Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/hC2yuzpsvdYdaca2Mwwa1eLLvuw.roa
File: hC2yuzpsvdYdaca2Mwwa1eLLvuw.roa (raw, json)
Hash identifier: rqnswvNx5PQWQSJhMgdxCY/qEwMWrSB7aESUAjx2qSw=
Subject key identifier: 84:2D:B2:BB:3A:6C:BD:D6:1D:69:C6:B6:33:0C:1A:D5:E2:CB:BE:EC
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 018CC6B9184233E9B00455A2FB6283B8EC3E
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/hC2yuzpsvdYdaca2Mwwa1eLLvuw.roa
Signing time: Mon 01 Jan 2024 20:31:08 +0000
ROA not before: Mon 01 Jan 2024 20:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 2.59.180.0/24 maxlen: 24
45.156.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:18:42:33:e9:b0:04:55:a2:fb:62:83:b8:ec:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 20:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=842db2bb3a6cbdd61d69c6b6330c1ad5e2cbbeec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:1b:40:d9:65:4e:0e:40:b8:b8:de:06:06:
30:5c:28:fc:8c:bf:1a:64:82:2a:db:c5:b2:15:8b:
0c:1d:b8:ca:94:59:27:e5:20:19:ac:85:d6:bb:2c:
f7:9f:12:d1:a5:5b:bb:4c:a5:03:33:4e:0f:02:3b:
b9:62:22:d8:18:53:71:e6:4c:7d:ee:67:77:f2:c1:
ca:b9:d2:21:f7:bc:56:6b:e6:e6:79:e7:50:99:3d:
8e:45:a2:11:53:ad:c2:68:c0:a0:65:9a:2f:65:c5:
a3:29:53:8d:d1:d9:24:b2:05:03:c7:45:1b:d3:78:
54:63:58:5d:e2:70:77:cf:6c:ee:93:fd:b1:1e:f3:
ec:a5:23:99:00:73:20:0c:88:7c:e1:5e:4f:9f:9e:
6e:f6:2f:db:cc:3d:02:0a:65:c2:f0:1c:f6:aa:2a:
07:05:a1:0a:86:f9:80:57:0f:9a:b9:66:94:1d:03:
05:8b:f3:f0:dd:c0:42:73:c7:fd:da:b6:b2:19:fa:
02:85:cb:b1:30:13:45:e7:03:66:31:49:4a:46:34:
a1:51:00:97:67:15:e9:99:74:68:c3:f6:96:f2:59:
b8:c4:f6:3d:e7:8e:b6:b1:48:12:74:ba:f0:74:0f:
ee:02:07:7a:e4:a8:72:c3:c4:19:b8:5d:68:94:cf:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2D:B2:BB:3A:6C:BD:D6:1D:69:C6:B6:33:0C:1A:D5:E2:CB:BE:EC
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/hC2yuzpsvdYdaca2Mwwa1eLLvuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.180.0/24
45.156.144.0/24
Signature Algorithm: sha256WithRSAEncryption
87:6a:60:48:39:7f:73:96:5c:ed:80:01:00:e8:d5:91:f6:8f:
44:bf:26:63:c3:e7:f5:b6:c6:3f:e9:4f:7d:79:ff:d4:de:e9:
7c:2f:a4:4c:43:33:c4:7b:bb:49:32:b4:ce:f1:fc:5e:90:4d:
05:b8:83:82:b3:c4:6a:f9:9f:84:69:9d:31:22:b8:c3:38:58:
cc:4a:36:50:f1:96:20:84:66:18:52:36:55:4e:2a:65:d8:13:
8d:44:d7:30:61:0f:3e:c2:d9:eb:7e:0b:30:db:b6:d1:36:2a:
0b:48:b6:23:82:44:71:8a:ad:4b:29:fb:06:df:5f:e6:e6:41:
35:ee:0a:bb:84:fd:ba:88:63:f0:90:2a:d1:1d:4a:3b:1e:c2:
9f:fb:07:6e:36:26:73:c7:2f:27:18:4d:04:35:3a:c5:79:d6:
74:24:37:be:d7:31:27:5c:da:23:26:b8:c0:28:f7:ea:ad:f6:
a2:e9:d4:61:fc:f0:85:d4:04:fd:b8:60:db:ca:83:9b:2b:91:
1c:24:a3:8f:56:41:14:6b:88:ea:d8:60:58:0e:b9:56:2d:ba:
9b:61:82:8c:81:6f:62:d5:53:71:f7:d5:b0:7a:c9:6a:f4:97:
f9:00:58:9c:b3:9f:1e:84:bd:2b:26:74:ce:02:34:85:d9:e0:
d0:d5:64:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuRhCM+mwBFWi+2KDuOw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjQwMTAxMjAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJkYjJiYjNhNmNiZGQ2MWQ2OWM2YjYzMzBjMWFkNWUyY2JiZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX8bQNllTg5AuLjeBgYwXCj8jL8a
ZIIq28WyFYsMHbjKlFkn5SAZrIXWuyz3nxLRpVu7TKUDM04PAju5YiLYGFNx5kx9
7md38sHKudIh97xWa+bmeedQmT2ORaIRU63CaMCgZZovZcWjKVON0dkksgUDx0Ub
03hUY1hd4nB3z2zuk/2xHvPspSOZAHMgDIh84V5Pn55u9i/bzD0CCmXC8Bz2qioH
BaEKhvmAVw+auWaUHQMFi/Pw3cBCc8f92rayGfoChcuxMBNF5wNmMUlKRjShUQCX
ZxXpmXRow/aW8lm4xPY95462sUgSdLrwdA/uAgd65Khyw8QZuF1olM8I0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIQtsrs6bL3WHWnGtjMMGtXiy77sMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvaEMyeXV6cHN2ZFlkYWNhMk13d2ExZUxMdnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAju0AwQA
LZyQMA0GCSqGSIb3DQEBCwUAA4IBAQCHamBIOX9zllztgAEA6NWR9o9EvyZjw+f1
tsY/6U99ef/U3ul8L6RMQzPEe7tJMrTO8fxekE0FuIOCs8Rq+Z+EaZ0xIrjDOFjM
SjZQ8ZYghGYYUjZVTipl2BONRNcwYQ8+wtnrfgsw27bRNioLSLYjgkRxiq1LKfsG
31/m5kE17gq7hP26iGPwkCrRHUo7HsKf+wduNiZzxy8nGE0ENTrFedZ0JDe+1zEn
XNojJrjAKPfqrfai6dRh/PCF1AT9uGDbyoObK5EcJKOPVkEUa4jq2GBYDrlWLbqb
YYKMgW9i1VNx99Wweslq9Jf5AFics58ehL0rJnTOAjSF2eDQ1WRd
-----END CERTIFICATE-----
Generated at Thu May 2 16:34:22 2024 by rpki-client on console-fra.rpki-client.org