Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/Hidc4CL38vBjyIrUrIeo6TV_3i8.roa
File: Hidc4CL38vBjyIrUrIeo6TV_3i8.roa (raw, json)
Hash identifier: aS2LWfTjP+5fFBNNb4Aqcih97Q8rpxyMYn2/pmlIvo0=
Subject key identifier: 1E:27:5C:E0:22:F7:F2:F0:63:C8:8A:D4:AC:87:A8:E9:35:7F:DE:2F
Certificate issuer: /CN=01471c79e9642caef6a7437f1f74c5478ae52129
Certificate serial: 018CC26D4BA4DFF661B510B72E2E0FA84CE7
Authority key identifier: 01:47:1C:79:E9:64:2C:AE:F6:A7:43:7F:1F:74:C5:47:8A:E5:21:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUcceelkLK72p0N_H3TFR4rlISk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/Hidc4CL38vBjyIrUrIeo6TV_3i8.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41938
IP address blocks: 185.66.218.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/AUcceelkLK72p0N_H3TFR4rlISk.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/AUcceelkLK72p0N_H3TFR4rlISk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AUcceelkLK72p0N_H3TFR4rlISk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4b:a4:df:f6:61:b5:10:b7:2e:2e:0f:a8:4c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01471c79e9642caef6a7437f1f74c5478ae52129
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e275ce022f7f2f063c88ad4ac87a8e9357fde2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:d9:5a:4e:f1:68:a9:d4:9f:4e:25:97:02:
be:45:0d:99:7c:0f:b9:6f:46:7f:df:e1:41:28:2d:
3b:b6:33:b8:c4:00:e1:21:ac:9b:a3:fe:74:f9:54:
0e:bd:36:6c:09:35:dc:6e:16:33:fd:30:40:89:46:
95:74:3c:8c:13:00:8e:03:81:8b:cb:a9:bd:96:2d:
5b:4f:c1:a2:f8:15:6b:ce:2b:cb:4b:1f:27:0a:9d:
2e:c8:93:92:f1:c4:bd:d3:db:85:9b:41:03:84:09:
16:63:f9:d1:f6:f3:bd:ac:e9:c8:61:4f:91:3b:15:
49:5d:a3:fd:e5:9e:5a:04:a1:f3:44:57:95:70:95:
99:22:d7:ea:63:f5:c5:e8:38:02:06:8c:70:d9:80:
f4:10:f6:d9:a7:fa:5e:90:0c:0a:e8:b4:60:76:c5:
cf:da:7e:42:9d:46:b1:70:57:b1:e0:0a:2f:80:ca:
f2:ba:73:33:84:ae:42:bf:68:b6:68:20:67:f4:58:
be:ae:af:fd:28:31:8a:f7:37:7b:a7:bd:b7:9a:f6:
4f:9f:41:77:10:19:58:0a:82:e1:b2:48:d2:7c:21:
52:ee:57:b4:9c:ce:1e:c8:80:db:4e:0d:b6:95:64:
80:23:7d:ba:74:ea:fe:18:ec:8c:11:d0:91:84:05:
71:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:27:5C:E0:22:F7:F2:F0:63:C8:8A:D4:AC:87:A8:E9:35:7F:DE:2F
X509v3 Authority Key Identifier:
keyid:01:47:1C:79:E9:64:2C:AE:F6:A7:43:7F:1F:74:C5:47:8A:E5:21:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUcceelkLK72p0N_H3TFR4rlISk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/Hidc4CL38vBjyIrUrIeo6TV_3i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e1a37d-868e-46bb-a7c8-9d2d9f6eee93/1/AUcceelkLK72p0N_H3TFR4rlISk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.218.0/23
Signature Algorithm: sha256WithRSAEncryption
94:ee:15:ae:8f:b7:e8:a4:21:ed:6f:7a:e6:5b:93:95:57:5c:
b6:c9:41:8a:4b:72:2c:5d:36:49:3e:e4:d6:db:2c:38:40:ce:
65:8b:52:11:61:75:75:ae:c8:c4:41:d3:67:72:6e:a8:60:13:
1f:4d:be:c9:c9:d4:eb:cf:b3:67:40:8f:42:25:4a:f0:9d:3d:
e8:4f:ed:dd:53:3c:e6:cd:4f:e1:a7:16:72:2b:b6:e5:41:d1:
59:37:78:03:85:8f:b4:62:44:14:ce:dc:e0:bd:a1:e8:c8:7f:
3d:06:26:ff:f4:83:c4:e6:56:0f:33:67:67:65:f9:a5:01:1a:
ff:ae:05:b1:08:40:a8:0a:39:71:da:49:17:89:58:d7:6a:4d:
6e:5f:bb:9f:a2:a5:25:35:6a:55:a2:11:f2:1d:8d:6d:17:f1:
2a:5b:9c:0a:d5:af:a0:88:c7:14:9c:54:96:75:b3:db:70:26:
e5:e6:3e:44:65:03:81:a2:93:71:f0:a0:8a:e7:9a:20:fd:11:
6c:88:3a:6d:7a:92:dd:59:e0:01:5a:7b:f8:d9:08:7c:78:71:
c8:87:91:f3:84:19:e7:f7:61:87:dc:73:8a:0d:bb:45:6f:a5:
e6:29:1d:95:df:2d:11:f8:57:b1:19:80:92:38:08:bf:ac:9f:
65:9c:9b:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbUuk3/ZhtRC3Li4PqEznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNDcxYzc5ZTk2NDJjYWVmNmE3NDM3ZjFmNzRjNTQ3OGFl
NTIxMjkwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTI3NWNlMDIyZjdmMmYwNjNjODhhZDRhYzg3YThlOTM1N2ZkZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZjZWk7xaKnUn04llwK+RQ2ZfA+5
b0Z/3+FBKC07tjO4xADhIaybo/50+VQOvTZsCTXcbhYz/TBAiUaVdDyMEwCOA4GL
y6m9li1bT8Gi+BVrzivLSx8nCp0uyJOS8cS909uFm0EDhAkWY/nR9vO9rOnIYU+R
OxVJXaP95Z5aBKHzRFeVcJWZItfqY/XF6DgCBoxw2YD0EPbZp/pekAwK6LRgdsXP
2n5CnUaxcFex4AovgMryunMzhK5Cv2i2aCBn9Fi+rq/9KDGK9zd7p723mvZPn0F3
EBlYCoLhskjSfCFS7le0nM4eyIDbTg22lWSAI326dOr+GOyMEdCRhAVxOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB4nXOAi9/LwY8iK1KyHqOk1f94vMB8GA1UdIwQY
MBaAFAFHHHnpZCyu9qdDfx90xUeK5SEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVVjY2VlbGtMSzcycDBOX0gzVEZSNHJsSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lMWEzN2QtODY4ZS00NmJiLWE3Yzgt
OWQyZDlmNmVlZTkzLzEvSGlkYzRDTDM4dkJqeUlyVXJJZW82VFZfM2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lMWEzN2QtODY4ZS00NmJiLWE3YzgtOWQyZDlmNmVlZTkz
LzEvQVVjY2VlbGtMSzcycDBOX0gzVEZSNHJsSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuULaMA0G
CSqGSIb3DQEBCwUAA4IBAQCU7hWuj7fopCHtb3rmW5OVV1y2yUGKS3IsXTZJPuTW
2yw4QM5li1IRYXV1rsjEQdNncm6oYBMfTb7JydTrz7NnQI9CJUrwnT3oT+3dUzzm
zU/hpxZyK7blQdFZN3gDhY+0YkQUztzgvaHoyH89Bib/9IPE5lYPM2dnZfmlARr/
rgWxCECoCjlx2kkXiVjXak1uX7ufoqUlNWpVohHyHY1tF/EqW5wK1a+giMcUnFSW
dbPbcCbl5j5EZQOBopNx8KCK55og/RFsiDptepLdWeABWnv42Qh8eHHIh5HzhBnn
92GH3HOKDbtFb6XmKR2V3y0R+FexGYCSOAi/rJ9lnJsC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:44 2024 by rpki-client on console-ams.rpki-client.org