Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/0xAZv2IVXjAgHkUloAAoLxfhuyA.roa
File: 0xAZv2IVXjAgHkUloAAoLxfhuyA.roa (raw, json)
Hash identifier: lhj8nUjJCaeL5SXp3QWYiYfocU/U/BehwDTiRkknZ4c=
Subject key identifier: D3:10:19:BF:62:15:5E:30:20:1E:45:25:A0:00:28:2F:17:E1:BB:20
Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial: 018CC7958093FA95C168B68FFE748DE69D1E
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/0xAZv2IVXjAgHkUloAAoLxfhuyA.roa
Signing time: Tue 02 Jan 2024 00:31:52 +0000
ROA not before: Tue 02 Jan 2024 00:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 185.40.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:80:93:fa:95:c1:68:b6:8f:fe:74:8d:e6:9d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
Validity
Not Before: Jan 2 00:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d31019bf62155e30201e4525a000282f17e1bb20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:70:6e:41:f0:20:6d:03:37:17:c3:3e:b8:5c:
39:04:14:3a:3b:07:e1:d3:c4:ff:16:e0:de:fe:71:
ed:89:82:84:2b:9c:c6:90:47:4f:0b:95:10:f0:95:
16:e4:08:10:12:af:f9:f1:94:66:35:df:98:9c:a5:
72:66:02:c5:ed:e6:87:34:a8:ba:c6:08:c9:29:65:
3d:93:41:5a:bb:9a:7f:49:42:76:93:75:0c:f2:dd:
85:b3:8e:70:b9:87:62:82:6a:e5:b8:71:57:34:a6:
91:bd:10:6b:53:b9:d2:01:a6:39:a8:f7:d5:a8:90:
78:32:60:58:ac:87:30:49:11:d4:73:ed:0a:fe:a8:
8c:41:3f:4b:d6:1f:f3:c7:fc:96:b3:29:27:f0:14:
e7:c3:d9:b3:78:73:cb:d4:c9:dc:53:f8:68:af:92:
94:4d:11:35:67:de:9e:b4:07:0a:30:0b:4d:fd:41:
f7:ef:56:a5:3d:7f:f6:14:d7:18:a0:36:1d:b0:a2:
e6:48:e8:b2:02:e9:1b:6c:d9:d4:49:45:9e:5c:a8:
69:73:48:0f:bf:79:68:04:56:20:c5:ec:27:1e:0b:
06:b8:a4:4b:83:50:84:55:19:6f:9b:a8:5e:20:78:
b2:1d:ae:1e:92:c8:bc:77:fd:3a:34:5c:ce:83:a5:
7a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:10:19:BF:62:15:5E:30:20:1E:45:25:A0:00:28:2F:17:E1:BB:20
X509v3 Authority Key Identifier:
keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/0xAZv2IVXjAgHkUloAAoLxfhuyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.72.0/22
Signature Algorithm: sha256WithRSAEncryption
16:8d:52:76:01:39:5a:f4:ea:88:b2:b2:16:0d:5c:59:40:cb:
1b:0c:ad:dd:b2:a6:6b:33:37:f7:db:7f:f3:8e:14:06:a9:82:
18:00:3a:f0:b7:c2:a8:a8:18:2c:61:36:d3:56:28:7f:7b:ea:
7d:28:76:95:1d:2f:fd:81:ef:5b:65:6f:62:27:7b:ff:3d:fd:
a6:c5:4d:26:b0:81:49:f6:ff:b6:4b:8a:d2:31:b2:3c:e1:eb:
7c:b7:dd:f7:cd:98:c1:e6:65:9b:20:10:22:c5:58:d1:54:44:
17:1d:a0:19:7c:98:26:19:ec:7c:c6:7b:51:2b:b3:c8:37:08:
20:da:32:40:08:2c:a8:4b:9b:83:ea:02:d7:2e:e4:36:5d:c9:
fb:ea:83:ae:32:bb:02:cf:6b:a0:cc:25:9e:d1:9b:c4:34:cf:
b1:c5:66:aa:d1:17:30:93:e9:24:3e:61:6d:2a:d9:6a:37:b6:
ef:7b:11:87:17:82:bf:9d:d4:d6:31:64:ae:06:de:0b:49:34:
0d:77:7d:d6:7d:b5:60:8b:57:3f:50:dc:1c:f1:88:fd:f8:f1:
a2:15:7c:45:f4:65:92:49:06:33:7e:65:4a:0f:3d:d0:1f:02:
a6:2e:e9:dd:68:29:63:14:c4:88:3e:8a:12:e0:d6:f2:15:a4:
48:76:8c:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlYCT+pXBaLaP/nSN5p0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjQwMTAyMDAzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzEwMTliZjYyMTU1ZTMwMjAxZTQ1MjVhMDAwMjgyZjE3ZTFiYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHBuQfAgbQM3F8M+uFw5BBQ6Owfh
08T/FuDe/nHtiYKEK5zGkEdPC5UQ8JUW5AgQEq/58ZRmNd+YnKVyZgLF7eaHNKi6
xgjJKWU9k0Fau5p/SUJ2k3UM8t2Fs45wuYdigmrluHFXNKaRvRBrU7nSAaY5qPfV
qJB4MmBYrIcwSRHUc+0K/qiMQT9L1h/zx/yWsykn8BTnw9mzeHPL1MncU/hor5KU
TRE1Z96etAcKMAtN/UH371alPX/2FNcYoDYdsKLmSOiyAukbbNnUSUWeXKhpc0gP
v3loBFYgxewnHgsGuKRLg1CEVRlvm6heIHiyHa4eksi8d/06NFzOg6V68QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMQGb9iFV4wIB5FJaAAKC8X4bsgMB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvMHhBWnYySVZYakFnSGtVbG9BQW9MeGZodXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuShIMA0G
CSqGSIb3DQEBCwUAA4IBAQAWjVJ2ATla9OqIsrIWDVxZQMsbDK3dsqZrMzf323/z
jhQGqYIYADrwt8KoqBgsYTbTVih/e+p9KHaVHS/9ge9bZW9iJ3v/Pf2mxU0msIFJ
9v+2S4rSMbI84et8t933zZjB5mWbIBAixVjRVEQXHaAZfJgmGex8xntRK7PINwgg
2jJACCyoS5uD6gLXLuQ2Xcn76oOuMrsCz2ugzCWe0ZvENM+xxWaq0Rcwk+kkPmFt
KtlqN7bvexGHF4K/ndTWMWSuBt4LSTQNd33WfbVgi1c/UNwc8Yj9+PGiFXxF9GWS
SQYzfmVKDz3QHwKmLundaCljFMSIPooS4NbyFaRIdoyq
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:55 2024 by rpki-client on console-ams.rpki-client.org