Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b17ca4-2e2e-415a-adde-77257e04765f/1/h-agl-nn-RYaXQsR1RlcsPU7MBg.roa
File: h-agl-nn-RYaXQsR1RlcsPU7MBg.roa (raw, json)
Hash identifier: HAXg0eWi0I6Qj/d0VEPEsXLgnx+ATW5qZpnKGGRFZ8k=
Subject key identifier: 87:E6:A0:97:E9:E7:F9:16:1A:5D:0B:11:D5:19:5C:B0:F5:3B:30:18
Certificate issuer: /CN=4ee0432f5429d861d7743bfc31d7ad019628a5eb
Certificate serial: 018CC2DADDA01CAB868DC8A6870724A54612
Authority key identifier: 4E:E0:43:2F:54:29:D8:61:D7:74:3B:FC:31:D7:AD:01:96:28:A5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuBDL1Qp2GHXdDv8MdetAZYopes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b17ca4-2e2e-415a-adde-77257e04765f/1/h-agl-nn-RYaXQsR1RlcsPU7MBg.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8757
IP address blocks: 185.144.84.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/b17ca4-2e2e-415a-adde-77257e04765f/1/TuBDL1Qp2GHXdDv8MdetAZYopes.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/b17ca4-2e2e-415a-adde-77257e04765f/1/TuBDL1Qp2GHXdDv8MdetAZYopes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuBDL1Qp2GHXdDv8MdetAZYopes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:dd:a0:1c:ab:86:8d:c8:a6:87:07:24:a5:46:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee0432f5429d861d7743bfc31d7ad019628a5eb
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87e6a097e9e7f9161a5d0b11d5195cb0f53b3018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1d:01:b9:49:0c:82:e9:b8:1f:0a:30:b1:e0:
4c:b3:98:9a:e5:71:7f:92:e9:d6:c7:6a:c1:69:a1:
67:9e:28:6a:dd:98:1b:8e:67:aa:67:a3:2c:b3:e6:
5e:04:c4:a6:72:6f:f8:8b:9e:52:fe:68:2b:cf:a7:
d8:f0:2c:08:53:60:23:3d:0e:b6:e7:3b:ca:ea:b8:
cf:79:8e:31:1e:83:a2:57:d8:58:14:da:a6:37:57:
41:3f:e5:e6:e5:c7:5d:2b:d1:78:e7:4c:c2:3d:f3:
b7:2f:fe:57:17:f1:c7:4a:69:a5:38:bd:ee:f3:31:
bd:7f:3f:8c:ab:39:71:ed:67:97:b6:ae:f9:50:50:
78:f5:a1:71:a9:0a:b1:bf:b0:bf:33:fe:28:b5:3a:
c0:82:85:6f:ec:6f:e3:b4:ed:91:9e:26:da:c3:b3:
13:3e:8d:40:ab:87:f6:11:2b:a5:40:0a:24:eb:3c:
cc:1b:fa:d5:15:79:c6:8f:2b:1f:85:90:7a:19:ea:
f5:7d:a9:ca:7f:ef:a1:ef:82:74:47:d5:00:d8:e9:
1b:9d:66:8e:1f:08:bf:43:26:9c:17:58:8b:04:c3:
0c:8e:6b:df:82:de:a7:c5:e8:53:ed:2b:1e:b3:14:
5f:f7:ec:d1:b8:e9:7c:71:bb:cd:67:7c:9b:7a:19:
85:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E6:A0:97:E9:E7:F9:16:1A:5D:0B:11:D5:19:5C:B0:F5:3B:30:18
X509v3 Authority Key Identifier:
keyid:4E:E0:43:2F:54:29:D8:61:D7:74:3B:FC:31:D7:AD:01:96:28:A5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuBDL1Qp2GHXdDv8MdetAZYopes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b17ca4-2e2e-415a-adde-77257e04765f/1/h-agl-nn-RYaXQsR1RlcsPU7MBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b17ca4-2e2e-415a-adde-77257e04765f/1/TuBDL1Qp2GHXdDv8MdetAZYopes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.84.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:01:6b:dc:06:0f:b2:df:92:e9:04:a7:38:02:0d:c1:b5:5d:
bf:03:02:24:5a:27:77:a4:94:86:bb:93:57:b6:54:6d:9a:d4:
bc:e5:39:ef:5d:bd:eb:06:55:9a:c5:04:53:dc:c7:04:6f:da:
83:27:c0:e5:d1:b8:92:fb:a4:d8:19:8f:70:cf:41:c2:cc:1d:
d0:56:60:48:bb:c8:36:42:c4:95:d8:69:90:23:92:d5:71:ff:
0e:b4:c4:d0:54:4a:25:2d:7c:c6:19:a9:a3:72:e5:29:17:08:
c2:8d:9e:ba:db:e3:fd:af:ff:c0:01:e0:45:74:41:85:85:26:
27:61:eb:c0:0f:21:a9:dc:53:a9:17:5c:a2:8b:96:e1:eb:04:
73:18:99:c0:e8:07:72:37:1b:0d:84:ae:e1:45:a5:25:50:5d:
d6:56:a8:69:3b:b7:37:4c:48:20:91:66:30:02:37:e9:8d:29:
8d:41:8a:d3:69:d1:3c:2b:c6:b0:db:47:67:90:af:ad:d8:38:
91:c5:52:23:d0:45:4a:f0:59:b2:70:c2:6f:95:a3:c9:c2:17:
b2:a3:77:e3:8e:c8:1b:37:2b:c5:7e:c7:65:fe:ec:ec:ee:3c:
fd:f4:70:11:17:33:de:b6:30:4b:a8:65:33:e3:18:43:fa:9a:
5c:9a:a9:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2t2gHKuGjcimhwckpUYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTA0MzJmNTQyOWQ4NjFkNzc0M2JmYzMxZDdhZDAxOTYy
OGE1ZWIwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U2YTA5N2U5ZTdmOTE2MWE1ZDBiMTFkNTE5NWNiMGY1M2IzMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh0BuUkMgum4HwowseBMs5ia5XF/
kunWx2rBaaFnnihq3ZgbjmeqZ6Mss+ZeBMSmcm/4i55S/mgrz6fY8CwIU2AjPQ62
5zvK6rjPeY4xHoOiV9hYFNqmN1dBP+Xm5cddK9F450zCPfO3L/5XF/HHSmmlOL3u
8zG9fz+Mqzlx7WeXtq75UFB49aFxqQqxv7C/M/4otTrAgoVv7G/jtO2Rnibaw7MT
Po1Aq4f2ESulQAok6zzMG/rVFXnGjysfhZB6Ger1fanKf++h74J0R9UA2OkbnWaO
Hwi/QyacF1iLBMMMjmvfgt6nxehT7SsesxRf9+zRuOl8cbvNZ3ybehmFDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfmoJfp5/kWGl0LEdUZXLD1OzAYMB8GA1UdIwQY
MBaAFE7gQy9UKdhh13Q7/DHXrQGWKKXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVCREwxUXAyR0hYZER2OE1kZXRBWllvcGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iMTdjYTQtMmUyZS00MTVhLWFkZGUt
NzcyNTdlMDQ3NjVmLzEvaC1hZ2wtbm4tUllhWFFzUjFSbGNzUFU3TUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9iMTdjYTQtMmUyZS00MTVhLWFkZGUtNzcyNTdlMDQ3NjVm
LzEvVHVCREwxUXAyR0hYZER2OE1kZXRBWllvcGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZBUMA0G
CSqGSIb3DQEBCwUAA4IBAQC7AWvcBg+y35LpBKc4Ag3BtV2/AwIkWid3pJSGu5NX
tlRtmtS85TnvXb3rBlWaxQRT3McEb9qDJ8Dl0biS+6TYGY9wz0HCzB3QVmBIu8g2
QsSV2GmQI5LVcf8OtMTQVEolLXzGGamjcuUpFwjCjZ662+P9r//AAeBFdEGFhSYn
YevADyGp3FOpF1yii5bh6wRzGJnA6AdyNxsNhK7hRaUlUF3WVqhpO7c3TEggkWYw
AjfpjSmNQYrTadE8K8aw20dnkK+t2DiRxVIj0EVK8FmycMJvlaPJwheyo3fjjsgb
NyvFfsdl/uzs7jz99HARFzPetjBLqGUz4xhD+ppcmqlS
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:04:18 2024 by rpki-client on console-fra.rpki-client.org