Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/HzEaWN2wE3J6qMUDkQEtIVh2LZA.roa
File: HzEaWN2wE3J6qMUDkQEtIVh2LZA.roa (raw, json)
Hash identifier: pvvGuSDldZ1sLgH7atKBPNn58A/CP7fzdGK+l/XFsVM=
Subject key identifier: 1F:31:1A:58:DD:B0:13:72:7A:A8:C5:03:91:01:2D:21:58:76:2D:90
Certificate issuer: /CN=acb54bcc49291a1f32b7cead4f296882d0531492
Certificate serial: 018CC4935F17E02B19DD20D50C06C2E94445
Authority key identifier: AC:B5:4B:CC:49:29:1A:1F:32:B7:CE:AD:4F:29:68:82:D0:53:14:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/HzEaWN2wE3J6qMUDkQEtIVh2LZA.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59554
IP address blocks: 5.178.112.0/21 maxlen: 21
2a01:9b40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/rLVLzEkpGh8yt86tTylogtBTFJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/rLVLzEkpGh8yt86tTylogtBTFJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5f:17:e0:2b:19:dd:20:d5:0c:06:c2:e9:44:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acb54bcc49291a1f32b7cead4f296882d0531492
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f311a58ddb013727aa8c50391012d2158762d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3e:69:28:42:1a:e5:c3:d7:b1:c4:9c:95:16:
2c:ac:fa:5b:50:13:e9:31:d3:3f:d6:8f:6c:9d:9e:
e2:08:5f:cd:38:6b:1c:44:5a:6f:d9:a3:df:83:c0:
bd:e9:dd:b8:0c:c8:ed:98:4b:0e:eb:65:5f:05:5d:
f9:53:04:cc:3c:2c:36:05:20:c9:71:09:12:ea:b9:
2b:c6:53:cb:ae:fa:51:eb:33:a8:94:1d:12:82:c2:
77:7e:4a:fd:6a:b8:47:1a:8e:74:0f:6f:25:7f:8d:
c7:9b:0f:f0:cd:68:85:03:ef:8b:f1:9b:d7:fc:a4:
33:22:b4:ef:52:f9:94:63:19:fc:3c:a3:28:d4:29:
7a:26:ca:04:7b:56:66:1d:23:8b:e9:96:f5:f2:d8:
42:dc:21:61:85:ed:41:6d:61:09:28:ae:c2:2a:b9:
2d:85:f9:57:db:28:d5:e2:ea:4d:02:d4:1a:1a:46:
11:df:e9:3b:e1:03:9d:0a:51:5a:dc:90:fe:1b:1e:
d0:32:a3:34:25:53:8f:3a:8e:e2:e0:cd:26:52:5e:
27:18:fa:7e:a6:dd:3d:b8:1a:48:26:65:78:fb:51:
f5:14:a3:7c:22:08:20:a7:11:33:a8:f2:e3:14:81:
f6:ac:d2:fc:07:b8:03:a5:1c:62:65:a8:5b:08:6c:
b0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:31:1A:58:DD:B0:13:72:7A:A8:C5:03:91:01:2D:21:58:76:2D:90
X509v3 Authority Key Identifier:
keyid:AC:B5:4B:CC:49:29:1A:1F:32:B7:CE:AD:4F:29:68:82:D0:53:14:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rLVLzEkpGh8yt86tTylogtBTFJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/HzEaWN2wE3J6qMUDkQEtIVh2LZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd2bdd-d3c4-4d60-b096-af3a685d579f/1/rLVLzEkpGh8yt86tTylogtBTFJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.112.0/21
IPv6:
2a01:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
3b:ff:f4:2b:a3:b8:69:10:5f:d2:c3:09:f9:46:bf:e7:2e:50:
95:db:79:5f:39:e8:c2:8e:32:fd:56:79:61:51:a7:6d:2c:49:
bc:3e:11:89:25:5d:fa:d9:29:03:4b:4e:05:4d:11:3e:a4:8e:
a9:e9:2f:88:29:f7:3f:f8:85:bd:ec:ab:a3:ef:37:64:0c:e8:
86:44:d9:b5:26:bb:cc:91:92:75:bc:41:70:a0:59:28:f7:3e:
1c:92:cd:ca:4c:f9:7e:45:d6:dd:19:25:a8:22:a4:a6:49:ac:
b4:94:fc:6d:16:1d:30:e7:d0:6b:ce:39:96:38:cb:fa:fa:04:
5b:b9:eb:12:6a:fb:af:9d:b7:f8:b3:1e:29:83:dd:69:ab:ff:
a5:60:10:32:ab:c6:bb:ef:80:8b:61:1e:b0:34:2e:22:31:9b:
67:3d:1f:02:77:f5:47:08:05:32:b8:ff:14:a5:1e:16:cd:61:
57:37:9c:bf:81:57:0c:b6:7d:4e:2c:d9:ed:85:73:30:13:27:
c9:08:03:30:08:b7:cc:7c:88:99:2e:02:0b:ed:3a:6f:9e:f2:
5f:7a:66:e8:9c:c4:d7:f6:eb:1d:8f:8c:1a:d0:7d:1c:f5:be:
35:e4:fc:9d:e7:4b:99:e6:be:50:69:15:0b:5a:01:2c:01:eb:
ca:de:4a:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk18X4CsZ3SDVDAbC6URFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYjU0YmNjNDkyOTFhMWYzMmI3Y2VhZDRmMjk2ODgyZDA1
MzE0OTIwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMxMWE1OGRkYjAxMzcyN2FhOGM1MDM5MTAxMmQyMTU4NzYyZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT5pKEIa5cPXscSclRYsrPpbUBPp
MdM/1o9snZ7iCF/NOGscRFpv2aPfg8C96d24DMjtmEsO62VfBV35UwTMPCw2BSDJ
cQkS6rkrxlPLrvpR6zOolB0SgsJ3fkr9arhHGo50D28lf43Hmw/wzWiFA++L8ZvX
/KQzIrTvUvmUYxn8PKMo1Cl6JsoEe1ZmHSOL6Zb18thC3CFhhe1BbWEJKK7CKrkt
hflX2yjV4upNAtQaGkYR3+k74QOdClFa3JD+Gx7QMqM0JVOPOo7i4M0mUl4nGPp+
pt09uBpIJmV4+1H1FKN8IgggpxEzqPLjFIH2rNL8B7gDpRxiZahbCGywxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB8xGljdsBNyeqjFA5EBLSFYdi2QMB8GA1UdIwQY
MBaAFKy1S8xJKRofMrfOrU8paILQUxSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckxWTHpFa3BHaDh5dDg2dFR5bG9ndEJURkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZDJiZGQtZDNjNC00ZDYwLWIwOTYt
YWYzYTY4NWQ1NzlmLzEvSHpFYVdOMndFM0o2cU1VRGtRRXRJVmgyTFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZDJiZGQtZDNjNC00ZDYwLWIwOTYtYWYzYTY4NWQ1Nzlm
LzEvckxWTHpFa3BHaDh5dDg2dFR5bG9ndEJURkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBbJwMA0E
AgACMAcDBQAqAZtAMA0GCSqGSIb3DQEBCwUAA4IBAQA7//Qro7hpEF/Swwn5Rr/n
LlCV23lfOejCjjL9VnlhUadtLEm8PhGJJV362SkDS04FTRE+pI6p6S+IKfc/+IW9
7Kuj7zdkDOiGRNm1JrvMkZJ1vEFwoFko9z4cks3KTPl+RdbdGSWoIqSmSay0lPxt
Fh0w59BrzjmWOMv6+gRbuesSavuvnbf4sx4pg91pq/+lYBAyq8a774CLYR6wNC4i
MZtnPR8Cd/VHCAUyuP8UpR4WzWFXN5y/gVcMtn1OLNnthXMwEyfJCAMwCLfMfIiZ
LgIL7TpvnvJfembonMTX9usdj4wa0H0c9b415Pyd50uZ5r5QaRULWgEsAevK3kp9
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:41:10 2024 by rpki-client on console-fra.rpki-client.org