Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hygtEluyax9mon_jVH7XDM1YFsM.roa
File: hygtEluyax9mon_jVH7XDM1YFsM.roa (raw, json)
Hash identifier: /06+RrIn+7XGv/IJmvEsl7+3U7NF9KeICrdXO4d3bRc=
Subject key identifier: 87:28:2D:12:5B:B2:6B:1F:66:A2:7F:E3:54:7E:D7:0C:CD:58:16:C3
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FBB07CB32A7656642D43BCD43576C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hygtEluyax9mon_jVH7XDM1YFsM.roa
Signing time: Tue 02 Jan 2024 04:30:14 +0000
ROA not before: Tue 02 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 81.161.52.0/22 maxlen: 24
94.232.100.0/22 maxlen: 24
37.97.112.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:bb:07:cb:32:a7:65:66:42:d4:3b:cd:43:57:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87282d125bb26b1f66a27fe3547ed70ccd5816c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:dc:b4:77:68:fc:6f:49:8c:5c:22:0d:18:
bd:bb:ac:0b:a0:66:db:fa:61:89:ba:78:cc:32:83:
f2:dc:ff:3d:72:bc:ed:5a:20:d8:46:8f:fe:73:95:
7c:15:16:a9:04:da:41:da:7d:4c:79:35:52:a5:64:
bd:bc:9a:75:af:e0:02:89:5c:0f:19:c4:64:cb:1a:
ce:9b:e1:ab:c8:7d:57:24:cf:c4:34:d0:40:59:02:
da:07:64:cc:b4:91:f8:ec:b1:3b:3a:3f:ea:26:a9:
58:b8:42:fd:b8:a6:7a:ed:b8:c5:26:fe:ca:89:73:
d8:84:5f:06:cb:fe:c2:71:4a:3e:13:9a:44:e8:ce:
c2:00:45:55:9a:58:6b:58:92:60:41:58:8b:2c:65:
07:6c:f2:6b:18:12:96:f6:42:3e:a9:20:01:a0:0d:
e0:0b:58:4c:6e:08:33:6e:df:3f:67:e0:24:d5:c0:
a6:35:21:2f:bc:5f:4c:9b:c6:f1:70:12:e5:c9:9c:
3d:cd:c2:09:a5:2c:70:f0:58:dd:07:83:2a:e7:95:
be:75:9a:43:7a:fa:de:08:1e:6c:ed:bd:8d:2d:88:
c5:0e:ef:1c:6e:3d:cd:ae:78:05:21:67:d3:1d:2a:
2a:d9:b7:9d:fb:5f:55:29:06:62:97:0f:da:c6:be:
54:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:28:2D:12:5B:B2:6B:1F:66:A2:7F:E3:54:7E:D7:0C:CD:58:16:C3
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/hygtEluyax9mon_jVH7XDM1YFsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.112.0/22
81.161.52.0/22
94.232.100.0/22
Signature Algorithm: sha256WithRSAEncryption
58:0a:87:4b:cc:49:a6:44:10:23:10:dd:ef:7e:73:94:71:ae:
a9:23:fb:6a:54:4c:a4:0f:5c:95:37:2b:18:ca:54:39:bb:de:
c9:02:4b:7c:13:f2:23:ed:87:dc:f3:2d:6a:7d:39:db:9b:00:
67:bd:e8:ce:57:a2:6f:ac:63:93:3e:25:cb:4c:bb:fc:20:85:
8f:55:57:be:89:e6:2b:3d:20:63:5b:ca:6c:aa:63:de:5c:76:
5a:0e:b4:33:2e:f7:50:07:84:fc:45:75:54:27:d7:e7:d2:ae:
3d:b4:ac:9c:0b:63:11:a7:8d:22:86:23:94:54:05:0c:68:64:
ca:e9:b2:b6:06:a3:b8:92:03:dd:b1:e8:e3:8a:e6:f8:10:99:
18:78:42:95:15:06:cb:16:b9:fe:c8:08:d1:7d:b5:fd:14:9a:
f9:64:1f:c1:45:d8:a9:79:12:a9:bf:da:8f:d0:5e:e8:fb:0d:
5a:67:29:f7:df:b4:40:e4:6c:39:9b:bf:04:e2:c9:87:49:6c:
3f:cc:52:19:4a:99:8e:c3:df:7b:87:1b:1d:f2:44:49:b7:4b:
79:74:1f:52:14:ba:64:5c:88:26:43:96:73:9b:07:85:00:9d:
7f:3c:a1:dc:ff:aa:46:0f:98:f8:2c:2c:30:ed:fa:fc:92:3a:
e0:af:32:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb7sHyzKnZWZC1DvNQ1dsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI4MmQxMjViYjI2YjFmNjZhMjdmZTM1NDdlZDcwY2NkNTgxNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm3ctHdo/G9JjFwiDRi9u6wLoGbb
+mGJunjMMoPy3P89crztWiDYRo/+c5V8FRapBNpB2n1MeTVSpWS9vJp1r+ACiVwP
GcRkyxrOm+GryH1XJM/ENNBAWQLaB2TMtJH47LE7Oj/qJqlYuEL9uKZ67bjFJv7K
iXPYhF8Gy/7CcUo+E5pE6M7CAEVVmlhrWJJgQViLLGUHbPJrGBKW9kI+qSABoA3g
C1hMbggzbt8/Z+Ak1cCmNSEvvF9Mm8bxcBLlyZw9zcIJpSxw8FjdB4Mq55W+dZpD
evreCB5s7b2NLYjFDu8cbj3NrngFIWfTHSoq2bed+19VKQZilw/axr5UfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIcoLRJbsmsfZqJ/41R+1wzNWBbDMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaHlndEVsdXlheDltb25falZIN1hETTFZRnNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCJWFwAwQC
UaE0AwQCXuhkMA0GCSqGSIb3DQEBCwUAA4IBAQBYCodLzEmmRBAjEN3vfnOUca6p
I/tqVEykD1yVNysYylQ5u97JAkt8E/Ij7Yfc8y1qfTnbmwBnvejOV6JvrGOTPiXL
TLv8IIWPVVe+ieYrPSBjW8psqmPeXHZaDrQzLvdQB4T8RXVUJ9fn0q49tKycC2MR
p40ihiOUVAUMaGTK6bK2BqO4kgPdsejjiub4EJkYeEKVFQbLFrn+yAjRfbX9FJr5
ZB/BRdipeRKpv9qP0F7o+w1aZyn337RA5Gw5m78E4smHSWw/zFIZSpmOw997hxsd
8kRJt0t5dB9SFLpkXIgmQ5ZzmweFAJ1/PKHc/6pGD5j4LCww7fr8kjrgrzKG
-----END CERTIFICATE-----
Generated at Fri May 3 18:11:08 2024 by rpki-client on console-ams.rpki-client.org