f:5c:0d:a3:ec:e0:44:8e:a4:e3:
24:6a:4f:37:55:aa:ad:75:12:31:52:86:6f:21:a8:81:83:d3:
f5:7f:9b:47
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzKKaNdET5OWxdepqTYXmoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MzRkYjVjNDFlNzExYjczZDhmMjlkYWMxMmU5YjgzNjRj
ZDFmYmQwHhcNMjQwMTAyMTIzMjU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNjMTNiNGY0YWJjMzY4MzE1Y2ZjZWRjNDRiMmVkYTg2NmM0OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hIA6vnpBjXo6HsvxcnL13vfFyIy
xFoS080RWIFGZ9h9F024bykZQxlBCIaZIrq1MwgPaXv98gtkeeuCqJ1ou+VE83LF
jrtv8Ogyjut/yPDqZz8WERhOnflBHgnsfVT5ssD1sDVS4YYjzi6tYtuuowbodJNY
JYqJvf49Qbir1R3DMPg4gpAj9wJqBawqV03LmbudOL1OvaMQmJ8pu5rh2N0cPF6A
TRfc9MMmv9N6jLfnd9z2uVflXHaCiZrm+3oQrHktu/LjfTVKt54BQBo7HpsVxO0V
FY6zSNZUN/irtrA/nX9VrwnNhJBWVsNXILnr/a2txZZMRDIX6+sPmRr2KQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFITME7T0q8NoMVz87cRLLtqGbEnNMB8GA1UdIwQY
MBaAFBc021xB5xG3PY8p2sEum4NkzR+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnpUYlhFSG5FYmM5anluYXdTNmJnMlROSDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MjUyNTktMjUyNy00NWViLWI5MTYt
NWYyNjUwYzkwMTJkLzEvaE13VHRQU3J3Mmd4WFB6dHhFc3Uyb1pzU2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MjUyNTktMjUyNy00NWViLWI5MTYtNWYyNjUwYzkwMTJk
LzEvRnpUYlhFSG5FYmM5anluYXdTNmJnMlROSDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAjE0DBADA
IZkDBADAIaIwDQYJKoZIhvcNAQELBQADggEBAGrvF9UIyDV+U362HA2pC5CpxeHq
HSdgWhN/rBI7WMeW5IBOignMuaQONcTxXSXRYgI9Dvn8udKA8cBYG65o6gZr+Uc1
dbm7b62j3zddX1sM+31h3vVTY/n9AKDuClOMfGzzAguZYPqDwzovYueqNUEqYGS9
brEW1/ZZVSw6MYMKgZUvXvPPV3WZwoOUcZiYJ1mpjTk/9mZgg810z5d/ltLym/pe
hSETT9BZ2kEz2GiPmceDGftiGMRTvzntoaFzdnVr+rAFRiuRN7VfpoSypPaiaMJ5
jc82iMw+DwMzF+llb1wNo+zgRI6k4yRqTzdVqq11EjFShm8hqIGD0/V/m0c=
-----END CERTIFICATE-----
Generated at Mon Jun 24 09:02:51 2024 by rpki-client on console-ams.rpki-client.org