Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/96865e-c177-4844-8dc3-9c26b07b718b/1/H62-q5Al3BvsrtimTi-OnWuB_pI.roa
File: H62-q5Al3BvsrtimTi-OnWuB_pI.roa (raw, json)
Hash identifier: RMnIJkRxtssPHVIgWgJQGdXR2bFdfQkHGf8+lF686XM=
Subject key identifier: 1F:AD:BE:AB:90:25:DC:1B:EC:AE:D8:A6:4E:2F:8E:9D:6B:81:FE:92
Certificate issuer: /CN=5dd39e1de18514bac2f5a23910f8c7d4672a0fd8
Certificate serial: 018CC64A80AFB6038054CE69C8BCEE14C6C3
Authority key identifier: 5D:D3:9E:1D:E1:85:14:BA:C2:F5:A2:39:10:F8:C7:D4:67:2A:0F:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XdOeHeGFFLrC9aI5EPjH1GcqD9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/96865e-c177-4844-8dc3-9c26b07b718b/1/H62-q5Al3BvsrtimTi-OnWuB_pI.roa
Signing time: Mon 01 Jan 2024 18:30:20 +0000
ROA not before: Mon 01 Jan 2024 18:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197690
IP address blocks: 185.197.36.0/22 maxlen: 22
2a0a:75c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/96865e-c177-4844-8dc3-9c26b07b718b/1/XdOeHeGFFLrC9aI5EPjH1GcqD9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/96865e-c177-4844-8dc3-9c26b07b718b/1/XdOeHeGFFLrC9aI5EPjH1GcqD9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/XdOeHeGFFLrC9aI5EPjH1GcqD9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:80:af:b6:03:80:54:ce:69:c8:bc:ee:14:c6:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd39e1de18514bac2f5a23910f8c7d4672a0fd8
Validity
Not Before: Jan 1 18:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fadbeab9025dc1becaed8a64e2f8e9d6b81fe92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:96:e3:c2:b6:6b:fb:82:f0:a3:4f:d7:0f:34:
cd:df:3b:d8:a4:9f:16:6c:10:c8:0c:6f:ce:bc:7f:
1d:f1:bf:5e:5b:ac:eb:10:a6:e4:36:e0:b3:03:93:
1b:78:8b:25:64:c9:f9:91:91:71:85:c6:54:3a:c1:
53:1d:21:89:b4:fb:cc:ea:29:b7:58:16:ad:69:7c:
17:3f:b3:fd:76:87:bd:e6:97:71:84:f8:c6:b3:77:
97:f8:81:e3:d5:aa:22:d3:11:63:3f:44:4a:ac:6d:
3a:85:1f:66:35:48:2a:06:36:d9:0a:5c:ad:64:39:
87:8e:0d:c2:ea:44:2f:4c:c1:99:52:61:d0:bb:73:
db:bb:a8:19:d3:21:01:11:ce:47:05:ad:0a:a7:65:
ba:99:bf:88:4a:a6:3b:5f:86:21:58:8e:f0:e8:b7:
93:70:38:de:87:a2:55:94:85:08:ca:52:14:76:28:
19:12:6a:af:ad:80:ad:c0:fe:5c:f4:e7:7c:c5:c2:
2f:5a:5e:99:48:bb:f4:87:01:32:20:36:b2:f8:2f:
a1:f0:8d:21:04:9d:08:1d:f5:0c:35:57:e9:81:07:
d2:8c:cf:c8:0d:34:45:56:c1:71:f0:f6:8d:8f:7c:
0c:d8:39:96:c7:c4:85:55:1c:fa:78:7b:8d:84:62:
a1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AD:BE:AB:90:25:DC:1B:EC:AE:D8:A6:4E:2F:8E:9D:6B:81:FE:92
X509v3 Authority Key Identifier:
keyid:5D:D3:9E:1D:E1:85:14:BA:C2:F5:A2:39:10:F8:C7:D4:67:2A:0F:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdOeHeGFFLrC9aI5EPjH1GcqD9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/96865e-c177-4844-8dc3-9c26b07b718b/1/H62-q5Al3BvsrtimTi-OnWuB_pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/96865e-c177-4844-8dc3-9c26b07b718b/1/XdOeHeGFFLrC9aI5EPjH1GcqD9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.36.0/22
IPv6:
2a0a:75c0::/32
Signature Algorithm: sha256WithRSAEncryption
27:8d:76:a3:28:3f:35:c1:c0:e8:1d:a2:d0:ac:bb:74:c2:8f:
41:d5:29:2b:7f:88:18:29:26:30:12:38:17:67:08:f8:ff:e7:
01:bd:8f:45:d2:04:53:04:7e:a3:da:a6:8a:12:e8:85:87:fa:
7f:0c:be:2e:1a:17:9e:32:52:46:69:ad:35:9f:bb:a0:f9:0c:
8a:0a:2f:12:c7:f7:71:b8:e1:4b:78:2f:50:3a:5b:2a:e9:e4:
33:5f:39:28:07:f7:14:4e:a7:c8:e4:62:98:86:00:aa:20:5e:
36:8c:cc:ac:cd:7d:78:f6:a5:42:89:cb:ee:36:b4:1b:52:d9:
d9:fc:f1:5b:af:33:ad:97:ab:3c:c3:d8:e1:8c:c0:c6:1f:84:
44:8b:e2:d1:9f:bd:e8:3c:37:0c:4d:18:14:eb:d0:b1:06:7b:
29:ae:85:22:95:88:d6:4c:bf:f6:77:8e:9d:21:b1:cc:27:c2:
7a:c1:9f:b6:c9:49:13:b6:ca:7a:43:45:06:04:71:c0:ba:88:
42:75:75:21:01:14:4c:09:f3:2d:4a:69:36:ab:4e:6e:47:63:
1f:2a:02:d2:c5:3a:3f:ea:06:62:e5:72:ba:fa:25:ae:92:89:
9f:83:b4:cb:49:71:a5:60:fe:18:ef:ec:d8:45:02:27:dc:8b:
6d:ae:52:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSoCvtgOAVM5pyLzuFMbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDM5ZTFkZTE4NTE0YmFjMmY1YTIzOTEwZjhjN2Q0Njcy
YTBmZDgwHhcNMjQwMTAxMTgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFkYmVhYjkwMjVkYzFiZWNhZWQ4YTY0ZTJmOGU5ZDZiODFmZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZbjwrZr+4Lwo0/XDzTN3zvYpJ8W
bBDIDG/OvH8d8b9eW6zrEKbkNuCzA5MbeIslZMn5kZFxhcZUOsFTHSGJtPvM6im3
WBataXwXP7P9doe95pdxhPjGs3eX+IHj1aoi0xFjP0RKrG06hR9mNUgqBjbZClyt
ZDmHjg3C6kQvTMGZUmHQu3Pbu6gZ0yEBEc5HBa0Kp2W6mb+ISqY7X4YhWI7w6LeT
cDjeh6JVlIUIylIUdigZEmqvrYCtwP5c9Od8xcIvWl6ZSLv0hwEyIDay+C+h8I0h
BJ0IHfUMNVfpgQfSjM/IDTRFVsFx8PaNj3wM2DmWx8SFVRz6eHuNhGKhWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB+tvquQJdwb7K7Ypk4vjp1rgf6SMB8GA1UdIwQY
MBaAFF3Tnh3hhRS6wvWiORD4x9RnKg/YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRPZUhlR0ZGTHJDOWFJNUVQakgxR2NxRDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85Njg2NWUtYzE3Ny00ODQ0LThkYzMt
OWMyNmIwN2I3MThiLzEvSDYyLXE1QWwzQnZzcnRpbVRpLU9uV3VCX3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85Njg2NWUtYzE3Ny00ODQ0LThkYzMtOWMyNmIwN2I3MThi
LzEvWGRPZUhlR0ZGTHJDOWFJNUVQakgxR2NxRDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucUkMA0E
AgACMAcDBQAqCnXAMA0GCSqGSIb3DQEBCwUAA4IBAQAnjXajKD81wcDoHaLQrLt0
wo9B1Skrf4gYKSYwEjgXZwj4/+cBvY9F0gRTBH6j2qaKEuiFh/p/DL4uGheeMlJG
aa01n7ug+QyKCi8Sx/dxuOFLeC9QOlsq6eQzXzkoB/cUTqfI5GKYhgCqIF42jMys
zX149qVCicvuNrQbUtnZ/PFbrzOtl6s8w9jhjMDGH4REi+LRn73oPDcMTRgU69Cx
BnsproUilYjWTL/2d46dIbHMJ8J6wZ+2yUkTtsp6Q0UGBHHAuohCdXUhARRMCfMt
Smk2q05uR2MfKgLSxTo/6gZi5XK6+iWukomfg7TLSXGlYP4Y7+zYRQIn3IttrlLv
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:24:26 2024 by rpki-client on console-ams.rpki-client.org