Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/f_HWLCBK2V_UIPCRZximCKW376U.roa
File: f_HWLCBK2V_UIPCRZximCKW376U.roa (raw, json)
Hash identifier: rAyG440123B9Cc6H227S9DQT7317MltWCwjKihOHzqQ=
Subject key identifier: 7F:F1:D6:2C:20:4A:D9:5F:D4:20:F0:91:67:18:A6:08:A5:B7:EF:A5
Certificate issuer: /CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Certificate serial: 01926308B947387144C76901697BD8A122ED
Authority key identifier: 47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/f_HWLCBK2V_UIPCRZximCKW376U.roa
Signing time: Sun 06 Oct 2024 18:12:48 +0000
ROA not before: Sun 06 Oct 2024 18:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60014
IP address blocks: 78.31.232.0/22 maxlen: 22
193.106.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:63:08:b9:47:38:71:44:c7:69:01:69:7b:d8:a1:22:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Validity
Not Before: Oct 6 18:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ff1d62c204ad95fd420f0916718a608a5b7efa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:86:f1:77:34:41:a0:01:29:39:a3:ff:96:25:
c3:d2:ba:15:57:82:6a:8b:83:2d:35:bb:81:f4:a7:
10:00:74:da:cd:25:7f:2c:aa:94:0f:b9:c7:07:e9:
ff:c4:f0:13:4d:6a:11:83:21:b2:f1:23:f6:1e:2e:
b8:be:7b:03:a8:f4:c2:1d:50:90:e2:3e:67:c6:fb:
13:19:b3:4d:34:e9:ec:93:40:74:ae:f8:35:68:c9:
99:f2:d9:c3:fd:3a:c2:12:33:5e:2c:76:64:69:12:
70:a0:bd:c5:5b:76:74:ad:34:88:dd:9c:95:79:88:
77:f4:9c:bc:45:b8:00:c9:7e:26:ee:e8:8f:27:64:
7f:95:ad:eb:ad:db:29:de:bf:b5:0d:b4:67:11:79:
50:2d:0b:d2:8e:e8:07:13:c4:c5:85:19:63:f8:0c:
86:b4:b1:f3:0f:09:1b:f2:ac:8b:68:d9:2a:80:71:
46:b2:46:f3:fa:c3:96:d0:ae:80:b0:99:84:8d:d6:
c1:6f:1d:bd:40:e0:d7:5b:04:61:e4:37:4c:29:f4:
98:8e:00:f1:4d:c1:77:6b:21:86:8f:08:01:b8:cb:
86:c2:62:b3:47:86:12:d8:b5:a7:ae:ab:e4:22:5a:
7d:ca:ba:d0:13:6e:3d:1b:59:26:e7:c4:a2:6a:38:
81:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F1:D6:2C:20:4A:D9:5F:D4:20:F0:91:67:18:A6:08:A5:B7:EF:A5
X509v3 Authority Key Identifier:
keyid:47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/f_HWLCBK2V_UIPCRZximCKW376U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.232.0/22
193.106.190.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:eb:1a:c6:52:e2:27:ca:71:43:e2:06:c2:04:b6:bb:2c:04:
f5:69:22:ac:6e:b9:89:fc:fb:09:dd:b7:8d:76:9e:92:ef:1e:
68:98:f1:73:87:9c:cb:13:55:e3:43:1b:01:15:c4:73:04:65:
47:eb:44:f9:5a:81:b3:c5:bb:bd:d0:b5:f7:59:51:94:a9:d3:
a8:1c:94:bc:bc:ab:5d:48:45:76:f7:44:d0:10:a7:1d:8b:03:
68:d4:a6:1e:96:9c:5d:a6:c8:27:2b:e7:fa:8a:ec:fe:3a:cd:
6f:d8:ac:83:4a:e0:cd:18:f0:1f:c8:b3:52:8b:df:0c:55:a6:
58:60:d7:e1:5a:10:69:43:eb:9f:43:85:d6:48:f2:d1:74:da:
c3:c7:53:3e:42:ca:c1:72:46:a0:f3:16:0d:a7:6f:da:4b:bc:
b2:c7:cb:83:c4:48:57:ee:03:fd:b7:2d:75:88:5d:c1:3f:ac:
40:3e:50:ad:11:d4:d9:3f:7c:52:e9:b1:ed:c4:5c:81:6e:e7:
00:ad:f5:86:8e:c0:32:70:29:2c:3e:ef:fc:a5:d1:31:9f:10:
7d:b5:66:53:f9:a7:aa:39:36:64:a3:76:8e:e8:a4:6a:74:ef:
d3:db:26:ca:bf:fc:ca:78:2e:d8:87:7d:bd:bd:b1:5a:76:25:
84:9f:35:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJjCLlHOHFEx2kBaXvYoSLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OTc2MmU4OGQ4ZjY3ZmFkNGFhMDU5YTFiOGI0NmZhNGNj
N2E4OTMwHhcNMjQxMDA2MTgxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYxZDYyYzIwNGFkOTVmZDQyMGYwOTE2NzE4YTYwOGE1YjdlZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4bxdzRBoAEpOaP/liXD0roVV4Jq
i4MtNbuB9KcQAHTazSV/LKqUD7nHB+n/xPATTWoRgyGy8SP2Hi64vnsDqPTCHVCQ
4j5nxvsTGbNNNOnsk0B0rvg1aMmZ8tnD/TrCEjNeLHZkaRJwoL3FW3Z0rTSI3ZyV
eYh39Jy8RbgAyX4m7uiPJ2R/la3rrdsp3r+1DbRnEXlQLQvSjugHE8TFhRlj+AyG
tLHzDwkb8qyLaNkqgHFGskbz+sOW0K6AsJmEjdbBbx29QODXWwRh5DdMKfSYjgDx
TcF3ayGGjwgBuMuGwmKzR4YS2LWnrqvkIlp9yrrQE249G1km58SiajiBUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH/x1iwgStlf1CDwkWcYpgilt++lMB8GA1UdIwQY
MBaAFEeXYuiNj2f61KoFmhuLRvpMx6iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAt
MTEwNDg0MWQzNzRlLzEvZl9IV0xDQksyVl9VSVBDUlp4aW1DS1czNzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAtMTEwNDg0MWQzNzRl
LzEvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTh/oAwQA
wWq+MA0GCSqGSIb3DQEBCwUAA4IBAQCP6xrGUuInynFD4gbCBLa7LAT1aSKsbrmJ
/PsJ3beNdp6S7x5omPFzh5zLE1XjQxsBFcRzBGVH60T5WoGzxbu90LX3WVGUqdOo
HJS8vKtdSEV290TQEKcdiwNo1KYelpxdpsgnK+f6iuz+Os1v2KyDSuDNGPAfyLNS
i98MVaZYYNfhWhBpQ+ufQ4XWSPLRdNrDx1M+QsrBckag8xYNp2/aS7yyx8uDxEhX
7gP9ty11iF3BP6xAPlCtEdTZP3xS6bHtxFyBbucArfWGjsAycCksPu/8pdExnxB9
tWZT+aeqOTZko3aO6KRqdO/T2ybKv/zKeC7Yh329vbFadiWEnzWH
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:57 2024 by rpki-client on console-ams.rpki-client.org