Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/H_8RRu4X-CmicQuV7mUaFn0HP4A.roa
File: H_8RRu4X-CmicQuV7mUaFn0HP4A.roa (raw, json)
Hash identifier: pGDbI9djyKAvEWOI1/lEvd8/Yi/3HIC0wyvKyvv3AbU=
Subject key identifier: 1F:FF:11:46:EE:17:F8:29:A2:71:0B:95:EE:65:1A:16:7D:07:3F:80
Certificate issuer: /CN=388e962840cd3168dd2ea396fe68127628aeac27
Certificate serial: 018F2A5D3704DFF72C61E827645554F7EBBA
Authority key identifier: 38:8E:96:28:40:CD:31:68:DD:2E:A3:96:FE:68:12:76:28:AE:AC:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/H_8RRu4X-CmicQuV7mUaFn0HP4A.roa
Signing time: Mon 29 Apr 2024 14:58:22 +0000
ROA not before: Mon 29 Apr 2024 14:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.144.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:5d:37:04:df:f7:2c:61:e8:27:64:55:54:f7:eb:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=388e962840cd3168dd2ea396fe68127628aeac27
Validity
Not Before: Apr 29 14:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fff1146ee17f829a2710b95ee651a167d073f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fa:b6:8c:4b:cf:d0:47:a6:d7:2b:5a:3a:46:
03:b6:ae:50:46:5f:69:61:21:22:2f:2a:d9:1c:8a:
81:0f:b6:a1:66:69:4e:21:59:c4:e4:6e:66:66:f9:
2e:dd:6a:e3:03:98:e0:6d:cd:b3:48:cb:bd:44:a2:
89:d4:ae:9d:17:64:1c:5e:42:18:86:a0:bc:b7:09:
16:ab:28:6c:8c:46:8a:d4:e9:49:2c:5e:11:ce:46:
2f:be:67:dc:4d:cc:55:7a:72:1c:6c:a5:65:6d:63:
d6:94:37:b7:6b:28:81:5f:86:14:3f:d2:75:d1:23:
82:33:33:77:47:38:56:86:c4:da:b4:51:29:45:56:
32:b3:18:2c:de:97:bd:3c:37:2a:11:17:b9:ed:ba:
1e:60:ef:3a:dc:90:55:ca:97:32:3d:53:21:55:5b:
54:3b:90:3d:81:d9:1e:ed:12:33:76:fa:93:9b:77:
89:79:92:b1:ec:7a:e8:44:2e:97:fb:b9:f8:90:5f:
1e:15:38:69:fc:f2:c1:01:ef:9b:62:bd:07:66:e7:
6b:af:ac:2c:41:f7:0d:5d:57:0c:6c:69:ce:f6:28:
d6:7b:67:b2:aa:9d:e0:5f:47:44:a4:b9:5f:34:a2:
93:cd:b4:ee:de:a7:8f:a5:4d:7a:4b:b5:cf:68:22:
a1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FF:11:46:EE:17:F8:29:A2:71:0B:95:EE:65:1A:16:7D:07:3F:80
X509v3 Authority Key Identifier:
keyid:38:8E:96:28:40:CD:31:68:DD:2E:A3:96:FE:68:12:76:28:AE:AC:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OI6WKEDNMWjdLqOW_mgSdiiurCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/H_8RRu4X-CmicQuV7mUaFn0HP4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/55ea3e-d7e2-430c-af8a-c321840c1faa/1/OI6WKEDNMWjdLqOW_mgSdiiurCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.240.0/22
Signature Algorithm: sha256WithRSAEncryption
50:da:9e:1f:56:e7:c6:c9:e0:04:79:eb:c2:9e:bd:0a:17:8c:
74:c0:1f:be:3e:5b:bf:98:5f:43:40:2a:82:c4:ff:2b:95:68:
bd:c6:5a:80:3c:ca:d6:49:c5:0c:f7:2e:77:33:75:22:e8:3d:
9f:e7:ca:06:7d:38:7f:62:aa:04:1c:3d:dd:bd:f8:3c:8c:7a:
e1:cd:37:6a:ed:fa:1b:74:78:42:30:72:da:40:23:fb:65:bd:
d3:1a:fc:a9:88:47:5e:9c:77:c1:e7:bb:b5:46:2e:2d:2f:3f:
aa:01:3c:7d:6c:b3:c6:87:aa:f8:df:cc:60:97:99:e0:54:18:
0d:42:aa:83:d5:55:6d:bf:c2:0a:9a:7d:a7:50:c9:66:6c:f4:
d7:07:1c:1d:f1:50:08:38:60:5b:16:35:a3:fe:f5:e8:8f:72:
5f:49:09:70:21:2e:22:ee:28:61:d4:8c:dc:34:2c:57:78:8d:
bb:df:34:6d:c0:92:1d:64:c0:1f:da:9a:39:b8:c1:a1:14:72:
d7:36:90:b2:0e:9b:46:17:1c:97:c5:0e:a9:ea:68:d1:9a:41:
87:c3:9e:32:31:42:2b:cc:b5:d2:bd:0b:a1:a0:39:a1:71:b9:
b8:7d:a1:7b:b3:8f:61:52:75:73:2b:14:d7:2d:e1:29:0a:89:
9c:38:9b:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8qXTcE3/csYegnZFVU9+u6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OGU5NjI4NDBjZDMxNjhkZDJlYTM5NmZlNjgxMjc2Mjhh
ZWFjMjcwHhcNMjQwNDI5MTQ1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZmMTE0NmVlMTdmODI5YTI3MTBiOTVlZTY1MWExNjdkMDczZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vq2jEvP0Eem1ytaOkYDtq5QRl9p
YSEiLyrZHIqBD7ahZmlOIVnE5G5mZvku3WrjA5jgbc2zSMu9RKKJ1K6dF2QcXkIY
hqC8twkWqyhsjEaK1OlJLF4RzkYvvmfcTcxVenIcbKVlbWPWlDe3ayiBX4YUP9J1
0SOCMzN3RzhWhsTatFEpRVYysxgs3pe9PDcqERe57boeYO863JBVypcyPVMhVVtU
O5A9gdke7RIzdvqTm3eJeZKx7HroRC6X+7n4kF8eFThp/PLBAe+bYr0HZudrr6ws
QfcNXVcMbGnO9ijWe2eyqp3gX0dEpLlfNKKTzbTu3qePpU16S7XPaCKhMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB//EUbuF/gponELle5lGhZ9Bz+AMB8GA1UdIwQY
MBaAFDiOlihAzTFo3S6jlv5oEnYorqwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0k2V0tFRE5NV2pkTHFPV19tZ1NkaWl1ckNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81NWVhM2UtZDdlMi00MzBjLWFmOGEt
YzMyMTg0MGMxZmFhLzEvSF84UlJ1NFgtQ21pY1F1VjdtVWFGbjBIUDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81NWVhM2UtZDdlMi00MzBjLWFmOGEtYzMyMTg0MGMxZmFh
LzEvT0k2V0tFRE5NV2pkTHFPV19tZ1NkaWl1ckNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZDwMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ2p4fVufGyeAEeevCnr0KF4x0wB++Plu/mF9DQCqC
xP8rlWi9xlqAPMrWScUM9y53M3Ui6D2f58oGfTh/YqoEHD3dvfg8jHrhzTdq7fob
dHhCMHLaQCP7Zb3TGvypiEdenHfB57u1Ri4tLz+qATx9bLPGh6r438xgl5ngVBgN
QqqD1VVtv8IKmn2nUMlmbPTXBxwd8VAIOGBbFjWj/vXoj3JfSQlwIS4i7ihh1Izc
NCxXeI273zRtwJIdZMAf2po5uMGhFHLXNpCyDptGFxyXxQ6p6mjRmkGHw54yMUIr
zLXSvQuhoDmhcbm4faF7s49hUnVzKxTXLeEpComcOJuT
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:24:01 2024 by rpki-client on console-ams.rpki-client.org