Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/hmOrkY3iSICuWt7V7WeE4RyXJhg.roa
File: hmOrkY3iSICuWt7V7WeE4RyXJhg.roa (raw, json)
Hash identifier: vSKZz9uoWLQoiZrVC3KG5aoi9j/LAruzZpMNix+8Bjc=
Subject key identifier: 86:63:AB:91:8D:E2:48:80:AE:5A:DE:D5:ED:67:84:E1:1C:97:26:18
Certificate issuer: /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial: 018CC3B7055DA68C7D8D21175D98571B541B
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/hmOrkY3iSICuWt7V7WeE4RyXJhg.roa
Signing time: Mon 01 Jan 2024 06:30:00 +0000
ROA not before: Mon 01 Jan 2024 06:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24631
IP address blocks: 176.122.211.0/24 maxlen: 24
176.122.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:05:5d:a6:8c:7d:8d:21:17:5d:98:57:1b:54:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Validity
Not Before: Jan 1 06:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8663ab918de24880ae5aded5ed6784e11c972618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f0:0f:b0:af:73:4c:74:07:91:47:e3:b2:32:
e4:37:98:66:a6:d3:a0:2b:b2:b2:1b:12:31:1b:09:
52:13:ff:c7:38:07:71:e7:09:1a:46:22:99:bf:03:
22:0c:ff:d3:dd:28:90:8e:9e:5a:3d:59:62:cd:97:
13:31:92:4a:da:dc:cf:ae:01:8f:13:3d:e1:1d:bc:
db:3d:87:5e:86:bc:ce:b8:50:32:3e:fd:00:c4:46:
c0:c5:a4:9e:79:73:e5:8d:ce:b5:4d:9f:3a:7e:36:
91:c7:d6:c1:5b:f2:0f:59:5e:36:11:4f:e6:50:e6:
bd:e4:81:c1:7d:01:9d:66:c6:e9:f5:f4:7a:af:59:
68:52:cb:f1:03:e3:39:c3:36:b8:6e:5c:0d:23:04:
53:ab:e9:1d:ac:41:74:92:29:96:ae:d4:73:04:5a:
b6:26:db:9d:a4:e1:dc:c2:3f:3e:af:49:f7:f8:5f:
14:31:c2:1e:86:c4:57:fe:ca:03:ad:f7:69:9d:24:
72:38:b0:76:10:a3:d8:a9:c3:22:ca:80:c8:ce:00:
dd:6e:09:b1:b9:39:e4:57:5f:46:a3:d3:02:b1:25:
69:f7:a8:2f:70:ad:9b:7e:fe:e0:ac:01:cc:79:06:
1e:30:5e:4a:63:77:8a:b2:29:58:cb:7d:f5:b3:09:
cd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:63:AB:91:8D:E2:48:80:AE:5A:DE:D5:ED:67:84:E1:1C:97:26:18
X509v3 Authority Key Identifier:
keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/hmOrkY3iSICuWt7V7WeE4RyXJhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.210.0/23
Signature Algorithm: sha256WithRSAEncryption
21:eb:c6:28:e5:e0:b1:00:35:9b:f1:c8:d6:f6:4e:f4:5c:1e:
c6:3a:21:33:6b:28:eb:72:a0:8f:70:e9:14:a4:98:04:8f:67:
58:69:0a:68:ea:cb:59:ea:7e:52:88:a8:cf:68:6b:0f:80:09:
4c:7c:96:b1:5e:2c:9b:b7:b6:0f:18:bd:9a:89:9f:34:c7:cf:
41:62:1a:cf:9f:cd:c7:08:14:5a:84:af:37:7b:de:f0:20:f2:
b7:2d:b2:36:5b:7e:11:59:50:7f:81:1b:88:64:3a:e9:19:f3:
58:3b:78:74:d0:53:03:46:5e:e6:58:98:67:e9:c5:c5:00:15:
55:c7:7f:95:cf:33:48:e2:25:cd:5d:35:6b:c0:d2:e2:b2:81:
3f:f0:05:9a:3c:ac:c5:77:ce:ae:f0:6f:62:a6:ee:2f:5a:b7:
d5:58:bc:36:d5:45:e9:1b:21:c2:cb:c3:7e:1f:3b:91:8d:67:
ae:31:f1:0b:a6:ab:e9:35:d7:a3:e4:73:d7:5d:a9:61:6c:ec:
4b:29:d2:f4:cc:1b:ab:e8:20:d8:80:4e:d2:0e:9c:af:3e:de:
31:ff:2c:0d:8b:a2:68:d2:c4:8d:aa:fc:52:9c:83:f9:e0:5b:
bb:c2:c9:06:07:59:59:1d:92:a9:ef:c6:6e:4e:b1:36:a9:d3:
ae:bc:f6:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtwVdpox9jSEXXZhXG1QbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2
Zjg4MzIwHhcNMjQwMTAxMDYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYzYWI5MThkZTI0ODgwYWU1YWRlZDVlZDY3ODRlMTFjOTcyNjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivAPsK9zTHQHkUfjsjLkN5hmptOg
K7KyGxIxGwlSE//HOAdx5wkaRiKZvwMiDP/T3SiQjp5aPVlizZcTMZJK2tzPrgGP
Ez3hHbzbPYdehrzOuFAyPv0AxEbAxaSeeXPljc61TZ86fjaRx9bBW/IPWV42EU/m
UOa95IHBfQGdZsbp9fR6r1loUsvxA+M5wza4blwNIwRTq+kdrEF0kimWrtRzBFq2
JtudpOHcwj8+r0n3+F8UMcIehsRX/soDrfdpnSRyOLB2EKPYqcMiyoDIzgDdbgmx
uTnkV19Go9MCsSVp96gvcK2bfv7grAHMeQYeMF5KY3eKsilYy331swnNLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZjq5GN4kiArlre1e1nhOEclyYYMB8GA1UdIwQY
MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt
Y2I5ZTFlZDc3OWFjLzEvaG1PcmtZM2lTSUN1V3Q3VjdXZUU0UnlYSmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj
LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G
CSqGSIb3DQEBCwUAA4IBAQAh68Yo5eCxADWb8cjW9k70XB7GOiEzayjrcqCPcOkU
pJgEj2dYaQpo6stZ6n5SiKjPaGsPgAlMfJaxXiybt7YPGL2aiZ80x89BYhrPn83H
CBRahK83e97wIPK3LbI2W34RWVB/gRuIZDrpGfNYO3h00FMDRl7mWJhn6cXFABVV
x3+VzzNI4iXNXTVrwNLisoE/8AWaPKzFd86u8G9ipu4vWrfVWLw21UXpGyHCy8N+
HzuRjWeuMfELpqvpNdej5HPXXalhbOxLKdL0zBur6CDYgE7SDpyvPt4x/ywNi6Jo
0sSNqvxSnIP54Fu7wskGB1lZHZKp78ZuTrE2qdOuvPZ3
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:33 2024 by rpki-client on console-ams.rpki-client.org