Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/rHxtg2T9xiMBrInVtNCZcROEVVA.roa
File: rHxtg2T9xiMBrInVtNCZcROEVVA.roa (raw, json)
Hash identifier: UAF9iP/lVsWcP4FjW5sDTH0p2cf2OWJauOgFEAp0UNg=
Subject key identifier: AC:7C:6D:83:64:FD:C6:23:01:AC:89:D5:B4:D0:99:71:13:84:55:50
Certificate issuer: /CN=295579f5b673dbe2ebba348cfb0f56124cde7048
Certificate serial: 018CC5DC1529582AD46B5B42F2499B9E9238
Authority key identifier: 29:55:79:F5:B6:73:DB:E2:EB:BA:34:8C:FB:0F:56:12:4C:DE:70:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/rHxtg2T9xiMBrInVtNCZcROEVVA.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56647
IP address blocks: 185.168.112.0/24 maxlen: 24
185.94.84.0/23 maxlen: 23
185.168.113.0/24 maxlen: 24
185.94.86.0/24 maxlen: 24
2a04:2d00::/48 maxlen: 48
2a0b:f600::/48 maxlen: 48
2a04:2d01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/KVV59bZz2-LrujSM-w9WEkzecEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/KVV59bZz2-LrujSM-w9WEkzecEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:15:29:58:2a:d4:6b:5b:42:f2:49:9b:9e:92:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=295579f5b673dbe2ebba348cfb0f56124cde7048
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac7c6d8364fdc62301ac89d5b4d0997113845550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:af:b3:f3:b0:58:9b:ed:71:7a:64:34:f1:fa:
b5:88:67:0d:39:72:53:cd:b7:83:c5:d7:52:4a:99:
fc:cb:6a:c8:5f:f3:ca:3a:0e:74:e7:00:07:3f:33:
dc:0e:e0:73:5d:15:61:de:1a:d7:8b:e7:2c:3a:38:
78:88:37:91:20:87:ae:33:fc:19:70:cb:e8:cb:22:
79:8d:be:19:16:51:a1:14:5e:c2:ec:5b:88:9e:86:
28:58:2a:03:94:08:04:b2:37:58:91:68:a1:55:c7:
94:2c:be:6b:50:48:86:e5:48:d8:fd:63:e2:d4:8e:
f6:ca:10:8c:c4:e4:5f:e8:7d:79:a7:2a:fc:64:29:
1b:01:d4:52:db:4b:09:0e:f7:52:ce:a8:64:fb:46:
70:e0:a5:b2:67:6f:80:92:d5:0b:10:fd:6a:94:c8:
85:4d:30:02:35:66:8a:61:86:e0:7b:d5:f3:f9:46:
bb:79:41:94:5d:26:b4:d3:37:81:17:1d:bd:53:cc:
42:a3:e2:91:18:0c:31:13:ce:90:e0:4b:bd:8c:5c:
35:25:24:22:eb:18:25:bc:29:ab:0d:aa:1b:9a:ae:
8a:71:48:a5:6a:4c:72:6b:03:6d:5f:f2:4a:e3:f2:
d8:db:c8:e6:5c:77:b7:0b:03:0e:e2:1c:8e:0b:13:
93:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7C:6D:83:64:FD:C6:23:01:AC:89:D5:B4:D0:99:71:13:84:55:50
X509v3 Authority Key Identifier:
keyid:29:55:79:F5:B6:73:DB:E2:EB:BA:34:8C:FB:0F:56:12:4C:DE:70:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVV59bZz2-LrujSM-w9WEkzecEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/rHxtg2T9xiMBrInVtNCZcROEVVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1574c9-01d5-48fd-980f-343c4d24c23b/1/KVV59bZz2-LrujSM-w9WEkzecEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.84.0-185.94.86.255
185.168.112.0/23
IPv6:
2a04:2d00::/48
2a04:2d01::/48
2a0b:f600::/48
Signature Algorithm: sha256WithRSAEncryption
9d:44:de:8a:67:91:47:98:52:28:e9:84:79:d4:8a:22:da:8b:
4c:bf:4f:29:37:e0:8d:2d:e7:10:0d:33:57:09:ad:e0:ce:cd:
0d:2b:74:b3:28:9c:47:57:ab:af:96:9b:65:75:5d:0f:68:6c:
74:7f:d7:ba:bf:44:be:48:78:c2:94:8d:11:fd:6d:6e:dc:8f:
3f:6e:4d:81:59:f9:c6:1a:7a:46:d8:69:03:cd:16:bf:24:63:
af:3c:c2:32:28:4b:8a:94:cc:ee:5f:49:c7:36:12:65:b3:69:
d5:0d:d7:ca:d2:b4:97:1b:3a:06:77:57:36:25:65:a4:58:9a:
a9:8c:26:54:3d:04:05:45:9b:d4:92:54:3d:79:5c:bf:1b:f1:
7e:71:eb:b4:45:7d:09:3a:9b:2f:4e:fd:85:d3:45:3a:50:37:
aa:e7:4b:ba:86:e2:f8:16:68:f1:6a:d6:e4:89:42:65:e8:56:
8b:06:45:f0:24:b7:e1:b9:2f:f2:57:65:0b:1f:3b:63:71:00:
a6:f3:3d:92:fd:a5:93:2e:8a:d2:41:46:eb:a4:6f:a0:c1:3d:
7c:d0:27:0a:9b:78:f1:9a:51:f1:d4:34:2c:c3:11:d7:08:f8:
ec:ee:33:c8:4a:a4:52:37:c9:b4:c0:68:a7:44:1c:f2:e0:f1:
70:0d:53:e7
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzF3BUpWCrUa1tC8kmbnpI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTU3OWY1YjY3M2RiZTJlYmJhMzQ4Y2ZiMGY1NjEyNGNk
ZTcwNDgwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdjNmQ4MzY0ZmRjNjIzMDFhYzg5ZDViNGQwOTk3MTEzODQ1NTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK+z87BYm+1xemQ08fq1iGcNOXJT
zbeDxddSSpn8y2rIX/PKOg505wAHPzPcDuBzXRVh3hrXi+csOjh4iDeRIIeuM/wZ
cMvoyyJ5jb4ZFlGhFF7C7FuInoYoWCoDlAgEsjdYkWihVceULL5rUEiG5UjY/WPi
1I72yhCMxORf6H15pyr8ZCkbAdRS20sJDvdSzqhk+0Zw4KWyZ2+AktULEP1qlMiF
TTACNWaKYYbge9Xz+Ua7eUGUXSa00zeBFx29U8xCo+KRGAwxE86Q4Eu9jFw1JSQi
6xglvCmrDaobmq6KcUilakxyawNtX/JK4/LY28jmXHe3CwMO4hyOCxOTKQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFKx8bYNk/cYjAayJ1bTQmXEThFVQMB8GA1UdIwQY
MBaAFClVefW2c9vi67o0jPsPVhJM3nBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZWNTliWnoyLUxydWpTTS13OVdFa3plY0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xNTc0YzktMDFkNS00OGZkLTk4MGYt
MzQzYzRkMjRjMjNiLzEvckh4dGcyVDl4aU1CckluVnROQ1pjUk9FVlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xNTc0YzktMDFkNS00OGZkLTk4MGYtMzQzYzRkMjRjMjNi
LzEvS1ZWNTliWnoyLUxydWpTTS13OVdFa3plY0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBAK5XlQD
BAC5XlYDBAG5qHAwIQQCAAIwGwMHACoELQAAAAMHACoELQEAAAMHACoL9gAAADAN
BgkqhkiG9w0BAQsFAAOCAQEAnUTeimeRR5hSKOmEedSKItqLTL9PKTfgjS3nEA0z
Vwmt4M7NDSt0syicR1err5abZXVdD2hsdH/Xur9Evkh4wpSNEf1tbtyPP25NgVn5
xhp6RthpA80WvyRjrzzCMihLipTM7l9JxzYSZbNp1Q3XytK0lxs6BndXNiVlpFia
qYwmVD0EBUWb1JJUPXlcvxvxfnHrtEV9CTqbL079hdNFOlA3qudLuobi+BZo8WrW
5IlCZehWiwZF8CS34bkv8ldlCx87Y3EApvM9kv2lky6K0kFG66RvoME9fNAnCpt4
8ZpR8dQ0LMMR1wj47O4zyEqkUjfJtMBop0Qc8uDxcA1T5w==
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:08:48 2024 by rpki-client on console-ams.rpki-client.org