Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa
File: Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa (raw, json)
Hash identifier: +/5Bdk8bC4KflF2qRwJQ/rS0Pmdb7XWUVl/NT5tnUHI=
Subject key identifier: 1F:26:B6:75:57:0B:BE:DE:12:33:50:CC:5A:98:10:28:A9:54:5A:70
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018FC89D9A8F1E5450F4082EA69E2A578C47
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa
Signing time: Thu 30 May 2024 08:28:42 +0000
ROA not before: Thu 30 May 2024 08:28:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205007
IP address blocks: 193.108.115.0/24 maxlen: 24
194.87.43.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:9d:9a:8f:1e:54:50:f4:08:2e:a6:9e:2a:57:8c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 30 08:28:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f26b675570bbede123350cc5a981028a9545a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:49:67:c2:8c:7f:1d:96:0d:98:68:a2:87:6f:
05:bd:bf:16:0f:46:f2:1b:ba:02:51:ea:64:0a:ba:
fc:b1:38:57:f3:77:68:bf:59:9d:85:6b:d0:3b:4d:
26:e4:75:9a:9a:a7:ac:69:4e:7a:4d:b8:b6:1b:6c:
ea:58:7c:47:76:4c:c0:7d:0c:a1:08:a8:cb:60:c0:
f4:4b:40:a4:73:d7:a3:df:d3:26:50:20:11:c2:b4:
db:d4:7f:66:d8:8f:ab:37:94:f2:f5:0c:ad:25:a9:
dd:84:ab:1b:46:34:62:9b:04:cc:73:95:61:20:cb:
42:61:44:96:9b:fe:5e:1c:17:39:94:3d:e8:93:2b:
71:8f:74:78:ac:da:f6:44:a6:b5:e7:e6:81:e7:a2:
ab:20:ff:5b:75:1a:69:33:f7:ea:ef:19:d6:ef:6c:
f2:dd:5d:8d:cb:0f:8e:b1:7d:54:bf:21:0b:d5:ba:
a1:9e:ff:16:36:f7:b2:16:54:89:06:80:e7:66:f7:
dd:46:46:90:13:00:8c:1f:6b:1a:00:d5:ab:e4:cd:
b0:79:d4:50:08:13:32:da:f4:8e:e5:98:b1:ec:15:
ac:12:39:65:38:12:52:36:85:a4:c0:e3:39:5b:4c:
08:09:f9:a4:6f:db:9a:13:5b:8b:fd:77:93:63:92:
06:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:26:B6:75:57:0B:BE:DE:12:33:50:CC:5A:98:10:28:A9:54:5A:70
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hya2dVcLvt4SM1DMWpgQKKlUWnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.115.0/24
194.87.43.0/24
194.87.240.0/24
194.87.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:69:bf:cc:6a:6a:2c:ed:56:83:58:a0:a5:0f:cd:ac:26:ce:
02:9a:7a:61:a0:f9:29:ad:55:6c:3b:21:ae:5a:f3:3c:9e:8e:
50:22:44:f2:61:9c:72:0b:bd:fa:30:07:21:50:f1:78:76:97:
e4:cb:69:48:f7:c2:5f:bf:4b:74:3b:fc:be:f2:78:a3:c1:fb:
72:46:d9:2e:1c:dd:73:b7:79:87:68:4e:3c:29:7c:9e:9b:8a:
a6:6e:94:f6:f8:19:bc:a2:3f:02:7b:28:21:d2:14:df:61:37:
9b:53:14:f1:d3:86:b6:e8:78:21:20:49:88:f5:fd:e8:38:a2:
09:68:67:a3:cd:43:e3:fe:f4:39:5b:e4:91:3c:9a:ff:46:bf:
ce:0c:4e:e5:00:ab:02:43:98:c1:35:49:79:f7:df:4a:b3:1b:
de:c9:13:19:b2:45:68:85:e3:3c:67:68:66:51:f0:8b:df:93:
94:fe:5d:dc:b5:c9:12:bd:64:7c:43:64:72:49:75:f9:b6:b1:
f5:0d:36:b6:e7:72:f0:27:6c:82:f5:a4:1b:ef:a9:1a:79:6f:
f4:b1:aa:ca:80:cd:40:fd:e1:df:4d:33:d8:f5:75:4d:88:50:
63:7b:56:f5:4c:92:9e:77:5f:29:15:62:72:1f:a5:bc:70:93:
dc:86:72:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/InZqPHlRQ9Agupp4qV4xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTMwMDgyODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI2YjY3NTU3MGJiZWRlMTIzMzUwY2M1YTk4MTAyOGE5NTQ1YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0lnwox/HZYNmGiih28Fvb8WD0by
G7oCUepkCrr8sThX83dov1mdhWvQO00m5HWamqesaU56Tbi2G2zqWHxHdkzAfQyh
CKjLYMD0S0Ckc9ej39MmUCARwrTb1H9m2I+rN5Ty9QytJandhKsbRjRimwTMc5Vh
IMtCYUSWm/5eHBc5lD3okytxj3R4rNr2RKa15+aB56KrIP9bdRppM/fq7xnW72zy
3V2Nyw+OsX1UvyEL1bqhnv8WNveyFlSJBoDnZvfdRkaQEwCMH2saANWr5M2wedRQ
CBMy2vSO5Zix7BWsEjllOBJSNoWkwOM5W0wICfmkb9uaE1uL/XeTY5IGKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB8mtnVXC77eEjNQzFqYECipVFpwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSHlhMmRWY0x2dDRTTTFETVdwZ1FLS2xVV25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwWxzAwQA
wlcrAwQAwlfwAwQAwlfzMA0GCSqGSIb3DQEBCwUAA4IBAQAcab/Mamos7VaDWKCl
D82sJs4CmnphoPkprVVsOyGuWvM8no5QIkTyYZxyC736MAchUPF4dpfky2lI98Jf
v0t0O/y+8nijwftyRtkuHN1zt3mHaE48KXyem4qmbpT2+Bm8oj8Ceygh0hTfYTeb
UxTx04a26HghIEmI9f3oOKIJaGejzUPj/vQ5W+SRPJr/Rr/ODE7lAKsCQ5jBNUl5
999KsxveyRMZskVoheM8Z2hmUfCL35OU/l3ctckSvWR8Q2RySXX5trH1DTa253Lw
J2yC9aQb76kaeW/0sarKgM1A/eHfTTPY9XVNiFBje1b1TJKed18pFWJyH6W8cJPc
hnLY
-----END CERTIFICATE-----
Generated at Tue Jun 18 10:57:00 2024 by rpki-client on console-ams.rpki-client.org