Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/hkitn5No_jg9x45QFYFnJWakEsQ.roa
File: hkitn5No_jg9x45QFYFnJWakEsQ.roa (raw, json)
Hash identifier: Oo6GsoeOQJGwVxXgNRy0Qvz5EwncSp9NIbjTt2Ua+BE=
Subject key identifier: 86:48:AD:9F:93:68:FE:38:3D:C7:8E:50:15:81:67:25:66:A4:12:C4
Certificate issuer: /CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Certificate serial: 018CC801CEE2E6DF512F592E8FB6742C6AA2
Authority key identifier: DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/hkitn5No_jg9x45QFYFnJWakEsQ.roa
Signing time: Tue 02 Jan 2024 02:30:10 +0000
ROA not before: Tue 02 Jan 2024 02:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47216
IP address blocks: 193.111.236.0/24 maxlen: 24
2a11:7bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ce:e2:e6:df:51:2f:59:2e:8f:b6:74:2c:6a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Validity
Not Before: Jan 2 02:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8648ad9f9368fe383dc78e501581672566a412c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c8:39:d7:1c:29:2c:a7:75:d8:a4:0e:68:d4:
69:dd:b5:18:b3:ba:32:80:4a:df:31:ab:7f:a2:fd:
bd:cf:0e:f1:f0:c5:72:79:bc:25:20:35:5a:27:14:
e5:23:08:d9:1b:57:4c:2d:15:5b:6e:37:c0:78:58:
94:b6:ec:6f:f7:d3:e1:92:17:18:96:c6:ef:36:ff:
8d:20:b0:88:97:da:cb:e7:6c:84:a2:a7:12:52:8a:
b7:4e:73:e8:ba:0a:e3:93:2a:fb:b4:06:b1:ad:53:
3e:39:ee:02:9d:d6:b8:f5:af:2e:98:68:6f:80:ba:
52:ec:08:60:97:b0:d9:a3:10:12:f2:a8:2b:fc:7e:
40:f0:bf:8e:c4:9d:a4:eb:99:5f:ce:06:43:62:50:
14:eb:d6:f9:4b:43:03:0e:bc:be:ef:a9:e1:d4:3b:
08:dc:52:fc:c0:03:0d:67:02:9b:74:eb:5f:f4:88:
6f:21:70:55:37:75:0b:63:42:89:a3:1e:b2:e0:a5:
60:cb:d2:88:5b:bb:63:b7:17:97:2f:97:ac:45:bb:
c7:e7:37:71:f0:cf:ea:f3:06:fd:34:57:aa:1b:8e:
16:69:02:e8:62:f6:70:35:ce:92:c5:a1:d1:18:c1:
09:cf:26:fc:e5:3d:fb:d7:89:92:68:71:c0:e2:b7:
00:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:48:AD:9F:93:68:FE:38:3D:C7:8E:50:15:81:67:25:66:A4:12:C4
X509v3 Authority Key Identifier:
keyid:DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/hkitn5No_jg9x45QFYFnJWakEsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.236.0/24
IPv6:
2a11:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
10:64:b4:c7:d8:1e:bc:c0:ed:21:16:a8:4d:f0:ad:b5:84:34:
6e:1e:52:d0:b5:c2:5d:3e:d9:e7:e9:11:a4:f4:6b:2e:2f:5d:
94:83:6e:e5:03:18:4c:e1:bf:a3:4e:1d:c9:ef:69:bc:31:58:
8e:50:4d:48:97:4b:17:82:5b:6c:5b:4e:ae:c6:3a:b5:f3:1c:
1d:b5:c8:60:42:5f:2e:3a:36:b0:9c:33:41:3e:44:94:dd:31:
8b:00:6a:77:03:17:b9:3b:87:6e:c3:64:fe:dd:9b:b6:65:71:
6f:fa:3e:c2:08:a2:e0:85:c7:88:47:c5:83:f5:4a:1d:24:0c:
d8:3e:41:bf:42:41:79:58:0f:cb:b1:13:56:c6:93:81:9a:d4:
4c:44:49:a4:14:4e:7d:1c:fb:29:54:96:1b:3f:7d:2a:81:6c:
4a:91:65:2d:d9:fc:b1:43:24:59:26:7e:a2:ca:49:f7:db:a2:
90:f6:1f:e3:fc:89:16:b7:af:41:49:b2:93:cc:c6:ce:7e:4e:
94:9e:6d:41:7d:4a:30:af:fe:03:79:e9:27:a7:e4:7b:e4:9d:
d1:bc:a4:21:e9:81:9e:fc:cd:92:98:65:4d:4c:9e:9c:b2:79:
da:27:91:0a:00:97:e6:9b:2f:1b:35:80:0b:65:18:56:bc:e6:
ed:59:81:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAc7i5t9RL1kuj7Z0LGqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTcyYzhmYWVjYjcwNTJjODQxMjAxYjI1ZjZhMDE4ZTQ3
N2IxYzIwHhcNMjQwMTAyMDIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ4YWQ5ZjkzNjhmZTM4M2RjNzhlNTAxNTgxNjcyNTY2YTQxMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8g51xwpLKd12KQOaNRp3bUYs7oy
gErfMat/ov29zw7x8MVyebwlIDVaJxTlIwjZG1dMLRVbbjfAeFiUtuxv99PhkhcY
lsbvNv+NILCIl9rL52yEoqcSUoq3TnPougrjkyr7tAaxrVM+Oe4Cnda49a8umGhv
gLpS7Ahgl7DZoxAS8qgr/H5A8L+OxJ2k65lfzgZDYlAU69b5S0MDDry+76nh1DsI
3FL8wAMNZwKbdOtf9IhvIXBVN3ULY0KJox6y4KVgy9KIW7tjtxeXL5esRbvH5zdx
8M/q8wb9NFeqG44WaQLoYvZwNc6SxaHRGMEJzyb85T3714mSaHHA4rcAlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIZIrZ+TaP44PceOUBWBZyVmpBLEMB8GA1UdIwQY
MBaAFN7nLI+uy3BSyEEgGyX2oBjkd7HCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2Ut
MzgzZmIyYjk1NGQ5LzEvaGtpdG41Tm9famc5eDQ1UUZZRm5KV2FrRXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2UtMzgzZmIyYjk1NGQ5
LzEvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwW/sMA0E
AgACMAcDBQMqEXvAMA0GCSqGSIb3DQEBCwUAA4IBAQAQZLTH2B68wO0hFqhN8K21
hDRuHlLQtcJdPtnn6RGk9GsuL12Ug27lAxhM4b+jTh3J72m8MViOUE1Il0sXglts
W06uxjq18xwdtchgQl8uOjawnDNBPkSU3TGLAGp3Axe5O4duw2T+3Zu2ZXFv+j7C
CKLghceIR8WD9UodJAzYPkG/QkF5WA/LsRNWxpOBmtRMREmkFE59HPspVJYbP30q
gWxKkWUt2fyxQyRZJn6iykn326KQ9h/j/IkWt69BSbKTzMbOfk6Unm1BfUowr/4D
eeknp+R75J3RvKQh6YGe/M2SmGVNTJ6csnnaJ5EKAJfmmy8bNYALZRhWvObtWYFz
-----END CERTIFICATE-----
Generated at Tue May 21 20:41:22 2024 by rpki-client on console-ams.rpki-client.org