Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rHKlmEqWFlK-L8-7vnsYUdFgoDE.roa
File: rHKlmEqWFlK-L8-7vnsYUdFgoDE.roa (raw, json)
Hash identifier: /fKVcagiuwIMIoo7Y2olwOTSxwzMQLW6t3EqCTjQ7Bc=
Subject key identifier: AC:72:A5:98:4A:96:16:52:BE:2F:CF:BB:BE:7B:18:51:D1:60:A0:31
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCF16F52A8B82E4942D8B4EAFBB3BE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rHKlmEqWFlK-L8-7vnsYUdFgoDE.roa
Signing time: Tue 02 Jan 2024 06:29:32 +0000
ROA not before: Tue 02 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60202
IP address blocks: 94.156.56.0/24 maxlen: 24
94.156.58.0/24 maxlen: 24
94.156.57.0/24 maxlen: 24
94.156.60.0/24 maxlen: 24
94.156.59.0/24 maxlen: 24
87.120.231.0/24 maxlen: 24
87.120.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f1:6f:52:a8:b8:2e:49:42:d8:b4:ea:fb:b3:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac72a5984a961652be2fcfbbbe7b1851d160a031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e1:c9:9b:de:a5:29:f4:78:8c:08:a3:e9:23:
f9:34:16:5f:d8:ba:29:1b:2e:f2:88:c6:1c:d7:4d:
47:6d:0e:78:3b:58:c8:00:73:ac:f7:4f:92:9d:8b:
00:56:a3:57:e0:28:05:ad:1a:43:81:7d:db:d0:38:
f4:6e:bc:eb:48:58:83:bb:66:01:5d:85:7d:cd:4e:
79:68:6f:ea:d5:97:99:0d:e9:b6:86:18:90:2c:e3:
dc:31:da:58:b8:f0:48:6a:53:65:62:c2:9b:e8:ad:
9e:0e:8b:49:0f:54:55:db:7a:01:ba:50:a1:16:7a:
78:a4:1b:ce:78:ba:c3:1d:d0:82:29:ce:f7:41:54:
47:f7:bc:55:ae:08:5a:c1:06:7f:17:ed:9a:ba:2c:
0e:5b:a4:fb:82:57:59:38:c2:32:3c:13:46:9b:2c:
f1:b0:33:90:90:8c:48:d6:a3:ec:17:b2:3d:1b:66:
56:c6:97:b3:f7:17:b6:80:07:82:24:42:7a:91:a9:
af:1a:df:18:6b:e2:cf:06:95:7c:04:fa:d8:4d:56:
58:f4:4d:df:6f:de:52:47:a5:63:2a:06:b5:6c:a3:
a3:83:45:ae:73:f2:96:94:ae:fa:17:18:48:53:58:
6f:44:00:8a:57:30:2e:8b:22:ec:5e:d7:f0:f3:71:
9f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:72:A5:98:4A:96:16:52:BE:2F:CF:BB:BE:7B:18:51:D1:60:A0:31
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rHKlmEqWFlK-L8-7vnsYUdFgoDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.230.0/23
94.156.56.0-94.156.60.255
Signature Algorithm: sha256WithRSAEncryption
28:b0:5f:71:ad:1f:42:8c:ee:89:2b:05:09:56:4e:2a:b6:6f:
de:24:1e:f0:a9:2a:02:91:d7:dd:7f:89:cc:fc:e5:6b:4e:ab:
96:bf:f5:88:ec:87:e6:56:3b:66:4f:c3:82:cb:6d:a4:06:78:
92:e1:31:86:a3:a3:e2:ad:cf:ce:e1:9e:af:e9:bb:75:4c:3e:
62:bc:7a:a9:1b:6d:6b:90:7c:ee:3f:c7:27:d3:10:60:70:90:
bf:ef:85:0c:07:8b:d5:57:c4:79:9d:c3:ac:02:89:13:a9:94:
92:ad:f9:26:11:ef:82:d8:ee:c1:74:e8:b1:83:f5:57:6a:6b:
cf:a6:61:98:38:01:c5:23:82:e2:7f:ff:52:98:83:98:ce:03:
1a:47:74:d2:f8:1b:59:c8:20:12:50:58:16:c0:c8:10:8d:a3:
fa:6f:2f:11:13:14:5f:c5:9c:fb:5f:f4:0a:c1:5d:03:79:5d:
c0:87:63:aa:a5:18:50:2b:53:e4:ea:8a:14:03:63:af:03:d7:
0f:d9:8d:87:1a:39:97:32:7c:c6:1c:99:49:b6:15:c0:2b:92:
e3:7e:4e:64:51:74:48:ac:c7:f8:11:1b:97:b0:c3:ae:91:20:
92:6b:7a:d5:cf:d3:e4:49:1a:6a:ab:48:54:2c:3b:11:57:34:
71:38:f2:49
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3PFvUqi4LklC2LTq+7O+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzcyYTU5ODRhOTYxNjUyYmUyZmNmYmJiZTdiMTg1MWQxNjBhMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOHJm96lKfR4jAij6SP5NBZf2Lop
Gy7yiMYc101HbQ54O1jIAHOs90+SnYsAVqNX4CgFrRpDgX3b0Dj0brzrSFiDu2YB
XYV9zU55aG/q1ZeZDem2hhiQLOPcMdpYuPBIalNlYsKb6K2eDotJD1RV23oBulCh
Fnp4pBvOeLrDHdCCKc73QVRH97xVrghawQZ/F+2auiwOW6T7gldZOMIyPBNGmyzx
sDOQkIxI1qPsF7I9G2ZWxpez9xe2gAeCJEJ6kamvGt8Ya+LPBpV8BPrYTVZY9E3f
b95SR6VjKga1bKOjg0Wuc/KWlK76FxhIU1hvRACKVzAuiyLsXtfw83GfcQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKxypZhKlhZSvi/Pu757GFHRYKAxMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvckhLbG1FcVdGbEstTDgtN3Zuc1lVZEZnb0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBV3jmMAwD
BANenDgDBABenDwwDQYJKoZIhvcNAQELBQADggEBACiwX3GtH0KM7okrBQlWTiq2
b94kHvCpKgKR191/icz85WtOq5a/9Yjsh+ZWO2ZPw4LLbaQGeJLhMYajo+Ktz87h
nq/pu3VMPmK8eqkbbWuQfO4/xyfTEGBwkL/vhQwHi9VXxHmdw6wCiROplJKt+SYR
74LY7sF06LGD9Vdqa8+mYZg4AcUjguJ//1KYg5jOAxpHdNL4G1nIIBJQWBbAyBCN
o/pvLxETFF/FnPtf9ArBXQN5XcCHY6qlGFArU+TqihQDY68D1w/ZjYcaOZcyfMYc
mUm2FcArkuN+TmRRdEisx/gRG5eww66RIJJretXP0+RJGmqrSFQsOxFXNHE48kk=
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:20 2024 by rpki-client on console-ams.rpki-client.org