Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/HRqfEE2BQVLPrz-DB1cDCimeDXs.roa
File: HRqfEE2BQVLPrz-DB1cDCimeDXs.roa (raw, json)
Hash identifier: 1hdSxRdGdGY22qeCSrDPw/oFbmGuej9lyuA7QF5gJaE=
Subject key identifier: 1D:1A:9F:10:4D:81:41:52:CF:AF:3F:83:07:57:03:0A:29:9E:0D:7B
Certificate issuer: /CN=56b4bfcd0164ad7c6688af22246c82e1995dd351
Certificate serial: 018CC56E13F1167B1534A22E22509EA11517
Authority key identifier: 56:B4:BF:CD:01:64:AD:7C:66:88:AF:22:24:6C:82:E1:99:5D:D3:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrS_zQFkrXxmiK8iJGyC4Zld01E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/HRqfEE2BQVLPrz-DB1cDCimeDXs.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15694
IP address blocks: 185.123.124.0/23 maxlen: 23
185.123.126.0/23 maxlen: 23
2a06:af00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/VrS_zQFkrXxmiK8iJGyC4Zld01E.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/VrS_zQFkrXxmiK8iJGyC4Zld01E.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrS_zQFkrXxmiK8iJGyC4Zld01E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:13:f1:16:7b:15:34:a2:2e:22:50:9e:a1:15:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b4bfcd0164ad7c6688af22246c82e1995dd351
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d1a9f104d814152cfaf3f830757030a299e0d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:44:46:61:a8:ea:d2:7d:21:14:87:21:35:5c:
10:90:e5:72:66:5a:5c:2c:17:3b:91:f9:eb:c8:5b:
9a:7c:7b:05:68:53:c3:74:06:88:95:57:78:57:ae:
f8:fe:26:17:a5:3c:f9:2b:4d:dd:35:9c:47:1d:4d:
09:98:e4:21:c7:ac:96:24:7a:80:0c:f9:4a:58:a2:
bc:94:9b:49:62:7c:78:df:77:65:70:00:5d:5c:fb:
1a:06:38:0d:50:f2:1d:4a:df:94:74:2f:74:eb:78:
ed:fb:a5:9c:d2:1b:e9:56:39:79:d2:32:de:11:cc:
60:6c:4e:f0:ca:6d:92:c6:95:1f:a0:da:f0:24:13:
5d:da:3c:43:af:91:2c:fe:0d:50:eb:29:ec:59:1a:
45:d9:70:90:5f:b1:31:a9:6f:61:f5:c5:00:38:5a:
1f:70:ab:d0:79:97:04:a9:df:3b:12:ca:8b:7f:03:
cb:12:dc:00:ce:5b:f0:08:af:47:62:53:3b:0d:ea:
01:cd:fb:25:b3:35:12:7b:50:fe:13:07:d5:d6:82:
40:8c:de:7a:c1:6c:3d:c8:8f:1f:40:f8:85:5a:64:
ed:8b:96:f7:7d:ca:1f:45:a7:08:93:bd:06:62:80:
ed:35:d1:af:9a:08:9d:ed:4c:43:df:6e:37:95:4a:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1A:9F:10:4D:81:41:52:CF:AF:3F:83:07:57:03:0A:29:9E:0D:7B
X509v3 Authority Key Identifier:
keyid:56:B4:BF:CD:01:64:AD:7C:66:88:AF:22:24:6C:82:E1:99:5D:D3:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrS_zQFkrXxmiK8iJGyC4Zld01E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/HRqfEE2BQVLPrz-DB1cDCimeDXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/e03e0f-f3a6-4c55-addd-241665f49d25/1/VrS_zQFkrXxmiK8iJGyC4Zld01E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.124.0/22
IPv6:
2a06:af00::/29
Signature Algorithm: sha256WithRSAEncryption
52:92:1a:3d:57:09:7a:c3:8a:52:99:7c:13:ce:39:3a:e2:74:
31:83:05:3c:5a:83:ce:39:85:81:41:f3:5d:df:40:1e:92:2d:
aa:16:73:2c:c5:87:88:4d:28:ce:69:19:48:1b:f5:c7:04:e5:
00:c4:21:23:4b:cd:a1:2d:e0:be:24:13:2e:ce:df:f3:9c:fb:
8b:22:09:cc:af:e2:e0:53:b6:2f:a6:2d:48:2e:2a:df:3a:e5:
f4:41:3a:e3:0b:6e:bb:83:b5:54:31:5a:83:af:d9:c1:8d:80:
eb:05:e1:15:a4:84:c2:9c:61:53:50:32:f0:7a:db:7e:ad:27:
9e:86:3d:3d:e0:ed:0e:17:3a:66:09:e3:60:e5:5e:18:d2:a4:
9c:69:46:3d:37:c5:f0:8b:a3:95:33:21:c3:63:3d:1b:20:d9:
ae:b2:0c:cb:70:97:00:48:75:ef:bf:11:b3:28:01:8c:06:da:
8e:de:e9:17:eb:f5:bb:ba:8d:6a:79:e2:12:6e:cd:89:ea:37:
c9:e1:6a:86:4a:d7:72:3a:ab:c0:ad:68:d6:c8:ae:19:66:b5:
57:b7:25:c7:81:f2:91:ed:8f:ea:44:5f:71:ea:0a:3e:fb:27:
88:13:b4:8e:3b:dd:e5:90:83:88:b0:29:23:4a:5b:62:6f:e0:
7f:1d:aa:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbhPxFnsVNKIuIlCeoRUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YjRiZmNkMDE2NGFkN2M2Njg4YWYyMjI0NmM4MmUxOTk1
ZGQzNTEwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDFhOWYxMDRkODE0MTUyY2ZhZjNmODMwNzU3MDMwYTI5OWUwZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiERGYajq0n0hFIchNVwQkOVyZlpc
LBc7kfnryFuafHsFaFPDdAaIlVd4V674/iYXpTz5K03dNZxHHU0JmOQhx6yWJHqA
DPlKWKK8lJtJYnx433dlcABdXPsaBjgNUPIdSt+UdC9063jt+6Wc0hvpVjl50jLe
EcxgbE7wym2SxpUfoNrwJBNd2jxDr5Es/g1Q6ynsWRpF2XCQX7ExqW9h9cUAOFof
cKvQeZcEqd87EsqLfwPLEtwAzlvwCK9HYlM7DeoBzfslszUSe1D+EwfV1oJAjN56
wWw9yI8fQPiFWmTti5b3fcofRacIk70GYoDtNdGvmgid7UxD3243lUrw8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB0anxBNgUFSz68/gwdXAwopng17MB8GA1UdIwQY
MBaAFFa0v80BZK18ZoivIiRsguGZXdNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJTX3pRRmtyWHhtaUs4aUpHeUM0WmxkMDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9lMDNlMGYtZjNhNi00YzU1LWFkZGQt
MjQxNjY1ZjQ5ZDI1LzEvSFJxZkVFMkJRVkxQcnotREIxY0RDaW1lRFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9lMDNlMGYtZjNhNi00YzU1LWFkZGQtMjQxNjY1ZjQ5ZDI1
LzEvVnJTX3pRRmtyWHhtaUs4aUpHeUM0WmxkMDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXt8MA0E
AgACMAcDBQMqBq8AMA0GCSqGSIb3DQEBCwUAA4IBAQBSkho9Vwl6w4pSmXwTzjk6
4nQxgwU8WoPOOYWBQfNd30Aeki2qFnMsxYeITSjOaRlIG/XHBOUAxCEjS82hLeC+
JBMuzt/znPuLIgnMr+LgU7Yvpi1ILirfOuX0QTrjC267g7VUMVqDr9nBjYDrBeEV
pITCnGFTUDLwett+rSeehj094O0OFzpmCeNg5V4Y0qScaUY9N8Xwi6OVMyHDYz0b
INmusgzLcJcASHXvvxGzKAGMBtqO3ukX6/W7uo1qeeISbs2J6jfJ4WqGStdyOqvA
rWjWyK4ZZrVXtyXHgfKR7Y/qRF9x6go++yeIE7SOO93lkIOIsCkjSltib+B/HarY
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:58:44 2024 by rpki-client on console-ams.rpki-client.org