Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/hLAqg3flqZom67yghTIlpnwHSvY.roa
File: hLAqg3flqZom67yghTIlpnwHSvY.roa (raw, json)
Hash identifier: VyyZucS0GNTvaPlyrZRZol+ISIxHXpl9eGNb6/9IoJE=
Subject key identifier: 84:B0:2A:83:77:E5:A9:9A:26:EB:BC:A0:85:32:25:A6:7C:07:4A:F6
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 018CC49228B391281DFF6CB7BED5F0DEA782
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/hLAqg3flqZom67yghTIlpnwHSvY.roa
Signing time: Mon 01 Jan 2024 10:29:21 +0000
ROA not before: Mon 01 Jan 2024 10:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50028
IP address blocks: 188.93.197.0/24 maxlen: 24
2a0f:d300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:28:b3:91:28:1d:ff:6c:b7:be:d5:f0:de:a7:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Jan 1 10:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84b02a8377e5a99a26ebbca0853225a67c074af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:64:f0:53:f4:03:08:49:69:55:d7:ff:b4:
e7:5f:51:2d:96:c7:f4:74:0a:b9:ef:fe:bb:e8:80:
9d:54:b2:cf:8f:79:49:e0:3e:f8:84:30:e0:19:1e:
0b:13:b9:ec:80:67:0e:17:11:a4:45:cd:7b:93:2d:
ec:e1:d3:50:bb:b0:a6:d3:bb:20:8a:5b:a8:a2:05:
04:0f:a7:5d:fc:83:f0:2b:83:c6:a3:93:ea:57:45:
9b:60:83:9e:52:f7:9b:3c:84:9f:8c:89:cc:ec:36:
21:82:c8:0d:8e:da:42:7a:5f:96:90:f8:ea:e3:7f:
36:45:1a:fc:38:98:54:2a:80:14:ca:82:88:14:5d:
8c:bb:c6:67:15:27:a7:56:3c:cd:48:be:2f:2d:73:
51:52:89:dc:bd:27:01:31:a3:ef:b0:6e:40:88:4f:
81:ee:c3:31:53:d5:e0:5a:b5:db:be:73:19:a6:e2:
f3:ea:71:f6:ed:06:31:d4:9b:ba:23:cf:e0:b9:e0:
99:f6:7f:10:0c:1c:e5:3a:fc:87:f1:29:8e:55:a3:
b6:84:7f:79:cc:97:22:e4:48:cf:d0:ad:ec:0e:97:
d5:e3:3d:23:17:3b:a6:a5:a4:c6:af:5d:1f:11:ce:
34:63:a5:7c:4a:1c:0e:9d:52:48:8a:da:4e:a0:a9:
2e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B0:2A:83:77:E5:A9:9A:26:EB:BC:A0:85:32:25:A6:7C:07:4A:F6
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/hLAqg3flqZom67yghTIlpnwHSvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.197.0/24
IPv6:
2a0f:d300::/48
Signature Algorithm: sha256WithRSAEncryption
3a:99:01:8f:a5:a2:c1:db:b0:cc:0e:96:9c:87:f8:9d:af:a5:
53:e3:7f:31:ac:e3:93:db:4d:8c:93:fc:19:84:f6:2a:32:03:
2b:be:5f:d6:56:44:4f:e3:58:50:aa:cc:91:cf:8b:bd:24:c5:
73:35:da:0a:a0:56:1c:cb:21:72:2a:b4:29:47:81:83:7c:f2:
7b:bb:a2:3f:57:31:ee:2b:47:22:9d:e5:10:ef:95:37:eb:80:
11:48:0d:98:31:a8:2a:69:3b:73:de:cf:a5:63:8f:7a:25:a6:
65:9b:ca:0f:21:92:1a:99:a0:66:9a:c2:3f:f1:54:bd:76:df:
8d:19:f2:c4:65:d9:26:dd:64:0b:88:38:4d:be:52:3e:86:33:
92:57:d9:6a:04:45:11:fb:a6:df:dc:ea:83:d1:cb:bf:58:06:
e4:83:dc:8a:28:0b:41:e1:b4:e4:be:17:5d:62:b8:f8:67:ee:
48:66:c6:ac:c7:4f:7e:e3:99:01:df:d7:c2:2a:0a:d1:85:34:
99:ad:fc:f5:72:f3:19:1e:08:bb:a1:43:ce:cd:f0:f7:8d:b6:
9a:74:99:af:8d:ab:d0:0b:e3:fa:de:08:f6:a4:c2:29:a3:d1:
14:56:aa:42:50:ea:2a:60:76:a1:d3:1b:13:66:77:50:56:66:
65:e0:c9:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEkiizkSgd/2y3vtXw3qeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwMTAxMTAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGIwMmE4Mzc3ZTVhOTlhMjZlYmJjYTA4NTMyMjVhNjdjMDc0YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYhk8FP0AwhJaVXX/7TnX1Etlsf0
dAq57/676ICdVLLPj3lJ4D74hDDgGR4LE7nsgGcOFxGkRc17ky3s4dNQu7Cm07sg
iluoogUED6dd/IPwK4PGo5PqV0WbYIOeUvebPISfjInM7DYhgsgNjtpCel+WkPjq
4382RRr8OJhUKoAUyoKIFF2Mu8ZnFSenVjzNSL4vLXNRUoncvScBMaPvsG5AiE+B
7sMxU9XgWrXbvnMZpuLz6nH27QYx1Ju6I8/gueCZ9n8QDBzlOvyH8SmOVaO2hH95
zJci5EjP0K3sDpfV4z0jFzumpaTGr10fEc40Y6V8ShwOnVJIitpOoKkuRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISwKoN35amaJuu8oIUyJaZ8B0r2MB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvaExBcWczZmxxWm9tNjd5Z2hUSWxwbndIU3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAvF3FMA8E
AgACMAkDBwAqD9MAAAAwDQYJKoZIhvcNAQELBQADggEBADqZAY+losHbsMwOlpyH
+J2vpVPjfzGs45PbTYyT/BmE9ioyAyu+X9ZWRE/jWFCqzJHPi70kxXM12gqgVhzL
IXIqtClHgYN88nu7oj9XMe4rRyKd5RDvlTfrgBFIDZgxqCppO3Pez6Vjj3olpmWb
yg8hkhqZoGaawj/xVL12340Z8sRl2SbdZAuIOE2+Uj6GM5JX2WoERRH7pt/c6oPR
y79YBuSD3IooC0HhtOS+F11iuPhn7khmxqzHT37jmQHf18IqCtGFNJmt/PVy8xke
CLuhQ87N8PeNtpp0ma+Nq9AL4/reCPakwimj0RRWqkJQ6ipgdqHTGxNmd1BWZmXg
yZ0=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:32:20 2024 by rpki-client on console-ams.rpki-client.org