Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/HASr_IsSqNH38LLp4UsLt8zR7LI.roa
File: HASr_IsSqNH38LLp4UsLt8zR7LI.roa (raw, json)
Hash identifier: zThxE4Zfm44LkdQbKvwBSupZldhMTh8aPg99Wzp6grs=
Subject key identifier: 1C:04:AB:FC:8B:12:A8:D1:F7:F0:B2:E9:E1:4B:0B:B7:CC:D1:EC:B2
Certificate issuer: /CN=8fd26ad6f91ba4472814bae484a8df1f634c3341
Certificate serial: 018CC2DACB34881A9FC45060116ED7A9F1AD
Authority key identifier: 8F:D2:6A:D6:F9:1B:A4:47:28:14:BA:E4:84:A8:DF:1F:63:4C:33:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/HASr_IsSqNH38LLp4UsLt8zR7LI.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200019
IP address blocks: 176.123.0.0/21 maxlen: 21
176.123.1.0/24 maxlen: 24
176.123.2.0/24 maxlen: 24
176.123.3.0/24 maxlen: 24
176.123.4.0/24 maxlen: 24
176.123.0.0/24 maxlen: 24
176.123.8.0/24 maxlen: 24
176.123.8.0/22 maxlen: 22
176.123.9.0/24 maxlen: 24
176.123.10.0/24 maxlen: 24
176.123.11.0/24 maxlen: 24
176.123.5.0/24 maxlen: 24
176.123.6.0/24 maxlen: 24
176.123.7.0/24 maxlen: 24
2001:678:6d4::/48 maxlen: 48
2001:678:6d4:9990::/60 maxlen: 60
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cb:34:88:1a:9f:c4:50:60:11:6e:d7:a9:f1:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fd26ad6f91ba4472814bae484a8df1f634c3341
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c04abfc8b12a8d1f7f0b2e9e14b0bb7ccd1ecb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:99:62:f6:07:40:fe:74:09:d9:14:2c:39:60:
96:74:28:17:85:84:aa:31:25:80:bb:09:c3:b6:d9:
a5:9d:bf:bd:ad:df:9a:a4:08:62:7c:5c:fe:9a:b9:
5f:22:cc:99:44:93:72:c7:80:f3:59:fc:79:d7:a4:
cd:d5:5f:52:73:cd:c2:b1:2f:48:c4:8f:6b:73:95:
1a:a7:84:b3:bb:be:a4:6c:f8:5f:f0:01:76:8c:da:
b0:6e:47:49:ad:4a:92:c2:43:b5:31:d0:84:e6:c3:
b9:e2:d9:26:b1:05:d0:c4:9e:59:96:d8:37:5a:bb:
da:10:56:0e:a8:0c:75:74:e0:7c:a7:c6:c1:39:ed:
ef:df:95:d5:7f:18:b8:28:b0:27:f4:a5:1a:f0:c8:
47:0c:5f:a1:de:0b:83:c3:37:26:2f:6e:78:9c:49:
42:3d:25:24:42:c0:2b:d2:71:10:38:17:22:67:e1:
13:2c:cf:07:6b:72:13:d5:e8:a8:c4:07:5e:5c:ee:
27:76:60:2f:c0:0c:38:b1:4e:60:50:b3:e8:23:f0:
41:c3:e8:64:ae:56:53:d5:96:60:c6:1b:ea:46:97:
74:12:ca:9e:1f:7e:cf:f9:57:9c:5d:9b:b9:9b:ba:
39:e7:a8:3f:73:ec:71:33:7a:d7:93:36:33:68:ec:
a6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:04:AB:FC:8B:12:A8:D1:F7:F0:B2:E9:E1:4B:0B:B7:CC:D1:EC:B2
X509v3 Authority Key Identifier:
keyid:8F:D2:6A:D6:F9:1B:A4:47:28:14:BA:E4:84:A8:DF:1F:63:4C:33:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/HASr_IsSqNH38LLp4UsLt8zR7LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cdad8f-b919-45d1-af18-63742d19a012/1/j9Jq1vkbpEcoFLrkhKjfH2NMM0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.0.0-176.123.11.255
IPv6:
2001:678:6d4::/48
Signature Algorithm: sha256WithRSAEncryption
66:38:e0:e3:ca:e2:dd:65:e5:c0:dd:75:ea:8c:bc:3d:cc:58:
51:88:73:67:16:43:0e:7d:0d:54:2b:41:85:b6:49:a9:2c:2f:
4d:ae:98:6d:e0:ab:2f:4f:cf:45:14:6f:55:ed:2e:48:b1:cb:
15:39:6a:84:d9:ce:95:91:ac:fe:5b:f9:16:bb:12:d1:44:ea:
31:04:7f:12:ed:a0:42:20:35:2c:d2:6f:7c:4b:61:f9:b7:fe:
f0:d2:16:f1:50:91:11:8e:6b:e4:ea:65:3e:c1:bc:78:5c:22:
b1:50:1f:89:5f:b0:53:a1:1a:5f:c6:17:9c:64:12:c9:54:aa:
90:b0:65:f7:69:f6:02:64:ec:b6:8c:e1:b9:f9:9d:a9:6f:07:
ed:7d:93:5c:ff:3f:e5:4e:6f:c2:71:12:fb:cb:9b:0c:1f:16:
d1:6e:2b:85:65:e3:d4:d5:50:ff:43:fc:63:37:69:9a:7b:63:
85:70:40:28:8c:8a:c3:7b:d9:16:ba:06:c4:cd:dc:b1:33:88:
e5:0e:d8:d8:b7:65:0a:19:30:98:59:72:a0:af:9e:8d:f1:fb:
dc:42:57:6e:d5:a1:ca:4f:8f:7e:57:54:96:44:7d:75:f9:b4:
73:26:30:6c:2e:74:b7:fe:f8:81:aa:30:9b:55:4d:95:ce:dc:
c2:30:da:74
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2ss0iBqfxFBgEW7XqfGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZDI2YWQ2ZjkxYmE0NDcyODE0YmFlNDg0YThkZjFmNjM0
YzMzNDEwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzA0YWJmYzhiMTJhOGQxZjdmMGIyZTllMTRiMGJiN2NjZDFlY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35li9gdA/nQJ2RQsOWCWdCgXhYSq
MSWAuwnDttmlnb+9rd+apAhifFz+mrlfIsyZRJNyx4DzWfx516TN1V9Sc83CsS9I
xI9rc5Uap4Szu76kbPhf8AF2jNqwbkdJrUqSwkO1MdCE5sO54tkmsQXQxJ5Zltg3
WrvaEFYOqAx1dOB8p8bBOe3v35XVfxi4KLAn9KUa8MhHDF+h3guDwzcmL254nElC
PSUkQsAr0nEQOBciZ+ETLM8Ha3IT1eioxAdeXO4ndmAvwAw4sU5gULPoI/BBw+hk
rlZT1ZZgxhvqRpd0EsqeH37P+VecXZu5m7o556g/c+xxM3rXkzYzaOymLQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBwEq/yLEqjR9/Cy6eFLC7fM0eyyMB8GA1UdIwQY
MBaAFI/Satb5G6RHKBS65ISo3x9jTDNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajlKcTF2a2JwRWNvRkxya2hLamZIMk5NTTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZGFkOGYtYjkxOS00NWQxLWFmMTgt
NjM3NDJkMTlhMDEyLzEvSEFTcl9Jc1NxTkgzOExMcDRVc0x0OHpSN0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZGFkOGYtYjkxOS00NWQxLWFmMTgtNjM3NDJkMTlhMDEy
LzEvajlKcTF2a2JwRWNvRkxya2hLamZIMk5NTTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjATBAIAATANMAsDAwCwewME
ArB7CDAPBAIAAjAJAwcAIAEGeAbUMA0GCSqGSIb3DQEBCwUAA4IBAQBmOODjyuLd
ZeXA3XXqjLw9zFhRiHNnFkMOfQ1UK0GFtkmpLC9Nrpht4KsvT89FFG9V7S5IscsV
OWqE2c6Vkaz+W/kWuxLRROoxBH8S7aBCIDUs0m98S2H5t/7w0hbxUJERjmvk6mU+
wbx4XCKxUB+JX7BToRpfxhecZBLJVKqQsGX3afYCZOy2jOG5+Z2pbwftfZNc/z/l
Tm/CcRL7y5sMHxbRbiuFZePU1VD/Q/xjN2mae2OFcEAojIrDe9kWugbEzdyxM4jl
DtjYt2UKGTCYWXKgr56N8fvcQldu1aHKT49+V1SWRH11+bRzJjBsLnS3/viBqjCb
VU2VztzCMNp0
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:35:09 2024 by rpki-client on console-fra.rpki-client.org