Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/b88139-1a93-4bd0-9825-bafb7911ee17/1/HmuVMw8VRPedRbLs_ih_l1ad8xw.roa
File: HmuVMw8VRPedRbLs_ih_l1ad8xw.roa (raw, json)
Hash identifier: PGOE2RxqOA+1MYaxVO+oFZUrUs67IBjypfZgtkQGebs=
Subject key identifier: 1E:6B:95:33:0F:15:44:F7:9D:45:B2:EC:FE:28:7F:97:56:9D:F3:1C
Certificate issuer: /CN=16058d28430c4e49e61a58af4fd7a6f656edfd9e
Certificate serial: 018CC8DE0E326F2051FA6DFD239169B7EC41
Authority key identifier: 16:05:8D:28:43:0C:4E:49:E6:1A:58:AF:4F:D7:A6:F6:56:ED:FD:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgWNKEMMTknmGlivT9em9lbt_Z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/b88139-1a93-4bd0-9825-bafb7911ee17/1/HmuVMw8VRPedRbLs_ih_l1ad8xw.roa
Signing time: Tue 02 Jan 2024 06:30:44 +0000
ROA not before: Tue 02 Jan 2024 06:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211385
IP address blocks: 193.107.12.0/24 maxlen: 24
2a10:f240::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/b88139-1a93-4bd0-9825-bafb7911ee17/1/FgWNKEMMTknmGlivT9em9lbt_Z4.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/b88139-1a93-4bd0-9825-bafb7911ee17/1/FgWNKEMMTknmGlivT9em9lbt_Z4.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgWNKEMMTknmGlivT9em9lbt_Z4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:0e:32:6f:20:51:fa:6d:fd:23:91:69:b7:ec:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16058d28430c4e49e61a58af4fd7a6f656edfd9e
Validity
Not Before: Jan 2 06:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e6b95330f1544f79d45b2ecfe287f97569df31c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a4:c7:f5:e8:05:c8:fb:21:06:76:55:e7:11:
88:bb:cc:77:91:42:64:b2:77:40:63:4c:66:72:8a:
e1:9b:b6:ee:35:39:7c:8b:a0:3c:1a:16:e4:3c:61:
32:48:d8:be:f4:79:b3:15:bb:63:28:dd:c2:04:8d:
65:9f:e8:a1:d3:44:87:00:9b:86:d1:ee:d4:c8:65:
72:8f:ea:04:1d:b6:da:c3:34:bf:20:31:f5:e2:10:
8c:f1:73:3c:a5:3c:94:74:33:6c:69:a3:50:5f:89:
58:e3:7b:84:83:5e:2d:84:cf:4e:f9:3f:69:93:a7:
03:9a:52:3b:4a:e5:a6:f7:44:6c:7f:8f:9c:4b:10:
fc:04:84:8a:4e:57:a4:03:b2:a8:14:c1:8b:ac:44:
1f:18:0b:ed:ad:d2:96:29:f7:0a:ea:48:1e:28:9b:
62:51:58:7b:a3:06:03:17:4f:5c:ad:e4:52:d3:6e:
9e:70:8e:78:a9:f2:9b:e0:62:26:cc:02:5b:6f:af:
05:79:55:63:09:df:f6:55:bb:ab:77:60:b6:17:de:
03:21:0d:6c:f4:96:9d:f8:3a:ee:b4:10:ac:0a:16:
22:ad:b3:7e:86:ee:35:7f:a0:3a:12:84:85:62:cd:
73:f9:cc:7a:29:38:fd:60:3b:4d:b3:7d:0c:cb:8e:
8c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6B:95:33:0F:15:44:F7:9D:45:B2:EC:FE:28:7F:97:56:9D:F3:1C
X509v3 Authority Key Identifier:
keyid:16:05:8D:28:43:0C:4E:49:E6:1A:58:AF:4F:D7:A6:F6:56:ED:FD:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgWNKEMMTknmGlivT9em9lbt_Z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/b88139-1a93-4bd0-9825-bafb7911ee17/1/HmuVMw8VRPedRbLs_ih_l1ad8xw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/b88139-1a93-4bd0-9825-bafb7911ee17/1/FgWNKEMMTknmGlivT9em9lbt_Z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.12.0/24
IPv6:
2a10:f240::/29
Signature Algorithm: sha256WithRSAEncryption
08:d9:08:a0:9a:1b:3d:91:3b:78:bc:91:29:ad:09:96:a1:f3:
4b:2a:d7:d6:ee:e6:76:e4:dc:35:46:47:6e:7b:ac:fa:e2:7b:
d6:d2:fd:f0:3b:d9:80:48:b9:a7:d8:4b:8f:90:0a:89:33:9c:
3c:af:01:44:e8:f6:a0:5f:2e:40:09:b9:2b:fd:ea:a1:0f:d2:
8d:39:85:18:f7:6a:f1:4e:ed:f9:03:55:bf:cf:ca:e7:d5:bb:
37:61:dc:31:07:aa:63:6b:55:b0:3d:0b:b8:1f:fe:61:6a:33:
13:6a:30:39:07:01:a3:f6:75:22:c6:df:17:ba:67:90:e5:7b:
3a:e2:f7:b3:57:1d:66:c1:23:b1:32:d4:91:95:4a:62:e1:43:
f2:72:99:0e:24:cd:af:e7:ea:26:de:80:30:0d:13:fe:c7:6f:
3f:86:a2:26:4b:8c:79:89:72:69:37:71:92:1d:20:0d:a1:55:
51:64:4d:7c:a4:0b:57:c8:d8:16:8f:88:7c:f0:d7:58:41:31:
c0:a9:46:ec:4b:b7:db:32:2e:ae:73:b7:87:43:f0:eb:72:48:
b2:bb:f6:a5:3e:f5:5a:80:3c:62:8a:01:14:61:79:ac:81:13:
6e:29:26:d7:21:c6:82:57:b4:9c:0c:3a:34:79:4f:33:00:69:
fd:bb:c4:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3g4ybyBR+m39I5Fpt+xBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU4ZDI4NDMwYzRlNDllNjFhNThhZjRmZDdhNmY2NTZl
ZGZkOWUwHhcNMjQwMTAyMDYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTZiOTUzMzBmMTU0NGY3OWQ0NWIyZWNmZTI4N2Y5NzU2OWRmMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaTH9egFyPshBnZV5xGIu8x3kUJk
sndAY0xmcorhm7buNTl8i6A8GhbkPGEySNi+9HmzFbtjKN3CBI1ln+ih00SHAJuG
0e7UyGVyj+oEHbbawzS/IDH14hCM8XM8pTyUdDNsaaNQX4lY43uEg14thM9O+T9p
k6cDmlI7SuWm90Rsf4+cSxD8BISKTlekA7KoFMGLrEQfGAvtrdKWKfcK6kgeKJti
UVh7owYDF09creRS026ecI54qfKb4GImzAJbb68FeVVjCd/2Vburd2C2F94DIQ1s
9Jad+DrutBCsChYirbN+hu41f6A6EoSFYs1z+cx6KTj9YDtNs30My46MSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB5rlTMPFUT3nUWy7P4of5dWnfMcMB8GA1UdIwQY
MBaAFBYFjShDDE5J5hpYr0/XpvZW7f2eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdXTktFTU1Ua25tR2xpdlQ5ZW05bGJ0X1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iODgxMzktMWE5My00YmQwLTk4MjUt
YmFmYjc5MTFlZTE3LzEvSG11Vk13OFZSUGVkUmJMc19paF9sMWFkOHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iODgxMzktMWE5My00YmQwLTk4MjUtYmFmYjc5MTFlZTE3
LzEvRmdXTktFTU1Ua25tR2xpdlQ5ZW05bGJ0X1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWsMMA0E
AgACMAcDBQMqEPJAMA0GCSqGSIb3DQEBCwUAA4IBAQAI2Qigmhs9kTt4vJEprQmW
ofNLKtfW7uZ25Nw1Rkdue6z64nvW0v3wO9mASLmn2EuPkAqJM5w8rwFE6PagXy5A
Cbkr/eqhD9KNOYUY92rxTu35A1W/z8rn1bs3YdwxB6pja1WwPQu4H/5hajMTajA5
BwGj9nUixt8XumeQ5Xs64vezVx1mwSOxMtSRlUpi4UPycpkOJM2v5+om3oAwDRP+
x28/hqImS4x5iXJpN3GSHSANoVVRZE18pAtXyNgWj4h88NdYQTHAqUbsS7fbMi6u
c7eHQ/Drckiyu/alPvVagDxiigEUYXmsgRNuKSbXIcaCV7ScDDo0eU8zAGn9u8TB
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:58:31 2024 by rpki-client on console-fra.rpki-client.org