Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/HYWZIyGDoqun4E7bPExTZPZqqWs.roa
File: HYWZIyGDoqun4E7bPExTZPZqqWs.roa (raw, json)
Hash identifier: rNEMAU4LuGZ/eKnqTr896Ivt6keCIUWhfasO37uqnUY=
Subject key identifier: 1D:85:99:23:21:83:A2:AB:A7:E0:4E:DB:3C:4C:53:64:F6:6A:A9:6B
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 018CC94DBC6E8B467618CBAC207D3819744E
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/HYWZIyGDoqun4E7bPExTZPZqqWs.roa
Signing time: Tue 02 Jan 2024 08:32:44 +0000
ROA not before: Tue 02 Jan 2024 08:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210536
IP address blocks: 25.129.198.0/24 maxlen: 24
25.129.199.0/24 maxlen: 24
2a08:600:ee::/48 maxlen: 48
2a08:600:ef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:bc:6e:8b:46:76:18:cb:ac:20:7d:38:19:74:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Jan 2 08:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d8599232183a2aba7e04edb3c4c5364f66aa96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6a:75:d6:3d:0c:57:81:f5:fa:70:ee:03:e8:
eb:3d:cf:5b:a1:c8:f7:bd:69:66:27:da:3d:52:56:
41:26:ef:c6:34:a7:e7:72:67:72:f7:89:c8:ff:96:
34:61:e5:9f:9d:41:d4:d2:92:d9:b9:b2:c6:fd:8c:
0a:58:cf:88:a3:d1:40:58:fa:f3:6f:8f:ca:ed:98:
43:24:3c:3f:96:2a:b2:e9:c7:a6:b2:2a:38:8f:38:
cf:bb:2d:e3:41:ad:ae:4a:74:51:bb:53:a9:e1:79:
c0:09:36:c9:04:a0:f2:ea:7f:ec:f1:be:64:54:f9:
5d:4c:d5:d4:5e:9d:b8:1b:f1:e5:ff:00:3d:07:f3:
e7:79:79:21:9e:60:62:5d:f6:cb:7f:6e:95:57:a0:
35:d3:b0:27:4c:1a:f0:a7:56:1a:60:a4:62:ce:d5:
6f:3f:ef:6b:c9:f6:e1:cb:78:8b:c1:31:66:f5:47:
4c:24:1a:36:0f:09:89:92:4e:bf:71:fd:7e:75:fd:
f0:6a:f4:78:83:e5:b9:38:ec:9e:e9:87:91:59:94:
f3:8a:75:53:4d:93:30:a1:9b:35:c9:d7:08:24:bb:
d8:c6:2a:b6:bf:c4:72:8d:27:56:77:d3:9f:67:4e:
b2:51:49:02:c8:db:10:53:31:ec:87:b5:24:5f:31:
ad:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:85:99:23:21:83:A2:AB:A7:E0:4E:DB:3C:4C:53:64:F6:6A:A9:6B
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/HYWZIyGDoqun4E7bPExTZPZqqWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.129.198.0/23
IPv6:
2a08:600:ee::/47
Signature Algorithm: sha256WithRSAEncryption
ef:09:38:c1:61:c8:71:14:6f:a5:d0:cc:18:a9:4a:17:cf:79:
41:27:44:f4:d4:b1:95:67:ef:c2:3e:6d:04:dd:57:b6:06:8e:
3b:ed:b5:05:c3:df:8f:e6:93:51:0c:cb:3c:93:61:da:2f:b6:
14:59:cd:7d:2b:7a:8c:b2:7c:86:7d:a9:82:07:a1:0e:95:5f:
92:f0:cf:82:cf:d6:b5:95:69:4b:4b:76:fa:f3:bb:33:e9:2c:
65:45:16:f9:22:28:3a:f9:75:10:e8:ad:fc:51:d5:ed:8a:e6:
9c:bb:35:99:8c:5c:49:eb:54:a6:f5:4d:9c:52:3b:56:20:81:
f7:35:75:9d:3d:0f:f2:e2:91:88:f9:d8:eb:11:5b:54:d9:ac:
b5:96:f9:15:14:60:ed:a3:90:f8:8d:bc:de:85:cb:b0:40:e6:
0c:31:94:8d:04:7c:ae:f4:7e:aa:06:01:7c:fe:d0:9c:ac:ee:
6f:de:e7:35:e3:94:93:78:b3:7a:97:4b:4c:5a:e4:68:85:c8:
8e:66:dd:ec:68:32:cb:76:2d:6c:c5:3c:7c:cc:80:93:0d:9c:
53:f8:16:c7:14:54:2f:7b:e8:22:2f:49:65:2e:1f:8e:8c:66:
2a:48:c2:1e:40:b1:09:12:fc:3f:31:22:75:93:39:ab:ef:d3:
16:b8:f9:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTbxui0Z2GMusIH04GXROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjQwMTAyMDgzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg1OTkyMzIxODNhMmFiYTdlMDRlZGIzYzRjNTM2NGY2NmFhOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGp11j0MV4H1+nDuA+jrPc9bocj3
vWlmJ9o9UlZBJu/GNKfncmdy94nI/5Y0YeWfnUHU0pLZubLG/YwKWM+Io9FAWPrz
b4/K7ZhDJDw/liqy6cemsio4jzjPuy3jQa2uSnRRu1Op4XnACTbJBKDy6n/s8b5k
VPldTNXUXp24G/Hl/wA9B/PneXkhnmBiXfbLf26VV6A107AnTBrwp1YaYKRiztVv
P+9ryfbhy3iLwTFm9UdMJBo2DwmJkk6/cf1+df3wavR4g+W5OOye6YeRWZTzinVT
TZMwoZs1ydcIJLvYxiq2v8RyjSdWd9OfZ06yUUkCyNsQUzHsh7UkXzGtNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2FmSMhg6Krp+BO2zxMU2T2aqlrMB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEvSFlXWkl5R0RvcXVuNEU3YlBFeFRaUFpxcVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBGYHGMA8E
AgACMAkDBwEqCAYAAO4wDQYJKoZIhvcNAQELBQADggEBAO8JOMFhyHEUb6XQzBip
ShfPeUEnRPTUsZVn78I+bQTdV7YGjjvttQXD34/mk1EMyzyTYdovthRZzX0reoyy
fIZ9qYIHoQ6VX5Lwz4LP1rWVaUtLdvrzuzPpLGVFFvkiKDr5dRDorfxR1e2K5py7
NZmMXEnrVKb1TZxSO1Yggfc1dZ09D/LikYj52OsRW1TZrLWW+RUUYO2jkPiNvN6F
y7BA5gwxlI0EfK70fqoGAXz+0Jys7m/e5zXjlJN4s3qXS0xa5GiFyI5m3exoMst2
LWzFPHzMgJMNnFP4FscUVC976CIvSWUuH46MZipIwh5AsQkS/D8xInWTOavv0xa4
+fw=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:28:46 2024 by rpki-client on console-ams.rpki-client.org