Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/715ef2-06e9-455d-8b71-7718512f0def/1/HqiXn2VdzRY4ADXh4LHC_5GDBRQ.roa
File: HqiXn2VdzRY4ADXh4LHC_5GDBRQ.roa (raw, json)
Hash identifier: DleGgOYgTUs5KdclgG1PWq0idI47KwW+2iFXOMoNWEQ=
Subject key identifier: 1E:A8:97:9F:65:5D:CD:16:38:00:35:E1:E0:B1:C2:FF:91:83:05:14
Certificate issuer: /CN=2719d410107675eed8b62ccad435336f819e0a6d
Certificate serial: 018CC5DC3C1C5F6562288D08BA83D31AB701
Authority key identifier: 27:19:D4:10:10:76:75:EE:D8:B6:2C:CA:D4:35:33:6F:81:9E:0A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JxnUEBB2de7YtizK1DUzb4GeCm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/715ef2-06e9-455d-8b71-7718512f0def/1/HqiXn2VdzRY4ADXh4LHC_5GDBRQ.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.214.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/715ef2-06e9-455d-8b71-7718512f0def/1/JxnUEBB2de7YtizK1DUzb4GeCm0.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/715ef2-06e9-455d-8b71-7718512f0def/1/JxnUEBB2de7YtizK1DUzb4GeCm0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JxnUEBB2de7YtizK1DUzb4GeCm0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3c:1c:5f:65:62:28:8d:08:ba:83:d3:1a:b7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2719d410107675eed8b62ccad435336f819e0a6d
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ea8979f655dcd16380035e1e0b1c2ff91830514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9c:7d:d1:8a:f1:af:23:7a:ac:6b:02:68:4a:
f1:b0:3e:ae:1d:de:52:25:c3:65:4b:43:b6:d5:ae:
30:66:88:6b:9e:8d:60:fa:54:98:c0:b4:bb:46:66:
39:1f:32:cb:8d:c3:cb:6f:ca:90:1f:ad:b2:b8:0d:
33:e6:70:ce:0e:a0:cc:a4:5c:94:dc:7b:c4:ca:2e:
1f:15:b9:d1:ff:51:63:a4:29:b5:34:bc:9b:33:6c:
2d:57:97:dc:0e:70:3a:07:b9:cd:9c:b9:6d:b7:08:
e9:9c:c3:48:ea:cf:4d:b3:41:5b:92:9d:8a:33:fc:
f6:70:62:8f:fc:83:36:df:6a:96:7f:08:9e:81:d5:
7e:31:a4:e6:bd:cb:18:45:0b:68:aa:04:90:70:ca:
26:f3:9e:0c:6e:b4:4d:72:d3:e8:24:48:e7:3c:77:
ca:f9:3d:47:69:2e:9c:c2:1f:c5:56:c7:99:db:f9:
e7:cd:d6:8f:9d:5c:8e:02:90:d2:84:04:44:ee:11:
09:a5:e6:6f:1c:77:ea:51:47:1f:77:a8:ea:c8:9a:
da:a0:eb:60:d5:d7:35:a8:95:b3:b6:8e:c3:53:68:
ca:45:8c:28:f9:2b:66:7c:4d:d8:c7:5b:b2:ff:99:
c2:ae:10:cc:0d:d0:ea:2f:ea:58:73:e6:cf:19:b4:
87:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A8:97:9F:65:5D:CD:16:38:00:35:E1:E0:B1:C2:FF:91:83:05:14
X509v3 Authority Key Identifier:
keyid:27:19:D4:10:10:76:75:EE:D8:B6:2C:CA:D4:35:33:6F:81:9E:0A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JxnUEBB2de7YtizK1DUzb4GeCm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/715ef2-06e9-455d-8b71-7718512f0def/1/HqiXn2VdzRY4ADXh4LHC_5GDBRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/715ef2-06e9-455d-8b71-7718512f0def/1/JxnUEBB2de7YtizK1DUzb4GeCm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.212.0/23
Signature Algorithm: sha256WithRSAEncryption
35:47:0f:ce:c1:74:7c:f5:fa:c9:21:5d:e5:22:69:13:5d:40:
72:d9:a6:6a:09:57:c8:59:2a:44:05:be:f3:97:6d:1e:b0:1b:
3b:25:ad:24:f7:1b:95:af:2e:87:f4:d4:e5:3c:96:45:6b:0a:
8b:bf:27:df:40:02:7c:9f:cb:a1:71:49:41:e2:14:6f:0e:2a:
19:50:52:f2:51:f0:d6:46:d4:ac:32:3f:5a:61:14:29:f0:2f:
9f:c3:80:ea:14:3a:10:21:f0:4f:aa:a9:06:20:9e:ba:d0:43:
8d:02:c6:cd:35:b3:bc:62:ac:41:30:fd:49:8d:c0:67:b9:f3:
cf:93:0b:00:ec:e2:97:0b:1a:97:93:82:73:9e:d4:22:c8:b2:
cf:85:08:98:6b:71:c0:0b:e9:64:c0:fc:40:a0:08:7d:9c:1f:
ec:60:f0:d2:4e:d0:67:21:ff:ec:43:0b:f7:03:c4:d0:0b:3b:
11:de:c2:cd:e4:ad:f5:87:79:23:76:4b:1a:0b:5f:f5:29:6f:
15:56:b0:91:31:bb:74:ea:b8:1e:8c:a1:53:fa:fe:56:3d:44:
57:93:71:eb:50:12:bf:7e:7e:11:6d:c0:b0:de:cd:36:8a:14:
9a:8d:d9:94:c5:50:ba:a1:45:81:51:6a:08:2a:54:fc:83:dc:
1d:c1:3c:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3DwcX2ViKI0IuoPTGrcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MTlkNDEwMTA3Njc1ZWVkOGI2MmNjYWQ0MzUzMzZmODE5
ZTBhNmQwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE4OTc5ZjY1NWRjZDE2MzgwMDM1ZTFlMGIxYzJmZjkxODMwNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Zx90YrxryN6rGsCaErxsD6uHd5S
JcNlS0O21a4wZohrno1g+lSYwLS7RmY5HzLLjcPLb8qQH62yuA0z5nDODqDMpFyU
3HvEyi4fFbnR/1FjpCm1NLybM2wtV5fcDnA6B7nNnLlttwjpnMNI6s9Ns0Fbkp2K
M/z2cGKP/IM232qWfwiegdV+MaTmvcsYRQtoqgSQcMom854MbrRNctPoJEjnPHfK
+T1HaS6cwh/FVseZ2/nnzdaPnVyOApDShARE7hEJpeZvHHfqUUcfd6jqyJraoOtg
1dc1qJWzto7DU2jKRYwo+StmfE3Yx1uy/5nCrhDMDdDqL+pYc+bPGbSHUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6ol59lXc0WOAA14eCxwv+RgwUUMB8GA1UdIwQY
MBaAFCcZ1BAQdnXu2LYsytQ1M2+BngptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnhuVUVCQjJkZTdZdGl6SzFEVXpiNEdlQ20wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83MTVlZjItMDZlOS00NTVkLThiNzEt
NzcxODUxMmYwZGVmLzEvSHFpWG4yVmR6Ulk0QURYaDRMSENfNUdEQlJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83MTVlZjItMDZlOS00NTVkLThiNzEtNzcxODUxMmYwZGVm
LzEvSnhuVUVCQjJkZTdZdGl6SzFEVXpiNEdlQ20wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudbUMA0G
CSqGSIb3DQEBCwUAA4IBAQA1Rw/OwXR89frJIV3lImkTXUBy2aZqCVfIWSpEBb7z
l20esBs7Ja0k9xuVry6H9NTlPJZFawqLvyffQAJ8n8uhcUlB4hRvDioZUFLyUfDW
RtSsMj9aYRQp8C+fw4DqFDoQIfBPqqkGIJ660EONAsbNNbO8YqxBMP1JjcBnufPP
kwsA7OKXCxqXk4JzntQiyLLPhQiYa3HAC+lkwPxAoAh9nB/sYPDSTtBnIf/sQwv3
A8TQCzsR3sLN5K31h3kjdksaC1/1KW8VVrCRMbt06rgejKFT+v5WPURXk3HrUBK/
fn4RbcCw3s02ihSajdmUxVC6oUWBUWoIKlT8g9wdwTwK
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:55:34 2024 by rpki-client on console-ams.rpki-client.org