Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/H2wHdWmbXYZQqvnyxk7QDAlI3PE.roa
File: H2wHdWmbXYZQqvnyxk7QDAlI3PE.roa (raw, json)
Hash identifier: uvz84Caz/fo5o779mLeuOR5TfcqAhzmQ8yIpZjmCFvs=
Subject key identifier: 1F:6C:07:75:69:9B:5D:86:50:AA:F9:F2:C6:4E:D0:0C:09:48:DC:F1
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018CC8713109CD84D240D5470A073D77A392
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/H2wHdWmbXYZQqvnyxk7QDAlI3PE.roa
Signing time: Tue 02 Jan 2024 04:31:50 +0000
ROA not before: Tue 02 Jan 2024 04:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51335
IP address blocks: 185.4.44.0/22 maxlen: 24
185.4.46.0/24 maxlen: 24
194.213.124.0/23 maxlen: 23
2a02:68c0::/32 maxlen: 32
2001:67c:10f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:31:09:cd:84:d2:40:d5:47:0a:07:3d:77:a3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 04:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f6c0775699b5d8650aaf9f2c64ed00c0948dcf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:95:63:b6:0b:fa:3a:eb:05:83:2b:c0:3e:4e:
4a:be:35:87:b4:57:76:b2:6f:c6:ea:11:eb:0f:8c:
26:66:73:0c:ff:ae:76:e3:30:ec:ae:2e:6f:ca:83:
54:da:25:3a:ed:35:b8:62:11:97:06:dc:a2:95:53:
92:36:4d:53:bc:e0:3d:09:90:ce:0f:58:86:0b:ab:
af:3d:11:b2:2c:9a:1c:45:d0:6f:30:c1:6f:fe:c4:
da:b8:98:e8:8e:3a:db:13:73:37:b6:62:45:9c:28:
6b:e4:42:52:95:70:1f:21:aa:5d:09:17:06:cf:b3:
f1:a9:48:7d:c4:ea:a4:be:7d:ba:be:60:1d:a8:c6:
e4:71:73:ba:8b:7f:58:df:8a:81:59:54:91:12:49:
2f:24:e3:94:63:ea:73:1b:bc:71:fc:4e:8f:bb:59:
11:3d:91:80:82:70:9f:15:d9:54:0c:ff:36:8c:52:
82:d1:df:a7:b1:4a:22:2f:43:b6:ae:3b:ed:61:8b:
b9:d2:46:d3:33:d0:51:b7:9c:da:b1:81:b8:be:84:
9a:6c:54:32:58:b5:df:99:9a:2c:97:50:8b:1c:40:
43:23:b8:0f:be:69:bd:3b:b3:aa:5c:80:98:72:40:
35:12:8c:d1:d3:f0:66:d3:f7:cb:d6:85:50:47:75:
15:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6C:07:75:69:9B:5D:86:50:AA:F9:F2:C6:4E:D0:0C:09:48:DC:F1
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/H2wHdWmbXYZQqvnyxk7QDAlI3PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.44.0/22
194.213.124.0/23
IPv6:
2001:67c:10f0::/48
2a02:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:53:93:d3:55:3c:8f:2d:18:6e:eb:99:36:03:38:9a:b4:15:
3b:92:b0:46:94:39:3b:30:20:a8:5c:88:9f:99:33:27:53:fc:
a0:4e:36:ba:c2:e6:bd:0f:86:64:72:da:29:ea:b2:07:68:e1:
8c:77:8a:d0:fc:43:a4:e6:d0:43:c0:81:8f:3c:7d:f8:0e:be:
b1:ae:a6:51:76:a2:52:b8:8d:4e:2b:f2:9c:6a:03:3d:34:64:
31:cb:d2:d1:0c:f6:c9:24:0f:56:8c:a2:68:22:99:b8:df:18:
1c:35:b1:64:e8:14:69:7c:d8:de:ad:d0:1f:56:79:e9:1e:63:
cc:45:cc:11:1e:3c:d0:ee:09:1e:57:91:52:06:1f:ce:9b:c4:
8c:8b:dd:20:3a:54:fb:8c:6f:84:a2:73:63:6e:2f:b5:65:05:
52:1b:0d:9d:f8:62:45:20:7b:96:d2:7d:95:e6:2c:be:7d:2b:
25:b4:02:a5:38:4f:77:12:f0:d5:75:ca:2e:15:65:05:49:80:
b4:1b:21:88:b1:fa:c0:bb:9a:ce:a7:c7:3a:e3:22:d5:9e:23:
ef:37:a5:b0:1b:35:b8:32:09:16:0b:2f:59:36:b7:a7:04:9a:
61:e5:05:36:6b:60:f8:3f:96:f9:a2:ff:bb:6a:92:17:ba:7e:
5a:03:d3:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIcTEJzYTSQNVHCgc9d6OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjQwMTAyMDQzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZjMDc3NTY5OWI1ZDg2NTBhYWY5ZjJjNjRlZDAwYzA5NDhkY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJVjtgv6OusFgyvAPk5KvjWHtFd2
sm/G6hHrD4wmZnMM/6524zDsri5vyoNU2iU67TW4YhGXBtyilVOSNk1TvOA9CZDO
D1iGC6uvPRGyLJocRdBvMMFv/sTauJjojjrbE3M3tmJFnChr5EJSlXAfIapdCRcG
z7PxqUh9xOqkvn26vmAdqMbkcXO6i39Y34qBWVSREkkvJOOUY+pzG7xx/E6Pu1kR
PZGAgnCfFdlUDP82jFKC0d+nsUoiL0O2rjvtYYu50kbTM9BRt5zasYG4voSabFQy
WLXfmZosl1CLHEBDI7gPvmm9O7OqXICYckA1EozR0/Bm0/fL1oVQR3UVrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB9sB3Vpm12GUKr58sZO0AwJSNzxMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvSDJ3SGRXbWJYWVpRcXZueXhrN1FEQWxJM1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQQsAwQB
wtV8MBYEAgACMBADBwAgAQZ8EPADBQAqAmjAMA0GCSqGSIb3DQEBCwUAA4IBAQAf
U5PTVTyPLRhu65k2AziatBU7krBGlDk7MCCoXIifmTMnU/ygTja6wua9D4Zkctop
6rIHaOGMd4rQ/EOk5tBDwIGPPH34Dr6xrqZRdqJSuI1OK/KcagM9NGQxy9LRDPbJ
JA9WjKJoIpm43xgcNbFk6BRpfNjerdAfVnnpHmPMRcwRHjzQ7gkeV5FSBh/Om8SM
i90gOlT7jG+EonNjbi+1ZQVSGw2d+GJFIHuW0n2V5iy+fSsltAKlOE93EvDVdcou
FWUFSYC0GyGIsfrAu5rOp8c64yLVniPvN6WwGzW4MgkWCy9ZNrenBJph5QU2a2D4
P5b5ov+7apIXun5aA9Ns
-----END CERTIFICATE-----
Generated at Sat Jun 1 19:58:13 2024 by rpki-client on console-ams.rpki-client.org