Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/454412-c062-4b45-a644-a038ef1eff39/1/HenAIuxv0Oe_3mE-eQ9vMQAVZq4.roa
File: HenAIuxv0Oe_3mE-eQ9vMQAVZq4.roa (raw, json)
Hash identifier: IXt08XUJtQ/QZE9XLyjzApsu6c+V5tvasvWHvug9qUA=
Subject key identifier: 1D:E9:C0:22:EC:6F:D0:E7:BF:DE:61:3E:79:0F:6F:31:00:15:66:AE
Certificate issuer: /CN=45ed111630e05297795dddd298ea1fb29e695c53
Certificate serial: 018CC727196A7909503E31E2D7B5CA5D7C9C
Authority key identifier: 45:ED:11:16:30:E0:52:97:79:5D:DD:D2:98:EA:1F:B2:9E:69:5C:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Re0RFjDgUpd5Xd3SmOofsp5pXFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/454412-c062-4b45-a644-a038ef1eff39/1/HenAIuxv0Oe_3mE-eQ9vMQAVZq4.roa
Signing time: Mon 01 Jan 2024 22:31:17 +0000
ROA not before: Mon 01 Jan 2024 22:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 141.64.0.0/16 maxlen: 16
2a12:e140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/454412-c062-4b45-a644-a038ef1eff39/1/Re0RFjDgUpd5Xd3SmOofsp5pXFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/454412-c062-4b45-a644-a038ef1eff39/1/Re0RFjDgUpd5Xd3SmOofsp5pXFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Re0RFjDgUpd5Xd3SmOofsp5pXFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:19:6a:79:09:50:3e:31:e2:d7:b5:ca:5d:7c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45ed111630e05297795dddd298ea1fb29e695c53
Validity
Not Before: Jan 1 22:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1de9c022ec6fd0e7bfde613e790f6f31001566ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6f:a2:8d:ef:ff:46:2d:38:12:47:de:a5:d4:
41:be:95:e1:e1:0a:67:4a:5d:46:01:18:c5:42:7d:
1d:42:6b:23:7c:83:9a:23:95:52:cc:c4:53:55:20:
53:3f:ac:a8:ad:65:a3:18:99:bd:da:7e:97:be:67:
8a:1c:4c:47:07:21:94:b8:70:df:d3:63:0f:23:78:
8a:4d:8a:68:60:11:9c:30:94:2c:8b:30:20:1b:30:
30:a6:ee:8f:2f:87:da:75:1a:04:f6:da:64:a3:41:
27:4c:01:ea:35:73:59:a7:3d:8b:36:2b:8e:b4:cc:
15:98:a6:4e:09:3d:4d:f5:6e:41:e4:d6:d0:33:93:
63:b6:2d:f5:c1:69:41:ea:e8:7e:36:66:ed:6c:55:
ad:44:97:9a:fc:6a:e5:e5:7a:64:cf:68:5a:b8:c4:
ea:e0:df:ed:49:9a:c1:85:7d:bd:12:b3:43:44:49:
8a:bc:ed:b6:23:8b:4e:8f:6b:f3:5f:ad:53:6c:42:
77:25:fb:b8:e9:e3:2d:26:6b:5a:8b:35:f1:7c:00:
d3:36:a8:b7:98:29:e2:21:62:2e:2d:a4:9b:89:34:
30:7e:14:64:ce:e5:60:2c:68:3b:33:de:5a:4b:3f:
38:b8:6b:2f:5c:91:14:8f:01:24:00:86:5c:e8:b7:
2b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E9:C0:22:EC:6F:D0:E7:BF:DE:61:3E:79:0F:6F:31:00:15:66:AE
X509v3 Authority Key Identifier:
keyid:45:ED:11:16:30:E0:52:97:79:5D:DD:D2:98:EA:1F:B2:9E:69:5C:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Re0RFjDgUpd5Xd3SmOofsp5pXFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/454412-c062-4b45-a644-a038ef1eff39/1/HenAIuxv0Oe_3mE-eQ9vMQAVZq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/454412-c062-4b45-a644-a038ef1eff39/1/Re0RFjDgUpd5Xd3SmOofsp5pXFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.64.0.0/16
IPv6:
2a12:e140::/29
Signature Algorithm: sha256WithRSAEncryption
96:18:92:a6:fb:5a:63:5a:e9:7b:c4:71:63:b8:33:37:57:09:
a0:b2:85:c7:26:80:1c:fe:4d:16:83:7c:b0:8d:9e:e1:e7:7d:
a9:67:67:2f:1b:0a:40:64:b0:59:16:9d:f8:ae:de:26:91:45:
41:5d:fd:23:27:33:03:43:1a:fb:3a:f0:c8:d8:b3:94:03:91:
d6:74:da:ac:c9:45:22:5e:19:2d:c7:18:d6:c7:85:bd:f1:93:
40:f6:96:5c:47:05:2c:0d:13:2b:3b:9d:50:01:68:25:6a:95:
01:a1:e5:9d:93:08:1d:95:df:3b:c9:f2:5d:f9:d8:8e:88:50:
05:da:b0:e5:0a:69:0b:f4:32:f3:f2:29:1c:44:5a:a4:84:bf:
70:a6:d0:fa:cc:d3:d6:09:5f:14:55:3a:50:97:44:16:a3:c8:
94:93:ff:11:61:e8:0a:64:5c:af:aa:83:8c:07:88:f3:18:45:
1f:52:61:af:5b:e1:9c:15:ac:bb:00:30:ee:3f:4a:b4:6f:e9:
1a:9c:e5:45:a3:e7:23:d7:9d:27:fd:a0:4f:98:5f:46:63:51:
40:f5:71:59:e1:21:62:4b:2e:25:1d:61:59:f9:09:e0:24:8d:
96:f7:c6:ec:04:76:18:3e:14:64:27:03:39:17:93:30:54:21:
90:25:62:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJxlqeQlQPjHi17XKXXycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZWQxMTE2MzBlMDUyOTc3OTVkZGRkMjk4ZWExZmIyOWU2
OTVjNTMwHhcNMjQwMTAxMjIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGU5YzAyMmVjNmZkMGU3YmZkZTYxM2U3OTBmNmYzMTAwMTU2NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW+ije//Ri04EkfepdRBvpXh4Qpn
Sl1GARjFQn0dQmsjfIOaI5VSzMRTVSBTP6yorWWjGJm92n6XvmeKHExHByGUuHDf
02MPI3iKTYpoYBGcMJQsizAgGzAwpu6PL4fadRoE9tpko0EnTAHqNXNZpz2LNiuO
tMwVmKZOCT1N9W5B5NbQM5Njti31wWlB6uh+NmbtbFWtRJea/Grl5Xpkz2hauMTq
4N/tSZrBhX29ErNDREmKvO22I4tOj2vzX61TbEJ3Jfu46eMtJmtaizXxfADTNqi3
mCniIWIuLaSbiTQwfhRkzuVgLGg7M95aSz84uGsvXJEUjwEkAIZc6LcrkQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB3pwCLsb9Dnv95hPnkPbzEAFWauMB8GA1UdIwQY
MBaAFEXtERYw4FKXeV3d0pjqH7KeaVxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmUwUkZqRGdVcGQ1WGQzU21Pb2ZzcDVwWEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80NTQ0MTItYzA2Mi00YjQ1LWE2NDQt
YTAzOGVmMWVmZjM5LzEvSGVuQUl1eHYwT2VfM21FLWVROXZNUUFWWnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80NTQ0MTItYzA2Mi00YjQ1LWE2NDQtYTAzOGVmMWVmZjM5
LzEvUmUwUkZqRGdVcGQ1WGQzU21Pb2ZzcDVwWEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAjUAwDQQC
AAIwBwMFAyoS4UAwDQYJKoZIhvcNAQELBQADggEBAJYYkqb7WmNa6XvEcWO4MzdX
CaCyhccmgBz+TRaDfLCNnuHnfalnZy8bCkBksFkWnfiu3iaRRUFd/SMnMwNDGvs6
8MjYs5QDkdZ02qzJRSJeGS3HGNbHhb3xk0D2llxHBSwNEys7nVABaCVqlQGh5Z2T
CB2V3zvJ8l352I6IUAXasOUKaQv0MvPyKRxEWqSEv3Cm0PrM09YJXxRVOlCXRBaj
yJST/xFh6ApkXK+qg4wHiPMYRR9SYa9b4ZwVrLsAMO4/SrRv6Rqc5UWj5yPXnSf9
oE+YX0ZjUUD1cVnhIWJLLiUdYVn5CeAkjZb3xuwEdhg+FGQnAzkXkzBUIZAlYpc=
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:39:43 2024 by rpki-client on console-ams.rpki-client.org