Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/hbXwf9wNoFv8xGRSX2sgDFM19h4.roa
File: hbXwf9wNoFv8xGRSX2sgDFM19h4.roa (raw, json)
Hash identifier: jyNu6uWNCmnMr4yAFoYR6ItA8qzLp8ZLELjkXagoKo8=
Subject key identifier: 85:B5:F0:7F:DC:0D:A0:5B:FC:C4:64:52:5F:6B:20:0C:53:35:F6:1E
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D0B1BA433CB2E5185A084556F7F84
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/hbXwf9wNoFv8xGRSX2sgDFM19h4.roa
Signing time: Tue 02 Jan 2024 08:31:58 +0000
ROA not before: Tue 02 Jan 2024 08:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204693
IP address blocks: 2a0a:280:2500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:0b:1b:a4:33:cb:2e:51:85:a0:84:55:6f:7f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85b5f07fdc0da05bfcc464525f6b200c5335f61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a6:89:fe:4c:71:00:82:95:5a:70:94:4d:28:
f2:31:d3:1b:c3:f0:bc:d3:88:57:33:e5:8f:fc:37:
b9:69:30:e4:91:c5:9f:de:04:ca:b6:f2:c6:8c:9f:
07:1c:e6:93:66:a5:d3:e3:39:c3:e4:b8:fa:6b:28:
81:e2:82:9c:de:ff:d5:39:ca:92:55:12:91:5d:a5:
0e:94:40:ef:40:88:cc:2c:45:9f:c4:38:0e:45:f7:
8f:56:6c:7e:e5:11:2d:8a:2c:b9:77:f4:d5:36:03:
7b:27:8a:32:e0:58:6a:41:f8:40:c1:04:c2:d9:af:
fe:c5:31:6d:eb:9a:40:b1:58:9d:d7:4f:44:5c:b3:
3e:1b:18:c7:ad:5b:46:cd:1d:0c:97:d9:e5:d0:c8:
11:bc:c7:f3:f6:f7:46:68:9f:90:02:9c:67:9d:2a:
30:b0:d0:b5:15:4d:4a:ea:9c:99:7e:ae:85:57:b8:
d2:ca:02:fa:c3:81:63:60:9c:30:e2:91:67:cf:af:
58:15:d8:84:f9:bb:4d:95:fd:9a:96:83:eb:04:32:
25:2d:75:ba:d2:5c:6f:c0:33:c7:18:74:a1:14:8b:
ae:8d:ce:09:b5:a3:43:71:9f:92:89:f1:96:d1:da:
f9:19:96:17:64:b2:5b:06:f9:0e:10:82:98:d7:de:
5d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B5:F0:7F:DC:0D:A0:5B:FC:C4:64:52:5F:6B:20:0C:53:35:F6:1E
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/hbXwf9wNoFv8xGRSX2sgDFM19h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:2500::/40
Signature Algorithm: sha256WithRSAEncryption
a5:07:2d:34:2d:b3:20:f4:9e:20:82:56:6f:e2:ff:6a:e9:19:
35:a8:1c:86:36:7a:3c:8e:2a:51:ce:d2:fd:6e:df:c0:85:cf:
18:50:2c:20:5b:3a:a2:16:b0:6f:48:4e:11:0b:7e:99:52:96:
00:13:b9:f9:77:5f:06:46:93:23:43:ce:29:06:06:3f:56:70:
ac:9e:99:d0:74:5f:b6:6d:40:a8:cf:84:a4:cc:23:12:cb:c3:
99:5e:61:4e:71:77:47:e4:e7:b2:92:cd:4f:be:3c:1f:72:37:
a1:f9:03:5d:29:e2:32:83:7c:95:67:52:26:a3:25:e5:8d:e0:
cf:19:24:1f:af:10:97:d3:b1:30:5f:d2:72:df:52:56:ee:89:
e6:1f:ef:1a:76:4e:36:61:be:92:bb:eb:30:9b:64:0a:26:77:
8e:f6:f9:0c:24:ed:c1:f4:1f:5d:43:eb:1c:ed:8e:36:fd:cd:
13:58:e0:67:99:be:cd:cc:1d:8a:3b:fd:2a:9c:3b:10:f6:5d:
fb:de:cc:a6:5a:87:8f:0b:93:56:a7:9e:18:f3:a4:51:87:79:
a5:b2:71:92:ea:8f:19:61:ec:fd:7c:08:7b:fe:e2:e9:b7:89:
40:29:0e:1a:e2:ca:6e:f8:5d:c1:c3:f0:38:15:3a:96:d5:20:
e5:cc:c5:3d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTQsbpDPLLlGFoIRVb3+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI1ZjA3ZmRjMGRhMDViZmNjNDY0NTI1ZjZiMjAwYzUzMzVmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqaJ/kxxAIKVWnCUTSjyMdMbw/C8
04hXM+WP/De5aTDkkcWf3gTKtvLGjJ8HHOaTZqXT4znD5Lj6ayiB4oKc3v/VOcqS
VRKRXaUOlEDvQIjMLEWfxDgORfePVmx+5REtiiy5d/TVNgN7J4oy4FhqQfhAwQTC
2a/+xTFt65pAsVid109EXLM+GxjHrVtGzR0Ml9nl0MgRvMfz9vdGaJ+QApxnnSow
sNC1FU1K6pyZfq6FV7jSygL6w4FjYJww4pFnz69YFdiE+btNlf2aloPrBDIlLXW6
0lxvwDPHGHShFIuujc4JtaNDcZ+SifGW0dr5GZYXZLJbBvkOEIKY195duwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIW18H/cDaBb/MRkUl9rIAxTNfYeMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvaGJYd2Y5d05vRnY4eEdSU1gyc2dERk0xOWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgCUw
DQYJKoZIhvcNAQELBQADggEBAKUHLTQtsyD0niCCVm/i/2rpGTWoHIY2ejyOKlHO
0v1u38CFzxhQLCBbOqIWsG9IThELfplSlgATufl3XwZGkyNDzikGBj9WcKyemdB0
X7ZtQKjPhKTMIxLLw5leYU5xd0fk57KSzU++PB9yN6H5A10p4jKDfJVnUiajJeWN
4M8ZJB+vEJfTsTBf0nLfUlbuieYf7xp2TjZhvpK76zCbZAomd472+Qwk7cH0H11D
6xztjjb9zRNY4GeZvs3MHYo7/SqcOxD2XfvezKZah48Lk1annhjzpFGHeaWycZLq
jxlh7P18CHv+4um3iUApDhriym74XcHD8DgVOpbVIOXMxT0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:06 2024 by rpki-client on console-ams.rpki-client.org