Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/HfKnCeLI0VAtCDxqG2gVHB92Dg8.roa
File: HfKnCeLI0VAtCDxqG2gVHB92Dg8.roa (raw, json)
Hash identifier: EwzHdPUcFcsWXEwoIMqBtYJAGh4q85SVK3E5WVlQedI=
Subject key identifier: 1D:F2:A7:09:E2:C8:D1:50:2D:08:3C:6A:1B:68:15:1C:1F:76:0E:0F
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 018E5188365E4094C052040749946E8E6EF8
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/HfKnCeLI0VAtCDxqG2gVHB92Dg8.roa
Signing time: Mon 18 Mar 2024 12:27:45 +0000
ROA not before: Mon 18 Mar 2024 12:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208033
IP address blocks: 45.158.206.0/23 maxlen: 23
2a0c:dc80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:88:36:5e:40:94:c0:52:04:07:49:94:6e:8e:6e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Mar 18 12:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1df2a709e2c8d1502d083c6a1b68151c1f760e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3e:eb:fb:4c:b5:65:3f:36:d6:20:67:2f:ff:
46:b1:ba:dc:58:0a:ec:4c:f8:43:1a:0a:68:25:f4:
b9:a9:9d:a8:58:1f:80:6b:18:3a:8b:cb:36:21:d6:
a7:51:d1:10:69:95:c0:31:0f:d1:88:f1:07:53:7b:
0d:23:44:f6:25:cd:aa:fc:51:4a:98:ae:7e:49:9d:
ca:1d:93:3b:72:29:ca:6d:a8:2c:64:18:48:a5:e2:
94:c5:c1:2f:11:a1:49:eb:c9:dc:84:bb:66:b3:2b:
f8:e8:13:f0:4c:a3:68:2d:1f:39:9c:16:4b:f5:2f:
f3:ee:6a:fa:f3:3d:a6:5b:c3:1c:bc:fc:32:98:74:
db:ab:ff:40:b2:8a:9f:3e:06:12:d3:3e:60:c9:b3:
2b:06:65:11:26:84:44:7c:02:78:60:ff:dd:85:41:
9c:6e:7a:e3:b1:d0:0a:ae:19:ab:b3:a5:7c:89:6e:
15:e5:fa:3f:d2:94:df:53:78:6e:db:c0:4f:01:46:
d4:e8:61:cd:11:0b:ff:63:a8:5d:65:d8:3d:2c:40:
6d:76:73:f8:f1:c9:9b:d0:53:f6:9c:9e:8c:d2:19:
d3:22:e4:dd:53:64:4e:0a:2f:8f:5b:55:c0:ff:7e:
c3:05:dc:74:3f:69:81:0c:1d:2a:30:3e:9d:56:0b:
76:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F2:A7:09:E2:C8:D1:50:2D:08:3C:6A:1B:68:15:1C:1F:76:0E:0F
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/HfKnCeLI0VAtCDxqG2gVHB92Dg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.206.0/23
IPv6:
2a0c:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
65:7e:e3:ed:1e:91:04:19:a6:3d:9c:f7:a3:d6:a7:86:27:7f:
47:9c:6d:62:a3:fe:40:56:1c:03:f6:c7:36:62:1e:14:72:3d:
81:f4:24:ae:4f:e8:a8:f7:df:09:ea:6d:a0:3b:b9:a4:ae:17:
4c:d0:97:d3:6a:70:ec:10:97:7e:e2:93:12:ac:c3:8a:d4:36:
7a:29:c7:ed:ae:92:15:32:a7:5e:0c:1b:7e:41:a6:8f:0b:2f:
0d:07:0a:4b:9d:45:65:64:24:2f:4f:09:63:f5:d4:b3:34:9b:
82:9d:e9:d8:51:86:08:04:df:85:7e:38:f8:27:7b:2a:c3:61:
46:08:0b:bf:ef:68:3a:eb:a4:22:cf:74:39:65:4d:ad:0e:2d:
bb:40:37:91:28:d6:42:4c:9a:f3:7e:59:e6:1b:58:5e:db:bb:
bd:9a:a3:fc:84:a5:b5:94:27:ca:03:5b:16:10:4c:d8:7f:b9:
e9:8c:31:83:79:32:06:19:a4:61:aa:b7:8f:d3:8a:49:b1:31:
af:f6:82:cf:c0:e0:3b:90:ca:88:9c:97:8c:90:2c:dc:72:5a:
d0:eb:9f:f9:29:fc:b6:8b:ab:d0:5c:82:b0:3e:4b:c7:b6:e2:
db:99:db:69:d6:22:ce:5b:55:a5:3b:b3:aa:aa:08:59:a7:03:
43:fe:7c:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5RiDZeQJTAUgQHSZRujm74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjQwMzE4MTIyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGYyYTcwOWUyYzhkMTUwMmQwODNjNmExYjY4MTUxYzFmNzYwZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjj7r+0y1ZT821iBnL/9GsbrcWArs
TPhDGgpoJfS5qZ2oWB+Aaxg6i8s2IdanUdEQaZXAMQ/RiPEHU3sNI0T2Jc2q/FFK
mK5+SZ3KHZM7cinKbagsZBhIpeKUxcEvEaFJ68nchLtmsyv46BPwTKNoLR85nBZL
9S/z7mr68z2mW8McvPwymHTbq/9AsoqfPgYS0z5gybMrBmURJoREfAJ4YP/dhUGc
bnrjsdAKrhmrs6V8iW4V5fo/0pTfU3hu28BPAUbU6GHNEQv/Y6hdZdg9LEBtdnP4
8cmb0FP2nJ6M0hnTIuTdU2ROCi+PW1XA/37DBdx0P2mBDB0qMD6dVgt20wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB3ypwniyNFQLQg8ahtoFRwfdg4PMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvSGZLbkNlTEkwVkF0Q0R4cUcyZ1ZIQjkyRGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZ7OMA0E
AgACMAcDBQAqDNyAMA0GCSqGSIb3DQEBCwUAA4IBAQBlfuPtHpEEGaY9nPej1qeG
J39HnG1io/5AVhwD9sc2Yh4Ucj2B9CSuT+io998J6m2gO7mkrhdM0JfTanDsEJd+
4pMSrMOK1DZ6KcftrpIVMqdeDBt+QaaPCy8NBwpLnUVlZCQvTwlj9dSzNJuCnenY
UYYIBN+Ffjj4J3sqw2FGCAu/72g666Qiz3Q5ZU2tDi27QDeRKNZCTJrzflnmG1he
27u9mqP8hKW1lCfKA1sWEEzYf7npjDGDeTIGGaRhqreP04pJsTGv9oLPwOA7kMqI
nJeMkCzcclrQ65/5Kfy2i6vQXIKwPkvHtuLbmdtp1iLOW1WlO7OqqghZpwND/nwC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:39 2024 by rpki-client on console-ams.rpki-client.org