Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/3e50c9-95d0-4ab7-a7e1-0111038934d3/1/1-HnGzdhcGaEHLfLBFhp78llqAa8.roa
File: 1-HnGzdhcGaEHLfLBFhp78llqAa8.roa (raw, json)
Hash identifier: JktoSVq2050DethKJlzy7Wku/7HMilY0ZhkqDwP508o=
Subject key identifier: F8:79:C6:CD:D8:5C:19:A1:07:2D:F2:C1:16:1A:7B:F2:59:6A:01:AF
Certificate issuer: /CN=8724b401ffeac3d5db42f828cab4f163c064d6d5
Certificate serial: 018CC424893E9FCB6DA729DAA8C7A9B01BC1
Authority key identifier: 87:24:B4:01:FF:EA:C3:D5:DB:42:F8:28:CA:B4:F1:63:C0:64:D6:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hyS0Af_qw9XbQvgoyrTxY8Bk1tU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/3e50c9-95d0-4ab7-a7e1-0111038934d3/1/1-HnGzdhcGaEHLfLBFhp78llqAa8.roa
Signing time: Mon 01 Jan 2024 08:29:37 +0000
ROA not before: Mon 01 Jan 2024 08:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51018
IP address blocks: 185.239.52.0/24 maxlen: 24
185.239.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/3e50c9-95d0-4ab7-a7e1-0111038934d3/1/hyS0Af_qw9XbQvgoyrTxY8Bk1tU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/3e50c9-95d0-4ab7-a7e1-0111038934d3/1/hyS0Af_qw9XbQvgoyrTxY8Bk1tU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hyS0Af_qw9XbQvgoyrTxY8Bk1tU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:89:3e:9f:cb:6d:a7:29:da:a8:c7:a9:b0:1b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8724b401ffeac3d5db42f828cab4f163c064d6d5
Validity
Not Before: Jan 1 08:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f879c6cdd85c19a1072df2c1161a7bf2596a01af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f7:91:d5:4d:d5:f7:7d:d4:51:da:dd:0d:4e:
d3:9e:af:e0:ab:b8:86:f2:67:53:cc:a0:dd:32:f1:
7d:14:b3:fc:d7:bb:10:95:8a:c4:0b:2e:c8:0a:e1:
6d:c2:33:47:51:1c:59:0e:ff:4e:de:e7:6f:72:92:
a2:76:3d:0c:ed:ec:3c:9a:69:eb:69:d5:1f:ec:ae:
07:e0:a0:4b:4f:b3:82:91:fc:7c:c4:de:02:80:6a:
eb:f6:99:8d:d8:47:8b:43:98:c6:50:ea:e9:d7:74:
95:17:ca:4d:56:4b:72:65:51:48:7c:bf:83:36:1d:
a0:d5:52:a0:7b:d2:4a:07:06:43:ed:2f:85:43:77:
5c:d0:17:a1:ad:e6:f3:5a:2a:83:a5:fa:ff:33:b8:
2f:f9:25:8f:7f:2f:7d:dc:58:b4:ed:4d:1f:de:dd:
8e:e2:b2:a4:c5:50:ea:d3:9f:c1:20:90:41:07:2a:
e3:0b:0e:7c:d6:6e:fd:64:18:dc:d6:29:de:f8:4a:
5a:eb:6f:d9:1a:60:c6:eb:89:16:20:52:a9:b2:4c:
4c:10:b1:f8:98:1b:cc:21:2a:ae:a4:c5:41:c0:cd:
f4:ee:0f:4f:d1:59:39:69:af:19:f1:74:b2:22:57:
df:14:69:25:24:99:b4:c3:39:6f:be:8c:0f:30:09:
52:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:79:C6:CD:D8:5C:19:A1:07:2D:F2:C1:16:1A:7B:F2:59:6A:01:AF
X509v3 Authority Key Identifier:
keyid:87:24:B4:01:FF:EA:C3:D5:DB:42:F8:28:CA:B4:F1:63:C0:64:D6:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyS0Af_qw9XbQvgoyrTxY8Bk1tU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/3e50c9-95d0-4ab7-a7e1-0111038934d3/1/1-HnGzdhcGaEHLfLBFhp78llqAa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/3e50c9-95d0-4ab7-a7e1-0111038934d3/1/hyS0Af_qw9XbQvgoyrTxY8Bk1tU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.52.0/22
Signature Algorithm: sha256WithRSAEncryption
98:10:1e:fb:87:a5:de:22:c1:22:fc:be:2e:55:61:b8:31:07:
47:d4:5a:87:bd:67:d6:9b:33:38:d6:b3:51:c5:74:23:09:ee:
c6:bd:d9:d2:8d:0e:47:70:80:62:5e:62:52:8e:65:11:6b:93:
e9:39:fa:e4:be:22:03:85:c0:88:30:50:a2:fd:c7:78:bf:17:
0a:14:d3:b6:81:94:bb:19:cf:36:67:70:6c:bc:3b:2e:81:21:
ed:36:f0:e6:16:76:8f:84:f8:3d:0e:f4:83:e3:ef:ae:e4:d1:
28:19:e1:19:11:4f:20:75:c3:b7:6f:62:b2:f3:85:56:82:19:
2c:b8:6b:3b:12:ac:0d:6f:e7:5f:de:b3:da:d8:9e:0a:98:ef:
27:76:f9:03:cb:3d:5d:db:a8:b1:28:37:e7:25:0a:23:8e:04:
7e:cb:ca:d7:dc:b0:6f:97:9d:bb:25:e4:63:3d:29:8c:c9:ae:
6c:e8:00:b5:5d:56:50:44:2f:3c:77:9b:25:f2:99:a7:85:a7:
d5:cd:d5:6d:00:55:37:5b:3d:db:38:42:e3:b5:18:1e:d3:8f:
3b:1b:ee:78:9f:7c:20:e9:a1:f8:51:75:be:44:3e:17:00:e8:
0d:b6:f8:91:3a:b7:f6:d9:15:83:b3:e6:af:fe:9f:66:13:9c:
07:42:c6:e4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJIk+n8ttpynaqMepsBvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjRiNDAxZmZlYWMzZDVkYjQyZjgyOGNhYjRmMTYzYzA2
NGQ2ZDUwHhcNMjQwMTAxMDgyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODc5YzZjZGQ4NWMxOWExMDcyZGYyYzExNjFhN2JmMjU5NmEwMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfeR1U3V933UUdrdDU7Tnq/gq7iG
8mdTzKDdMvF9FLP817sQlYrECy7ICuFtwjNHURxZDv9O3udvcpKidj0M7ew8mmnr
adUf7K4H4KBLT7OCkfx8xN4CgGrr9pmN2EeLQ5jGUOrp13SVF8pNVktyZVFIfL+D
Nh2g1VKge9JKBwZD7S+FQ3dc0BehrebzWiqDpfr/M7gv+SWPfy993Fi07U0f3t2O
4rKkxVDq05/BIJBBByrjCw581m79ZBjc1ine+Epa62/ZGmDG64kWIFKpskxMELH4
mBvMISqupMVBwM307g9P0Vk5aa8Z8XSyIlffFGklJJm0wzlvvowPMAlSuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPh5xs3YXBmhBy3ywRYae/JZagGvMB8GA1UdIwQY
MBaAFIcktAH/6sPV20L4KMq08WPAZNbVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlTMEFmX3F3OVhiUXZnb3lyVHhZOEJrMXRVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8zZTUwYzktOTVkMC00YWI3LWE3ZTEt
MDExMTAzODkzNGQzLzEvMS1Ibkd6ZGhjR2FFSExmTEJGaHA3OGxscUFhOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvM2U1MGM5LTk1ZDAtNGFiNy1hN2UxLTAxMTEwMzg5MzRk
My8xL2h5UzBBZl9xdzlYYlF2Z295clR4WThCazF0VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnvNDAN
BgkqhkiG9w0BAQsFAAOCAQEAmBAe+4el3iLBIvy+LlVhuDEHR9Rah71n1pszONaz
UcV0Iwnuxr3Z0o0OR3CAYl5iUo5lEWuT6Tn65L4iA4XAiDBQov3HeL8XChTTtoGU
uxnPNmdwbLw7LoEh7Tbw5hZ2j4T4PQ70g+PvruTRKBnhGRFPIHXDt29isvOFVoIZ
LLhrOxKsDW/nX96z2tieCpjvJ3b5A8s9XduosSg35yUKI44EfsvK19ywb5eduyXk
Yz0pjMmubOgAtV1WUEQvPHebJfKZp4Wn1c3VbQBVN1s92zhC47UYHtOPOxvueJ98
IOmh+FF1vkQ+FwDoDbb4kTq39tkVg7Pmr/6fZhOcB0LG5A==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:01:23 2024 by rpki-client on console-ams.rpki-client.org