Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/hBHGDSUJnbInp10tDOGMQ3JLEmc.roa
File: hBHGDSUJnbInp10tDOGMQ3JLEmc.roa (raw, json)
Hash identifier: wbEih45wFXmAmiFph3JidpiY9VFOHtKmvKDs2mvgovM=
Subject key identifier: 84:11:C6:0D:25:09:9D:B2:27:A7:5D:2D:0C:E1:8C:43:72:4B:12:67
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 018CC500DC90D286C51E1308C3830C7BC1E2
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/hBHGDSUJnbInp10tDOGMQ3JLEmc.roa
Signing time: Mon 01 Jan 2024 12:30:17 +0000
ROA not before: Mon 01 Jan 2024 12:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44431
IP address blocks: 193.220.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:dc:90:d2:86:c5:1e:13:08:c3:83:0c:7b:c1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jan 1 12:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8411c60d25099db227a75d2d0ce18c43724b1267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:18:7a:ad:9e:c7:f6:3b:9a:ab:b4:6e:9a:77:
ac:7e:25:42:f4:78:b5:57:69:ab:91:4b:dc:d6:ba:
88:c0:0e:a5:8f:0c:f9:03:66:ba:a6:c0:f6:5d:e3:
b8:ff:a0:42:e4:66:13:8f:33:f9:0c:28:55:58:a2:
14:ee:b5:f1:93:08:22:e8:a0:bc:fd:51:3f:12:99:
62:6f:7b:d0:98:aa:c8:17:65:8f:25:da:09:6b:61:
97:ed:0a:28:91:7b:6c:6e:a7:aa:c1:eb:39:89:75:
be:f7:6c:5b:6e:12:97:87:e7:00:af:2f:27:b4:0b:
d2:81:a0:16:4f:6f:3e:f1:b0:f4:12:8c:9e:a5:c7:
d8:59:86:28:b1:fb:bb:32:f8:53:f1:5c:51:3e:09:
22:58:f6:0e:7a:ca:83:23:16:38:dd:cc:5a:7b:92:
fc:bb:d1:d7:ce:e3:4a:2d:fc:3d:ab:a3:12:c4:0f:
c1:5e:a9:90:bb:9c:9b:c6:fa:45:48:ae:d2:5b:6d:
b8:49:33:9b:ed:29:f8:95:fc:7f:e3:f0:0b:fe:7e:
3f:67:c3:79:25:95:e7:64:b0:a4:5e:ec:29:21:a3:
37:8a:77:47:f3:df:5c:53:97:8d:da:31:f8:c5:3d:
f0:35:28:f0:d3:48:65:bc:a8:7c:f3:09:b6:85:fe:
13:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:11:C6:0D:25:09:9D:B2:27:A7:5D:2D:0C:E1:8C:43:72:4B:12:67
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/hBHGDSUJnbInp10tDOGMQ3JLEmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.220.160.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:5d:2f:c6:e1:9a:a9:d7:bb:6f:08:20:0a:d3:35:f1:ca:85:
bd:81:fa:f9:3d:10:16:d9:37:6d:94:6c:18:0a:ee:29:7c:97:
13:ce:d3:4f:fc:cc:8e:32:11:eb:7c:94:33:65:00:70:88:73:
0a:8c:af:16:32:7e:0e:75:88:e4:88:10:74:12:4c:39:71:f0:
70:9f:08:62:f8:9a:68:2f:a3:d2:19:40:64:34:11:92:b4:75:
bb:c5:55:0f:7b:72:cb:9b:1c:be:a8:bd:b3:93:ac:e0:63:8b:
89:ef:c4:90:76:c5:ba:8f:fe:3e:2e:fa:42:7d:03:e3:f0:d8:
88:7c:4c:ad:64:89:14:6f:e0:a0:16:7c:46:fa:c2:05:1d:cb:
15:0f:17:50:32:74:16:25:43:c4:c5:38:2f:d4:42:a1:3b:e1:
3f:e4:ad:cf:53:20:19:46:e5:f0:b1:d6:7f:80:91:b6:d1:d1:
27:2e:04:16:9d:c0:1e:52:8d:17:e9:4d:14:70:4e:49:8a:b7:
92:b1:b4:cb:f8:64:95:fb:c6:c1:d9:36:1d:e6:42:23:4d:e8:
fb:aa:73:d5:b3:f2:3e:f4:6c:2c:a9:5c:39:5b:da:b8:1b:29:
b2:b7:fa:70:cd:b1:85:02:b5:6b:5a:e5:8f:ae:54:ce:a4:76:
9b:b5:7e:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFANyQ0obFHhMIw4MMe8HiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjQwMTAxMTIzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDExYzYwZDI1MDk5ZGIyMjdhNzVkMmQwY2UxOGM0MzcyNGIxMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhh6rZ7H9juaq7RumnesfiVC9Hi1
V2mrkUvc1rqIwA6ljwz5A2a6psD2XeO4/6BC5GYTjzP5DChVWKIU7rXxkwgi6KC8
/VE/Eplib3vQmKrIF2WPJdoJa2GX7QookXtsbqeqwes5iXW+92xbbhKXh+cAry8n
tAvSgaAWT28+8bD0EoyepcfYWYYosfu7MvhT8VxRPgkiWPYOesqDIxY43cxae5L8
u9HXzuNKLfw9q6MSxA/BXqmQu5ybxvpFSK7SW224STOb7Sn4lfx/4/AL/n4/Z8N5
JZXnZLCkXuwpIaM3indH899cU5eN2jH4xT3wNSjw00hlvKh88wm2hf4TNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQRxg0lCZ2yJ6ddLQzhjENySxJnMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvaEJIR0RTVUpuYklucDEwdERPR01RM0pMRW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwdygMA0G
CSqGSIb3DQEBCwUAA4IBAQDQXS/G4Zqp17tvCCAK0zXxyoW9gfr5PRAW2TdtlGwY
Cu4pfJcTztNP/MyOMhHrfJQzZQBwiHMKjK8WMn4OdYjkiBB0Ekw5cfBwnwhi+Jpo
L6PSGUBkNBGStHW7xVUPe3LLmxy+qL2zk6zgY4uJ78SQdsW6j/4+LvpCfQPj8NiI
fEytZIkUb+CgFnxG+sIFHcsVDxdQMnQWJUPExTgv1EKhO+E/5K3PUyAZRuXwsdZ/
gJG20dEnLgQWncAeUo0X6U0UcE5JireSsbTL+GSV+8bB2TYd5kIjTej7qnPVs/I+
9GwsqVw5W9q4Gymyt/pwzbGFArVrWuWPrlTOpHabtX4I
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:05:51 2024 by rpki-client on console-ams.rpki-client.org