Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/31cbc8-3c23-4bdf-83a4-bcd3302810e3/1/HtaLZmDxk1WGveejRAoZU0QIGd4.roa
File: HtaLZmDxk1WGveejRAoZU0QIGd4.roa (raw, json)
Hash identifier: UjZO03M0qlsVGTgmyrS94D4YFxu11EWolCt3fYO0ww0=
Subject key identifier: 1E:D6:8B:66:60:F1:93:55:86:BD:E7:A3:44:0A:19:53:44:08:19:DE
Certificate issuer: /CN=5a4acd21123f9e75a92a0e6d4b26f9e9c963675f
Certificate serial: 018CC9BCAF521F06AC83DC8D645C78586B61
Authority key identifier: 5A:4A:CD:21:12:3F:9E:75:A9:2A:0E:6D:4B:26:F9:E9:C9:63:67:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkrNIRI_nnWpKg5tSyb56cljZ18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/31cbc8-3c23-4bdf-83a4-bcd3302810e3/1/HtaLZmDxk1WGveejRAoZU0QIGd4.roa
Signing time: Tue 02 Jan 2024 10:33:55 +0000
ROA not before: Tue 02 Jan 2024 10:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209959
IP address blocks: 185.215.92.0/22 maxlen: 22
2a02:fc40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/31cbc8-3c23-4bdf-83a4-bcd3302810e3/1/WkrNIRI_nnWpKg5tSyb56cljZ18.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/31cbc8-3c23-4bdf-83a4-bcd3302810e3/1/WkrNIRI_nnWpKg5tSyb56cljZ18.mft
rsync://rpki.ripe.net/repository/DEFAULT/WkrNIRI_nnWpKg5tSyb56cljZ18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:af:52:1f:06:ac:83:dc:8d:64:5c:78:58:6b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a4acd21123f9e75a92a0e6d4b26f9e9c963675f
Validity
Not Before: Jan 2 10:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed68b6660f1935586bde7a3440a1953440819de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1f:6b:cb:c3:22:38:3b:2d:91:ca:b4:93:19:
4d:80:2c:84:14:75:33:3d:98:3d:a0:2e:09:9c:18:
ea:16:32:b7:76:38:36:bb:cc:48:c8:28:f9:7f:1f:
02:1b:aa:45:45:95:b3:53:ad:3b:4d:8d:58:d1:c0:
80:65:9a:98:0f:e8:8c:8a:c5:f4:19:ea:e9:7e:e8:
6d:be:2a:a3:74:a0:2e:33:27:1c:9e:b3:18:c7:e1:
5e:6a:67:b0:81:16:e6:33:02:ce:b0:3d:6d:c5:3a:
64:e1:2c:3b:e0:17:8d:38:d1:69:56:cd:1b:a2:c5:
aa:b1:dc:9a:63:d4:a9:22:eb:e2:fc:a6:1f:2e:fc:
ed:45:b4:ce:a4:e8:7c:94:d9:c2:78:63:d5:a6:6a:
d7:71:c5:05:eb:26:46:2e:8d:f4:49:32:e6:82:58:
94:d5:41:30:34:79:3b:99:dd:6d:5d:92:d0:f3:ba:
61:57:1f:67:01:2b:0e:c4:42:0f:e8:d0:9b:42:27:
94:ad:9b:85:22:4f:94:18:f5:ba:a4:d3:9f:79:71:
fc:fa:74:cd:06:cb:dc:0f:78:b6:c0:95:07:90:65:
80:af:28:ae:69:cf:bb:8d:91:87:0e:71:b4:b8:d9:
27:84:35:1f:af:d0:91:c0:85:69:1c:20:14:a3:55:
7c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D6:8B:66:60:F1:93:55:86:BD:E7:A3:44:0A:19:53:44:08:19:DE
X509v3 Authority Key Identifier:
keyid:5A:4A:CD:21:12:3F:9E:75:A9:2A:0E:6D:4B:26:F9:E9:C9:63:67:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkrNIRI_nnWpKg5tSyb56cljZ18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/31cbc8-3c23-4bdf-83a4-bcd3302810e3/1/HtaLZmDxk1WGveejRAoZU0QIGd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/31cbc8-3c23-4bdf-83a4-bcd3302810e3/1/WkrNIRI_nnWpKg5tSyb56cljZ18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.92.0/22
IPv6:
2a02:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
c2:04:ae:cd:be:fa:fd:40:af:8b:3a:26:84:f8:84:88:ab:00:
7b:94:80:c4:8d:ca:61:ec:4f:82:23:ca:32:8b:ed:a2:07:1b:
70:06:ca:30:7d:59:28:f4:af:ee:a7:46:b9:22:59:22:7b:48:
b1:b0:35:20:90:ea:67:2f:57:58:e7:29:c8:51:7d:1e:b2:d4:
5a:d0:d7:68:c2:f1:f7:55:5b:b5:c3:3d:91:52:d0:c3:c9:40:
ee:82:d7:b1:ae:84:1b:4d:2d:ce:40:41:8b:fc:45:b2:de:88:
58:fd:7b:ed:73:c8:0b:90:44:df:3a:0e:cc:3f:fb:aa:62:9d:
89:f7:c7:18:b0:57:b5:4f:7a:c8:ac:ad:d3:73:38:67:1a:b7:
4d:1a:91:70:d1:7b:fb:45:4c:31:3a:41:d2:9c:b3:13:e1:43:
67:79:9b:b5:fe:55:80:a5:4f:a7:0e:4a:dc:05:b4:2d:04:85:
41:47:ba:55:bc:99:a3:58:c9:56:10:0e:5a:3f:82:12:d8:f6:
7f:bd:86:f3:fb:74:3e:f4:79:9b:9f:e4:6f:1a:c1:97:79:34:
b5:4b:b6:a2:b3:69:d0:78:68:09:2f:a2:45:f1:f9:a4:4a:e2:
30:45:88:a7:1b:09:97:d4:c1:6b:46:60:d3:87:c6:51:7f:c7:
3f:a5:57:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvK9SHwasg9yNZFx4WGthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNGFjZDIxMTIzZjllNzVhOTJhMGU2ZDRiMjZmOWU5Yzk2
MzY3NWYwHhcNMjQwMTAyMTAzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ2OGI2NjYwZjE5MzU1ODZiZGU3YTM0NDBhMTk1MzQ0MDgxOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR9ry8MiODstkcq0kxlNgCyEFHUz
PZg9oC4JnBjqFjK3djg2u8xIyCj5fx8CG6pFRZWzU607TY1Y0cCAZZqYD+iMisX0
GerpfuhtviqjdKAuMyccnrMYx+FeamewgRbmMwLOsD1txTpk4Sw74BeNONFpVs0b
osWqsdyaY9SpIuvi/KYfLvztRbTOpOh8lNnCeGPVpmrXccUF6yZGLo30STLmgliU
1UEwNHk7md1tXZLQ87phVx9nASsOxEIP6NCbQieUrZuFIk+UGPW6pNOfeXH8+nTN
BsvcD3i2wJUHkGWAryiuac+7jZGHDnG0uNknhDUfr9CRwIVpHCAUo1V8BwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB7Wi2Zg8ZNVhr3no0QKGVNECBneMB8GA1UdIwQY
MBaAFFpKzSESP551qSoObUsm+enJY2dfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tyTklSSV9ubldwS2c1dFN5YjU2Y2xqWjE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zMWNiYzgtM2MyMy00YmRmLTgzYTQt
YmNkMzMwMjgxMGUzLzEvSHRhTFptRHhrMVdHdmVlalJBb1pVMFFJR2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zMWNiYzgtM2MyMy00YmRmLTgzYTQtYmNkMzMwMjgxMGUz
LzEvV2tyTklSSV9ubldwS2c1dFN5YjU2Y2xqWjE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuddcMA0E
AgACMAcDBQMqAvxAMA0GCSqGSIb3DQEBCwUAA4IBAQDCBK7Nvvr9QK+LOiaE+ISI
qwB7lIDEjcph7E+CI8oyi+2iBxtwBsowfVko9K/up0a5Ilkie0ixsDUgkOpnL1dY
5ynIUX0estRa0NdowvH3VVu1wz2RUtDDyUDugtexroQbTS3OQEGL/EWy3ohY/Xvt
c8gLkETfOg7MP/uqYp2J98cYsFe1T3rIrK3TczhnGrdNGpFw0Xv7RUwxOkHSnLMT
4UNneZu1/lWApU+nDkrcBbQtBIVBR7pVvJmjWMlWEA5aP4IS2PZ/vYbz+3Q+9Hmb
n+RvGsGXeTS1S7ais2nQeGgJL6JF8fmkSuIwRYinGwmX1MFrRmDTh8ZRf8c/pVdK
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:15:58 2024 by rpki-client on console-ams.rpki-client.org