Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ho24W8vGEGNxE60izaY5n1fM4TA.roa
File: ho24W8vGEGNxE60izaY5n1fM4TA.roa (raw, json)
Hash identifier: kk8D0GXhL8iOzLjjhZgdMtTnrQ9AhX3Yz+v1Nej/XAU=
Subject key identifier: 86:8D:B8:5B:CB:C6:10:63:71:13:AD:22:CD:A6:39:9F:57:CC:E1:30
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D0D971F67033902CD2C91B49175A7
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ho24W8vGEGNxE60izaY5n1fM4TA.roa
Signing time: Tue 02 Jan 2024 08:31:59 +0000
ROA not before: Tue 02 Jan 2024 08:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210633
IP address blocks: 2a0a:280:1a00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:0d:97:1f:67:03:39:02:cd:2c:91:b4:91:75:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=868db85bcbc610637113ad22cda6399f57cce130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:03:a7:c1:a8:99:6c:3d:f4:d1:4d:47:d7:
63:df:a7:8b:e4:39:c7:f3:5f:9e:75:f5:25:1c:6f:
c0:68:36:21:ed:fa:26:4e:13:b1:21:f9:c6:6a:e5:
a0:e4:e2:47:52:eb:32:41:6e:37:24:dd:42:6b:af:
ca:07:84:9c:3b:1f:2c:4b:a7:f0:96:d8:8c:39:35:
51:74:7b:98:e9:21:82:57:ae:a7:87:09:e0:3a:08:
c0:98:51:db:af:de:ac:4c:45:bb:a1:4d:8c:4e:78:
3c:ee:72:df:a6:c6:89:57:5b:db:61:34:e8:bb:bf:
09:a4:8d:50:9f:71:3d:cc:4a:09:03:28:a7:f7:d9:
a5:62:fd:7b:07:9b:54:2f:5a:a0:39:5a:61:46:40:
66:af:cd:f0:31:1c:53:23:0e:53:2e:bf:07:0e:a2:
6b:4d:c3:0c:e1:97:72:50:44:a5:60:f3:b9:b8:a1:
3d:21:96:75:37:97:02:7e:db:1a:1a:57:df:e1:58:
49:79:38:0d:a6:92:67:91:f6:d7:31:42:f2:3d:34:
34:6e:2f:09:88:4c:e0:b9:b0:cb:ac:b6:35:96:df:
1b:ca:8d:a4:56:1a:52:59:1c:da:25:81:44:cb:14:
c5:25:27:ab:73:66:e4:95:4e:84:77:fa:19:ec:38:
04:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8D:B8:5B:CB:C6:10:63:71:13:AD:22:CD:A6:39:9F:57:CC:E1:30
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/ho24W8vGEGNxE60izaY5n1fM4TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1a00::/40
Signature Algorithm: sha256WithRSAEncryption
7d:9b:24:cb:da:df:7c:b6:8e:71:4d:57:a2:f7:8c:50:81:4c:
46:e9:b6:98:25:77:3e:f9:39:da:ba:56:d5:25:9e:db:c9:a1:
4e:4b:d5:cf:35:e3:2c:eb:40:3d:e8:76:f6:6a:45:de:b6:b8:
7c:2e:04:d2:da:dc:9e:0b:6d:71:09:e1:ae:58:db:f6:99:e4:
8b:94:48:be:bd:1e:7a:b5:f7:e9:d8:bd:ed:7c:12:0b:91:db:
d1:19:63:15:9e:40:56:57:29:18:c3:0b:1e:e4:2f:38:b5:8d:
40:6e:a3:a7:74:ba:46:d8:0a:e8:1b:23:59:58:05:9b:22:2b:
c2:73:c1:e5:4d:4c:ad:9e:53:a8:f6:66:0d:ff:fd:af:af:fa:
9e:ab:d8:19:34:60:4a:eb:67:ea:55:96:2b:ce:7a:cc:77:ee:
f6:29:8a:a7:3e:39:a8:dd:9d:d1:4d:5b:ab:9b:38:d1:f4:bb:
02:74:e5:e6:95:10:b3:d2:29:68:98:2b:44:e9:ae:42:29:ab:
98:95:a1:a7:4e:6a:01:7b:c7:ce:38:ef:93:58:46:fa:b3:e1:
41:6c:80:d5:1f:fb:2d:6a:9e:99:c1:4d:52:a9:88:42:66:14:
19:bf:d1:31:61:d8:90:ac:9c:e2:ad:39:01:c6:d0:b6:1d:50:
c4:da:75:b3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTQ2XH2cDOQLNLJG0kXWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhkYjg1YmNiYzYxMDYzNzExM2FkMjJjZGE2Mzk5ZjU3Y2NlMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIIDp8GomWw99NFNR9dj36eL5DnH
81+edfUlHG/AaDYh7fomThOxIfnGauWg5OJHUusyQW43JN1Ca6/KB4ScOx8sS6fw
ltiMOTVRdHuY6SGCV66nhwngOgjAmFHbr96sTEW7oU2MTng87nLfpsaJV1vbYTTo
u78JpI1Qn3E9zEoJAyin99mlYv17B5tUL1qgOVphRkBmr83wMRxTIw5TLr8HDqJr
TcMM4ZdyUESlYPO5uKE9IZZ1N5cCftsaGlff4VhJeTgNppJnkfbXMULyPTQ0bi8J
iEzgubDLrLY1lt8byo2kVhpSWRzaJYFEyxTFJSerc2bklU6Ed/oZ7DgEowIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIaNuFvLxhBjcROtIs2mOZ9XzOEwMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvaG8yNFc4dkdFR054RTYwaXphWTVuMWZNNFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBow
DQYJKoZIhvcNAQELBQADggEBAH2bJMva33y2jnFNV6L3jFCBTEbptpgldz75Odq6
VtUlntvJoU5L1c814yzrQD3odvZqRd62uHwuBNLa3J4LbXEJ4a5Y2/aZ5IuUSL69
Hnq19+nYve18EguR29EZYxWeQFZXKRjDCx7kLzi1jUBuo6d0ukbYCugbI1lYBZsi
K8JzweVNTK2eU6j2Zg3//a+v+p6r2Bk0YErrZ+pVlivOesx37vYpiqc+OajdndFN
W6ubONH0uwJ05eaVELPSKWiYK0TprkIpq5iVoadOagF7x84475NYRvqz4UFsgNUf
+y1qnpnBTVKpiEJmFBm/0TFh2JCsnOKtOQHG0LYdUMTadbM=
-----END CERTIFICATE-----
Generated at Mon May 20 17:31:27 2024 by rpki-client on console-fra.rpki-client.org