Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/HILnFlkGd7r6hae5SYoGn16D19s.roa
File: HILnFlkGd7r6hae5SYoGn16D19s.roa (raw, json)
Hash identifier: oIDvIgRBeWLFhg5beBU/3KGIxadZjhz94yFq+V9gSFk=
Subject key identifier: 1C:82:E7:16:59:06:77:BA:FA:85:A7:B9:49:8A:06:9F:5E:83:D7:DB
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D7A93170D86FEF4028723F510AEBCBCE4
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/HILnFlkGd7r6hae5SYoGn16D19s.roa
Signing time: Mon 05 Feb 2024 18:41:16 +0000
ROA not before: Mon 05 Feb 2024 18:41:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51659
IP address blocks: 45.129.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:93:17:0d:86:fe:f4:02:87:23:f5:10:ae:bc:bc:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 5 18:41:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c82e716590677bafa85a7b9498a069f5e83d7db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:82:53:60:2b:fb:91:b6:15:98:57:96:18:cd:
63:ec:4a:de:3d:29:86:64:c5:b7:52:26:b3:88:2b:
96:0d:f4:18:50:f3:f1:65:59:c1:6f:ce:16:92:2b:
2c:a1:7d:f7:38:92:1f:d7:6f:f5:d9:22:3e:fa:b9:
bd:72:de:e5:79:84:b9:0a:89:82:60:33:cc:26:6a:
5c:e7:10:b3:c9:d5:ab:64:49:09:63:74:0c:c2:6f:
2d:64:98:0c:5a:be:d1:67:74:91:22:07:a1:b5:1e:
e6:f9:32:8c:c1:ce:cc:f8:30:be:db:06:84:4b:99:
f5:a4:90:0b:53:33:c8:70:60:0f:c1:2c:f1:09:e7:
84:95:08:39:c1:b4:ee:8c:8a:7f:d8:fd:e6:52:4d:
02:39:31:66:11:1a:4b:98:16:57:6a:43:77:0b:f1:
fa:e2:94:7c:f9:dc:5b:4f:9b:b8:fd:5f:60:72:4a:
53:db:50:61:fb:c7:cb:78:91:34:d2:60:03:9f:0f:
e7:c6:db:0d:9b:d7:77:ae:ef:8a:6d:af:cb:12:23:
13:bf:68:84:78:89:a8:ba:2a:2e:fb:6a:a8:69:60:
38:4d:c2:ca:03:b5:5e:e0:93:61:c0:99:b8:bc:81:
4c:f2:91:3e:9f:59:de:e6:55:03:a0:93:d5:6e:10:
80:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:82:E7:16:59:06:77:BA:FA:85:A7:B9:49:8A:06:9F:5E:83:D7:DB
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/HILnFlkGd7r6hae5SYoGn16D19s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:b2:d4:73:46:e1:e8:57:67:b6:d6:4b:22:75:79:c6:6a:18:
a0:7d:c8:e4:86:1d:e8:aa:77:3c:32:94:1a:79:55:34:dd:1e:
95:c3:11:18:9a:a1:0e:9e:61:33:e2:0b:33:b9:18:bf:49:50:
25:b7:37:7a:1d:ec:e4:25:47:36:73:f6:68:20:4f:d0:ed:dd:
8e:28:e2:b9:c2:ec:70:08:cd:c8:b4:04:8a:a1:86:98:17:3d:
44:62:31:ff:5a:1d:72:71:03:09:90:53:d9:78:22:8e:a2:e2:
21:ff:88:4a:0d:75:6a:2e:00:c9:3c:76:1d:24:35:ac:b8:5d:
e4:60:a8:f0:51:cc:6f:ef:f8:0e:92:84:e4:2c:ba:1b:9d:db:
7a:ad:3a:04:21:4a:af:5f:76:71:42:f1:ff:6b:74:1b:1d:c1:
d8:1f:09:8e:d4:60:26:41:a8:64:38:f3:89:7b:ff:a6:98:cc:
01:e7:6d:6d:6d:b6:5d:aa:f3:55:cd:7f:f4:a9:44:3f:b3:66:
29:21:18:95:48:49:6c:b3:02:52:41:a9:46:03:4c:f7:9d:5f:
1d:ae:73:a6:91:b7:08:40:81:1c:76:76:53:df:98:12:e5:47:
c4:46:ee:87:fe:1c:97:63:21:4f:84:2a:3c:00:61:fe:c6:d2:
06:6b:63:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY16kxcNhv70Aocj9RCuvLzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjA1MTg0MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzgyZTcxNjU5MDY3N2JhZmE4NWE3Yjk0OThhMDY5ZjVlODNkN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoJTYCv7kbYVmFeWGM1j7ErePSmG
ZMW3UiaziCuWDfQYUPPxZVnBb84WkissoX33OJIf12/12SI++rm9ct7leYS5ComC
YDPMJmpc5xCzydWrZEkJY3QMwm8tZJgMWr7RZ3SRIgehtR7m+TKMwc7M+DC+2waE
S5n1pJALUzPIcGAPwSzxCeeElQg5wbTujIp/2P3mUk0COTFmERpLmBZXakN3C/H6
4pR8+dxbT5u4/V9gckpT21Bh+8fLeJE00mADnw/nxtsNm9d3ru+Kba/LEiMTv2iE
eImouiou+2qoaWA4TcLKA7Ve4JNhwJm4vIFM8pE+n1ne5lUDoJPVbhCAqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFByC5xZZBne6+oWnuUmKBp9eg9fbMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvSElMbkZsa0dkN3I2aGFlNVNZb0duMTZEMTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYECMA0G
CSqGSIb3DQEBCwUAA4IBAQANstRzRuHoV2e21ksidXnGahigfcjkhh3oqnc8MpQa
eVU03R6VwxEYmqEOnmEz4gszuRi/SVAltzd6HezkJUc2c/ZoIE/Q7d2OKOK5wuxw
CM3ItASKoYaYFz1EYjH/Wh1ycQMJkFPZeCKOouIh/4hKDXVqLgDJPHYdJDWsuF3k
YKjwUcxv7/gOkoTkLLobndt6rToEIUqvX3ZxQvH/a3QbHcHYHwmO1GAmQahkOPOJ
e/+mmMwB521tbbZdqvNVzX/0qUQ/s2YpIRiVSElsswJSQalGA0z3nV8drnOmkbcI
QIEcdnZT35gS5UfERu6H/hyXYyFPhCo8AGH+xtIGa2MW
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:30:25 2024 by rpki-client on console-fra.rpki-client.org