Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/HXbBXNwTIs5iKnBHignsZnjnYfs.roa
File: HXbBXNwTIs5iKnBHignsZnjnYfs.roa (raw, json)
Hash identifier: MPQ5bjXJCyrvy3Iw6nil5aVBQfqlBWagsb9lSNwzix0=
Subject key identifier: 1D:76:C1:5C:DC:13:22:CE:62:2A:70:47:8A:09:EC:66:78:E7:61:FB
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 0193772D7D63ACA01FF8CA8948093FFA9ED1
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/HXbBXNwTIs5iKnBHignsZnjnYfs.roa
Signing time: Fri 29 Nov 2024 09:08:10 +0000
ROA not before: Fri 29 Nov 2024 09:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 103.75.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Dec 2024 04:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:2d:7d:63:ac:a0:1f:f8:ca:89:48:09:3f:fa:9e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Nov 29 09:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d76c15cdc1322ce622a70478a09ec6678e761fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:48:50:f4:d5:fd:b6:2c:68:c7:8f:c4:65:5e:
4a:12:31:c6:20:a4:65:b5:06:f7:0f:60:98:f7:97:
a4:a2:c5:66:ba:47:d6:a5:6c:d8:cc:e6:30:7a:89:
b4:f3:78:19:ae:2e:8b:52:0a:18:75:b5:64:0a:c5:
8d:5f:ff:9a:3d:22:ba:85:16:dd:3b:51:4c:ac:b9:
4b:4a:c8:e2:61:b1:05:48:ee:2e:73:21:8e:30:f5:
d6:dd:06:64:fe:69:e9:cb:f0:84:1e:8e:08:81:78:
0e:1f:ea:72:4d:cc:27:c0:b0:28:4c:c5:2f:4e:01:
0b:66:5e:0c:9d:ad:59:0b:dd:b9:6f:ea:b0:f8:7c:
f0:d9:e0:b3:35:69:da:99:f8:6a:89:21:94:9b:ce:
c4:ca:f8:8d:57:c4:a0:1b:dd:fd:88:4f:54:8d:9d:
9f:77:c9:f0:de:4b:98:63:94:22:c4:7c:e0:01:df:
f2:bb:ac:d5:0c:ef:4e:b1:0f:9b:01:11:ed:a1:b1:
3a:9b:db:fb:b0:88:55:45:c5:83:be:42:e9:e5:bd:
a7:45:c6:8f:43:d9:4e:43:d4:84:ad:b0:31:fa:a3:
dc:ec:36:28:c2:9b:20:da:de:9a:f2:0f:03:6a:75:
dc:32:5a:ce:45:cd:a2:bf:fc:ea:6b:2a:dc:13:56:
ab:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:76:C1:5C:DC:13:22:CE:62:2A:70:47:8A:09:EC:66:78:E7:61:FB
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/HXbBXNwTIs5iKnBHignsZnjnYfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.75.68.0/24
Signature Algorithm: sha256WithRSAEncryption
97:d1:c2:ef:2d:75:27:89:79:c6:d5:eb:63:88:d7:57:80:a2:
5e:25:77:0f:d6:3a:6a:04:f7:a7:62:5b:a7:6a:a4:f1:ae:c6:
3f:7a:27:c6:3b:19:c0:2d:29:48:c7:80:34:82:36:6e:1a:ab:
9a:c5:0d:59:40:4f:ef:22:48:67:f1:28:8a:12:30:9b:1c:8b:
68:6e:84:35:56:b6:76:ad:f9:12:68:58:11:e8:f0:ba:43:1c:
ea:3d:1c:6d:1f:4f:a5:30:84:8c:e5:48:48:1e:67:5f:82:72:
40:87:f2:22:f0:8a:d3:75:55:a5:78:69:ec:7f:e0:5e:ce:d1:
c6:53:fc:33:23:d3:52:25:92:dd:15:5c:45:13:63:00:2d:4a:
29:d7:cc:6c:58:06:b3:d2:65:97:5f:e4:11:76:20:8c:a1:23:
61:60:de:3e:86:76:3f:d9:37:d2:31:11:01:5b:84:2e:93:d0:
a3:02:a6:78:3c:dd:4e:ea:71:94:da:f1:44:16:b5:63:29:c8:
d9:ce:16:bf:af:bd:d1:67:94:3a:94:5e:b5:2e:08:1d:f9:e5:
30:6e:8a:69:59:9b:6a:ad:33:c7:1a:5e:ac:05:6c:56:de:ac:
04:62:c3:98:29:0d:20:5b:d8:a8:22:98:84:85:d5:13:c7:e2:
d4:bb:06:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN3LX1jrKAf+MqJSAk/+p7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQxMTI5MDkwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc2YzE1Y2RjMTMyMmNlNjIyYTcwNDc4YTA5ZWM2Njc4ZTc2MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1khQ9NX9tixox4/EZV5KEjHGIKRl
tQb3D2CY95ekosVmukfWpWzYzOYweom083gZri6LUgoYdbVkCsWNX/+aPSK6hRbd
O1FMrLlLSsjiYbEFSO4ucyGOMPXW3QZk/mnpy/CEHo4IgXgOH+pyTcwnwLAoTMUv
TgELZl4Mna1ZC925b+qw+Hzw2eCzNWnamfhqiSGUm87EyviNV8SgG939iE9UjZ2f
d8nw3kuYY5QixHzgAd/yu6zVDO9OsQ+bARHtobE6m9v7sIhVRcWDvkLp5b2nRcaP
Q9lOQ9SErbAx+qPc7DYowpsg2t6a8g8DanXcMlrORc2iv/zqayrcE1arIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB12wVzcEyLOYipwR4oJ7GZ452H7MB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvSFhiQlhOd1RJczVpS25CSGlnbnNabmpuWWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0tEMA0G
CSqGSIb3DQEBCwUAA4IBAQCX0cLvLXUniXnG1etjiNdXgKJeJXcP1jpqBPenYlun
aqTxrsY/eifGOxnALSlIx4A0gjZuGquaxQ1ZQE/vIkhn8SiKEjCbHItoboQ1VrZ2
rfkSaFgR6PC6QxzqPRxtH0+lMISM5UhIHmdfgnJAh/Ii8IrTdVWleGnsf+BeztHG
U/wzI9NSJZLdFVxFE2MALUop18xsWAaz0mWXX+QRdiCMoSNhYN4+hnY/2TfSMREB
W4Quk9CjAqZ4PN1O6nGU2vFEFrVjKcjZzha/r73RZ5Q6lF61Lggd+eUwboppWZtq
rTPHGl6sBWxW3qwEYsOYKQ0gW9ioIpiEhdUTx+LUuwbW
-----END CERTIFICATE-----
Generated at Thu Dec 26 10:26:45 2024 by rpki-client on console-ams.rpki-client.org