Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/hPFyh--PISlnPg0AKrE72jdXHBo.roa
File: hPFyh--PISlnPg0AKrE72jdXHBo.roa (raw, json)
Hash identifier: X89LA+PEEjjg1vmXjRfcvxjTZvwSccDfxqO4dBttylQ=
Subject key identifier: 84:F1:72:87:EF:8F:21:29:67:3E:0D:00:2A:B1:3B:DA:37:57:1C:1A
Certificate issuer: /CN=0ac98267a5db26c65e41e646648f1016636e544e
Certificate serial: 018CC26D6589BDF94C08BBCED06AA0BC01D3
Authority key identifier: 0A:C9:82:67:A5:DB:26:C6:5E:41:E6:46:64:8F:10:16:63:6E:54:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/hPFyh--PISlnPg0AKrE72jdXHBo.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203457
IP address blocks: 185.132.136.0/22 maxlen: 23
185.132.136.0/23 maxlen: 23
185.132.138.0/23 maxlen: 23
2a03:a320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:65:89:bd:f9:4c:08:bb:ce:d0:6a:a0:bc:01:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ac98267a5db26c65e41e646648f1016636e544e
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84f17287ef8f2129673e0d002ab13bda37571c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:11:e5:72:29:c6:b7:46:9f:5c:d6:de:6f:1a:
05:50:1a:05:d1:db:bb:96:9d:6a:67:0d:60:f3:87:
6c:bb:6d:28:36:53:d5:77:6c:49:d5:33:05:1a:8d:
1c:82:de:9b:5c:69:e5:59:29:a7:87:20:01:dc:3c:
32:8d:8f:76:31:91:20:26:6b:9f:ae:53:cd:8f:09:
c6:0f:26:33:d1:ad:f6:7b:1d:56:14:24:f0:59:e3:
98:5e:e4:8c:13:d0:e6:30:e0:81:52:be:42:f0:32:
b1:44:eb:02:60:80:c1:4a:a0:4e:e9:1d:e6:e8:95:
4c:6e:4a:a9:a5:d5:c7:b1:30:2c:f4:3b:ce:14:38:
bb:f8:c6:10:34:8b:ab:2e:5c:f8:42:b6:00:d5:21:
c4:0b:7e:89:ca:e2:a4:84:2f:a8:11:4c:ea:1b:38:
4a:49:b4:6f:e9:30:db:7c:78:07:ca:0a:ea:52:50:
a0:1e:9d:92:a9:6c:15:11:78:87:85:8a:ca:01:c4:
b5:90:ed:74:df:c8:f3:2a:d2:9e:cd:12:93:1c:ff:
f0:bb:c3:d5:a7:4e:58:d7:48:97:a1:64:92:b4:ee:
94:c8:84:af:81:c9:da:e2:8a:e9:4e:f4:62:24:c6:
28:e7:8e:2c:57:b4:97:53:4e:bf:d5:4a:79:98:3e:
89:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F1:72:87:EF:8F:21:29:67:3E:0D:00:2A:B1:3B:DA:37:57:1C:1A
X509v3 Authority Key Identifier:
keyid:0A:C9:82:67:A5:DB:26:C6:5E:41:E6:46:64:8F:10:16:63:6E:54:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/hPFyh--PISlnPg0AKrE72jdXHBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3799fa-9db9-4fc8-8fd6-2d9e99f4722c/1/CsmCZ6XbJsZeQeZGZI8QFmNuVE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.136.0/22
IPv6:
2a03:a320::/32
Signature Algorithm: sha256WithRSAEncryption
7e:30:ef:f2:4d:f2:3b:47:91:be:8b:b1:58:05:c2:5d:7d:d2:
d9:2d:72:61:8d:cd:96:4e:98:0b:db:5a:d6:61:20:00:a7:fa:
aa:44:55:77:d4:ba:fe:79:64:40:fb:ba:94:9e:df:2d:7e:42:
5c:eb:48:c0:7e:aa:ab:26:43:89:b2:48:4f:ef:85:b0:c3:7a:
d6:0a:c6:30:4d:80:5d:a3:e7:f6:17:77:01:87:fe:f1:7c:6a:
1e:e2:83:b5:54:65:67:31:d9:28:09:f2:14:ae:b1:79:ed:43:
5d:09:17:76:4f:85:e6:de:b3:91:d2:31:f6:f4:92:73:57:f0:
83:30:e4:b5:6d:12:52:e3:35:75:0e:34:df:74:c0:90:95:7d:
21:ef:e8:54:51:e7:6e:2d:24:a8:1a:61:78:c0:2d:2c:2a:d0:
cf:8d:df:1d:13:2a:1d:f3:6f:9a:a4:a7:05:36:0a:5e:b6:0c:
bd:92:bc:1c:f8:54:75:f2:2c:3f:f9:84:d9:ff:5a:91:d4:e0:
9e:42:7a:6b:fe:9a:db:95:99:7d:e5:9d:ee:df:35:fc:3b:fe:
0e:22:64:fb:55:9f:c3:cb:1f:65:fd:76:c0:bd:ff:e7:85:fb:
ca:da:98:c1:2c:98:69:af:04:3a:45:37:f2:62:db:df:fb:08:
aa:6a:eb:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbWWJvflMCLvO0GqgvAHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYzk4MjY3YTVkYjI2YzY1ZTQxZTY0NjY0OGYxMDE2NjM2
ZTU0NGUwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYxNzI4N2VmOGYyMTI5NjczZTBkMDAyYWIxM2JkYTM3NTcxYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihHlcinGt0afXNbebxoFUBoF0du7
lp1qZw1g84dsu20oNlPVd2xJ1TMFGo0cgt6bXGnlWSmnhyAB3DwyjY92MZEgJmuf
rlPNjwnGDyYz0a32ex1WFCTwWeOYXuSME9DmMOCBUr5C8DKxROsCYIDBSqBO6R3m
6JVMbkqppdXHsTAs9DvOFDi7+MYQNIurLlz4QrYA1SHEC36JyuKkhC+oEUzqGzhK
SbRv6TDbfHgHygrqUlCgHp2SqWwVEXiHhYrKAcS1kO1038jzKtKezRKTHP/wu8PV
p05Y10iXoWSStO6UyISvgcna4orpTvRiJMYo544sV7SXU06/1Up5mD6JqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFITxcofvjyEpZz4NACqxO9o3VxwaMB8GA1UdIwQY
MBaAFArJgmel2ybGXkHmRmSPEBZjblROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3NtQ1o2WGJKc1plUWVaR1pJOFFGbU51VkU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zNzk5ZmEtOWRiOS00ZmM4LThmZDYt
MmQ5ZTk5ZjQ3MjJjLzEvaFBGeWgtLVBJU2xuUGcwQUtyRTcyamRYSEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zNzk5ZmEtOWRiOS00ZmM4LThmZDYtMmQ5ZTk5ZjQ3MjJj
LzEvQ3NtQ1o2WGJKc1plUWVaR1pJOFFGbU51VkU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYSIMA0E
AgACMAcDBQAqA6MgMA0GCSqGSIb3DQEBCwUAA4IBAQB+MO/yTfI7R5G+i7FYBcJd
fdLZLXJhjc2WTpgL21rWYSAAp/qqRFV31Lr+eWRA+7qUnt8tfkJc60jAfqqrJkOJ
skhP74Www3rWCsYwTYBdo+f2F3cBh/7xfGoe4oO1VGVnMdkoCfIUrrF57UNdCRd2
T4Xm3rOR0jH29JJzV/CDMOS1bRJS4zV1DjTfdMCQlX0h7+hUUeduLSSoGmF4wC0s
KtDPjd8dEyod82+apKcFNgpetgy9krwc+FR18iw/+YTZ/1qR1OCeQnpr/prblZl9
5Z3u3zX8O/4OImT7VZ/Dyx9l/XbAvf/nhfvK2pjBLJhprwQ6RTfyYtvf+wiqautW
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:29 2024 by rpki-client on console-fra.rpki-client.org