Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e0f8c6-aadc-4c31-b92b-1a18738b4741/1/HXB1LDm5zZgSMqaKb90Jy7tlX0I.roa
File: HXB1LDm5zZgSMqaKb90Jy7tlX0I.roa (raw, json)
Hash identifier: Uxx2smW4IaJLMvXo86ENK4ZfxEo76T9stAo4MC3YFho=
Subject key identifier: 1D:70:75:2C:39:B9:CD:98:12:32:A6:8A:6F:DD:09:CB:BB:65:5F:42
Certificate issuer: /CN=361adf57c8dcb7bfd34e9aecd83e36342ec3a3c9
Certificate serial: 018CC794F9B0A2042BDA02708842D511A44C
Authority key identifier: 36:1A:DF:57:C8:DC:B7:BF:D3:4E:9A:EC:D8:3E:36:34:2E:C3:A3:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NhrfV8jct7_TTprs2D42NC7Do8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e0f8c6-aadc-4c31-b92b-1a18738b4741/1/HXB1LDm5zZgSMqaKb90Jy7tlX0I.roa
Signing time: Tue 02 Jan 2024 00:31:18 +0000
ROA not before: Tue 02 Jan 2024 00:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198812
IP address blocks: 91.239.147.0/24 maxlen: 24
2001:67c:1240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/e0f8c6-aadc-4c31-b92b-1a18738b4741/1/NhrfV8jct7_TTprs2D42NC7Do8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/e0f8c6-aadc-4c31-b92b-1a18738b4741/1/NhrfV8jct7_TTprs2D42NC7Do8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/NhrfV8jct7_TTprs2D42NC7Do8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f9:b0:a2:04:2b:da:02:70:88:42:d5:11:a4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=361adf57c8dcb7bfd34e9aecd83e36342ec3a3c9
Validity
Not Before: Jan 2 00:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d70752c39b9cd981232a68a6fdd09cbbb655f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bf:3a:9b:04:fa:3b:04:39:07:96:f4:e5:b8:
b5:0b:d0:44:29:fb:54:7a:f4:97:61:ef:bd:10:c9:
7b:06:9e:27:a6:49:f5:f5:cb:d4:c7:55:59:ff:f7:
64:1f:91:e1:41:12:4e:22:44:d8:99:79:51:47:43:
64:ac:d0:10:f3:ef:7a:ed:9e:65:9d:1a:cf:cb:cb:
a2:44:4e:66:f6:f9:93:6d:1e:c4:b1:41:94:85:32:
d2:b8:1a:fc:03:cf:fd:e1:2b:9e:55:70:b6:ae:c7:
7d:5d:88:a6:55:52:40:b8:44:63:ab:75:3f:35:63:
c1:1a:0a:e0:42:96:6b:15:f1:f7:1e:99:54:a5:51:
f1:d0:15:80:a7:79:0d:80:74:d1:08:33:3d:4d:db:
c1:e6:2b:b6:18:32:ca:83:30:48:08:62:6e:7d:83:
1a:07:0e:cd:f5:7c:5e:d3:4d:d8:a7:d1:9b:24:d6:
37:eb:69:50:1e:ef:26:1d:52:b1:e6:f7:dc:80:c1:
5b:4b:b8:44:6c:1d:d0:ab:49:1e:87:b5:6e:36:df:
21:6a:8d:ae:05:57:ca:4a:11:65:5b:82:56:78:33:
80:94:c1:00:44:9f:01:e3:4c:e1:b1:06:87:55:69:
41:a6:1f:cd:fc:fc:18:17:d3:4f:bf:2c:c7:cd:ba:
77:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:70:75:2C:39:B9:CD:98:12:32:A6:8A:6F:DD:09:CB:BB:65:5F:42
X509v3 Authority Key Identifier:
keyid:36:1A:DF:57:C8:DC:B7:BF:D3:4E:9A:EC:D8:3E:36:34:2E:C3:A3:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NhrfV8jct7_TTprs2D42NC7Do8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e0f8c6-aadc-4c31-b92b-1a18738b4741/1/HXB1LDm5zZgSMqaKb90Jy7tlX0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e0f8c6-aadc-4c31-b92b-1a18738b4741/1/NhrfV8jct7_TTprs2D42NC7Do8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.147.0/24
IPv6:
2001:67c:1240::/48
Signature Algorithm: sha256WithRSAEncryption
22:56:3a:b3:65:b9:67:71:2b:07:c4:42:c8:59:4a:00:64:d7:
c3:b0:ab:57:7a:63:b4:79:2d:9c:88:ec:1f:f2:24:9a:56:e2:
da:e1:5c:f0:ad:c1:87:f3:bf:8e:21:83:77:2d:0d:ae:cc:dd:
0e:3e:51:18:11:09:4c:3e:3b:84:d4:af:bf:c1:84:7d:8d:56:
36:d3:60:02:90:85:e0:31:98:02:f1:71:be:a0:e3:de:13:4f:
6e:9b:97:5a:63:df:cc:7b:a0:62:2c:1b:14:50:a8:14:4c:77:
9b:23:b6:bc:bd:5c:3e:b4:26:47:f5:b9:01:d6:18:c9:fe:1e:
cf:fe:41:fa:1d:55:f1:fd:f0:a9:ab:2b:76:6e:51:3f:cd:ad:
10:44:45:36:a6:da:88:4e:f8:3c:b2:03:5f:19:10:3b:93:2a:
ab:ad:dc:09:65:c9:81:fa:6e:e4:20:04:a2:59:43:4b:5a:18:
3a:7c:a7:43:24:ab:c6:21:b3:28:ec:4b:45:ab:32:8b:89:be:
42:13:e0:bf:d3:85:9c:b2:5b:6d:73:fd:af:45:b3:ad:77:88:
e7:69:38:20:36:30:ae:0a:60:6e:3e:0c:11:34:c2:56:45:f8:
aa:e6:68:68:48:93:db:fc:ac:db:f4:4e:bd:ad:fe:13:eb:7f:
09:e6:64:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlPmwogQr2gJwiELVEaRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MWFkZjU3YzhkY2I3YmZkMzRlOWFlY2Q4M2UzNjM0MmVj
M2EzYzkwHhcNMjQwMTAyMDAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDcwNzUyYzM5YjljZDk4MTIzMmE2OGE2ZmRkMDljYmJiNjU1ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb86mwT6OwQ5B5b05bi1C9BEKftU
evSXYe+9EMl7Bp4npkn19cvUx1VZ//dkH5HhQRJOIkTYmXlRR0NkrNAQ8+967Z5l
nRrPy8uiRE5m9vmTbR7EsUGUhTLSuBr8A8/94SueVXC2rsd9XYimVVJAuERjq3U/
NWPBGgrgQpZrFfH3HplUpVHx0BWAp3kNgHTRCDM9TdvB5iu2GDLKgzBICGJufYMa
Bw7N9Xxe003Yp9GbJNY362lQHu8mHVKx5vfcgMFbS7hEbB3Qq0keh7VuNt8hao2u
BVfKShFlW4JWeDOAlMEARJ8B40zhsQaHVWlBph/N/PwYF9NPvyzHzbp3kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB1wdSw5uc2YEjKmim/dCcu7ZV9CMB8GA1UdIwQY
MBaAFDYa31fI3Le/006a7Ng+NjQuw6PJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhyZlY4amN0N19UVHByczJENDJOQzdEbzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lMGY4YzYtYWFkYy00YzMxLWI5MmIt
MWExODczOGI0NzQxLzEvSFhCMUxEbTV6WmdTTXFhS2I5MEp5N3RsWDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lMGY4YzYtYWFkYy00YzMxLWI5MmItMWExODczOGI0NzQx
LzEvTmhyZlY4amN0N19UVHByczJENDJOQzdEbzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW++TMA8E
AgACMAkDBwAgAQZ8EkAwDQYJKoZIhvcNAQELBQADggEBACJWOrNluWdxKwfEQshZ
SgBk18Owq1d6Y7R5LZyI7B/yJJpW4trhXPCtwYfzv44hg3ctDa7M3Q4+URgRCUw+
O4TUr7/BhH2NVjbTYAKQheAxmALxcb6g494TT26bl1pj38x7oGIsGxRQqBRMd5sj
try9XD60Jkf1uQHWGMn+Hs/+QfodVfH98KmrK3ZuUT/NrRBERTam2ohO+DyyA18Z
EDuTKqut3AllyYH6buQgBKJZQ0taGDp8p0Mkq8YhsyjsS0WrMouJvkIT4L/ThZyy
W21z/a9Fs613iOdpOCA2MK4KYG4+DBE0wlZF+KrmaGhIk9v8rNv0Tr2t/hPrfwnm
ZI8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:40 2024 by rpki-client on console-ams.rpki-client.org