Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/0hfb5qISGkjolenYvj6y3EQ1RyE.roa
File: 0hfb5qISGkjolenYvj6y3EQ1RyE.roa (raw, json)
Hash identifier: 70E+th+tD/HDI+6XMAOvU4S452HAeVKkPKRv4Eg8bhg=
Subject key identifier: D2:17:DB:E6:A2:12:1A:48:E8:95:E9:D8:BE:3E:B2:DC:44:35:47:21
Certificate issuer: /CN=d5a2196ef119221155e1683f8967d254625dae71
Certificate serial: 018CC870B61C920096AC237B25F49CC69585
Authority key identifier: D5:A2:19:6E:F1:19:22:11:55:E1:68:3F:89:67:D2:54:62:5D:AE:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/0hfb5qISGkjolenYvj6y3EQ1RyE.roa
Signing time: Tue 02 Jan 2024 04:31:18 +0000
ROA not before: Tue 02 Jan 2024 04:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49081
IP address blocks: 188.92.32.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:b6:1c:92:00:96:ac:23:7b:25:f4:9c:c6:95:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5a2196ef119221155e1683f8967d254625dae71
Validity
Not Before: Jan 2 04:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d217dbe6a2121a48e895e9d8be3eb2dc44354721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7e:d7:e7:08:57:70:51:2c:62:0a:6d:16:ec:
66:3b:db:a4:59:37:40:8c:e5:37:ff:65:06:ac:d9:
25:df:d9:16:1b:91:00:cc:98:3f:e4:5a:87:9e:89:
71:86:72:8f:d4:b1:b5:ad:90:39:00:ef:37:a5:85:
1b:3d:25:97:c5:db:71:80:82:2a:8e:4b:82:47:92:
98:79:f7:13:c9:85:28:17:f8:4e:15:aa:a2:23:cf:
d8:53:17:5f:15:b0:9e:5d:d9:48:08:e5:28:29:40:
2e:38:dd:20:15:fc:6f:99:1a:4e:f2:b5:f3:c0:a1:
f2:fb:1b:62:89:ac:b0:6c:c3:4f:39:a2:57:3e:06:
d4:35:ad:a2:53:78:a4:d2:50:0c:b3:ce:fa:4d:2a:
d6:5f:fc:73:e4:64:ae:cc:cb:e2:e4:ae:52:6a:47:
4a:8d:cd:76:04:1c:8c:e6:65:dd:29:39:de:a3:a5:
39:b2:49:da:e8:6f:c0:8d:02:e8:76:fd:c5:2f:d3:
8f:a4:9e:ff:75:c2:20:fe:d5:0c:3c:9a:02:61:ae:
99:ce:87:01:25:d0:cd:a5:8d:d1:99:fc:42:8f:b0:
50:fc:da:b8:16:d1:e0:08:9e:14:6e:b3:ed:ba:21:
c3:f8:be:5e:e8:67:08:0d:1a:5d:1b:0d:17:15:01:
64:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:17:DB:E6:A2:12:1A:48:E8:95:E9:D8:BE:3E:B2:DC:44:35:47:21
X509v3 Authority Key Identifier:
keyid:D5:A2:19:6E:F1:19:22:11:55:E1:68:3F:89:67:D2:54:62:5D:AE:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/0hfb5qISGkjolenYvj6y3EQ1RyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b06337-6517-400b-8cb5-7afa0bcd7976/1/1aIZbvEZIhFV4Wg_iWfSVGJdrnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.32.0/21
Signature Algorithm: sha256WithRSAEncryption
79:db:0b:b3:a3:99:51:7b:f9:fb:2d:cc:49:6a:76:29:e6:d5:
f9:81:6d:ca:56:12:c9:63:ee:60:4d:7e:2a:53:8d:3d:fc:3b:
9b:4d:72:52:5c:ad:2d:86:5e:fe:ac:db:77:8f:4c:f8:b6:cf:
eb:2a:62:c8:1e:58:97:4d:c5:2f:18:de:d3:39:26:c3:f4:a1:
1b:42:4e:a0:19:61:82:c1:7a:88:bd:30:c3:ac:97:43:7f:25:
12:97:23:e3:15:9f:3d:5d:98:9d:54:a9:89:1d:e0:bb:e3:dc:
41:c5:d2:ef:69:70:f5:05:f2:de:3e:8c:ff:31:c3:97:e9:32:
1c:f2:90:27:03:cb:7e:e8:22:a8:0b:54:dd:56:94:09:82:ee:
37:ae:32:99:6b:2f:21:8c:62:90:f1:1f:1e:27:be:d8:46:d5:
94:19:9c:5a:fc:88:c2:65:1d:27:08:85:5f:23:45:88:97:7f:
c9:40:67:43:47:a4:e1:66:93:98:24:11:47:5e:85:e4:af:78:
82:46:d8:af:ae:43:3a:a1:eb:ee:0d:c8:d1:29:57:07:07:bd:
7d:b2:c1:22:6b:28:79:9c:77:d9:39:71:fd:11:5b:fa:6e:e6:
98:32:d9:aa:00:6d:31:22:ae:a1:8d:ea:61:e8:a8:f2:7e:28:
f7:18:64:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcLYckgCWrCN7JfScxpWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YTIxOTZlZjExOTIyMTE1NWUxNjgzZjg5NjdkMjU0NjI1
ZGFlNzEwHhcNMjQwMTAyMDQzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjE3ZGJlNmEyMTIxYTQ4ZTg5NWU5ZDhiZTNlYjJkYzQ0MzU0NzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH7X5whXcFEsYgptFuxmO9ukWTdA
jOU3/2UGrNkl39kWG5EAzJg/5FqHnolxhnKP1LG1rZA5AO83pYUbPSWXxdtxgIIq
jkuCR5KYefcTyYUoF/hOFaqiI8/YUxdfFbCeXdlICOUoKUAuON0gFfxvmRpO8rXz
wKHy+xtiiaywbMNPOaJXPgbUNa2iU3ik0lAMs876TSrWX/xz5GSuzMvi5K5SakdK
jc12BByM5mXdKTneo6U5skna6G/AjQLodv3FL9OPpJ7/dcIg/tUMPJoCYa6ZzocB
JdDNpY3RmfxCj7BQ/Nq4FtHgCJ4UbrPtuiHD+L5e6GcIDRpdGw0XFQFk2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIX2+aiEhpI6JXp2L4+stxENUchMB8GA1UdIwQY
MBaAFNWiGW7xGSIRVeFoP4ln0lRiXa5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWFJWmJ2RVpJaEZWNFdnX2lXZlNWR0pkcm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iMDYzMzctNjUxNy00MDBiLThjYjUt
N2FmYTBiY2Q3OTc2LzEvMGhmYjVxSVNHa2pvbGVuWXZqNnkzRVExUnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iMDYzMzctNjUxNy00MDBiLThjYjUtN2FmYTBiY2Q3OTc2
LzEvMWFJWmJ2RVpJaEZWNFdnX2lXZlNWR0pkcm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvFwgMA0G
CSqGSIb3DQEBCwUAA4IBAQB52wuzo5lRe/n7LcxJanYp5tX5gW3KVhLJY+5gTX4q
U409/DubTXJSXK0thl7+rNt3j0z4ts/rKmLIHliXTcUvGN7TOSbD9KEbQk6gGWGC
wXqIvTDDrJdDfyUSlyPjFZ89XZidVKmJHeC749xBxdLvaXD1BfLePoz/McOX6TIc
8pAnA8t+6CKoC1TdVpQJgu43rjKZay8hjGKQ8R8eJ77YRtWUGZxa/IjCZR0nCIVf
I0WIl3/JQGdDR6ThZpOYJBFHXoXkr3iCRtivrkM6oevuDcjRKVcHB719ssEiayh5
nHfZOXH9EVv6buaYMtmqAG0xIq6hjeph6Kjyfij3GGTm
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:33:49 2024 by rpki-client on console-ams.rpki-client.org