Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hbRCPnCOgeopz2qdNpo-EDaebNk.roa
File: hbRCPnCOgeopz2qdNpo-EDaebNk.roa (raw, json)
Hash identifier: w+kPT8Nlw2fGnYuREjbi0FmlLxUUTTqpKBmTqjVNZG0=
Subject key identifier: 85:B4:42:3E:70:8E:81:EA:29:CF:6A:9D:36:9A:3E:10:36:9E:6C:D9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A932A8C80765BA6748C63034E7D14
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hbRCPnCOgeopz2qdNpo-EDaebNk.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213028
IP address blocks: 194.135.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:93:2a:8c:80:76:5b:a6:74:8c:63:03:4e:7d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85b4423e708e81ea29cf6a9d369a3e10369e6cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f2:86:5b:9a:8c:1f:73:4b:e5:41:fa:ed:9f:
59:04:68:3c:c7:88:a0:5c:cd:4e:a2:bf:bc:0d:67:
19:49:32:39:6d:8b:af:df:5c:a0:68:70:fc:38:29:
5d:66:75:fd:74:32:e0:59:29:41:8d:0b:43:e1:9d:
4d:8e:d9:3a:be:55:38:68:74:ac:ff:ca:6b:79:50:
be:8a:72:d5:d0:f7:19:b5:32:25:43:cc:8a:76:bc:
4f:aa:2d:cc:e6:3e:e2:a1:2a:63:0b:0e:76:a0:1b:
f3:49:dc:0f:97:06:d9:7b:2d:0b:94:fe:be:e7:be:
90:66:83:f1:64:f7:16:45:35:d9:43:f1:eb:dd:28:
d8:8d:ca:a0:16:57:8b:01:c7:0b:7d:e6:7b:8f:04:
9b:bc:e1:95:91:ba:49:25:f9:70:0e:03:e8:e7:cf:
94:36:4c:20:73:c9:12:c3:de:9a:30:8c:bc:a5:bc:
e6:1e:32:7d:20:40:c0:dc:50:3d:77:04:56:b9:3b:
69:4f:6f:21:eb:cf:71:84:2d:22:31:36:54:f0:0e:
b7:80:09:91:ba:98:6d:a8:d3:dc:6f:7b:7f:62:29:
75:52:44:d2:51:1e:b0:61:30:a7:22:6a:2b:24:5b:
d6:dc:5a:27:b0:2a:ec:7d:21:fd:3e:15:d5:aa:57:
a3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B4:42:3E:70:8E:81:EA:29:CF:6A:9D:36:9A:3E:10:36:9E:6C:D9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/hbRCPnCOgeopz2qdNpo-EDaebNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.124.0/24
Signature Algorithm: sha256WithRSAEncryption
01:28:1d:91:a4:20:cf:b0:06:46:2a:ad:be:4d:7c:79:db:dd:
86:5e:61:84:ea:8a:98:b7:44:fc:51:82:5e:f7:72:2f:14:fb:
e7:54:7d:25:81:75:05:8a:c4:f8:a6:96:a3:90:86:ba:74:84:
94:78:71:bf:66:9e:c0:da:04:1c:4b:99:42:82:e4:cb:92:62:
6c:e0:76:70:a8:5d:63:6e:43:4c:cd:e3:45:3e:ad:8c:33:ae:
18:71:af:3d:b6:a7:2e:c1:16:20:01:8f:d7:49:0b:bc:aa:30:
48:d0:8f:e4:bd:2d:39:cb:10:ad:b6:c2:cb:19:e2:4b:db:85:
61:5a:80:8a:ae:50:30:3d:a7:56:ee:60:92:20:46:e4:7b:f8:
ba:c3:e2:61:0a:52:04:ce:13:6c:de:21:fd:79:15:a4:68:43:
63:4f:34:65:38:a3:c8:ba:27:9e:13:30:87:b9:7b:89:93:d2:
64:66:b4:cf:49:50:eb:ca:7c:1c:be:81:fb:73:75:4d:34:5d:
48:30:9c:9b:09:ba:31:59:30:ee:ea:a1:90:8d:74:89:d5:25:
20:69:fe:4c:65:f2:ff:1f:e2:c6:f9:4d:4c:c6:9a:2b:b6:f0:
18:43:a7:9d:0d:58:99:70:e5:56:8d:5b:76:e5:c0:b5:13:54:
5f:5b:5d:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKpMqjIB2W6Z0jGMDTn0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI0NDIzZTcwOGU4MWVhMjljZjZhOWQzNjlhM2UxMDM2OWU2Y2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fKGW5qMH3NL5UH67Z9ZBGg8x4ig
XM1Oor+8DWcZSTI5bYuv31ygaHD8OCldZnX9dDLgWSlBjQtD4Z1Njtk6vlU4aHSs
/8preVC+inLV0PcZtTIlQ8yKdrxPqi3M5j7ioSpjCw52oBvzSdwPlwbZey0LlP6+
576QZoPxZPcWRTXZQ/Hr3SjYjcqgFleLAccLfeZ7jwSbvOGVkbpJJflwDgPo58+U
Nkwgc8kSw96aMIy8pbzmHjJ9IEDA3FA9dwRWuTtpT28h689xhC0iMTZU8A63gAmR
uphtqNPcb3t/Yil1UkTSUR6wYTCnImorJFvW3FonsCrsfSH9PhXVqlejWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIW0Qj5wjoHqKc9qnTaaPhA2nmzZMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaGJSQ1BuQ09nZW9wejJxZE5wby1FRGFlYk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwod8MA0G
CSqGSIb3DQEBCwUAA4IBAQABKB2RpCDPsAZGKq2+TXx5292GXmGE6oqYt0T8UYJe
93IvFPvnVH0lgXUFisT4ppajkIa6dISUeHG/Zp7A2gQcS5lCguTLkmJs4HZwqF1j
bkNMzeNFPq2MM64Yca89tqcuwRYgAY/XSQu8qjBI0I/kvS05yxCttsLLGeJL24Vh
WoCKrlAwPadW7mCSIEbke/i6w+JhClIEzhNs3iH9eRWkaENjTzRlOKPIuieeEzCH
uXuJk9JkZrTPSVDrynwcvoH7c3VNNF1IMJybCboxWTDu6qGQjXSJ1SUgaf5MZfL/
H+LG+U1MxportvAYQ6edDViZcOVWjVt25cC1E1RfW11l
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:14:52 2024 by rpki-client on console-ams.rpki-client.org