Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/HlsK-FIZqTvxjcPQUSE_EVPJb2M.roa
File: HlsK-FIZqTvxjcPQUSE_EVPJb2M.roa (raw, json)
Hash identifier: mKoq8Cl1k+G2HofMb8Q8i9Pid5qkOPAftonxuH5W7k0=
Subject key identifier: 1E:5B:0A:F8:52:19:A9:3B:F1:8D:C3:D0:51:21:3F:11:53:C9:6F:63
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012422134BFA3136141A81AEC9163F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/HlsK-FIZqTvxjcPQUSE_EVPJb2M.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.226.0/24 maxlen: 24
159.148.134.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:24:22:13:4b:fa:31:36:14:1a:81:ae:c9:16:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e5b0af85219a93bf18dc3d051213f1153c96f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:53:8a:be:b6:e4:3c:5e:5b:db:fd:8b:a3:
c8:ed:7f:72:a6:20:c4:ee:95:a5:27:fb:df:23:22:
13:51:dd:db:e5:b4:23:64:5a:a0:fb:71:a9:83:c6:
4b:14:92:e7:aa:43:40:35:f4:e6:30:24:ae:d2:7e:
5f:ef:f4:1f:35:78:3f:80:c6:ed:ad:8f:81:aa:83:
1f:72:cd:80:da:6e:3f:d1:e7:35:26:9e:b9:1b:68:
5e:1f:d4:9c:1f:fd:87:04:e1:58:d1:bc:f0:5a:e5:
62:df:ca:2c:73:0c:59:7b:4a:d8:fe:87:fb:86:b8:
97:a1:65:8c:33:fc:bd:97:f6:0e:a5:17:c8:d3:b7:
f4:d2:b7:e3:ad:e2:9f:e3:09:18:9a:73:93:33:37:
d1:e9:8c:94:ed:35:9e:a4:b5:7d:32:4c:16:a0:a5:
35:3e:be:4c:da:be:cc:be:c8:af:8e:ff:5f:f3:8a:
7f:25:9c:7e:71:ba:f4:57:9c:67:ef:5e:b7:8b:2a:
fe:c5:25:74:d5:5a:f0:6c:b3:37:d1:77:12:b4:43:
30:26:29:02:8e:86:bd:79:ef:47:45:9f:1f:25:2e:
b0:ee:80:c5:b7:48:53:5c:07:45:ec:08:a9:27:c7:
26:2e:69:39:55:8e:ee:66:c5:6a:7e:b3:5d:78:e1:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5B:0A:F8:52:19:A9:3B:F1:8D:C3:D0:51:21:3F:11:53:C9:6F:63
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/HlsK-FIZqTvxjcPQUSE_EVPJb2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.226.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:89:89:6f:9b:eb:4f:04:2f:2a:43:38:42:87:a1:9b:5f:91:
b4:73:b2:4e:b7:78:61:c2:32:a5:3a:15:30:b8:d0:91:d6:03:
00:12:65:1b:ee:84:01:ee:d5:4e:d5:63:75:65:85:8a:ad:ed:
28:9f:a0:91:52:11:ed:f1:0a:8d:28:aa:a7:5b:d0:89:46:d1:
92:9f:69:df:79:ab:a7:a6:7e:c3:2a:2f:22:98:32:87:eb:a5:
d4:07:0b:0c:0f:2f:16:c6:fc:11:bb:d7:87:b9:2d:c6:90:48:
32:3d:63:7b:9b:6f:09:b1:b8:c1:ae:3f:87:f1:6f:7a:f8:87:
c7:83:4a:75:75:7e:5f:6e:ed:fa:52:f8:52:8c:4f:46:cc:42:
e8:0e:33:f5:75:6d:62:ca:09:65:b9:da:27:2a:09:d3:59:2a:
18:8b:6d:44:f3:64:4f:d0:23:1d:f4:0c:cd:64:38:73:2c:72:
36:39:48:51:69:63:69:2e:b0:94:0d:a5:95:61:17:79:0b:c6:
bf:e3:06:44:e5:08:ef:10:5f:08:86:b1:97:64:96:0f:92:61:
91:c1:b5:70:7d:55:1d:c6:38:cc:b1:08:8e:ce:2b:ef:fb:d7:
2f:a7:71:f6:de:d0:bc:77:a6:70:9a:7f:44:26:3f:48:95:7f:
3b:24:df:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIASQiE0v6MTYUGoGuyRY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTViMGFmODUyMTlhOTNiZjE4ZGMzZDA1MTIxM2YxMTUzYzk2ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoZTir625DxeW9v9i6PI7X9ypiDE
7pWlJ/vfIyITUd3b5bQjZFqg+3Gpg8ZLFJLnqkNANfTmMCSu0n5f7/QfNXg/gMbt
rY+BqoMfcs2A2m4/0ec1Jp65G2heH9ScH/2HBOFY0bzwWuVi38oscwxZe0rY/of7
hriXoWWMM/y9l/YOpRfI07f00rfjreKf4wkYmnOTMzfR6YyU7TWepLV9MkwWoKU1
Pr5M2r7Mvsivjv9f84p/JZx+cbr0V5xn7163iyr+xSV01VrwbLM30XcStEMwJikC
joa9ee9HRZ8fJS6w7oDFt0hTXAdF7AipJ8cmLmk5VY7uZsVqfrNdeOHoRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB5bCvhSGak78Y3D0FEhPxFTyW9jMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSGxzSy1GSVpxVHZ4amNQUVVTRV9FVlBKYjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4AwQAn5TiMA0GCSqGSIb3DQEBCwUAA4IBAQAciYlvm+tP
BC8qQzhCh6GbX5G0c7JOt3hhwjKlOhUwuNCR1gMAEmUb7oQB7tVO1WN1ZYWKre0o
n6CRUhHt8QqNKKqnW9CJRtGSn2nfeaunpn7DKi8imDKH66XUBwsMDy8WxvwRu9eH
uS3GkEgyPWN7m28JsbjBrj+H8W96+IfHg0p1dX5fbu36UvhSjE9GzELoDjP1dW1i
yglludonKgnTWSoYi21E82RP0CMd9AzNZDhzLHI2OUhRaWNpLrCUDaWVYRd5C8a/
4wZE5QjvEF8IhrGXZJYPkmGRwbVwfVUdxjjMsQiOzivv+9cvp3H23tC8d6Zwmn9E
Jj9IlX87JN+W
-----END CERTIFICATE-----
Generated at Wed May 1 19:35:53 2024 by rpki-client on console-fra.rpki-client.org