Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/HImsFaKV08TLV6wVdauWms4-JOc.roa
File: HImsFaKV08TLV6wVdauWms4-JOc.roa (raw, json)
Hash identifier: 2mYX6YTb9x1BYUgkuBVc0N5W+dRm0Q7gByu7LotyHkw=
Subject key identifier: 1C:89:AC:15:A2:95:D3:C4:CB:57:AC:15:75:AB:96:9A:CE:3E:24:E7
Certificate issuer: /CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Certificate serial: 018CC727468EA47ACB3359F9F350BD58861C
Authority key identifier: 26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/HImsFaKV08TLV6wVdauWms4-JOc.roa
Signing time: Mon 01 Jan 2024 22:31:29 +0000
ROA not before: Mon 01 Jan 2024 22:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16074
IP address blocks: 62.112.160.0/19 maxlen: 20
62.145.32.0/19 maxlen: 24
62.145.63.0/24 maxlen: 24
62.145.62.0/24 maxlen: 24
217.115.224.0/20 maxlen: 21
192.113.0.0/16 maxlen: 24
2a01:67c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:46:8e:a4:7a:cb:33:59:f9:f3:50:bd:58:86:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bdec99d89565a634a7b2c5401fed7ac47bf232
Validity
Not Before: Jan 1 22:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c89ac15a295d3c4cb57ac1575ab969ace3e24e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ee:12:0e:6d:e6:09:29:8a:29:05:91:3d:80:
ad:f9:f8:b3:17:df:50:90:67:45:50:01:40:66:ed:
45:fe:fd:87:c2:a4:08:31:af:bd:a6:21:1f:e7:45:
f7:dc:a0:21:08:dc:b5:e0:4f:31:00:5f:62:21:c7:
f0:3d:a2:c2:0d:57:7a:b5:5c:79:a5:3f:36:7d:83:
3c:d5:da:67:46:4d:e3:ba:56:5b:50:5f:cc:30:df:
49:9f:96:67:40:0f:b3:f6:6f:21:2d:4d:65:9b:51:
2e:37:58:50:0b:77:4f:bc:b2:1e:df:5b:d0:f8:07:
9d:09:c5:53:2b:4d:d0:1c:02:ee:5a:75:d1:d1:4f:
b4:9d:9d:50:1f:e0:27:3f:d6:81:48:c8:65:ec:dd:
8b:4d:6c:36:51:81:64:95:c2:90:b1:f1:fd:e7:b2:
4f:0e:40:d2:30:a7:63:4c:dd:aa:6a:e1:48:02:31:
7c:a3:6d:a1:59:87:17:b6:4b:6a:6c:50:d8:98:3d:
ac:99:d0:d5:c1:10:db:22:fd:51:56:5c:2b:78:8e:
78:67:39:df:0f:b5:99:10:b0:b6:2e:90:50:02:02:
b8:87:3b:0a:c1:43:63:76:81:4b:b1:2d:3a:11:51:
c7:61:e7:f9:23:8f:4b:5f:dd:dd:01:14:75:de:6b:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:89:AC:15:A2:95:D3:C4:CB:57:AC:15:75:AB:96:9A:CE:3E:24:E7
X509v3 Authority Key Identifier:
keyid:26:BD:EC:99:D8:95:65:A6:34:A7:B2:C5:40:1F:ED:7A:C4:7B:F2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3smdiVZaY0p7LFQB_tesR78jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/HImsFaKV08TLV6wVdauWms4-JOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/c57dc2-cfa9-42b9-b9c7-7f201212d883/1/Jr3smdiVZaY0p7LFQB_tesR78jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.160.0/19
62.145.32.0/19
192.113.0.0/16
217.115.224.0/20
IPv6:
2a01:67c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:38:80:1a:0c:76:2a:eb:30:9a:5b:7d:a1:c7:db:86:33:f4:
4c:63:d9:ce:ca:36:7e:c0:23:f5:c3:52:39:d2:69:7b:00:73:
d4:ca:d3:b0:c7:f1:d3:0f:82:2d:17:af:e8:83:96:16:5b:b9:
84:7e:87:af:e6:2b:c1:cf:69:7c:ad:93:74:1c:3d:75:a7:3f:
86:74:7f:51:63:93:24:6b:59:84:0b:51:b1:7f:e7:8f:7e:bd:
f6:92:51:1b:dc:59:4f:e7:ed:fd:61:91:83:5b:5c:1e:02:62:
90:90:b1:b5:ae:08:0c:ae:03:f0:52:0a:84:84:7b:30:26:3c:
f8:71:b2:31:8d:25:da:55:df:bb:2c:a5:f4:93:51:0f:fa:a2:
5e:9c:06:d1:33:96:86:34:d7:de:b6:ac:4d:91:08:3d:63:32:
8f:f0:d7:10:ab:3c:da:38:1b:aa:82:fb:9c:f8:6f:4c:79:54:
7f:46:db:90:5c:3e:03:93:f9:6e:62:ba:c8:d5:a3:f5:d5:26:
a3:5c:fd:da:97:fc:61:04:d3:fe:7c:ec:72:96:8d:7b:99:8a:
b3:5d:37:c3:44:52:cd:04:3f:56:82:e0:4a:f1:b9:60:cb:78:
08:27:05:29:8e:c1:10:29:7d:44:5a:82:e6:5b:27:b4:2a:b9:
45:50:36:a5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJ0aOpHrLM1n581C9WIYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRlYzk5ZDg5NTY1YTYzNGE3YjJjNTQwMWZlZDdhYzQ3
YmYyMzIwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg5YWMxNWEyOTVkM2M0Y2I1N2FjMTU3NWFiOTY5YWNlM2UyNGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1O4SDm3mCSmKKQWRPYCt+fizF99Q
kGdFUAFAZu1F/v2HwqQIMa+9piEf50X33KAhCNy14E8xAF9iIcfwPaLCDVd6tVx5
pT82fYM81dpnRk3julZbUF/MMN9Jn5ZnQA+z9m8hLU1lm1EuN1hQC3dPvLIe31vQ
+AedCcVTK03QHALuWnXR0U+0nZ1QH+AnP9aBSMhl7N2LTWw2UYFklcKQsfH957JP
DkDSMKdjTN2qauFIAjF8o22hWYcXtktqbFDYmD2smdDVwRDbIv1RVlwreI54Zznf
D7WZELC2LpBQAgK4hzsKwUNjdoFLsS06EVHHYef5I49LX93dARR13mt4UQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFByJrBWildPEy1esFXWrlprOPiTnMB8GA1UdIwQY
MBaAFCa97JnYlWWmNKeyxUAf7XrEe/IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5Yzct
N2YyMDEyMTJkODgzLzEvSEltc0ZhS1YwOFRMVjZ3VmRhdVdtczQtSk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9jNTdkYzItY2ZhOS00MmI5LWI5YzctN2YyMDEyMTJkODgz
LzEvSnIzc21kaVZaYVkwcDdMRlFCX3Rlc1I3OGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQFPnCgAwQF
PpEgAwMAwHEDBATZc+AwDQQCAAIwBwMFACoBZ8AwDQYJKoZIhvcNAQELBQADggEB
AK84gBoMdirrMJpbfaHH24Yz9Exj2c7KNn7AI/XDUjnSaXsAc9TK07DH8dMPgi0X
r+iDlhZbuYR+h6/mK8HPaXytk3QcPXWnP4Z0f1FjkyRrWYQLUbF/549+vfaSURvc
WU/n7f1hkYNbXB4CYpCQsbWuCAyuA/BSCoSEezAmPPhxsjGNJdpV37sspfSTUQ/6
ol6cBtEzloY01962rE2RCD1jMo/w1xCrPNo4G6qC+5z4b0x5VH9G25BcPgOT+W5i
usjVo/XVJqNc/dqX/GEE0/587HKWjXuZirNdN8NEUs0EP1aC4ErxuWDLeAgnBSmO
wRApfURaguZbJ7QquUVQNqU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:03 2024 by rpki-client on console-ams.rpki-client.org