Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/hpHYExC3-pm-3v7RBv6n8yV1wA0.roa
File: hpHYExC3-pm-3v7RBv6n8yV1wA0.roa (raw, json)
Hash identifier: HmwlHUwA1p+CCgoAjw2kD9AUjQ/5efUukTGGhpsrcQ0=
Subject key identifier: 86:91:D8:13:10:B7:FA:99:BE:DE:FE:D1:06:FE:A7:F3:25:75:C0:0D
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCE2F33829D014A34CB2C9AF0DC756
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/hpHYExC3-pm-3v7RBv6n8yV1wA0.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57378
IP address blocks: 2a02:2698:6000::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e2:f3:38:29:d0:14:a3:4c:b2:c9:af:0d:c7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8691d81310b7fa99bedefed106fea7f32575c00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fd:b9:40:d2:78:9d:0a:c6:d9:db:a2:4d:f8:
46:ca:4a:d9:50:d7:63:bf:b4:a7:5c:e3:9e:b1:6b:
ad:13:27:42:a2:f7:80:e9:4d:dd:c9:d8:e2:58:76:
fb:29:0f:75:a5:9b:a0:ed:a5:20:93:a3:6e:da:c8:
75:23:35:84:c6:86:10:33:c1:69:39:d4:f7:8a:55:
0f:63:a9:99:6c:58:f0:13:bc:0f:37:73:3c:22:33:
38:e6:0b:76:83:d4:a9:98:a6:e1:e6:f6:bb:61:05:
c9:a1:b8:a5:35:a0:9e:bc:05:52:a3:a5:73:fe:d6:
6e:5f:ed:36:6e:59:7a:62:79:7a:88:1c:79:3b:93:
5a:54:56:5b:90:ea:6a:17:1d:d5:ac:eb:f6:4d:93:
65:39:d6:98:91:02:b1:27:14:8b:61:1e:12:9a:07:
b9:b4:b6:17:9e:a9:ab:31:b2:eb:ca:0f:6d:4a:d5:
cf:67:57:5d:dc:ea:d3:72:82:c1:11:62:26:1e:54:
bb:92:30:84:15:07:e2:89:e4:ee:9c:9a:0d:22:b1:
79:0b:1f:b0:76:ee:a7:fd:96:0e:1c:fe:48:bc:24:
38:3b:98:89:a4:2d:6e:6b:aa:d1:07:95:56:dd:72:
8f:8e:13:60:23:8e:e2:e6:41:e0:0b:4c:64:71:83:
d8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:91:D8:13:10:B7:FA:99:BE:DE:FE:D1:06:FE:A7:F3:25:75:C0:0D
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/hpHYExC3-pm-3v7RBv6n8yV1wA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6000::/38
Signature Algorithm: sha256WithRSAEncryption
4a:78:f2:24:a3:9a:ef:dc:a1:f1:49:b6:ac:0c:15:45:47:19:
a1:6e:f5:7b:02:b1:eb:93:cc:6c:02:a7:f2:3e:65:f1:1b:b5:
5d:e9:ea:65:d6:fa:d1:0d:ad:99:ab:ad:74:98:54:b1:ac:24:
b4:ba:95:d4:fb:19:2c:2d:3f:b8:0f:0c:85:04:b1:8d:21:93:
94:5a:21:ba:15:b1:e2:56:70:c3:56:bd:41:b0:dd:f4:7b:74:
00:e8:d1:5f:d2:df:99:03:34:6b:63:a4:11:15:7a:d3:d2:06:
65:08:d0:1f:26:1d:9b:16:35:d6:0f:02:38:b9:c8:73:3c:25:
66:45:51:98:f1:ce:6a:d5:5e:ba:ad:d5:f9:cf:7d:13:14:2f:
28:00:63:7b:5c:33:1f:d0:61:9b:38:79:80:c6:84:66:b7:c7:
4e:88:2d:a1:10:57:f3:e8:67:aa:e7:9c:93:cd:d5:ce:95:42:
07:78:a0:e9:60:3a:79:91:c3:a2:67:a4:94:c6:87:89:57:10:
9c:a9:8a:6a:19:bf:37:40:ef:b5:ed:f9:a5:66:74:1e:a6:9e:
19:90:85:10:cd:f7:5e:25:ff:05:37:6e:e3:bc:e5:d5:44:af:
a4:83:2e:47:37:63:1e:79:63:de:8d:d6:99:24:56:ce:06:26:
b7:e5:fd:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJvOLzOCnQFKNMssmvDcdWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjkxZDgxMzEwYjdmYTk5YmVkZWZlZDEwNmZlYTdmMzI1NzVjMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv25QNJ4nQrG2duiTfhGykrZUNdj
v7SnXOOesWutEydCoveA6U3dydjiWHb7KQ91pZug7aUgk6Nu2sh1IzWExoYQM8Fp
OdT3ilUPY6mZbFjwE7wPN3M8IjM45gt2g9SpmKbh5va7YQXJobilNaCevAVSo6Vz
/tZuX+02bll6Ynl6iBx5O5NaVFZbkOpqFx3VrOv2TZNlOdaYkQKxJxSLYR4Smge5
tLYXnqmrMbLryg9tStXPZ1dd3OrTcoLBEWImHlS7kjCEFQfiieTunJoNIrF5Cx+w
du6n/ZYOHP5IvCQ4O5iJpC1ua6rRB5VW3XKPjhNgI47i5kHgC0xkcYPYpQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIaR2BMQt/qZvt7+0Qb+p/MldcANMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvaHBIWUV4QzMtcG0tM3Y3UkJ2Nm44eVYxd0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGAw
DQYJKoZIhvcNAQELBQADggEBAEp48iSjmu/cofFJtqwMFUVHGaFu9XsCseuTzGwC
p/I+ZfEbtV3p6mXW+tENrZmrrXSYVLGsJLS6ldT7GSwtP7gPDIUEsY0hk5RaIboV
seJWcMNWvUGw3fR7dADo0V/S35kDNGtjpBEVetPSBmUI0B8mHZsWNdYPAji5yHM8
JWZFUZjxzmrVXrqt1fnPfRMULygAY3tcMx/QYZs4eYDGhGa3x06ILaEQV/PoZ6rn
nJPN1c6VQgd4oOlgOnmRw6JnpJTGh4lXEJypimoZvzdA77Xt+aVmdB6mnhmQhRDN
914l/wU3buO85dVEr6SDLkc3Yx55Y96N1pkkVs4GJrfl/YQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:31 2024 by rpki-client on console-fra.rpki-client.org