Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/hThNsMvoOF0q-5_uweLYXpAQ4e8.roa
File: hThNsMvoOF0q-5_uweLYXpAQ4e8.roa (raw, json)
Hash identifier: YqqWlDh3aV5pTteTdWuTwbfIecmL2n2NBOfue0T8UTQ=
Subject key identifier: 85:38:4D:B0:CB:E8:38:5D:2A:FB:9F:EE:C1:E2:D8:5E:90:10:E1:EF
Certificate issuer: /CN=0eb510d7c915a4be6df6b16ff582fd2d6ad23605
Certificate serial: 018CC8DF11B8BD220C0EA3D2250570C88091
Authority key identifier: 0E:B5:10:D7:C9:15:A4:BE:6D:F6:B1:6F:F5:82:FD:2D:6A:D2:36:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/hThNsMvoOF0q-5_uweLYXpAQ4e8.roa
Signing time: Tue 02 Jan 2024 06:31:51 +0000
ROA not before: Tue 02 Jan 2024 06:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50949
IP address blocks: 194.28.88.0/22 maxlen: 24
2001:67c:320::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:11:b8:bd:22:0c:0e:a3:d2:25:05:70:c8:80:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0eb510d7c915a4be6df6b16ff582fd2d6ad23605
Validity
Not Before: Jan 2 06:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85384db0cbe8385d2afb9feec1e2d85e9010e1ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:90:fa:73:b2:f2:b5:84:98:72:73:02:07:7a:
e1:cb:bc:5a:bd:98:b9:82:d7:70:b1:d1:20:47:9b:
e7:21:41:a0:79:2e:e6:d2:08:34:d3:a1:e9:a1:d1:
af:eb:d6:c6:4c:7e:67:34:dd:74:d2:b8:a3:5b:ab:
14:0c:e9:47:6e:09:c7:18:ef:76:61:ff:c1:7e:de:
1f:85:c7:48:a1:0f:4a:a2:dd:a6:b0:39:09:70:a4:
0b:67:a9:62:61:a7:28:fd:f0:ca:aa:7c:6e:fe:c9:
b5:7e:77:98:63:1c:65:5d:ca:9d:37:e9:54:37:2e:
e0:2e:b4:4f:53:2b:f1:9b:5a:4c:59:ee:86:44:0e:
f4:1b:3c:e3:0e:7f:a7:f8:5d:35:6f:94:05:94:a6:
92:06:68:7c:ac:b2:19:e3:3e:f2:80:0d:35:69:68:
3a:84:2e:a1:0d:e9:75:71:d8:07:af:19:3d:5e:c4:
f4:5c:e7:51:73:09:b4:3f:88:15:fc:e4:1f:04:08:
b3:45:0d:48:bc:fb:ed:3e:03:74:fb:be:8f:27:5d:
02:b8:7b:28:f5:0d:1a:58:71:cb:1a:0c:b1:d6:77:
50:ce:ef:f0:0f:1b:3a:e8:b8:82:22:cf:15:a9:57:
a8:36:db:54:0c:6c:14:de:c5:62:b0:39:39:03:8b:
d5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:38:4D:B0:CB:E8:38:5D:2A:FB:9F:EE:C1:E2:D8:5E:90:10:E1:EF
X509v3 Authority Key Identifier:
keyid:0E:B5:10:D7:C9:15:A4:BE:6D:F6:B1:6F:F5:82:FD:2D:6A:D2:36:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DrUQ18kVpL5t9rFv9YL9LWrSNgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/hThNsMvoOF0q-5_uweLYXpAQ4e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/96be3d-d7d2-4753-a783-d638a3be88ca/1/DrUQ18kVpL5t9rFv9YL9LWrSNgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.88.0/22
IPv6:
2001:67c:320::/48
Signature Algorithm: sha256WithRSAEncryption
19:ee:57:cb:e7:ed:c0:58:75:11:9d:58:0e:58:ae:f4:b9:76:
f1:83:f3:1d:2b:4d:a2:9c:0d:ec:3f:53:25:e9:32:e6:75:d8:
b0:9e:b9:e8:72:8a:03:8c:9e:a4:b5:6e:df:e4:44:c5:29:23:
32:6e:4e:c7:09:c9:81:42:3d:31:46:ed:cb:f6:c6:84:54:cf:
0e:9c:e7:ad:9a:ea:67:c8:ef:2f:eb:5a:86:52:4a:89:f9:cc:
7c:ee:1c:58:99:47:88:ca:fd:2a:12:00:d7:6b:1f:1d:cc:06:
e5:4e:1f:2a:0b:b3:d8:c3:7e:41:bd:23:1d:29:43:fb:5e:a5:
00:20:8b:30:41:91:c2:3c:5c:31:37:15:00:e8:3a:08:f0:0f:
52:9e:a4:4d:01:de:97:4d:e1:5d:ef:f5:9d:42:dd:af:19:29:
6f:1a:d9:36:e4:c8:ff:2a:ec:21:c0:8f:10:0d:1a:86:76:78:
cd:4d:8b:77:f3:f0:5a:91:48:96:99:cb:d1:1d:a3:b2:cb:d1:
bc:e3:88:13:ea:9f:ee:af:af:0c:30:1c:d1:1b:92:2a:8f:8f:
77:64:fd:84:8c:a5:b7:87:86:e5:8a:ca:9a:c1:42:47:ef:76:
35:ae:52:d1:e3:1c:01:1b:8d:93:57:8e:f5:db:63:1f:85:63:
23:8a:5c:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3xG4vSIMDqPSJQVwyICRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYjUxMGQ3YzkxNWE0YmU2ZGY2YjE2ZmY1ODJmZDJkNmFk
MjM2MDUwHhcNMjQwMTAyMDYzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM4NGRiMGNiZTgzODVkMmFmYjlmZWVjMWUyZDg1ZTkwMTBlMWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZD6c7LytYSYcnMCB3rhy7xavZi5
gtdwsdEgR5vnIUGgeS7m0gg006HpodGv69bGTH5nNN100rijW6sUDOlHbgnHGO92
Yf/Bft4fhcdIoQ9Kot2msDkJcKQLZ6liYaco/fDKqnxu/sm1fneYYxxlXcqdN+lU
Ny7gLrRPUyvxm1pMWe6GRA70GzzjDn+n+F01b5QFlKaSBmh8rLIZ4z7ygA01aWg6
hC6hDel1cdgHrxk9XsT0XOdRcwm0P4gV/OQfBAizRQ1IvPvtPgN0+76PJ10CuHso
9Q0aWHHLGgyx1ndQzu/wDxs66LiCIs8VqVeoNttUDGwU3sVisDk5A4vVfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIU4TbDL6DhdKvuf7sHi2F6QEOHvMB8GA1UdIwQY
MBaAFA61ENfJFaS+bfaxb/WC/S1q0jYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHJVUTE4a1ZwTDV0OXJGdjlZTDlMV3JTTmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85NmJlM2QtZDdkMi00NzUzLWE3ODMt
ZDYzOGEzYmU4OGNhLzEvaFRoTnNNdm9PRjBxLTVfdXdlTFlYcEFRNGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85NmJlM2QtZDdkMi00NzUzLWE3ODMtZDYzOGEzYmU4OGNh
LzEvRHJVUTE4a1ZwTDV0OXJGdjlZTDlMV3JTTmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwhxYMA8E
AgACMAkDBwAgAQZ8AyAwDQYJKoZIhvcNAQELBQADggEBABnuV8vn7cBYdRGdWA5Y
rvS5dvGD8x0rTaKcDew/UyXpMuZ12LCeuehyigOMnqS1bt/kRMUpIzJuTscJyYFC
PTFG7cv2xoRUzw6c562a6mfI7y/rWoZSSon5zHzuHFiZR4jK/SoSANdrHx3MBuVO
HyoLs9jDfkG9Ix0pQ/tepQAgizBBkcI8XDE3FQDoOgjwD1KepE0B3pdN4V3v9Z1C
3a8ZKW8a2TbkyP8q7CHAjxANGoZ2eM1Ni3fz8FqRSJaZy9Edo7LL0bzjiBPqn+6v
rwwwHNEbkiqPj3dk/YSMpbeHhuWKyprBQkfvdjWuUtHjHAEbjZNXjvXbYx+FYyOK
XIQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:40 2024 by rpki-client on console-ams.rpki-client.org