Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/hz9ymmuw53pp1bHpizvY2x8t_84.roa
File: hz9ymmuw53pp1bHpizvY2x8t_84.roa (raw, json)
Hash identifier: LOQBrzFFU+jAsp0d3KbnYqoKLleZ8QE55tAKcVDcN8s=
Subject key identifier: 87:3F:72:9A:6B:B0:E7:7A:69:D5:B1:E9:8B:3B:D8:DB:1F:2D:FF:CE
Certificate issuer: /CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Certificate serial: 0190C0D6A214CDF63DDFF9142E0856466795
Authority key identifier: FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/hz9ymmuw53pp1bHpizvY2x8t_84.roa
Signing time: Wed 17 Jul 2024 13:16:50 +0000
ROA not before: Wed 17 Jul 2024 13:16:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8881
IP address blocks: 185.187.122.0/24 maxlen: 24
2a0b:9e80:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/_2JWLK6HP0_EoyMr9J3VNDtwhPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/_2JWLK6HP0_EoyMr9J3VNDtwhPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:d6:a2:14:cd:f6:3d:df:f9:14:2e:08:56:46:67:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff62562cae873f4fc4a3232bf49dd5343b7084f9
Validity
Not Before: Jul 17 13:16:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=873f729a6bb0e77a69d5b1e98b3bd8db1f2dffce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:51:ff:73:8b:26:1b:d3:2f:14:a8:57:3c:5e:
45:f1:85:3a:97:49:f8:44:81:57:8b:aa:80:28:18:
3e:1a:54:96:72:2c:65:7e:23:5a:9a:14:d3:c2:c0:
1e:3d:57:ce:21:85:37:c5:b0:83:ac:1f:7f:e6:92:
e3:19:a8:27:4a:5f:cb:ae:75:17:0b:29:50:ff:c4:
f3:f3:2f:e1:77:f6:a2:e8:87:f4:96:0d:39:15:e5:
01:bf:f5:ea:f9:37:0f:67:a8:84:c6:b9:ca:3f:41:
b2:e1:d5:66:ed:fb:82:c2:98:9f:3a:ed:cf:bf:26:
6b:87:8e:a8:37:fc:40:6d:a2:5e:0b:e2:a1:fa:45:
ff:5b:fd:42:d0:d1:e9:91:c7:07:fd:f8:35:19:b5:
ab:94:bd:1f:6f:80:5c:6c:e9:b0:5d:53:5c:b4:d3:
9d:ed:a8:4b:6e:15:60:48:60:3b:1d:b4:b0:5c:9d:
d5:7a:e0:d8:f6:b7:a6:ae:42:49:19:7c:5f:8e:6c:
be:4c:20:dc:0a:2b:56:08:24:98:26:2c:95:d9:98:
bd:2f:0f:d6:7a:f2:c4:a7:4d:40:d9:00:cc:6d:b2:
08:03:e6:84:35:8c:8d:22:8a:d5:de:e3:85:e1:18:
a3:1c:0e:fc:b5:38:4a:57:cc:b5:76:b4:f4:4c:23:
39:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3F:72:9A:6B:B0:E7:7A:69:D5:B1:E9:8B:3B:D8:DB:1F:2D:FF:CE
X509v3 Authority Key Identifier:
keyid:FF:62:56:2C:AE:87:3F:4F:C4:A3:23:2B:F4:9D:D5:34:3B:70:84:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2JWLK6HP0_EoyMr9J3VNDtwhPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/hz9ymmuw53pp1bHpizvY2x8t_84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/3dc3c4-9c48-4a64-8fa1-88f7b91b6e32/1/_2JWLK6HP0_EoyMr9J3VNDtwhPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.122.0/24
IPv6:
2a0b:9e80:1000::/36
Signature Algorithm: sha256WithRSAEncryption
99:33:14:c9:ab:ef:9e:50:2b:3f:80:f8:e4:3a:a3:85:38:a5:
e9:cb:6b:1c:0a:25:28:a8:f6:23:b0:b6:b0:88:be:3a:f3:79:
19:86:3f:4a:3a:3f:0f:d0:27:ec:43:9d:77:94:e6:e0:25:1e:
4c:3e:90:47:8d:dd:55:df:b9:35:74:cc:f3:01:ff:62:a8:92:
90:cb:1f:15:e3:5d:ff:07:01:a8:39:e4:d7:d5:a5:09:4d:cb:
be:66:7c:aa:aa:57:74:ec:e8:b2:21:7e:b1:b7:50:bb:15:3f:
cb:8f:42:6f:47:9c:92:61:4c:88:6b:33:95:70:a3:11:92:27:
bf:f1:ee:07:4e:6c:c0:82:8b:5c:67:1b:f8:ce:22:4c:1d:99:
35:25:50:b2:0d:5b:55:44:3a:7c:1c:65:03:bc:22:80:59:59:
6b:8f:19:6a:85:5b:85:55:6b:1b:4c:7c:d3:e1:59:f3:bb:66:
be:df:90:23:65:14:62:64:b1:7b:ce:1d:02:5b:81:cc:13:99:
43:ea:f1:12:ec:c7:32:48:9b:6b:d2:ca:d2:63:e9:7c:2d:e1:
90:41:5b:67:31:ed:16:3c:7e:66:b6:25:b6:1b:74:55:02:8f:
19:59:a5:9f:d8:47:70:80:7b:a3:9e:8d:1e:ca:e0:7d:cc:43:
8d:f5:ed:d2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZDA1qIUzfY93/kULghWRmeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjI1NjJjYWU4NzNmNGZjNGEzMjMyYmY0OWRkNTM0M2I3
MDg0ZjkwHhcNMjQwNzE3MTMxNjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNmNzI5YTZiYjBlNzdhNjlkNWIxZTk4YjNiZDhkYjFmMmRmZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VH/c4smG9MvFKhXPF5F8YU6l0n4
RIFXi6qAKBg+GlSWcixlfiNamhTTwsAePVfOIYU3xbCDrB9/5pLjGagnSl/LrnUX
CylQ/8Tz8y/hd/ai6If0lg05FeUBv/Xq+TcPZ6iExrnKP0Gy4dVm7fuCwpifOu3P
vyZrh46oN/xAbaJeC+Kh+kX/W/1C0NHpkccH/fg1GbWrlL0fb4BcbOmwXVNctNOd
7ahLbhVgSGA7HbSwXJ3VeuDY9remrkJJGXxfjmy+TCDcCitWCCSYJiyV2Zi9Lw/W
evLEp01A2QDMbbIIA+aENYyNIorV3uOF4RijHA78tThKV8y1drT0TCM53QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIc/cpprsOd6adWx6Ys72NsfLf/OMB8GA1UdIwQY
MBaAFP9iViyuhz9PxKMjK/Sd1TQ7cIT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEt
ODhmN2I5MWI2ZTMyLzEvaHo5eW1tdXc1M3BwMWJIcGl6dlkyeDh0Xzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zZGMzYzQtOWM0OC00YTY0LThmYTEtODhmN2I5MWI2ZTMy
LzEvXzJKV0xLNkhQMF9Fb3lNcjlKM1ZORHR3aFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAubt6MA4E
AgACMAgDBgQqC56AEDANBgkqhkiG9w0BAQsFAAOCAQEAmTMUyavvnlArP4D45Dqj
hTil6ctrHAolKKj2I7C2sIi+OvN5GYY/Sjo/D9An7EOdd5Tm4CUeTD6QR43dVd+5
NXTM8wH/YqiSkMsfFeNd/wcBqDnk19WlCU3LvmZ8qqpXdOzosiF+sbdQuxU/y49C
b0eckmFMiGszlXCjEZInv/HuB05swIKLXGcb+M4iTB2ZNSVQsg1bVUQ6fBxlA7wi
gFlZa48ZaoVbhVVrG0x80+FZ87tmvt+QI2UUYmSxe84dAluBzBOZQ+rxEuzHMkib
a9LK0mPpfC3hkEFbZzHtFjx+ZrYltht0VQKPGVmln9hHcIB7o56NHsrgfcxDjfXt
0g==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:51:18 2024 by rpki-client on console-fra.rpki-client.org