Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/HAD3fMlekLpv5K3ktF-JRcIZGyo.roa
File: HAD3fMlekLpv5K3ktF-JRcIZGyo.roa (raw, json)
Hash identifier: Oer15WBkkwhvcbxbNKYIuZ+dxCmGb7ALhXhCdRvJDVM=
Subject key identifier: 1C:00:F7:7C:C9:5E:90:BA:6F:E4:AD:E4:B4:5F:89:45:C2:19:1B:2A
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 018CC64B9A946ECE50BD991C0A3DDBA789B2
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/HAD3fMlekLpv5K3ktF-JRcIZGyo.roa
Signing time: Mon 01 Jan 2024 18:31:32 +0000
ROA not before: Mon 01 Jan 2024 18:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209563
IP address blocks: 85.202.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.mft
rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:9a:94:6e:ce:50:bd:99:1c:0a:3d:db:a7:89:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 18:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c00f77cc95e90ba6fe4ade4b45f8945c2191b2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9e:a7:94:b4:75:9c:91:0e:d7:27:9f:a5:a4:
51:4d:03:e2:df:1f:19:fa:c5:28:09:83:3d:55:a6:
6b:86:b6:93:de:a1:39:63:7b:29:bb:5c:df:b8:4f:
d8:0f:0e:1c:2e:8c:26:d8:7c:22:00:5b:83:60:fa:
e5:d9:30:11:c2:cb:e8:2a:7c:35:b9:84:09:42:fe:
d7:60:4d:a1:77:e2:14:e1:a0:a5:f1:09:63:a2:12:
32:6e:e0:b0:42:72:c5:f3:6c:e6:f8:74:bf:48:7a:
0d:7c:63:9f:9e:33:b5:d6:1a:04:1c:6b:4b:c8:4c:
89:1d:b6:e1:31:36:7c:e1:46:37:62:bf:01:79:5a:
fb:78:5a:dc:dd:67:f2:6f:06:f7:7c:d3:3a:d2:00:
d7:ad:e1:a0:b0:97:43:6b:93:5e:da:a7:21:e3:27:
1b:85:2c:e2:01:af:7a:e5:51:bb:67:dd:09:a9:74:
ee:e0:19:98:e4:f8:16:34:22:b7:b7:d2:19:5c:16:
1b:17:7d:f7:70:ca:e2:d7:8d:2d:9d:aa:a2:c5:b5:
63:ba:51:f4:6f:ec:44:4a:20:9f:9e:ac:8e:34:b5:
13:1a:9b:e3:18:18:32:72:3e:41:62:c9:c8:1c:91:
d5:dc:95:f9:fb:f4:92:ad:96:43:b4:aa:c9:e8:1d:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:00:F7:7C:C9:5E:90:BA:6F:E4:AD:E4:B4:5F:89:45:C2:19:1B:2A
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/HAD3fMlekLpv5K3ktF-JRcIZGyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.53.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c7:7a:d3:c2:39:af:68:bb:d1:1b:6e:c6:dd:12:d5:42:1a:
7c:8a:61:6f:e9:61:e6:5b:33:57:55:30:f8:8c:98:9a:24:35:
3d:d0:96:9f:f6:53:18:82:18:45:4b:0a:21:a5:7e:57:7c:76:
4a:da:22:d9:38:07:50:63:01:60:22:ca:a4:45:43:e5:9a:13:
74:9c:fc:4e:50:3c:d8:e2:f4:82:10:24:8f:2d:52:9d:93:05:
6b:29:b3:fb:7e:08:bc:34:cb:94:3c:93:83:e5:8a:c2:44:c6:
a4:da:c1:3e:e8:4a:1d:f9:4a:23:30:1e:40:8b:8a:99:d5:94:
e5:10:6d:88:9a:b8:0d:b6:16:60:dc:dc:0b:0c:53:64:d4:28:
65:ba:f7:0f:91:a4:f1:36:14:95:bd:ee:8c:9a:c5:7d:59:87:
6d:8d:11:67:53:c0:65:2c:e0:d9:ab:8a:e7:36:03:1a:f3:81:
56:0f:2d:61:bb:e4:4c:fc:f9:7c:24:f0:cf:5e:a0:c3:7d:43:
6b:53:79:b9:43:07:84:0f:78:95:7a:96:5f:fc:35:5a:a3:8a:
1e:75:c5:c7:74:8e:b0:80:c1:96:af:53:8a:db:8b:13:fb:1f:
a4:3b:ba:d7:0f:5d:48:dd:6c:ba:ad:2c:f0:58:8d:ee:5e:37:
5a:c9:b6:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS5qUbs5QvZkcCj3bp4myMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjQwMTAxMTgzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAwZjc3Y2M5NWU5MGJhNmZlNGFkZTRiNDVmODk0NWMyMTkxYjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ6nlLR1nJEO1yefpaRRTQPi3x8Z
+sUoCYM9VaZrhraT3qE5Y3spu1zfuE/YDw4cLowm2HwiAFuDYPrl2TARwsvoKnw1
uYQJQv7XYE2hd+IU4aCl8QljohIybuCwQnLF82zm+HS/SHoNfGOfnjO11hoEHGtL
yEyJHbbhMTZ84UY3Yr8BeVr7eFrc3Wfybwb3fNM60gDXreGgsJdDa5Ne2qch4ycb
hSziAa965VG7Z90JqXTu4BmY5PgWNCK3t9IZXBYbF333cMri140tnaqixbVjulH0
b+xESiCfnqyONLUTGpvjGBgycj5BYsnIHJHV3JX5+/SSrZZDtKrJ6B0QZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwA93zJXpC6b+St5LRfiUXCGRsqMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvSEFEM2ZNbGVrTHB2NUsza3RGLUpSY0laR3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVco1MA0G
CSqGSIb3DQEBCwUAA4IBAQAnx3rTwjmvaLvRG27G3RLVQhp8imFv6WHmWzNXVTD4
jJiaJDU90Jaf9lMYghhFSwohpX5XfHZK2iLZOAdQYwFgIsqkRUPlmhN0nPxOUDzY
4vSCECSPLVKdkwVrKbP7fgi8NMuUPJOD5YrCRMak2sE+6Eod+UojMB5Ai4qZ1ZTl
EG2ImrgNthZg3NwLDFNk1ChluvcPkaTxNhSVve6MmsV9WYdtjRFnU8BlLODZq4rn
NgMa84FWDy1hu+RM/Pl8JPDPXqDDfUNrU3m5QweED3iVepZf/DVao4oedcXHdI6w
gMGWr1OK24sT+x+kO7rXD11I3Wy6rSzwWI3uXjdaybaZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:06 2024 by rpki-client on console-ams.rpki-client.org