Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/hNuFNniVlloM6muhWw_XWP-eI1A.roa
File: hNuFNniVlloM6muhWw_XWP-eI1A.roa (raw, json)
Hash identifier: zv1EqngSJ72f1tif2iJM2pxDwdAVYKFaT8bE6fkkQak=
Subject key identifier: 84:DB:85:36:78:95:96:5A:0C:EA:6B:A1:5B:0F:D7:58:FF:9E:23:50
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018CC56EB560BB366690F778AE52B47D5A00
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/hNuFNniVlloM6muhWw_XWP-eI1A.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58056
IP address blocks: 109.123.0.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b5:60:bb:36:66:90:f7:78:ae:52:b4:7d:5a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84db85367895965a0cea6ba15b0fd758ff9e2350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:a9:18:90:66:c7:b2:f6:c5:e5:aa:ea:5c:
be:32:b5:da:d7:28:1a:05:8b:16:84:62:71:7b:54:
8d:75:23:98:66:9e:4f:70:b9:1d:56:cb:ee:f9:7e:
35:21:11:2f:d7:01:64:3a:6d:a5:55:e6:46:8c:45:
66:0e:5f:a7:09:9a:d1:84:8e:1a:67:f0:69:e0:be:
be:a9:76:c6:66:c5:ee:4c:a1:f0:58:9c:3e:41:b4:
e8:bc:65:0b:3f:3a:8f:6d:ec:db:27:66:42:36:60:
20:1d:47:2d:3c:4b:44:c2:2f:f6:07:16:3a:e2:a5:
46:14:e2:93:7e:fc:e9:95:89:23:1c:be:98:31:d0:
d6:b2:da:b9:73:62:13:49:a4:eb:50:3e:37:fe:78:
1e:1a:9d:d6:db:a1:b2:61:ad:71:cc:15:df:f1:f1:
48:fb:ea:2d:39:85:12:13:3a:cb:d7:d4:9d:39:21:
05:5f:eb:aa:a4:f8:98:a1:24:b2:25:78:9f:f8:49:
e5:d2:1f:ee:e3:01:0f:d0:b0:bd:4f:9e:d4:f2:d1:
eb:55:ab:71:ae:38:39:92:e4:ca:52:c9:c5:4c:9c:
e4:9c:3a:69:60:1b:13:bb:29:01:ac:67:3c:a9:0d:
8b:f0:ce:bc:f1:c1:dd:07:be:b1:57:e1:31:4f:3e:
69:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DB:85:36:78:95:96:5A:0C:EA:6B:A1:5B:0F:D7:58:FF:9E:23:50
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/hNuFNniVlloM6muhWw_XWP-eI1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.123.0.0/18
Signature Algorithm: sha256WithRSAEncryption
62:32:06:98:ce:e9:79:6f:83:dc:f1:54:3c:fd:3b:47:c0:18:
9d:3f:01:ae:d0:e4:13:ac:db:98:ec:31:66:2b:df:9a:74:41:
53:f9:5c:90:ab:2c:fc:86:c1:a6:79:a8:9d:29:1a:95:ee:a6:
f1:67:c0:2e:29:3e:62:2e:69:36:cc:71:fe:13:8d:ae:72:0d:
c4:94:84:e1:9b:37:4b:2b:ee:9e:c6:c6:57:f8:70:ce:9f:b9:
48:23:8d:e3:51:ef:4d:9f:71:d3:7b:f2:dc:6d:b5:7f:9a:8a:
d3:b7:00:64:f7:2d:fe:b9:e2:b2:dd:9c:d4:2a:37:ea:22:32:
04:ed:14:07:06:d7:7b:ec:18:62:c4:98:8b:79:a1:88:e7:2a:
11:9c:05:cc:6e:10:99:0d:26:31:22:db:18:4c:d7:77:8a:61:
60:3d:0d:7d:79:1c:1b:3a:17:c9:52:31:c3:eb:ef:8b:28:8e:
89:94:fe:ea:64:2b:93:ad:bd:6c:2d:61:f5:48:69:e9:2d:79:
ee:ac:1b:3b:a9:ae:29:bb:8f:21:c9:96:bb:2e:f8:8e:a8:56:
f0:a9:6f:69:ec:00:33:35:e5:72:19:8d:6b:5d:dc:89:aa:e9:
00:8f:ae:6e:6a:d3:67:6c:4e:0d:1a:1a:1c:ae:99:bc:56:94:
37:30:da:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbrVguzZmkPd4rlK0fVoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRiODUzNjc4OTU5NjVhMGNlYTZiYTE1YjBmZDc1OGZmOWUyMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnGpGJBmx7L2xeWq6ly+MrXa1yga
BYsWhGJxe1SNdSOYZp5PcLkdVsvu+X41IREv1wFkOm2lVeZGjEVmDl+nCZrRhI4a
Z/Bp4L6+qXbGZsXuTKHwWJw+QbTovGULPzqPbezbJ2ZCNmAgHUctPEtEwi/2BxY6
4qVGFOKTfvzplYkjHL6YMdDWstq5c2ITSaTrUD43/ngeGp3W26GyYa1xzBXf8fFI
++otOYUSEzrL19SdOSEFX+uqpPiYoSSyJXif+Enl0h/u4wEP0LC9T57U8tHrVatx
rjg5kuTKUsnFTJzknDppYBsTuykBrGc8qQ2L8M688cHdB76xV+ExTz5prwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITbhTZ4lZZaDOproVsP11j/niNQMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvaE51Rk5uaVZsbG9NNm11aFd3X1hXUC1lSTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGbXsAMA0G
CSqGSIb3DQEBCwUAA4IBAQBiMgaYzul5b4Pc8VQ8/TtHwBidPwGu0OQTrNuY7DFm
K9+adEFT+VyQqyz8hsGmeaidKRqV7qbxZ8AuKT5iLmk2zHH+E42ucg3ElIThmzdL
K+6exsZX+HDOn7lII43jUe9Nn3HTe/LcbbV/morTtwBk9y3+ueKy3ZzUKjfqIjIE
7RQHBtd77BhixJiLeaGI5yoRnAXMbhCZDSYxItsYTNd3imFgPQ19eRwbOhfJUjHD
6++LKI6JlP7qZCuTrb1sLWH1SGnpLXnurBs7qa4pu48hyZa7LviOqFbwqW9p7AAz
NeVyGY1rXdyJqukAj65uatNnbE4NGhocrpm8VpQ3MNow
-----END CERTIFICATE-----
Generated at Sun May 5 19:59:34 2024 by rpki-client on console-ams.rpki-client.org