Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HCmN5WGP7TnTD1le8DXUJAlRqUI.roa
File: HCmN5WGP7TnTD1le8DXUJAlRqUI.roa (raw, json)
Hash identifier: K+ryewXGkp8QEtaQHFFw24w2Qm8haDCUr+WSJgw/c6g=
Subject key identifier: 1C:29:8D:E5:61:8F:ED:39:D3:0F:59:5E:F0:35:D4:24:09:51:A9:42
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018CC6B7B85BD6554ECD077F5021AE7350D3
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HCmN5WGP7TnTD1le8DXUJAlRqUI.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135330
IP address blocks: 194.156.98.0/24 maxlen: 24
194.156.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b8:5b:d6:55:4e:cd:07:7f:50:21:ae:73:50:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c298de5618fed39d30f595ef035d4240951a942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:57:67:9c:eb:f3:21:65:16:0a:de:f7:87:07:
d7:65:24:bc:77:a0:92:4b:43:23:ce:14:57:94:12:
3c:27:ee:32:85:3b:e6:4f:43:3d:f0:3d:33:74:fc:
b0:07:b0:ef:4b:34:85:a8:c2:f8:75:4b:1a:52:d5:
c7:46:08:0f:7c:cf:68:2b:4a:79:bc:cd:5d:8a:5e:
05:94:7d:f7:9b:e2:cc:94:47:a0:e7:21:87:e0:2d:
ad:8e:07:7f:2f:59:0f:52:6f:61:64:37:de:38:ff:
fd:38:2d:53:99:6e:fe:6b:27:90:90:65:df:d2:47:
d1:01:42:55:ee:48:b6:41:42:c2:e5:b1:c4:d4:8b:
21:0f:bc:4a:91:9e:e9:bd:80:12:fb:d4:f7:e0:2c:
ad:1f:b3:b5:14:85:7f:a8:ca:6b:de:63:2d:8c:74:
26:56:82:c4:27:37:e0:b1:04:8f:af:b1:18:c7:23:
82:86:cd:e4:4c:ea:02:c1:0a:4e:9c:b6:55:9f:be:
47:2b:a2:cc:e9:60:83:96:86:ea:72:11:a8:6c:5c:
8d:82:a7:eb:ac:54:84:bd:33:b3:9d:ce:48:93:97:
11:1e:e5:30:77:c1:ff:7a:3c:78:8f:2d:ba:b2:a5:
62:c4:24:a4:b1:6f:d8:23:39:d8:03:83:78:3a:0d:
26:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:29:8D:E5:61:8F:ED:39:D3:0F:59:5E:F0:35:D4:24:09:51:A9:42
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/HCmN5WGP7TnTD1le8DXUJAlRqUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.98.0/23
Signature Algorithm: sha256WithRSAEncryption
63:56:26:2a:15:3b:3e:99:df:53:e9:7a:35:f4:ba:5f:60:6a:
a9:75:6f:cf:07:7a:61:97:c2:ff:90:bd:bf:6e:09:26:60:2d:
68:46:64:97:fd:60:88:20:f8:34:df:be:f7:02:9d:80:81:d2:
2e:c6:fb:fa:d2:83:41:59:3d:93:9b:60:5c:5e:e7:2a:a8:57:
e5:b0:06:0c:29:fb:eb:2a:0a:98:f6:df:8b:e1:af:08:16:3b:
d4:95:81:7f:6e:c8:19:79:6d:77:0b:20:13:99:09:52:97:2e:
42:70:26:87:32:5c:ef:9c:06:b6:cf:6a:0b:fd:17:f4:4a:f1:
8a:65:14:ad:6f:2a:89:69:b5:0c:96:76:41:f8:97:10:2a:65:
7a:36:83:e2:11:68:62:ac:fd:f1:2f:91:9e:5f:f6:18:2e:9b:
3f:b4:1c:33:a8:58:4d:1e:0f:5e:bb:ac:6d:31:c0:05:c6:c4:
92:1a:c7:6c:6b:60:84:a5:c9:df:9f:b6:08:a4:f9:27:4b:a9:
c3:cb:f7:a1:51:49:50:48:cf:26:bc:93:f1:da:27:12:a7:1f:
ee:98:35:e2:44:d2:d0:3c:8c:87:ed:32:29:7a:a1:d4:34:fa:
0e:f2:01:e1:9d:b0:04:d7:62:ae:19:6f:13:25:89:e0:bf:c7:
71:02:71:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7hb1lVOzQd/UCGuc1DTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI5OGRlNTYxOGZlZDM5ZDMwZjU5NWVmMDM1ZDQyNDA5NTFhOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuldnnOvzIWUWCt73hwfXZSS8d6CS
S0MjzhRXlBI8J+4yhTvmT0M98D0zdPywB7DvSzSFqML4dUsaUtXHRggPfM9oK0p5
vM1dil4FlH33m+LMlEeg5yGH4C2tjgd/L1kPUm9hZDfeOP/9OC1TmW7+ayeQkGXf
0kfRAUJV7ki2QULC5bHE1IshD7xKkZ7pvYAS+9T34CytH7O1FIV/qMpr3mMtjHQm
VoLEJzfgsQSPr7EYxyOChs3kTOoCwQpOnLZVn75HK6LM6WCDlobqchGobFyNgqfr
rFSEvTOznc5Ik5cRHuUwd8H/ejx4jy26sqVixCSksW/YIznYA4N4Og0mDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwpjeVhj+050w9ZXvA11CQJUalCMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSENtTjVXR1A3VG5URDFsZThEWFVKQWxScVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpxiMA0G
CSqGSIb3DQEBCwUAA4IBAQBjViYqFTs+md9T6Xo19LpfYGqpdW/PB3phl8L/kL2/
bgkmYC1oRmSX/WCIIPg03773Ap2AgdIuxvv60oNBWT2Tm2BcXucqqFflsAYMKfvr
KgqY9t+L4a8IFjvUlYF/bsgZeW13CyATmQlSly5CcCaHMlzvnAa2z2oL/Rf0SvGK
ZRStbyqJabUMlnZB+JcQKmV6NoPiEWhirP3xL5GeX/YYLps/tBwzqFhNHg9eu6xt
McAFxsSSGsdsa2CEpcnfn7YIpPknS6nDy/ehUUlQSM8mvJPx2icSpx/umDXiRNLQ
PIyH7TIpeqHUNPoO8gHhnbAE12KuGW8TJYngv8dxAnFS
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:02:48 2024 by rpki-client on console-fra.rpki-client.org