Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HHfATqr9rjHlAyquh-SQ8YS-bSs.roa
File: HHfATqr9rjHlAyquh-SQ8YS-bSs.roa (raw, json)
Hash identifier: UWR0Sc5xktv87JMYVPc8EkG539pY5tze709YgiyT53g=
Subject key identifier: 1C:77:C0:4E:AA:FD:AE:31:E5:03:2A:AE:87:E4:90:F1:84:BE:6D:2B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD0B06AADB0D17D5EEB995AAA14A6F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HHfATqr9rjHlAyquh-SQ8YS-bSs.roa
Signing time: Tue 02 Jan 2024 06:29:38 +0000
ROA not before: Tue 02 Jan 2024 06:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209806
IP address blocks: 83.143.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0b:06:aa:db:0d:17:d5:ee:b9:95:aa:a1:4a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c77c04eaafdae31e5032aae87e490f184be6d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b2:2a:a6:90:a1:f6:1e:7e:7f:be:76:ad:8a:
52:c6:b9:b1:59:af:4a:e8:f9:9d:6b:f2:33:69:59:
69:3e:66:d7:bd:9b:ad:f9:1c:54:c7:6c:f5:df:d4:
f1:7b:7b:bd:01:d9:94:a1:99:47:da:94:20:bf:48:
b6:48:22:db:b5:f1:76:f7:54:fd:9a:12:13:7a:b9:
df:74:31:02:96:36:fa:ff:0d:d2:60:55:d7:ac:d0:
09:db:7a:69:f9:2b:d0:42:cc:25:8a:eb:58:8c:b1:
54:06:a6:d2:47:a7:27:09:7a:ed:d3:52:03:24:4e:
e4:31:22:e8:b6:27:80:be:a9:41:00:ab:cd:75:32:
eb:3e:be:cf:a2:01:85:ef:62:22:f8:00:f0:f9:8e:
c8:96:33:04:de:e7:f2:2d:0c:08:be:e7:c8:8f:9a:
43:4c:05:d5:33:33:ba:32:ed:07:4b:c6:63:c9:87:
00:48:b9:ce:be:59:5b:f9:51:74:6a:26:2b:04:bc:
92:5a:5a:37:fe:ca:6a:dd:a4:00:ff:c4:99:75:97:
0b:d4:62:73:d7:1f:1d:9b:95:5d:db:5c:88:b5:1b:
1f:14:0d:62:fc:e2:02:b3:27:e1:cf:e9:81:7a:65:
27:dd:cf:4f:d1:56:7b:93:62:93:14:09:87:eb:ac:
1c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:77:C0:4E:AA:FD:AE:31:E5:03:2A:AE:87:E4:90:F1:84:BE:6D:2B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HHfATqr9rjHlAyquh-SQ8YS-bSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.112.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2b:a3:eb:63:5d:a2:13:68:4c:48:3f:e1:6f:8d:77:e4:db:
22:03:bc:ff:29:25:1e:86:ec:2b:fb:78:aa:eb:b5:5b:10:1f:
ee:dd:5b:a0:41:ad:95:19:9a:04:e0:cb:03:5d:ef:a5:9c:c5:
eb:69:11:10:06:d8:66:09:e0:4b:93:c3:1e:6a:2e:b5:99:7c:
3f:b9:b3:60:94:ef:5c:04:7f:b1:81:2d:b3:b9:27:bd:c8:9f:
73:d3:92:05:cd:fa:c9:09:23:c5:95:13:44:4d:03:0e:c9:72:
ec:1f:46:5a:6e:b2:3b:89:96:3c:4f:50:47:57:46:1e:ba:89:
18:5e:20:cb:08:80:cb:08:14:56:ca:c4:8d:78:d9:4c:1b:86:
71:40:ce:cd:9e:e1:d2:bf:ce:b4:b8:28:4f:5f:2b:29:34:b3:
84:b4:dd:c5:55:1c:25:5c:77:b1:2c:fd:27:bb:42:d2:1c:86:
18:45:9c:9b:7f:c8:6d:da:5d:b0:2c:57:5e:19:ac:dc:e2:42:
1e:a3:88:f2:d5:37:a3:6d:7f:47:64:17:3e:8d:e6:5d:5b:c1:
a9:5e:60:fa:6d:da:b0:07:46:07:96:98:c1:9d:c9:9d:92:59:
68:74:8e:be:8d:71:81:fe:32:ce:69:7c:ab:8d:d4:e7:2d:49:
c9:59:55:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3QsGqtsNF9XuuZWqoUpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzc3YzA0ZWFhZmRhZTMxZTUwMzJhYWU4N2U0OTBmMTg0YmU2ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbIqppCh9h5+f752rYpSxrmxWa9K
6Pmda/IzaVlpPmbXvZut+RxUx2z139Txe3u9AdmUoZlH2pQgv0i2SCLbtfF291T9
mhITernfdDECljb6/w3SYFXXrNAJ23pp+SvQQswliutYjLFUBqbSR6cnCXrt01ID
JE7kMSLotieAvqlBAKvNdTLrPr7PogGF72Ii+ADw+Y7IljME3ufyLQwIvufIj5pD
TAXVMzO6Mu0HS8ZjyYcASLnOvllb+VF0aiYrBLySWlo3/spq3aQA/8SZdZcL1GJz
1x8dm5Vd21yItRsfFA1i/OICsyfhz+mBemUn3c9P0VZ7k2KTFAmH66wczwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBx3wE6q/a4x5QMqrofkkPGEvm0rMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSEhmQVRxcjlyakhsQXlxdWgtU1E4WVMtYlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU49wMA0G
CSqGSIb3DQEBCwUAA4IBAQA+K6PrY12iE2hMSD/hb4135NsiA7z/KSUehuwr+3iq
67VbEB/u3VugQa2VGZoE4MsDXe+lnMXraREQBthmCeBLk8Meai61mXw/ubNglO9c
BH+xgS2zuSe9yJ9z05IFzfrJCSPFlRNETQMOyXLsH0ZabrI7iZY8T1BHV0YeuokY
XiDLCIDLCBRWysSNeNlMG4ZxQM7NnuHSv860uChPXyspNLOEtN3FVRwlXHexLP0n
u0LSHIYYRZybf8ht2l2wLFdeGazc4kIeo4jy1TejbX9HZBc+jeZdW8GpXmD6bdqw
B0YHlpjBncmdkllodI6+jXGB/jLOaXyrjdTnLUnJWVX6
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:05 2024 by rpki-client on console-ams.rpki-client.org