Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/HPm_tU3xruIs2bjDb32zKw0QCSk.roa
File: HPm_tU3xruIs2bjDb32zKw0QCSk.roa (raw, json)
Hash identifier: nXu5Ta+zppx0KtzfIZBjIcExDj6ceGRhVVh55jWWOKA=
Subject key identifier: 1C:F9:BF:B5:4D:F1:AE:E2:2C:D9:B8:C3:6F:7D:B3:2B:0D:10:09:29
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 018CC79364FF97AEAED2FCE5B1BA34F0B122
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/HPm_tU3xruIs2bjDb32zKw0QCSk.roa
Signing time: Tue 02 Jan 2024 00:29:34 +0000
ROA not before: Tue 02 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213296
IP address blocks: 85.28.48.0/22 maxlen: 22
85.28.56.0/22 maxlen: 22
85.28.54.0/23 maxlen: 23
85.28.52.0/23 maxlen: 23
85.28.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:64:ff:97:ae:ae:d2:fc:e5:b1:ba:34:f0:b1:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 2 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cf9bfb54df1aee22cd9b8c36f7db32b0d100929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9d:c2:5a:14:15:af:f6:0e:20:a1:45:4d:c5:
fd:aa:bb:9d:33:36:e2:e2:fd:4c:29:aa:2e:f3:4c:
f1:88:49:33:fc:94:a0:2a:01:7d:60:30:f7:07:bd:
ba:0d:80:f6:ba:53:b7:85:27:a9:b3:4b:14:af:df:
cc:fb:a7:fe:71:15:b9:dd:84:2c:26:7d:57:ce:95:
0d:a1:c7:cf:5c:9f:c7:12:1a:e0:a4:7f:57:7b:e8:
8e:c0:c8:ee:b6:d9:d0:b0:37:70:5e:ff:ed:fc:58:
76:04:d2:ad:29:23:09:a7:2f:67:de:be:4d:9d:64:
24:24:7f:e9:44:1e:04:56:46:6d:50:72:c2:df:92:
82:86:8a:b3:28:40:c8:b9:a8:94:08:61:cf:fd:aa:
cd:f1:a2:4e:c8:10:bf:e1:50:05:ca:74:1f:04:97:
a7:7c:37:3d:eb:89:83:1b:d6:1b:39:e8:56:2c:dd:
19:6b:1e:66:b1:70:c8:4b:0b:a8:ef:a8:61:13:c5:
dc:79:fb:58:53:02:00:59:1a:89:13:f8:23:56:90:
5e:e9:0f:5b:1c:86:d1:70:99:72:50:86:f7:4d:4a:
85:99:51:26:e5:67:7c:41:0d:88:41:70:0f:d5:68:
7c:30:1c:f2:97:4d:82:ca:fa:5d:91:0f:8d:72:00:
2f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F9:BF:B5:4D:F1:AE:E2:2C:D9:B8:C3:6F:7D:B3:2B:0D:10:09:29
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/HPm_tU3xruIs2bjDb32zKw0QCSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.48.0-85.28.59.255
Signature Algorithm: sha256WithRSAEncryption
9a:d1:ba:64:32:64:0e:d8:cf:6d:be:43:af:bd:6d:c9:51:e0:
fa:b9:9b:b9:d9:51:11:e9:9a:87:9a:7c:34:35:d7:f5:3e:4e:
5c:e1:91:f7:d2:27:56:a3:e2:d1:18:13:4f:38:c3:e2:56:1a:
22:7e:d0:61:44:62:79:c7:23:0b:70:1a:a0:de:c5:01:b6:bf:
9f:c5:54:52:58:4c:fa:01:25:8d:14:b0:bf:1b:be:fd:f4:25:
e3:8e:7b:59:e4:4b:de:ae:07:1d:82:d9:82:21:b3:f8:39:fe:
8d:82:be:98:27:e1:55:7e:7b:d7:57:d2:d2:a0:8f:1b:55:23:
ea:c0:c0:86:5a:ad:0e:e7:3d:38:fd:b9:30:fc:81:d0:7f:5f:
ee:e0:50:43:cc:07:9c:91:1b:05:f3:bf:5e:58:ba:4d:e9:75:
9e:93:90:58:10:f8:54:00:cb:d8:c1:38:b8:ac:0c:23:8b:7f:
10:9c:a6:53:ee:88:71:5c:d5:d4:63:55:62:d9:70:44:8d:f7:
5a:55:da:8a:d6:66:a5:e7:d3:80:9a:80:b9:b9:73:44:10:5f:
ed:c6:c2:e7:b4:36:a2:00:e6:f7:71:7f:2d:d8:30:a8:fa:40:
ba:47:d0:cb:90:f6:89:38:93:b7:c1:b8:f4:fb:5f:b4:e7:1f:
d9:8a:4d:70
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHk2T/l66u0vzlsbo08LEiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjQwMTAyMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y5YmZiNTRkZjFhZWUyMmNkOWI4YzM2ZjdkYjMyYjBkMTAwOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ3CWhQVr/YOIKFFTcX9qrudMzbi
4v1MKaou80zxiEkz/JSgKgF9YDD3B726DYD2ulO3hSeps0sUr9/M+6f+cRW53YQs
Jn1XzpUNocfPXJ/HEhrgpH9Xe+iOwMjuttnQsDdwXv/t/Fh2BNKtKSMJpy9n3r5N
nWQkJH/pRB4EVkZtUHLC35KChoqzKEDIuaiUCGHP/arN8aJOyBC/4VAFynQfBJen
fDc964mDG9YbOehWLN0Zax5msXDISwuo76hhE8XceftYUwIAWRqJE/gjVpBe6Q9b
HIbRcJlyUIb3TUqFmVEm5Wd8QQ2IQXAP1Wh8MBzyl02CyvpdkQ+NcgAvQQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBz5v7VN8a7iLNm4w299sysNEAkpMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvSFBtX3RVM3hydUlzMmJqRGIzMnpLdzBRQ1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBARVHDAD
BAJVHDgwDQYJKoZIhvcNAQELBQADggEBAJrRumQyZA7Yz22+Q6+9bclR4Pq5m7nZ
URHpmoeafDQ11/U+TlzhkffSJ1aj4tEYE084w+JWGiJ+0GFEYnnHIwtwGqDexQG2
v5/FVFJYTPoBJY0UsL8bvv30JeOOe1nkS96uBx2C2YIhs/g5/o2Cvpgn4VV+e9dX
0tKgjxtVI+rAwIZarQ7nPTj9uTD8gdB/X+7gUEPMB5yRGwXzv15Yuk3pdZ6TkFgQ
+FQAy9jBOLisDCOLfxCcplPuiHFc1dRjVWLZcESN91pV2orWZqXn04CagLm5c0QQ
X+3Gwue0NqIA5vdxfy3YMKj6QLpH0MuQ9ok4k7fBuPT7X7TnH9mKTXA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:42:34 2024 by rpki-client on console-fra.rpki-client.org