Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/5047e8-c547-4b75-afc0-c6ece5901580/1/hiQuY1hMHCP5fPr_UqP8xzrIl68.roa
File: hiQuY1hMHCP5fPr_UqP8xzrIl68.roa (raw, json)
Hash identifier: EXuoP1MXmy12lE5xjImc+GB69O9d2MrqMRv3+fs6HsM=
Subject key identifier: 86:24:2E:63:58:4C:1C:23:F9:7C:FA:FF:52:A3:FC:C7:3A:C8:97:AF
Certificate issuer: /CN=c0f0ee9842627031eca264dac65e5fef63943f98
Certificate serial: 018CC8019A94DB41A0DAD16A4027A6E2D386
Authority key identifier: C0:F0:EE:98:42:62:70:31:EC:A2:64:DA:C6:5E:5F:EF:63:94:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPDumEJicDHsomTaxl5f72OUP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/5047e8-c547-4b75-afc0-c6ece5901580/1/hiQuY1hMHCP5fPr_UqP8xzrIl68.roa
Signing time: Tue 02 Jan 2024 02:29:57 +0000
ROA not before: Tue 02 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28952
IP address blocks: 185.103.144.0/22 maxlen: 22
90.176.0.0/19 maxlen: 19
90.176.13.0/24 maxlen: 24
2a06:2c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/5047e8-c547-4b75-afc0-c6ece5901580/1/wPDumEJicDHsomTaxl5f72OUP5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/5047e8-c547-4b75-afc0-c6ece5901580/1/wPDumEJicDHsomTaxl5f72OUP5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/wPDumEJicDHsomTaxl5f72OUP5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:9a:94:db:41:a0:da:d1:6a:40:27:a6:e2:d3:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0f0ee9842627031eca264dac65e5fef63943f98
Validity
Not Before: Jan 2 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86242e63584c1c23f97cfaff52a3fcc73ac897af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fe:88:9f:47:bc:30:7d:fb:c1:a8:0a:02:5b:
34:8b:31:a1:bf:cf:9f:cd:2b:a1:b2:7c:2b:f4:44:
6d:d4:d2:c0:9a:07:98:ff:44:2c:18:a7:a8:a5:4f:
41:6c:2d:da:c0:8c:c7:87:35:6e:ba:c7:43:16:ae:
9c:8f:d9:06:5d:71:ed:12:18:96:fb:f8:9e:33:3e:
7c:6a:29:17:e4:37:78:dc:1d:e0:59:fc:d6:d9:0a:
73:f1:ad:26:01:b7:ab:2d:31:b2:c0:0b:c4:93:37:
3d:84:b9:12:52:14:9e:c9:20:ec:5f:d9:a0:67:7f:
80:24:4c:70:59:7f:18:e0:0b:f9:37:ba:65:b0:96:
cd:31:97:92:37:a3:09:4a:e7:92:1a:db:7e:0d:31:
44:b3:35:15:6f:33:33:c8:ee:06:eb:a8:de:80:6f:
62:67:0e:33:24:85:43:c9:c1:60:69:71:48:c9:c8:
58:dc:90:95:72:fd:68:fd:69:fd:33:18:7e:c4:cc:
92:f5:ed:a4:4f:66:d1:01:3a:cc:bd:06:98:5e:ed:
d4:43:98:a9:46:ce:89:5a:ae:e8:fe:37:29:cc:00:
18:92:c8:e1:4d:96:20:f0:e5:e4:c7:8b:f1:71:1a:
da:a2:84:b5:c1:f7:ae:bd:38:29:63:1a:27:bc:81:
4d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:24:2E:63:58:4C:1C:23:F9:7C:FA:FF:52:A3:FC:C7:3A:C8:97:AF
X509v3 Authority Key Identifier:
keyid:C0:F0:EE:98:42:62:70:31:EC:A2:64:DA:C6:5E:5F:EF:63:94:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPDumEJicDHsomTaxl5f72OUP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5047e8-c547-4b75-afc0-c6ece5901580/1/hiQuY1hMHCP5fPr_UqP8xzrIl68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/5047e8-c547-4b75-afc0-c6ece5901580/1/wPDumEJicDHsomTaxl5f72OUP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.176.0.0/19
185.103.144.0/22
IPv6:
2a06:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
64:c4:2e:9f:94:3f:c0:42:e4:b8:55:85:0e:08:c6:dc:a2:7d:
54:39:be:98:96:0b:7d:26:ee:80:5c:d5:59:34:77:bd:25:ad:
48:a5:b0:82:f6:77:f6:aa:51:10:2f:85:06:e5:88:08:d0:ff:
29:9f:2c:35:e2:e2:fc:79:b1:3b:88:eb:4e:78:14:3b:8e:ba:
8c:c4:21:bf:9c:78:d7:4b:fe:18:03:37:97:5e:14:a0:3e:34:
ce:38:7d:d2:af:7f:f4:06:82:12:4e:26:57:9c:06:54:ac:ab:
f7:19:02:81:56:c6:57:01:f6:85:bd:f9:a8:f5:6f:34:2a:e1:
f9:44:38:3a:58:76:6e:29:c8:9b:f6:59:16:d3:e3:d6:9b:12:
9a:9f:ad:2b:76:d8:1c:27:e6:43:93:f3:ef:fc:25:62:fa:bc:
e0:27:ad:f0:4e:a8:0b:cf:a1:d8:9e:af:04:ef:19:d4:1b:6f:
a8:99:d1:26:8c:ed:f1:e5:13:e4:93:87:06:09:30:cb:ac:61:
d9:02:98:4e:d2:62:3d:e5:89:af:86:e8:83:c2:36:fb:c8:11:
c7:5d:0e:75:90:cc:e0:4e:33:1c:23:04:3a:e9:da:b9:f4:e1:
11:50:af:ad:dc:ee:b8:ea:b5:38:a1:c9:a3:1d:4d:a3:c5:a2:
2e:87:23:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAZqU20Gg2tFqQCem4tOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZjBlZTk4NDI2MjcwMzFlY2EyNjRkYWM2NWU1ZmVmNjM5
NDNmOTgwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI0MmU2MzU4NGMxYzIzZjk3Y2ZhZmY1MmEzZmNjNzNhYzg5N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP6In0e8MH37wagKAls0izGhv8+f
zSuhsnwr9ERt1NLAmgeY/0QsGKeopU9BbC3awIzHhzVuusdDFq6cj9kGXXHtEhiW
+/ieMz58aikX5Dd43B3gWfzW2Qpz8a0mAberLTGywAvEkzc9hLkSUhSeySDsX9mg
Z3+AJExwWX8Y4Av5N7plsJbNMZeSN6MJSueSGtt+DTFEszUVbzMzyO4G66jegG9i
Zw4zJIVDycFgaXFIychY3JCVcv1o/Wn9Mxh+xMyS9e2kT2bRATrMvQaYXu3UQ5ip
Rs6JWq7o/jcpzAAYksjhTZYg8OXkx4vxcRraooS1wfeuvTgpYxonvIFNewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIYkLmNYTBwj+Xz6/1Kj/Mc6yJevMB8GA1UdIwQY
MBaAFMDw7phCYnAx7KJk2sZeX+9jlD+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1BEdW1FSmljREhzb21UYXhsNWY3Mk9VUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy81MDQ3ZTgtYzU0Ny00Yjc1LWFmYzAt
YzZlY2U1OTAxNTgwLzEvaGlRdVkxaE1IQ1A1ZlByX1VxUDh4enJJbDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy81MDQ3ZTgtYzU0Ny00Yjc1LWFmYzAtYzZlY2U1OTAxNTgw
LzEvd1BEdW1FSmljREhzb21UYXhsNWY3Mk9VUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWrAAAwQC
uWeQMA0EAgACMAcDBQMqBixAMA0GCSqGSIb3DQEBCwUAA4IBAQBkxC6flD/AQuS4
VYUOCMbcon1UOb6Ylgt9Ju6AXNVZNHe9Ja1IpbCC9nf2qlEQL4UG5YgI0P8pnyw1
4uL8ebE7iOtOeBQ7jrqMxCG/nHjXS/4YAzeXXhSgPjTOOH3Sr3/0BoISTiZXnAZU
rKv3GQKBVsZXAfaFvfmo9W80KuH5RDg6WHZuKcib9lkW0+PWmxKan60rdtgcJ+ZD
k/Pv/CVi+rzgJ63wTqgLz6HYnq8E7xnUG2+omdEmjO3x5RPkk4cGCTDLrGHZAphO
0mI95YmvhuiDwjb7yBHHXQ51kMzgTjMcIwQ66dq59OERUK+t3O646rU4ocmjHU2j
xaIuhyPz
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:36:07 2024 by rpki-client on console-fra.rpki-client.org