Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/hkseXHGh824TKAvw6PhZ6rP0E7s.roa
File: hkseXHGh824TKAvw6PhZ6rP0E7s.roa (raw, json)
Hash identifier: 5B+qCYTg5X4Pz04l3/yVe70ByxEwmRKTfDtC5O/oO0o=
Subject key identifier: 86:4B:1E:5C:71:A1:F3:6E:13:28:0B:F0:E8:F8:59:EA:B3:F4:13:BB
Certificate issuer: /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial: 018CC9BC67AFFE7A7AF490241C7F8E2E61E5
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/hkseXHGh824TKAvw6PhZ6rP0E7s.roa
Signing time: Tue 02 Jan 2024 10:33:36 +0000
ROA not before: Tue 02 Jan 2024 10:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25465
IP address blocks: 94.207.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:67:af:fe:7a:7a:f4:90:24:1c:7f:8e:2e:61:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
Validity
Not Before: Jan 2 10:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=864b1e5c71a1f36e13280bf0e8f859eab3f413bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a4:63:10:34:e1:d3:fd:e5:e6:82:e5:be:fb:
19:c1:0f:a2:f7:cb:87:b1:d0:e9:8d:5d:65:a5:f2:
16:8d:63:34:5a:22:23:71:bf:39:b9:fc:b0:c9:27:
4c:88:99:d2:a7:71:15:9c:62:e9:f9:97:83:88:d9:
66:30:3d:85:e2:e3:c5:99:6b:2d:c1:2a:4c:29:2b:
d6:aa:5d:81:89:b4:ac:39:56:64:20:83:33:72:6d:
06:3e:09:d9:de:7b:b6:6c:99:04:58:5a:4f:21:68:
70:6a:52:e9:6c:13:e9:3e:6f:4c:5d:2e:08:6f:3b:
8e:33:27:e7:62:90:ae:34:1c:28:60:02:73:71:10:
24:56:44:d0:eb:64:5c:8e:f9:db:2c:de:f8:6b:a9:
35:b7:25:c5:4e:98:9d:8a:a3:a3:fc:b8:e8:0f:60:
00:17:de:47:31:1e:00:69:23:30:a5:d2:48:29:ce:
8f:7e:3b:eb:82:89:82:dc:8c:b7:3a:47:f8:fa:6d:
64:70:7f:7b:2f:5a:5f:2a:ea:2f:33:d6:1d:b3:01:
73:23:8d:a0:86:0a:4f:36:97:24:8a:69:80:92:57:
21:80:10:f3:2d:f3:de:8d:0b:6a:47:c2:5f:7f:b4:
a6:60:c1:e4:c2:f8:4b:8a:fd:6c:50:76:41:6e:88:
da:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4B:1E:5C:71:A1:F3:6E:13:28:0B:F0:E8:F8:59:EA:B3:F4:13:BB
X509v3 Authority Key Identifier:
keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/hkseXHGh824TKAvw6PhZ6rP0E7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.207.41.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:7a:ae:9a:41:f4:59:95:b7:4c:0c:24:a0:ef:67:9d:68:56:
c6:b3:a7:4b:68:f3:98:1e:e7:7d:76:1d:bf:df:1d:13:b2:8c:
6d:d1:4f:67:44:fb:ed:d1:e3:f2:36:fa:bd:7a:85:56:70:dd:
0d:14:44:80:12:49:a9:d2:d0:6f:11:5f:93:b4:9a:17:72:f3:
42:51:38:e1:51:98:d2:84:e6:06:2a:3c:46:1d:dc:86:6b:51:
f4:6a:02:01:6a:8b:6f:34:11:1e:2c:f6:24:a9:29:65:76:48:
2d:ae:fd:cd:4a:e4:18:ea:bf:b8:2e:31:29:cf:e1:bc:cb:1b:
b2:f4:fb:99:07:c1:c1:eb:1a:af:19:67:ff:92:d7:20:a1:c1:
a9:91:55:d6:45:98:ef:99:4e:b8:37:36:fa:71:78:4b:81:ae:
b2:a4:d0:e2:c9:dd:ec:28:5c:73:1b:8b:2b:ca:d3:3a:2a:5a:
9e:f9:8b:c8:c8:aa:08:b1:78:0a:82:91:ce:50:a6:ba:2d:bd:
28:33:6b:73:ae:e4:d5:7a:c1:4d:31:7d:58:54:51:40:e4:26:
f2:a5:0d:b0:93:98:99:19:06:ca:39:1d:61:93:23:5d:cc:dd:
94:99:0a:39:72:72:f8:6e:e7:ae:2f:24:f8:1c:a9:5b:5c:41:
10:8c:49:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvGev/np69JAkHH+OLmHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjQwMTAyMTAzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjRiMWU1YzcxYTFmMzZlMTMyODBiZjBlOGY4NTllYWIzZjQxM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqRjEDTh0/3l5oLlvvsZwQ+i98uH
sdDpjV1lpfIWjWM0WiIjcb85ufywySdMiJnSp3EVnGLp+ZeDiNlmMD2F4uPFmWst
wSpMKSvWql2BibSsOVZkIIMzcm0GPgnZ3nu2bJkEWFpPIWhwalLpbBPpPm9MXS4I
bzuOMyfnYpCuNBwoYAJzcRAkVkTQ62RcjvnbLN74a6k1tyXFTpidiqOj/LjoD2AA
F95HMR4AaSMwpdJIKc6PfjvrgomC3Iy3Okf4+m1kcH97L1pfKuovM9YdswFzI42g
hgpPNpckimmAklchgBDzLfPejQtqR8Jff7SmYMHkwvhLiv1sUHZBbojaqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZLHlxxofNuEygL8Oj4Weqz9BO7MB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvaGtzZVhIR2g4MjRUS0F2dzZQaFo2clAwRTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXs8pMA0G
CSqGSIb3DQEBCwUAA4IBAQBOeq6aQfRZlbdMDCSg72edaFbGs6dLaPOYHud9dh2/
3x0Tsoxt0U9nRPvt0ePyNvq9eoVWcN0NFESAEkmp0tBvEV+TtJoXcvNCUTjhUZjS
hOYGKjxGHdyGa1H0agIBaotvNBEeLPYkqSlldkgtrv3NSuQY6r+4LjEpz+G8yxuy
9PuZB8HB6xqvGWf/ktcgocGpkVXWRZjvmU64Nzb6cXhLga6ypNDiyd3sKFxzG4sr
ytM6Klqe+YvIyKoIsXgKgpHOUKa6Lb0oM2tzruTVesFNMX1YVFFA5CbypQ2wk5iZ
GQbKOR1hkyNdzN2UmQo5cnL4bueuLyT4HKlbXEEQjEkq
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:11:56 2024 by rpki-client on console-ams.rpki-client.org