Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HWTYRGhh-XGLZqUO1F-RszoKnGk.roa
File: HWTYRGhh-XGLZqUO1F-RszoKnGk.roa (raw, json)
Hash identifier: +hSceEQvRw7vhVnS0o9mJjykp4ixPvfxyGniW70coyQ=
Subject key identifier: 1D:64:D8:44:68:61:F9:71:8B:66:A5:0E:D4:5F:91:B3:3A:0A:9C:69
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF3C9D69AB300D5A52C683274A9A85
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HWTYRGhh-XGLZqUO1F-RszoKnGk.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198465
IP address blocks: 77.90.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3c:9d:69:ab:30:0d:5a:52:c6:83:27:4a:9a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d64d8446861f9718b66a50ed45f91b33a0a9c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:83:be:91:9b:d8:dc:83:5e:e5:20:89:95:
2e:dc:4c:16:98:67:51:ac:37:92:a1:17:9d:93:5a:
ee:cb:a7:b6:50:87:d2:8c:4d:35:1c:0d:88:be:03:
f0:5c:2a:b9:a5:7c:81:f6:47:a9:23:e3:62:05:be:
af:40:88:e1:f6:66:65:18:2e:1b:09:ac:c3:0e:49:
82:f1:cb:87:0d:e1:06:54:d0:2a:76:d9:16:5e:d9:
d6:db:38:59:ad:59:94:0f:fc:64:08:7b:f0:04:2a:
5a:c6:8e:26:01:fa:7e:5f:4a:16:78:d3:ca:3a:ea:
4c:e9:d8:b6:33:b2:5d:99:b2:0e:38:8c:b7:d7:f6:
fd:67:77:d5:2d:35:94:03:c2:e9:f2:00:d8:68:e4:
5e:3c:27:28:7a:69:a0:9e:9f:e5:f9:9a:c4:df:1c:
07:c0:3a:47:d3:cb:80:7e:4f:24:36:7f:6b:46:b7:
ed:4e:a3:9b:fa:27:03:0e:89:fd:49:4b:47:9a:ac:
65:9b:89:70:c4:b9:72:9f:e9:ac:58:18:45:ea:07:
7e:36:e0:50:82:79:47:38:71:ae:8d:9e:c9:df:6c:
e7:ea:d6:0e:e4:b8:bb:94:5c:12:d5:58:28:06:81:
60:75:3f:86:dc:8a:25:e4:fc:d3:22:fd:64:0b:74:
90:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:64:D8:44:68:61:F9:71:8B:66:A5:0E:D4:5F:91:B3:3A:0A:9C:69
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/HWTYRGhh-XGLZqUO1F-RszoKnGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.185.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:2c:d9:ee:87:e6:51:17:10:55:2e:18:2b:0c:b9:fc:00:21:
ba:ae:33:45:7a:b2:83:c3:32:4e:fd:56:c4:24:6c:b1:f8:2a:
65:25:22:93:1a:47:79:0e:79:3c:cc:31:27:e3:cc:08:70:72:
bc:07:a8:98:2c:c8:ab:dc:61:1e:8f:cf:fa:06:4c:2d:f4:34:
fa:11:fd:c0:a1:35:fe:17:79:68:cd:83:6c:b4:15:80:8e:ea:
fb:b5:4b:d7:ee:83:27:da:ed:e7:4f:99:f3:9c:7c:de:6c:55:
b7:f0:c5:eb:1b:10:9f:ed:a2:86:9b:de:b8:58:88:dd:7b:a1:
e6:f2:13:86:b2:7a:03:04:aa:fd:f0:c8:68:07:3f:10:b8:54:
61:69:4d:40:44:bf:bb:cf:15:c7:d2:a4:18:e4:05:27:36:ad:
35:29:3e:e8:ea:76:04:37:9a:c4:85:29:be:24:2a:0b:c2:90:
be:3c:a0:26:ca:e7:e8:6f:ff:1e:00:5d:a5:28:c9:1f:f8:89:
23:5a:90:81:e1:d9:97:2e:bf:07:de:b3:02:d9:ff:c0:78:f1:
08:10:3f:0d:7a:28:78:50:eb:00:93:7d:c7:6a:30:17:25:99:
3d:69:96:aa:97:87:31:4e:c3:86:9b:af:c2:6f:16:78:1c:6f:
26:9b:0c:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3zydaaswDVpSxoMnSpqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDY0ZDg0NDY4NjFmOTcxOGI2NmE1MGVkNDVmOTFiMzNhMGE5YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvSDvpGb2NyDXuUgiZUu3EwWmGdR
rDeSoRedk1ruy6e2UIfSjE01HA2IvgPwXCq5pXyB9kepI+NiBb6vQIjh9mZlGC4b
CazDDkmC8cuHDeEGVNAqdtkWXtnW2zhZrVmUD/xkCHvwBCpaxo4mAfp+X0oWeNPK
OupM6di2M7JdmbIOOIy31/b9Z3fVLTWUA8Lp8gDYaORePCcoemmgnp/l+ZrE3xwH
wDpH08uAfk8kNn9rRrftTqOb+icDDon9SUtHmqxlm4lwxLlyn+msWBhF6gd+NuBQ
gnlHOHGujZ7J32zn6tYO5Li7lFwS1VgoBoFgdT+G3Iol5PzTIv1kC3SQhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1k2ERoYflxi2alDtRfkbM6CpxpMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvSFdUWVJHaGgtWEdMWnFVTzFGLVJzem9LbkdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVq5MA0G
CSqGSIb3DQEBCwUAA4IBAQBqLNnuh+ZRFxBVLhgrDLn8ACG6rjNFerKDwzJO/VbE
JGyx+CplJSKTGkd5Dnk8zDEn48wIcHK8B6iYLMir3GEej8/6Bkwt9DT6Ef3AoTX+
F3lozYNstBWAjur7tUvX7oMn2u3nT5nznHzebFW38MXrGxCf7aKGm964WIjde6Hm
8hOGsnoDBKr98MhoBz8QuFRhaU1ARL+7zxXH0qQY5AUnNq01KT7o6nYEN5rEhSm+
JCoLwpC+PKAmyufob/8eAF2lKMkf+IkjWpCB4dmXLr8H3rMC2f/AePEIED8Neih4
UOsAk33HajAXJZk9aZaql4cxTsOGm6/CbxZ4HG8mmwzZ
-----END CERTIFICATE-----
Generated at Thu May 2 09:12:45 2024 by rpki-client on console-fra.rpki-client.org