Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/H_wKMrZCfMNEFL4aLlkosGXk9nY.roa
File: H_wKMrZCfMNEFL4aLlkosGXk9nY.roa (raw, json)
Hash identifier: aMPUuo2J1ob4OE4vk7zBOjNMfuIxenAp+Y8PUcId388=
Subject key identifier: 1F:FC:0A:32:B6:42:7C:C3:44:14:BE:1A:2E:59:28:B0:65:E4:F6:76
Certificate issuer: /CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Certificate serial: 018CC793F18DE114F85839E2944028FCEC52
Authority key identifier: 28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/H_wKMrZCfMNEFL4aLlkosGXk9nY.roa
Signing time: Tue 02 Jan 2024 00:30:10 +0000
ROA not before: Tue 02 Jan 2024 00:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.119.221.0/24 maxlen: 24
185.119.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f1:8d:e1:14:f8:58:39:e2:94:40:28:fc:ec:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Validity
Not Before: Jan 2 00:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ffc0a32b6427cc34414be1a2e5928b065e4f676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:74:7c:55:0e:c7:1c:55:15:b6:51:9e:60:29:
54:88:25:88:00:0c:6c:a1:3a:74:0b:7d:93:a3:0d:
1e:6a:99:a6:80:ab:60:95:c3:1a:b6:44:a5:89:79:
48:bb:a0:8c:ca:da:c0:4b:9b:7a:7b:e4:6a:77:d2:
ad:a9:55:6a:37:dd:0a:eb:04:29:ef:14:52:21:3b:
41:4b:de:5f:7c:86:ba:22:a9:f9:88:a9:66:55:c6:
9a:a9:30:93:f4:e4:68:7b:cc:cd:b8:6f:09:d4:7e:
16:13:31:36:7e:c6:d1:16:20:75:a3:39:f8:aa:f6:
48:83:1d:fc:25:68:95:36:03:9b:df:15:e8:6e:c6:
91:d1:78:df:74:7f:eb:9b:3e:1d:27:21:13:16:d0:
43:07:00:c4:37:91:ff:ee:7a:20:f4:b6:71:3e:14:
4a:8c:54:62:2a:e0:e8:fd:1b:cf:f1:82:79:6c:bf:
c8:e2:cf:19:2e:ea:49:d5:12:10:1a:75:8a:a5:00:
61:96:c4:dd:4f:25:00:e3:3b:37:42:e1:8a:e4:6d:
f1:ee:df:df:26:50:f0:35:2a:a6:01:15:7c:5d:f3:
55:3b:57:17:af:8a:45:fb:02:81:93:5a:29:bc:31:
ff:76:33:b1:6f:4d:ef:22:f4:1a:cf:b7:25:24:e0:
26:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FC:0A:32:B6:42:7C:C3:44:14:BE:1A:2E:59:28:B0:65:E4:F6:76
X509v3 Authority Key Identifier:
keyid:28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/H_wKMrZCfMNEFL4aLlkosGXk9nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.221.0/24
185.119.223.0/24
Signature Algorithm: sha256WithRSAEncryption
01:22:40:9b:72:f4:98:08:45:f1:83:bb:52:39:b5:22:77:9f:
37:39:b8:f1:6d:50:59:a9:e0:be:e6:94:d5:8b:4d:b5:24:45:
6e:5f:7f:0d:cb:9b:2a:c4:d4:da:f6:04:fd:54:8a:c1:19:54:
b8:9d:30:e9:55:4a:85:94:b4:6f:e2:06:bd:e8:c0:4f:30:b0:
c2:ec:bc:3d:da:c9:d8:5a:52:a1:a8:9b:25:38:c3:e6:b6:e9:
35:55:ac:05:dd:74:c7:bf:d8:6e:b0:57:e1:1f:e9:6e:c2:fa:
6c:28:ed:3d:cb:90:b5:45:5d:18:85:6d:cc:f8:6f:61:a4:49:
66:0f:e2:1a:99:55:2c:29:14:dc:bf:ee:fd:e5:b7:e3:a3:c9:
0f:1e:e1:30:b5:46:2e:5c:7b:d2:21:5a:23:f2:cb:89:5d:82:
09:af:af:6e:49:8b:b0:1c:07:c0:0c:62:63:09:b1:54:c4:40:
3e:1c:9a:e3:db:9a:bf:43:09:b7:74:cf:cb:d7:32:25:fa:67:
fc:59:eb:d6:b5:f4:91:3c:98:4a:5b:f8:66:70:74:be:78:e8:
00:36:d4:20:9a:54:25:7a:47:29:a5:34:86:d5:41:86:4b:d7:
92:af:d7:11:af:c5:7c:70:3a:e3:10:1b:8d:3f:ff:56:6f:10:
02:88:ba:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHk/GN4RT4WDnilEAo/OxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YjBmZjc5OThjYTg4NTRjZTdjNDc1YTk3MmVkMWQ1MmE1
YzYwY2QwHhcNMjQwMTAyMDAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmZjMGEzMmI2NDI3Y2MzNDQxNGJlMWEyZTU5MjhiMDY1ZTRmNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHR8VQ7HHFUVtlGeYClUiCWIAAxs
oTp0C32Tow0eapmmgKtglcMatkSliXlIu6CMytrAS5t6e+Rqd9KtqVVqN90K6wQp
7xRSITtBS95ffIa6Iqn5iKlmVcaaqTCT9ORoe8zNuG8J1H4WEzE2fsbRFiB1ozn4
qvZIgx38JWiVNgOb3xXobsaR0XjfdH/rmz4dJyETFtBDBwDEN5H/7nog9LZxPhRK
jFRiKuDo/RvP8YJ5bL/I4s8ZLupJ1RIQGnWKpQBhlsTdTyUA4zs3QuGK5G3x7t/f
JlDwNSqmARV8XfNVO1cXr4pF+wKBk1opvDH/djOxb03vIvQaz7clJOAmEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB/8CjK2QnzDRBS+Gi5ZKLBl5PZ2MB8GA1UdIwQY
MBaAFCiw/3mYyohUznxHWpcu0dUqXGDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDIt
MjY3NTQ3ZWExZTM1LzEvSF93S01yWkNmTU5FRkw0YUxsa29zR1hrOW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDItMjY3NTQ3ZWExZTM1
LzEvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXfdAwQA
uXffMA0GCSqGSIb3DQEBCwUAA4IBAQABIkCbcvSYCEXxg7tSObUid583ObjxbVBZ
qeC+5pTVi021JEVuX38Ny5sqxNTa9gT9VIrBGVS4nTDpVUqFlLRv4ga96MBPMLDC
7Lw92snYWlKhqJslOMPmtuk1VawF3XTHv9husFfhH+luwvpsKO09y5C1RV0YhW3M
+G9hpElmD+IamVUsKRTcv+795bfjo8kPHuEwtUYuXHvSIVoj8suJXYIJr69uSYuw
HAfADGJjCbFUxEA+HJrj25q/Qwm3dM/L1zIl+mf8WevWtfSRPJhKW/hmcHS+eOgA
NtQgmlQlekcppTSG1UGGS9eSr9cRr8V8cDrjEBuNP/9WbxACiLpu
-----END CERTIFICATE-----
Generated at Thu May 2 22:20:16 2024 by rpki-client on console-fra.rpki-client.org