Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/3e2a73-f497-49cc-b420-d7ab514d4ee2/1/HvwHQDzBM0PAQaGOcqTlA5EwoTs.roa
File: HvwHQDzBM0PAQaGOcqTlA5EwoTs.roa (raw, json)
Hash identifier: 2BWHpTu98x+zpEk5WfrNxz0az5LzXacJZl69wGu/Nug=
Subject key identifier: 1E:FC:07:40:3C:C1:33:43:C0:41:A1:8E:72:A4:E5:03:91:30:A1:3B
Certificate issuer: /CN=f4e736f0d8e9e70f1ae7caa11c559ecf70a72828
Certificate serial: 018CC802F5DD6821505986EF91E9E1B17533
Authority key identifier: F4:E7:36:F0:D8:E9:E7:0F:1A:E7:CA:A1:1C:55:9E:CF:70:A7:28:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Oc28Njp5w8a58qhHFWez3CnKCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/3e2a73-f497-49cc-b420-d7ab514d4ee2/1/HvwHQDzBM0PAQaGOcqTlA5EwoTs.roa
Signing time: Tue 02 Jan 2024 02:31:26 +0000
ROA not before: Tue 02 Jan 2024 02:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24971
IP address blocks: 193.169.160.0/23 maxlen: 23
2001:678:a50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/3e2a73-f497-49cc-b420-d7ab514d4ee2/1/9Oc28Njp5w8a58qhHFWez3CnKCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/3e2a73-f497-49cc-b420-d7ab514d4ee2/1/9Oc28Njp5w8a58qhHFWez3CnKCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Oc28Njp5w8a58qhHFWez3CnKCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f5:dd:68:21:50:59:86:ef:91:e9:e1:b1:75:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e736f0d8e9e70f1ae7caa11c559ecf70a72828
Validity
Not Before: Jan 2 02:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1efc07403cc13343c041a18e72a4e5039130a13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bf:47:d8:5f:23:91:07:97:b4:c2:4b:b9:b9:
f2:3d:41:2d:e5:ee:06:ed:c5:ed:7c:1e:b5:4a:2d:
41:2c:81:dc:c3:21:41:d4:05:b4:87:59:de:f0:3b:
b3:0f:0c:2f:58:60:68:8c:fb:cc:0c:78:97:9d:a4:
2f:ac:f9:68:05:b3:1e:73:de:89:2d:77:d1:ca:5d:
f6:99:4e:f1:8a:7b:67:d7:e9:18:2d:4e:6a:79:55:
7a:35:05:5e:04:47:d2:fc:b7:42:bb:04:3b:a0:77:
80:d4:50:fd:46:29:dc:86:b2:93:3b:49:c1:e4:0f:
3f:01:6b:27:d9:7e:a2:9b:df:2c:37:73:d5:b1:ae:
22:ef:6f:6f:4d:b5:fc:8e:fc:2e:1a:48:70:37:b7:
b6:e2:3a:3c:e3:78:e3:57:1d:97:6b:44:46:e6:50:
d2:ef:49:61:55:17:e5:10:4b:03:cf:2c:2f:69:d5:
cf:96:30:e5:39:1e:44:e2:20:5e:9c:fe:a5:f3:55:
2b:cf:30:ba:e4:50:ae:9f:ee:97:b6:09:7d:f6:a2:
65:cc:c3:df:04:8c:06:ce:ac:03:d5:e0:22:ec:e7:
a4:5a:19:3c:db:1d:cf:cb:ce:25:f7:8b:2a:da:6a:
f9:53:a4:02:41:90:be:d3:dc:b8:e2:ed:f4:dd:58:
bf:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:07:40:3C:C1:33:43:C0:41:A1:8E:72:A4:E5:03:91:30:A1:3B
X509v3 Authority Key Identifier:
keyid:F4:E7:36:F0:D8:E9:E7:0F:1A:E7:CA:A1:1C:55:9E:CF:70:A7:28:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Oc28Njp5w8a58qhHFWez3CnKCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/3e2a73-f497-49cc-b420-d7ab514d4ee2/1/HvwHQDzBM0PAQaGOcqTlA5EwoTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/3e2a73-f497-49cc-b420-d7ab514d4ee2/1/9Oc28Njp5w8a58qhHFWez3CnKCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.160.0/23
IPv6:
2001:678:a50::/48
Signature Algorithm: sha256WithRSAEncryption
3c:65:fc:41:e9:be:d8:da:8f:dc:9d:54:38:d8:78:52:d7:c7:
03:cc:72:bf:48:c9:dc:6f:a2:d2:eb:2a:f7:03:87:cf:02:db:
3b:84:1e:37:39:8d:b7:6a:ed:a7:ea:80:90:8e:dc:d0:81:56:
d3:cb:8d:7d:f2:c9:ea:6d:07:28:2d:e6:50:c5:0e:8e:01:ec:
a1:10:8d:1a:f8:33:6c:50:af:a7:e9:76:d0:46:3f:b1:f3:87:
5e:fe:18:05:74:6f:8a:47:3d:1e:3a:fe:b7:ab:91:c6:83:91:
02:fb:ca:06:8b:ae:8f:06:5d:62:63:59:63:26:7d:a7:14:98:
dd:ee:44:5b:09:ae:f9:1a:c4:0c:f4:19:9d:10:b6:1c:e6:83:
c0:08:80:a6:86:d5:b2:40:1d:28:1e:46:88:95:20:f2:55:a2:
86:f9:5b:8a:3d:43:c2:4f:a6:e5:b8:05:0a:b1:2e:76:83:c1:
e2:4d:34:e3:18:ed:88:90:ee:4f:00:32:4d:79:8b:ae:de:51:
65:16:17:34:ae:fa:6f:5e:a4:44:ad:da:50:f0:3d:b8:3c:67:
93:89:d8:ad:94:be:24:7f:c6:e6:e7:0a:87:01:29:98:65:d5:
56:84:41:e7:fa:d6:05:16:50:03:46:d7:d9:fc:f3:66:70:c6:
d0:f1:0f:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAvXdaCFQWYbvkenhsXUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTczNmYwZDhlOWU3MGYxYWU3Y2FhMTFjNTU5ZWNmNzBh
NzI4MjgwHhcNMjQwMTAyMDIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZjMDc0MDNjYzEzMzQzYzA0MWExOGU3MmE0ZTUwMzkxMzBhMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA079H2F8jkQeXtMJLubnyPUEt5e4G
7cXtfB61Si1BLIHcwyFB1AW0h1ne8DuzDwwvWGBojPvMDHiXnaQvrPloBbMec96J
LXfRyl32mU7xintn1+kYLU5qeVV6NQVeBEfS/LdCuwQ7oHeA1FD9RinchrKTO0nB
5A8/AWsn2X6im98sN3PVsa4i729vTbX8jvwuGkhwN7e24jo843jjVx2Xa0RG5lDS
70lhVRflEEsDzywvadXPljDlOR5E4iBenP6l81UrzzC65FCun+6Xtgl99qJlzMPf
BIwGzqwD1eAi7OekWhk82x3Py84l94sq2mr5U6QCQZC+09y44u303Vi/cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB78B0A8wTNDwEGhjnKk5QORMKE7MB8GA1UdIwQY
MBaAFPTnNvDY6ecPGufKoRxVns9wpygoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9jMjhOanA1dzhhNThxaEhGV2V6M0NuS0NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8zZTJhNzMtZjQ5Ny00OWNjLWI0MjAt
ZDdhYjUxNGQ0ZWUyLzEvSHZ3SFFEekJNMFBBUWFHT2NxVGxBNUV3b1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8zZTJhNzMtZjQ5Ny00OWNjLWI0MjAtZDdhYjUxNGQ0ZWUy
LzEvOU9jMjhOanA1dzhhNThxaEhGV2V6M0NuS0NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwamgMA8E
AgACMAkDBwAgAQZ4ClAwDQYJKoZIhvcNAQELBQADggEBADxl/EHpvtjaj9ydVDjY
eFLXxwPMcr9IydxvotLrKvcDh88C2zuEHjc5jbdq7afqgJCO3NCBVtPLjX3yyept
Bygt5lDFDo4B7KEQjRr4M2xQr6fpdtBGP7Hzh17+GAV0b4pHPR46/rerkcaDkQL7
ygaLro8GXWJjWWMmfacUmN3uRFsJrvkaxAz0GZ0Qthzmg8AIgKaG1bJAHSgeRoiV
IPJVoob5W4o9Q8JPpuW4BQqxLnaDweJNNOMY7YiQ7k8AMk15i67eUWUWFzSu+m9e
pESt2lDwPbg8Z5OJ2K2UviR/xubnCocBKZhl1VaEQef61gUWUANG19n882ZwxtDx
D6o=
-----END CERTIFICATE-----
Generated at Fri May 17 04:43:44 2024 by rpki-client on console-fra.rpki-client.org