Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/HWuOXNRw_kBEkImrdrXIORhoXok.roa
File: HWuOXNRw_kBEkImrdrXIORhoXok.roa (raw, json)
Hash identifier: sY4MpzNULJQRLTGKvWigwR/s9edKa+sRkZhmKkAZCOY=
Subject key identifier: 1D:6B:8E:5C:D4:70:FE:40:44:90:89:AB:76:B5:C8:39:18:68:5E:89
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 018DB18E7CDB3488DCA0733EE7AAB34A52BA
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/HWuOXNRw_kBEkImrdrXIORhoXok.roa
Signing time: Fri 16 Feb 2024 10:55:21 +0000
ROA not before: Fri 16 Feb 2024 10:55:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.22.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:8e:7c:db:34:88:dc:a0:73:3e:e7:aa:b3:4a:52:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Feb 16 10:55:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d6b8e5cd470fe40449089ab76b5c83918685e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:6a:71:af:2c:6d:56:be:6a:bd:fc:e5:96:
2d:d9:26:a4:13:21:d4:a1:4b:61:4c:69:d1:48:aa:
6b:46:49:b9:4a:d6:9e:c3:27:f3:cd:6a:72:5f:ab:
60:f3:bf:17:47:01:64:e1:e5:29:99:c5:e3:56:78:
02:62:a5:96:97:1a:74:03:9f:e3:72:57:00:07:7c:
8c:e6:c0:28:d8:af:3a:8b:1c:9d:40:fa:ad:b8:31:
1a:21:ac:99:66:dc:cb:a4:22:2c:62:cc:a1:53:c4:
fe:07:e2:94:97:00:0f:4f:87:2c:e3:0b:54:24:af:
b9:26:97:88:ad:04:31:de:00:17:e4:04:35:2f:6f:
8d:81:7b:db:3a:4b:6b:bf:24:9b:a7:67:91:6e:a8:
48:0f:87:d9:32:37:3d:10:de:58:a5:55:eb:e3:39:
13:1a:0f:d2:a3:92:50:43:38:d8:b7:73:a3:9c:96:
67:ac:05:07:90:af:46:3e:59:04:3c:74:f1:75:6e:
0c:d2:34:fa:ef:76:e3:3f:cd:1c:3c:ac:51:1e:de:
97:e6:af:3f:76:10:6e:5a:5e:cb:8f:f4:30:08:00:
82:eb:3c:e1:39:81:3a:b9:59:a5:c5:44:1f:99:51:
46:67:a9:07:31:60:a9:b6:30:a3:9c:bf:c0:76:f9:
c5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6B:8E:5C:D4:70:FE:40:44:90:89:AB:76:B5:C8:39:18:68:5E:89
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/HWuOXNRw_kBEkImrdrXIORhoXok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.204.0/22
Signature Algorithm: sha256WithRSAEncryption
13:8f:06:db:23:5b:45:32:50:83:a4:d1:70:ad:0f:37:7e:23:
4c:54:17:ba:ed:9b:e4:f5:8c:6e:8e:54:fe:05:cf:eb:1a:bc:
c7:fd:74:74:2c:67:ef:7f:72:8d:1f:53:11:93:e2:21:8e:a7:
8b:70:62:19:52:5a:14:0b:cb:5f:a0:bc:32:0a:cc:7c:e8:af:
19:aa:78:2a:35:d3:7c:48:3a:6a:9d:33:58:4e:cc:14:ce:05:
06:e2:58:57:82:78:d9:06:ff:1c:5b:16:95:21:79:2b:ac:7f:
bd:96:b6:30:c7:ea:4a:06:d8:ae:8f:ed:ae:d7:9d:19:af:e7:
d8:03:d3:8b:9d:9c:a2:2c:7f:75:79:0d:9c:e4:41:78:58:b7:
46:cf:99:ca:3a:ec:c9:7b:5c:b3:b1:01:b0:3b:b6:cc:cf:da:
f3:5f:50:80:3a:80:db:3e:a7:0a:17:72:7c:c5:b5:4c:4a:77:
1d:00:16:56:25:82:d9:30:40:83:42:5a:36:30:58:fa:95:a9:
dd:1f:f3:7c:31:4d:65:8c:1e:62:ea:49:79:0d:c3:b2:c4:8a:
4f:ce:8c:9a:4e:82:19:7b:3a:94:ab:aa:3a:2a:d9:fe:64:8d:
b1:12:f7:74:bd:e3:2f:7c:0d:2f:33:77:95:8c:0a:4a:5b:35:
df:80:d1:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2xjnzbNIjcoHM+56qzSlK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjQwMjE2MTA1NTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZiOGU1Y2Q0NzBmZTQwNDQ5MDg5YWI3NmI1YzgzOTE4Njg1ZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWNqca8sbVa+ar385ZYt2SakEyHU
oUthTGnRSKprRkm5StaewyfzzWpyX6tg878XRwFk4eUpmcXjVngCYqWWlxp0A5/j
clcAB3yM5sAo2K86ixydQPqtuDEaIayZZtzLpCIsYsyhU8T+B+KUlwAPT4cs4wtU
JK+5JpeIrQQx3gAX5AQ1L2+NgXvbOktrvySbp2eRbqhID4fZMjc9EN5YpVXr4zkT
Gg/So5JQQzjYt3OjnJZnrAUHkK9GPlkEPHTxdW4M0jT673bjP80cPKxRHt6X5q8/
dhBuWl7Lj/QwCACC6zzhOYE6uVmlxUQfmVFGZ6kHMWCptjCjnL/AdvnFyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1rjlzUcP5ARJCJq3a1yDkYaF6JMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvSFd1T1hOUndfa0JFa0ltcmRyWElPUmhvWG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBRbMMA0G
CSqGSIb3DQEBCwUAA4IBAQATjwbbI1tFMlCDpNFwrQ83fiNMVBe67Zvk9YxujlT+
Bc/rGrzH/XR0LGfvf3KNH1MRk+IhjqeLcGIZUloUC8tfoLwyCsx86K8ZqngqNdN8
SDpqnTNYTswUzgUG4lhXgnjZBv8cWxaVIXkrrH+9lrYwx+pKBtiuj+2u150Zr+fY
A9OLnZyiLH91eQ2c5EF4WLdGz5nKOuzJe1yzsQGwO7bMz9rzX1CAOoDbPqcKF3J8
xbVMSncdABZWJYLZMECDQlo2MFj6landH/N8MU1ljB5i6kl5DcOyxIpPzoyaToIZ
ezqUq6o6Ktn+ZI2xEvd0veMvfA0vM3eVjApKWzXfgNEb
-----END CERTIFICATE-----
Generated at Sat May 4 03:05:54 2024 by rpki-client on console-fra.rpki-client.org