Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/_hnjtkIeru7yyGXyGzmxQBPmBLY.roa
File: _hnjtkIeru7yyGXyGzmxQBPmBLY.roa (raw, json)
Hash identifier: /EqHFh6Os6Rxu9kCl+gL6jDrmGZlsNxrCAX4TKCDzl8=
Subject key identifier: FE:19:E3:B6:42:1E:AE:EE:F2:C8:65:F2:1B:39:B1:40:13:E6:04:B6
Certificate issuer: /CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
Certificate serial: 018CC802DDCC705C3EAE91C5FBD231138256
Authority key identifier: 3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/_hnjtkIeru7yyGXyGzmxQBPmBLY.roa
Signing time: Tue 02 Jan 2024 02:31:20 +0000
ROA not before: Tue 02 Jan 2024 02:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210860
IP address blocks: 193.20.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:dd:cc:70:5c:3e:ae:91:c5:fb:d2:31:13:82:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d98a3b62d5abb1dcaf68ae23f531ee82240f203
Validity
Not Before: Jan 2 02:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe19e3b6421eaeeef2c865f21b39b14013e604b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fa:66:d1:6c:11:73:30:00:09:a7:c6:15:5f:
a1:27:8e:91:73:f4:c2:ab:3a:44:d5:c8:f7:99:d7:
89:76:85:c3:52:b9:88:fb:1f:d0:9c:95:dd:c7:3f:
3e:d4:34:b6:3c:53:78:a2:48:02:d9:a3:19:f5:eb:
31:c4:40:3f:14:75:20:2c:84:6a:7b:48:5c:2c:cf:
07:e6:f2:57:dc:27:03:aa:45:60:95:ef:56:01:b5:
14:d9:93:87:01:a5:20:c0:34:43:d1:7f:7b:c1:8d:
15:04:e6:ab:ed:99:66:ff:f8:e7:b3:d9:de:c8:b8:
2f:f8:07:63:bb:70:4e:ac:ac:b3:02:c2:49:a9:e2:
6a:f7:af:15:33:f1:c5:74:f6:4e:aa:b1:10:d5:c7:
30:9c:55:96:dc:ff:80:91:15:f1:35:fb:f0:ba:67:
37:d3:9d:c4:90:db:d7:e0:f3:1a:09:3a:a2:be:a4:
0d:7a:5c:60:70:c6:2e:4e:56:a2:cd:3a:f2:86:95:
7d:ca:48:6b:61:bb:aa:0d:e2:2b:b7:c2:55:b2:0b:
f5:12:e2:ac:84:23:75:e4:24:4d:70:a7:83:8c:0f:
7d:48:91:8e:10:5f:4d:83:b9:9c:29:9a:ef:dc:19:
16:49:3a:72:0c:d2:89:01:39:3b:56:62:b5:18:04:
ad:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:19:E3:B6:42:1E:AE:EE:F2:C8:65:F2:1B:39:B1:40:13:E6:04:B6
X509v3 Authority Key Identifier:
keyid:3D:98:A3:B6:2D:5A:BB:1D:CA:F6:8A:E2:3F:53:1E:E8:22:40:F2:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZijti1aux3K9oriP1Me6CJA8gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/_hnjtkIeru7yyGXyGzmxQBPmBLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ac5fdf-5b66-4850-963a-f9b73b3e3eee/1/PZijti1aux3K9oriP1Me6CJA8gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.20.0.0/15
Signature Algorithm: sha256WithRSAEncryption
7b:34:97:00:7d:88:cf:e4:a0:e1:4b:1e:d3:16:ac:70:3e:36:
7d:32:99:a1:6d:3f:56:b9:2f:8a:d4:f8:4e:08:5e:dc:87:57:
76:c5:c0:ec:fd:b8:35:69:90:c9:e1:07:6a:f3:29:29:83:93:
3c:00:e0:8b:07:f3:de:a2:be:b0:57:f7:fb:4c:d5:66:01:2a:
45:64:00:1c:38:72:22:c9:db:65:51:e0:7a:62:ae:7c:55:4e:
c7:69:45:52:ad:1c:46:ad:b4:98:20:fb:57:6b:47:fa:4f:3f:
5c:d1:40:d0:1b:34:4e:01:77:18:fc:eb:92:79:a7:ec:a6:d6:
4a:06:ba:08:f8:61:fe:c5:ba:ae:34:86:93:62:e3:ba:aa:e6:
91:e1:d4:2b:7c:14:cb:a6:c2:98:e3:86:53:ea:90:eb:30:fe:
cc:d6:98:e2:f8:07:b2:39:2e:cc:2e:e3:35:15:b4:b5:07:b4:
4b:47:26:90:5a:fb:e4:0f:22:c9:76:11:4e:d9:2a:06:61:d2:
20:45:06:22:31:6c:33:5f:fe:28:a5:02:df:e6:8e:d7:a9:a6:
fc:29:53:52:95:af:cf:35:fa:57:af:9a:69:55:1e:84:f5:21:
95:12:f2:c8:91:8e:d3:5f:ea:23:ab:98:4b:d6:34:d9:76:bf:
02:4a:5e:15
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzIAt3McFw+rpHF+9IxE4JWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOThhM2I2MmQ1YWJiMWRjYWY2OGFlMjNmNTMxZWU4MjI0
MGYyMDMwHhcNMjQwMTAyMDIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTE5ZTNiNjQyMWVhZWVlZjJjODY1ZjIxYjM5YjE0MDEzZTYwNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/pm0WwRczAACafGFV+hJ46Rc/TC
qzpE1cj3mdeJdoXDUrmI+x/QnJXdxz8+1DS2PFN4okgC2aMZ9esxxEA/FHUgLIRq
e0hcLM8H5vJX3CcDqkVgle9WAbUU2ZOHAaUgwDRD0X97wY0VBOar7Zlm//jns9ne
yLgv+Adju3BOrKyzAsJJqeJq968VM/HFdPZOqrEQ1ccwnFWW3P+AkRXxNfvwumc3
053EkNvX4PMaCTqivqQNelxgcMYuTlaizTryhpV9ykhrYbuqDeIrt8JVsgv1EuKs
hCN15CRNcKeDjA99SJGOEF9Ng7mcKZrv3BkWSTpyDNKJATk7VmK1GAStkQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFP4Z47ZCHq7u8shl8hs5sUAT5gS2MB8GA1UdIwQY
MBaAFD2Yo7YtWrsdyvaK4j9THugiQPIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFppanRpMWF1eDNLOW9yaVAxTWU2Q0pBOGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hYzVmZGYtNWI2Ni00ODUwLTk2M2Et
ZjliNzNiM2UzZWVlLzEvX2huanRrSWVydTd5eUdYeUd6bXhRQlBtQkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hYzVmZGYtNWI2Ni00ODUwLTk2M2EtZjliNzNiM2UzZWVl
LzEvUFppanRpMWF1eDNLOW9yaVAxTWU2Q0pBOGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBwRQwDQYJ
KoZIhvcNAQELBQADggEBAHs0lwB9iM/koOFLHtMWrHA+Nn0ymaFtP1a5L4rU+E4I
XtyHV3bFwOz9uDVpkMnhB2rzKSmDkzwA4IsH896ivrBX9/tM1WYBKkVkABw4ciLJ
22VR4HpirnxVTsdpRVKtHEattJgg+1drR/pPP1zRQNAbNE4Bdxj865J5p+ym1koG
ugj4Yf7Fuq40hpNi47qq5pHh1Ct8FMumwpjjhlPqkOsw/szWmOL4B7I5Lswu4zUV
tLUHtEtHJpBa++QPIsl2EU7ZKgZh0iBFBiIxbDNf/iilAt/mjteppvwpU1KVr881
+levmmlVHoT1IZUS8siRjtNf6iOrmEvWNNl2vwJKXhU=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:21:00 2024 by rpki-client on console-ams.rpki-client.org