Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/hn1VXqP5Ma-0iu2dvgAXvxBC7KI.roa
File: hn1VXqP5Ma-0iu2dvgAXvxBC7KI.roa (raw, json)
Hash identifier: f5baMGnvdyYj5Pt9QTYve7ezAxSdNl1Te7QgiBTLEy0=
Subject key identifier: 86:7D:55:5E:A3:F9:31:AF:B4:8A:ED:9D:BE:00:17:BF:10:42:EC:A2
Certificate issuer: /CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Certificate serial: 018F814619BED8AFD912924533E9654D5376
Authority key identifier: AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/hn1VXqP5Ma-0iu2dvgAXvxBC7KI.roa
Signing time: Thu 16 May 2024 12:00:05 +0000
ROA not before: Thu 16 May 2024 12:00:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24864
IP address blocks: 2.58.144.0/23 maxlen: 24
89.188.64.0/21 maxlen: 24
185.159.56.0/22 maxlen: 24
193.110.28.0/22 maxlen: 24
195.234.157.0/24 maxlen: 24
217.13.176.0/20 maxlen: 24
2a02:7c8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:46:19:be:d8:af:d9:12:92:45:33:e9:65:4d:53:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af73ff1ec55f49296dd734039fa0284cc400eb26
Validity
Not Before: May 16 12:00:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=867d555ea3f931afb48aed9dbe0017bf1042eca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:97:c6:0f:c9:11:2d:99:ec:5b:1d:96:ed:29:
18:4b:bd:d1:55:a0:85:08:fa:ec:c7:5f:4c:0a:bf:
a3:fa:cd:ec:99:c5:f5:de:6d:25:0d:b7:d2:a8:d7:
91:96:2b:da:1d:f8:f5:b7:8b:d1:10:9d:89:c2:ce:
8f:50:36:6f:a5:eb:ee:cb:97:23:3a:31:d2:03:79:
4b:9a:d8:f9:c2:f8:3c:d9:20:da:c5:a1:e1:3a:7d:
8f:a9:db:cb:5c:65:2d:ae:5c:d5:b6:40:eb:fe:bc:
c2:c7:c0:6c:f6:17:8c:3a:16:5d:38:45:a1:f9:d9:
5b:ad:9c:7b:f1:fa:d6:aa:ca:53:6c:29:8d:d6:4a:
8a:5b:1b:7a:46:4b:80:c5:0a:3a:20:4d:f4:4b:d1:
ce:0b:91:97:1f:02:45:d0:a7:dd:37:3c:59:df:67:
08:60:71:ff:02:68:68:5a:a6:99:dd:43:d0:ec:eb:
cc:be:ca:26:79:27:c7:53:cb:1d:45:e6:13:9c:b8:
a1:15:97:77:e6:f0:cd:d2:74:8b:d6:a9:79:ec:e0:
ed:40:bd:18:1f:98:c4:15:ac:25:02:bb:14:58:b8:
47:d7:d5:ee:a2:8b:2d:19:b0:83:7d:eb:dc:8c:c7:
5f:3c:49:b7:45:e2:bc:fa:b5:30:dc:32:df:b4:df:
67:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7D:55:5E:A3:F9:31:AF:B4:8A:ED:9D:BE:00:17:BF:10:42:EC:A2
X509v3 Authority Key Identifier:
keyid:AF:73:FF:1E:C5:5F:49:29:6D:D7:34:03:9F:A0:28:4C:C4:00:EB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3P_HsVfSSlt1zQDn6AoTMQA6yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/hn1VXqP5Ma-0iu2dvgAXvxBC7KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cea581-5cde-4574-ba0a-2c62de7b3e45/1/r3P_HsVfSSlt1zQDn6AoTMQA6yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.144.0/23
89.188.64.0/21
185.159.56.0/22
193.110.28.0/22
195.234.157.0/24
217.13.176.0/20
IPv6:
2a02:7c8::/32
Signature Algorithm: sha256WithRSAEncryption
1a:2c:f0:f3:8a:fd:dc:96:b8:26:0e:e4:f3:b9:34:72:47:87:
33:79:eb:7e:e0:ae:c2:ca:f8:94:e8:94:90:1c:b0:a4:ec:1a:
15:8b:1e:8e:05:77:d3:3f:9c:14:63:d8:49:95:43:c2:8b:e3:
54:ce:5d:d7:a3:a7:c7:60:2e:11:61:23:ea:20:29:e6:3c:76:
48:dc:1b:97:12:d6:00:96:42:4f:fe:e7:89:c1:fe:b6:5b:e7:
3a:68:bb:98:e9:29:eb:3e:2f:c9:3b:f1:75:59:97:7f:82:82:
36:e6:0e:11:a0:55:96:25:8e:6f:af:2d:ed:43:ae:0f:2a:f5:
ea:45:09:08:37:1b:4d:96:79:54:9c:eb:99:37:ba:9e:e8:43:
53:de:84:89:3f:84:a0:53:76:44:99:fd:a4:24:31:9a:fa:2a:
0a:ff:54:e4:c5:65:d1:2d:a7:f5:6a:74:c8:98:98:7f:72:57:
07:ed:5f:18:21:76:af:b3:a5:82:7d:09:2a:46:5b:87:fc:35:
30:01:8b:36:d9:48:8f:52:4b:00:bd:af:5e:15:dd:78:0d:60:
f0:45:09:24:50:d7:70:2e:9c:e9:40:88:60:8c:08:91:bb:0e:
70:e8:b3:74:99:72:16:66:d0:41:14:67:cd:12:06:ac:ab:80:
cc:a1:d3:f2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY+BRhm+2K/ZEpJFM+llTVN2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzNmZjFlYzU1ZjQ5Mjk2ZGQ3MzQwMzlmYTAyODRjYzQw
MGViMjYwHhcNMjQwNTE2MTIwMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdkNTU1ZWEzZjkzMWFmYjQ4YWVkOWRiZTAwMTdiZjEwNDJlY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJfGD8kRLZnsWx2W7SkYS73RVaCF
CPrsx19MCr+j+s3smcX13m0lDbfSqNeRlivaHfj1t4vREJ2Jws6PUDZvpevuy5cj
OjHSA3lLmtj5wvg82SDaxaHhOn2PqdvLXGUtrlzVtkDr/rzCx8Bs9heMOhZdOEWh
+dlbrZx78frWqspTbCmN1kqKWxt6RkuAxQo6IE30S9HOC5GXHwJF0KfdNzxZ32cI
YHH/AmhoWqaZ3UPQ7OvMvsomeSfHU8sdReYTnLihFZd35vDN0nSL1ql57ODtQL0Y
H5jEFawlArsUWLhH19XuoostGbCDfevcjMdfPEm3ReK8+rUw3DLftN9nKQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIZ9VV6j+TGvtIrtnb4AF78QQuyiMB8GA1UdIwQY
MBaAFK9z/x7FX0kpbdc0A5+gKEzEAOsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNQX0hzVmZTU2x0MXpRRG42QW9UTVFBNnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZWE1ODEtNWNkZS00NTc0LWJhMGEt
MmM2MmRlN2IzZTQ1LzEvaG4xVlhxUDVNYS0waXUyZHZnQVh2eEJDN0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZWE1ODEtNWNkZS00NTc0LWJhMGEtMmM2MmRlN2IzZTQ1
LzEvcjNQX0hzVmZTU2x0MXpRRG42QW9UTVFBNnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBAjqQAwQD
WbxAAwQCuZ84AwQCwW4cAwQAw+qdAwQE2Q2wMA0EAgACMAcDBQAqAgfIMA0GCSqG
SIb3DQEBCwUAA4IBAQAaLPDziv3clrgmDuTzuTRyR4czeet+4K7CyviU6JSQHLCk
7BoVix6OBXfTP5wUY9hJlUPCi+NUzl3Xo6fHYC4RYSPqICnmPHZI3BuXEtYAlkJP
/ueJwf62W+c6aLuY6SnrPi/JO/F1WZd/goI25g4RoFWWJY5vry3tQ64PKvXqRQkI
NxtNlnlUnOuZN7qe6ENT3oSJP4SgU3ZEmf2kJDGa+ioK/1TkxWXRLaf1anTImJh/
clcH7V8YIXavs6WCfQkqRluH/DUwAYs22UiPUksAva9eFd14DWDwRQkkUNdwLpzp
QIhgjAiRuw5w6LN0mXIWZtBBFGfNEgasq4DModPy
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:51:05 2024 by rpki-client on console-ams.rpki-client.org