Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/hxF9Kc48XB1vNWhyTNi12TiTQsQ.roa
File: hxF9Kc48XB1vNWhyTNi12TiTQsQ.roa (raw, json)
Hash identifier: D9Lyzwp70wAX0waLujEUTdmYlZzUvEUrMuUuP+3z5zo=
Subject key identifier: 87:11:7D:29:CE:3C:5C:1D:6F:35:68:72:4C:D8:B5:D9:38:93:42:C4
Certificate issuer: /CN=67415cba22e331ada91ff4dc6688e5fa0af45769
Certificate serial: 018CC3B6883F2B5E34DF72699103FEE94D79
Authority key identifier: 67:41:5C:BA:22:E3:31:AD:A9:1F:F4:DC:66:88:E5:FA:0A:F4:57:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0FcuiLjMa2pH_TcZojl-gr0V2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/hxF9Kc48XB1vNWhyTNi12TiTQsQ.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41090
IP address blocks: 194.69.206.0/24 maxlen: 24
194.62.174.0/24 maxlen: 24
194.62.188.0/24 maxlen: 24
194.62.233.0/24 maxlen: 24
2a0f:ad40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/Z0FcuiLjMa2pH_TcZojl-gr0V2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/Z0FcuiLjMa2pH_TcZojl-gr0V2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z0FcuiLjMa2pH_TcZojl-gr0V2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:88:3f:2b:5e:34:df:72:69:91:03:fe:e9:4d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67415cba22e331ada91ff4dc6688e5fa0af45769
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87117d29ce3c5c1d6f3568724cd8b5d9389342c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2f:d4:a5:5a:1b:ee:f9:fc:06:51:26:7b:4f:
61:0d:a0:12:46:aa:7f:3d:c7:5e:e7:d9:a8:72:6d:
d0:ef:ca:60:e0:21:ad:77:65:21:f2:b5:71:fc:89:
03:93:19:c4:8f:06:36:9c:0c:41:81:c5:1a:e9:71:
0c:3e:4e:64:a2:5e:30:df:4d:31:59:ed:3d:73:8c:
67:17:98:de:de:00:43:4d:e4:1e:8d:de:76:da:a6:
99:1a:75:87:97:1e:63:e5:2d:f2:04:21:bf:b4:51:
c8:7f:a4:64:1c:ed:71:1c:b9:b5:8c:ab:2e:55:0d:
a6:81:14:61:63:37:3c:c7:3b:b7:04:20:89:65:1f:
a6:71:22:b5:64:11:0b:80:be:80:08:7b:d3:c6:92:
02:d2:99:57:ad:cd:44:c6:a1:ba:8e:fb:27:f8:01:
0e:44:93:a4:5c:c5:1d:6e:5e:66:f5:8b:3c:9c:bb:
33:b5:70:31:7b:74:00:c9:76:67:8b:a8:25:65:b5:
43:f6:c2:44:2c:c7:75:db:9d:7b:2a:60:c8:1d:80:
41:3c:f6:33:01:f4:1f:bc:75:5b:d7:2f:ea:f4:7a:
fa:2d:77:d4:87:c1:a3:58:e7:45:3e:83:ed:2c:c3:
f5:30:89:ae:3c:06:f3:b0:ba:a7:d2:90:e3:c3:28:
5d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:11:7D:29:CE:3C:5C:1D:6F:35:68:72:4C:D8:B5:D9:38:93:42:C4
X509v3 Authority Key Identifier:
keyid:67:41:5C:BA:22:E3:31:AD:A9:1F:F4:DC:66:88:E5:FA:0A:F4:57:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0FcuiLjMa2pH_TcZojl-gr0V2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/hxF9Kc48XB1vNWhyTNi12TiTQsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0c3b-a969-4847-bd02-66643e0663df/1/Z0FcuiLjMa2pH_TcZojl-gr0V2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.174.0/24
194.62.188.0/24
194.62.233.0/24
194.69.206.0/24
IPv6:
2a0f:ad40::/32
Signature Algorithm: sha256WithRSAEncryption
52:13:5e:db:73:78:6b:cf:5b:12:8f:8d:c4:e6:17:44:4a:d9:
21:e9:d7:a2:2e:c1:29:58:c9:4f:9f:d1:ba:c7:78:8e:79:97:
aa:3e:d3:ac:1f:c9:e9:55:d0:77:82:aa:e5:73:c9:e8:af:51:
b2:f8:94:60:52:a4:36:3f:31:b1:36:16:30:28:9f:a9:1e:da:
09:28:61:7d:11:60:db:e5:62:1e:a5:6e:55:5e:3f:10:54:be:
84:54:07:65:29:78:82:26:11:61:a7:9d:d8:78:0e:f9:d5:b2:
b6:97:fd:6f:d1:17:e4:bd:25:34:16:bc:4e:26:ea:a7:46:25:
c8:d5:67:3f:5d:f4:d3:aa:af:a4:ff:5b:8c:57:aa:ec:07:e0:
9a:61:d6:60:84:76:9d:96:b4:d4:77:58:79:f1:8f:8f:65:94:
b4:ed:e3:85:d8:ac:3f:c8:fe:34:d0:05:13:2e:59:f5:52:72:
5d:06:ec:97:be:22:c8:41:9b:54:8a:4a:a7:3e:f3:aa:24:88:
dd:07:b2:da:ab:5a:5c:90:26:7d:36:5d:e0:58:a3:d0:9a:51:
e5:cf:6d:d4:ee:9e:49:c8:4b:53:f4:b3:43:21:a7:e1:c4:a7:
71:9c:09:00:97:81:04:3c:50:84:3f:66:5d:4a:bf:6d:08:da:
84:b7:f9:53
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtog/K14033JpkQP+6U15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDE1Y2JhMjJlMzMxYWRhOTFmZjRkYzY2ODhlNWZhMGFm
NDU3NjkwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzExN2QyOWNlM2M1YzFkNmYzNTY4NzI0Y2Q4YjVkOTM4OTM0MmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi/UpVob7vn8BlEme09hDaASRqp/
Pcde59mocm3Q78pg4CGtd2Uh8rVx/IkDkxnEjwY2nAxBgcUa6XEMPk5kol4w300x
We09c4xnF5je3gBDTeQejd522qaZGnWHlx5j5S3yBCG/tFHIf6RkHO1xHLm1jKsu
VQ2mgRRhYzc8xzu3BCCJZR+mcSK1ZBELgL6ACHvTxpIC0plXrc1ExqG6jvsn+AEO
RJOkXMUdbl5m9Ys8nLsztXAxe3QAyXZni6glZbVD9sJELMd12517KmDIHYBBPPYz
AfQfvHVb1y/q9Hr6LXfUh8GjWOdFPoPtLMP1MImuPAbzsLqn0pDjwyhdEQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIcRfSnOPFwdbzVockzYtdk4k0LEMB8GA1UdIwQY
MBaAFGdBXLoi4zGtqR/03GaI5foK9FdpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBGY3VpTGpNYTJwSF9UY1pvamwtZ3IwVjJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jYTBjM2ItYTk2OS00ODQ3LWJkMDIt
NjY2NDNlMDY2M2RmLzEvaHhGOUtjNDhYQjF2TldoeVROaTEyVGlUUXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jYTBjM2ItYTk2OS00ODQ3LWJkMDItNjY2NDNlMDY2M2Rm
LzEvWjBGY3VpTGpNYTJwSF9UY1pvamwtZ3IwVjJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwj6uAwQA
wj68AwQAwj7pAwQAwkXOMA0EAgACMAcDBQAqD61AMA0GCSqGSIb3DQEBCwUAA4IB
AQBSE17bc3hrz1sSj43E5hdEStkh6deiLsEpWMlPn9G6x3iOeZeqPtOsH8npVdB3
gqrlc8nor1Gy+JRgUqQ2PzGxNhYwKJ+pHtoJKGF9EWDb5WIepW5VXj8QVL6EVAdl
KXiCJhFhp53YeA751bK2l/1v0RfkvSU0FrxOJuqnRiXI1Wc/XfTTqq+k/1uMV6rs
B+CaYdZghHadlrTUd1h58Y+PZZS07eOF2Kw/yP400AUTLln1UnJdBuyXviLIQZtU
ikqnPvOqJIjdB7Laq1pckCZ9Nl3gWKPQmlHlz23U7p5JyEtT9LNDIafhxKdxnAkA
l4EEPFCEP2ZdSr9tCNqEt/lT
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:10 2024 by rpki-client on console-fra.rpki-client.org