Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/H5C9ug6SlIzW8I0KKNPP32nTUPY.roa
File: H5C9ug6SlIzW8I0KKNPP32nTUPY.roa (raw, json)
Hash identifier: z3+G/PNFh1eKLlPvq6KNYFOHP+WbZdRrZCDl68Ej1HE=
Subject key identifier: 1F:90:BD:BA:0E:92:94:8C:D6:F0:8D:0A:28:D3:CF:DF:69:D3:50:F6
Certificate issuer: /CN=932460b78f6e8f4662aec7858e92051e856099f5
Certificate serial: 018CC4253A9C0DEC4F5E5CE21E3B33C95729
Authority key identifier: 93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/H5C9ug6SlIzW8I0KKNPP32nTUPY.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.161.88.0/22 maxlen: 24
2a00:ddc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3a:9c:0d:ec:4f:5e:5c:e2:1e:3b:33:c9:57:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=932460b78f6e8f4662aec7858e92051e856099f5
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f90bdba0e92948cd6f08d0a28d3cfdf69d350f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:69:d7:d4:e0:58:90:4f:c3:ad:ef:79:3e:
3a:dd:1e:21:e9:16:d4:44:0f:2a:c7:c4:62:e1:51:
87:01:0e:d0:06:e5:cf:13:fe:8a:dd:75:b3:57:4d:
09:03:40:44:b1:92:44:b5:10:5a:52:a9:f6:d5:ae:
d5:1e:da:bc:28:05:51:19:c3:cf:c6:00:ae:73:21:
27:d6:10:2c:8b:e9:3a:22:ca:cc:6e:f6:2a:72:e6:
1a:00:b3:5c:08:3a:a2:6f:93:f4:bd:7b:a6:97:9d:
b1:30:ea:4a:4e:7f:c3:45:e6:bd:a6:6d:98:20:be:
d5:ee:09:93:25:43:c4:d5:aa:42:62:dd:3c:72:ef:
92:d4:61:63:38:9f:32:62:d4:50:80:46:8d:8c:21:
bb:20:2d:44:19:6c:b0:f5:13:10:02:8e:63:48:4f:
cc:8d:33:45:ac:b6:be:1c:a2:45:7c:c4:97:7e:22:
6b:86:3e:90:fa:e0:48:a2:63:ae:cf:8a:31:a6:34:
b1:56:f0:9f:3a:f4:7f:90:b2:cd:c1:6b:a0:f2:50:
1a:4b:42:9f:76:55:7b:c7:a6:cc:40:17:32:ce:ab:
ab:b6:93:5a:b2:68:6f:7f:96:92:91:af:b5:b2:cc:
c9:59:2f:0e:6f:28:be:4a:9d:52:e6:e2:e4:12:57:
cb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:90:BD:BA:0E:92:94:8C:D6:F0:8D:0A:28:D3:CF:DF:69:D3:50:F6
X509v3 Authority Key Identifier:
keyid:93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/H5C9ug6SlIzW8I0KKNPP32nTUPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.88.0/22
IPv6:
2a00:ddc0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:bb:93:b3:3b:fe:39:5e:90:18:e3:06:10:03:7c:9c:a3:66:
36:59:1f:52:35:9c:92:4a:ed:7e:76:51:17:e4:a9:ae:54:2e:
95:a6:35:7c:13:64:97:3f:be:04:d1:bc:ea:b8:3e:cb:e6:6d:
e0:9d:0b:67:5c:5f:a7:d6:eb:68:b9:77:68:6c:ba:82:cf:ac:
b3:53:a9:38:bf:c9:a6:ee:ce:a3:a2:29:6e:96:ec:24:d4:d5:
8e:f2:18:66:32:10:29:3c:8c:f9:18:75:a0:a0:9d:25:98:fe:
26:1a:13:6b:df:56:c1:c0:7c:96:33:67:97:bc:42:08:3e:a9:
fc:15:1d:67:4e:4b:51:81:3c:62:c7:ac:2c:e9:f6:6b:b7:59:
af:03:05:e8:1d:8d:28:3b:3c:41:37:ad:2a:6b:c8:45:d9:8c:
ab:84:67:a0:79:1b:81:e0:dd:e9:e1:8b:19:43:79:25:9d:53:
1d:79:35:bf:54:5d:65:08:d0:50:5f:95:55:cc:33:d6:72:94:
86:58:3f:90:a2:1e:a6:75:d8:4e:51:01:68:d4:a9:24:84:f6:
6a:b7:ed:88:f5:ff:61:45:e2:b8:4f:a3:1f:92:91:5e:d9:69:
77:eb:e9:5d:08:07:9f:c8:06:e8:b1:1c:fe:9b:e9:b7:e6:ed:
8a:44:64:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJTqcDexPXlziHjszyVcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjQ2MGI3OGY2ZThmNDY2MmFlYzc4NThlOTIwNTFlODU2
MDk5ZjUwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjkwYmRiYTBlOTI5NDhjZDZmMDhkMGEyOGQzY2ZkZjY5ZDM1MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDBp19TgWJBPw63veT463R4h6RbU
RA8qx8Ri4VGHAQ7QBuXPE/6K3XWzV00JA0BEsZJEtRBaUqn21a7VHtq8KAVRGcPP
xgCucyEn1hAsi+k6IsrMbvYqcuYaALNcCDqib5P0vXuml52xMOpKTn/DRea9pm2Y
IL7V7gmTJUPE1apCYt08cu+S1GFjOJ8yYtRQgEaNjCG7IC1EGWyw9RMQAo5jSE/M
jTNFrLa+HKJFfMSXfiJrhj6Q+uBIomOuz4oxpjSxVvCfOvR/kLLNwWug8lAaS0Kf
dlV7x6bMQBcyzqurtpNasmhvf5aSka+1sszJWS8Obyi+Sp1S5uLkElfLrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB+QvboOkpSM1vCNCijTz99p01D2MB8GA1UdIwQY
MBaAFJMkYLePbo9GYq7HhY6SBR6FYJn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMt
OGM5ZmNiYjNlYzUyLzEvSDVDOXVnNlNsSXpXOEkwS0tOUFAzMm5UVVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMtOGM5ZmNiYjNlYzUy
LzEva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaFYMA0E
AgACMAcDBQAqAN3AMA0GCSqGSIb3DQEBCwUAA4IBAQBfu5OzO/45XpAY4wYQA3yc
o2Y2WR9SNZySSu1+dlEX5KmuVC6VpjV8E2SXP74E0bzquD7L5m3gnQtnXF+n1uto
uXdobLqCz6yzU6k4v8mm7s6joiluluwk1NWO8hhmMhApPIz5GHWgoJ0lmP4mGhNr
31bBwHyWM2eXvEIIPqn8FR1nTktRgTxix6ws6fZrt1mvAwXoHY0oOzxBN60qa8hF
2YyrhGegeRuB4N3p4YsZQ3klnVMdeTW/VF1lCNBQX5VVzDPWcpSGWD+Qoh6mddhO
UQFo1KkkhPZqt+2I9f9hReK4T6MfkpFe2Wl36+ldCAefyAbosRz+m+m35u2KRGQ0
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:39:28 2024 by rpki-client on console-ams.rpki-client.org