Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/864fe2-0478-4381-8320-bedafb0922dd/1/HCxrVSw5gaP3ntQ_Q0GOsxqVobA.roa
File: HCxrVSw5gaP3ntQ_Q0GOsxqVobA.roa (raw, json)
Hash identifier: pdEqyII5SJFXyKnTlFRkQTqzNHsyQzy7Oqf21yci4pg=
Subject key identifier: 1C:2C:6B:55:2C:39:81:A3:F7:9E:D4:3F:43:41:8E:B3:1A:95:A1:B0
Certificate issuer: /CN=8a55f4899c246d1754a16882d0e76807eb8e2b5e
Certificate serial: 018CC3490CF6F2C2C81BC5C4CC60D5F3F07B
Authority key identifier: 8A:55:F4:89:9C:24:6D:17:54:A1:68:82:D0:E7:68:07:EB:8E:2B:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilX0iZwkbRdUoWiC0OdoB-uOK14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/864fe2-0478-4381-8320-bedafb0922dd/1/HCxrVSw5gaP3ntQ_Q0GOsxqVobA.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49754
IP address blocks: 195.130.194.0/24 maxlen: 24
2001:67c:247c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/864fe2-0478-4381-8320-bedafb0922dd/1/ilX0iZwkbRdUoWiC0OdoB-uOK14.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/864fe2-0478-4381-8320-bedafb0922dd/1/ilX0iZwkbRdUoWiC0OdoB-uOK14.mft
rsync://rpki.ripe.net/repository/DEFAULT/ilX0iZwkbRdUoWiC0OdoB-uOK14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0c:f6:f2:c2:c8:1b:c5:c4:cc:60:d5:f3:f0:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a55f4899c246d1754a16882d0e76807eb8e2b5e
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c2c6b552c3981a3f79ed43f43418eb31a95a1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:95:09:d5:5e:53:26:17:49:c5:86:d5:e4:ac:
9c:1c:e5:fd:76:ad:1f:8c:de:b2:2c:c2:52:39:84:
53:f6:dc:5f:b3:06:6a:41:58:41:f9:66:82:c2:8a:
6a:e7:29:ef:46:92:52:db:0c:40:34:26:18:d3:0b:
75:04:f5:da:3b:2f:6c:e1:09:c0:97:1c:fc:62:4e:
52:00:44:08:c0:60:8d:f5:19:c5:ae:21:7a:25:1c:
84:bd:9d:e7:10:0f:b6:d3:9c:dc:14:69:96:5b:4a:
c6:c7:bc:26:2b:a6:7c:11:79:ff:77:14:3f:6f:2a:
f3:28:d4:17:5d:14:2d:6c:b5:b8:41:9d:4b:9c:cc:
9c:45:f6:98:f3:1b:0f:cf:22:3e:d7:7e:b4:f7:22:
c9:23:a9:bf:10:e4:5c:86:fd:f9:e4:d3:f3:ac:28:
65:9c:5f:3e:7f:a7:c8:30:01:a4:68:42:e1:94:00:
d0:9f:a3:d2:c8:58:e5:eb:ac:33:0a:30:f4:c1:35:
59:0d:3a:e5:6c:10:f2:83:59:19:ef:53:d0:0c:b0:
56:a4:ad:1c:9a:9d:98:6b:ac:d7:de:75:89:73:20:
f9:3d:47:6b:7c:3c:16:5c:0b:8a:5b:2a:10:ad:02:
06:41:bd:38:6e:b4:c1:b3:85:cf:1a:17:58:52:96:
9f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2C:6B:55:2C:39:81:A3:F7:9E:D4:3F:43:41:8E:B3:1A:95:A1:B0
X509v3 Authority Key Identifier:
keyid:8A:55:F4:89:9C:24:6D:17:54:A1:68:82:D0:E7:68:07:EB:8E:2B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilX0iZwkbRdUoWiC0OdoB-uOK14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/864fe2-0478-4381-8320-bedafb0922dd/1/HCxrVSw5gaP3ntQ_Q0GOsxqVobA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/864fe2-0478-4381-8320-bedafb0922dd/1/ilX0iZwkbRdUoWiC0OdoB-uOK14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.194.0/24
IPv6:
2001:67c:247c::/48
Signature Algorithm: sha256WithRSAEncryption
72:4e:72:db:c3:2e:83:fd:d8:26:ee:7e:dc:e2:b1:b4:27:14:
91:cc:1a:e4:72:8c:7e:2f:47:f7:00:56:85:55:93:cf:2a:93:
5e:29:27:ca:7e:b0:27:be:cc:00:c7:4d:96:c5:a7:29:43:0e:
cb:21:d0:54:d2:bc:47:13:19:20:50:63:03:d8:9f:df:66:0b:
77:70:5a:a3:6c:09:b1:67:0d:ef:1b:ff:7d:72:13:0d:23:da:
8b:2b:b3:bd:38:92:70:2e:83:d3:21:f3:e8:a0:d4:b1:06:a9:
50:7d:74:17:25:8c:32:5a:12:a1:ab:4d:5c:41:d3:38:17:7b:
8f:0f:b3:44:b8:16:dc:61:e2:7a:6b:ff:53:f6:69:95:92:a1:
a1:35:93:a2:c2:03:8c:44:e7:c0:e8:14:63:66:6d:31:73:41:
69:f6:02:29:58:6b:21:02:0b:15:64:41:e9:3d:ad:a6:b5:ea:
ab:41:d3:4f:00:0d:84:5c:21:51:0e:8b:c8:f5:f7:e6:c2:2e:
b5:be:cb:38:11:64:6e:1e:9c:b7:81:23:96:c2:0f:78:5f:ab:
47:9b:bc:b1:fb:5d:f5:20:ed:ff:4a:4c:b9:54:a1:c9:cc:0e:
60:8d:87:8d:a8:af:7c:4b:e2:75:bd:c6:b0:68:a3:ee:43:ed:
3b:54:9b:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSQz28sLIG8XEzGDV8/B7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTVmNDg5OWMyNDZkMTc1NGExNjg4MmQwZTc2ODA3ZWI4
ZTJiNWUwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJjNmI1NTJjMzk4MWEzZjc5ZWQ0M2Y0MzQxOGViMzFhOTVhMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpUJ1V5TJhdJxYbV5KycHOX9dq0f
jN6yLMJSOYRT9txfswZqQVhB+WaCwopq5ynvRpJS2wxANCYY0wt1BPXaOy9s4QnA
lxz8Yk5SAEQIwGCN9RnFriF6JRyEvZ3nEA+205zcFGmWW0rGx7wmK6Z8EXn/dxQ/
byrzKNQXXRQtbLW4QZ1LnMycRfaY8xsPzyI+13609yLJI6m/EORchv355NPzrChl
nF8+f6fIMAGkaELhlADQn6PSyFjl66wzCjD0wTVZDTrlbBDyg1kZ71PQDLBWpK0c
mp2Ya6zX3nWJcyD5PUdrfDwWXAuKWyoQrQIGQb04brTBs4XPGhdYUpafzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBwsa1UsOYGj957UP0NBjrMalaGwMB8GA1UdIwQY
MBaAFIpV9ImcJG0XVKFogtDnaAfrjiteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxYMGlad2tiUmRVb1dpQzBPZG9CLXVPSzE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi84NjRmZTItMDQ3OC00MzgxLTgzMjAt
YmVkYWZiMDkyMmRkLzEvSEN4clZTdzVnYVAzbnRRX1EwR09zeHFWb2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi84NjRmZTItMDQ3OC00MzgxLTgzMjAtYmVkYWZiMDkyMmRk
LzEvaWxYMGlad2tiUmRVb1dpQzBPZG9CLXVPSzE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4LCMA8E
AgACMAkDBwAgAQZ8JHwwDQYJKoZIhvcNAQELBQADggEBAHJOctvDLoP92Cbuftzi
sbQnFJHMGuRyjH4vR/cAVoVVk88qk14pJ8p+sCe+zADHTZbFpylDDssh0FTSvEcT
GSBQYwPYn99mC3dwWqNsCbFnDe8b/31yEw0j2osrs704knAug9Mh8+ig1LEGqVB9
dBcljDJaEqGrTVxB0zgXe48Ps0S4Ftxh4npr/1P2aZWSoaE1k6LCA4xE58DoFGNm
bTFzQWn2AilYayECCxVkQek9raa16qtB008ADYRcIVEOi8j19+bCLrW+yzgRZG4e
nLeBI5bCD3hfq0ebvLH7XfUg7f9KTLlUocnMDmCNh42or3xL4nW9xrBoo+5D7TtU
m2w=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:13 2024 by rpki-client on console-ams.rpki-client.org