Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/HDiriWbUUICCN3bosu0VLxeBKy4.roa
File: HDiriWbUUICCN3bosu0VLxeBKy4.roa (raw, json)
Hash identifier: r0AO2sXEQkWwK679jfEp7AeV1pQPaI4LHcasTVuWJd4=
Subject key identifier: 1C:38:AB:89:66:D4:50:80:82:37:76:E8:B2:ED:15:2F:17:81:2B:2E
Certificate issuer: /CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Certificate serial: 018D93CD34CD8CD3C543B97231E8B99AB432
Authority key identifier: CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/HDiriWbUUICCN3bosu0VLxeBKy4.roa
Signing time: Sat 10 Feb 2024 16:15:15 +0000
ROA not before: Sat 10 Feb 2024 16:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39923
IP address blocks: 85.159.114.0/24 maxlen: 24
161.199.31.0/24 maxlen: 24
2a0f:efc0::/32 maxlen: 32
2a0f:efc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/ynSM0AzX_mohdVr2QtiBuN2aOfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/ynSM0AzX_mohdVr2QtiBuN2aOfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:cd:34:cd:8c:d3:c5:43:b9:72:31:e8:b9:9a:b4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca748cd00cd7fe6a21755af642d881b8dd9a39f7
Validity
Not Before: Feb 10 16:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c38ab8966d45080823776e8b2ed152f17812b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:44:d2:76:e2:45:4d:43:bb:86:62:f8:ea:5a:
92:fd:55:d4:e0:3d:48:65:46:1c:e0:f9:f2:18:f9:
57:6a:97:2c:1d:17:f5:ff:64:15:dc:f0:9f:4e:76:
e2:73:1f:1f:1e:39:d2:0e:0f:1e:78:2b:ff:12:a0:
9e:1d:9a:42:39:a8:d9:e8:68:0c:ed:d0:71:19:ba:
38:91:65:55:9c:e1:eb:61:f8:a3:5b:32:49:41:18:
33:d4:f9:c7:e4:09:d5:3c:62:41:19:04:27:c3:0d:
49:5e:ec:96:75:87:b4:ca:85:63:d6:60:61:1e:9a:
26:6d:25:db:7d:d0:24:d6:28:82:ec:62:8e:ab:06:
a8:22:04:b5:25:54:c1:aa:43:41:02:22:36:49:79:
ef:8c:4d:48:dc:34:ec:a9:cc:74:06:6f:eb:5a:cb:
ca:d8:26:5d:78:ae:e2:56:2c:78:00:eb:09:f3:62:
b1:b5:2f:6e:7c:1e:9b:be:e6:86:8b:32:75:3e:14:
67:9d:52:79:8e:8e:48:fc:10:22:54:b8:8e:9a:5c:
bc:79:7b:f9:1b:7e:c9:9a:e3:d3:66:d8:1e:82:73:
80:55:d6:b8:3a:9a:35:ac:ea:9d:de:1e:9d:3c:2b:
c4:2f:46:cf:fa:92:da:ea:db:6b:e2:cd:ae:e4:72:
ce:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:38:AB:89:66:D4:50:80:82:37:76:E8:B2:ED:15:2F:17:81:2B:2E
X509v3 Authority Key Identifier:
keyid:CA:74:8C:D0:0C:D7:FE:6A:21:75:5A:F6:42:D8:81:B8:DD:9A:39:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ynSM0AzX_mohdVr2QtiBuN2aOfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/HDiriWbUUICCN3bosu0VLxeBKy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/16eeb2-c827-42c9-8e48-2a3df9b33313/1/ynSM0AzX_mohdVr2QtiBuN2aOfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.114.0/24
161.199.31.0/24
IPv6:
2a0f:efc0::/31
Signature Algorithm: sha256WithRSAEncryption
3a:c0:44:ee:0d:1f:56:f2:48:bf:fb:4b:8b:f1:4e:7e:2b:95:
ec:9d:81:20:44:e1:24:65:64:0f:aa:b0:8f:70:c8:ce:81:ef:
9b:eb:8d:4e:4e:4d:35:ed:21:65:35:59:b6:cb:f1:d9:ab:88:
97:1c:b7:25:b6:05:d1:61:4b:c2:5b:83:f9:e4:23:08:24:73:
b4:aa:3c:79:e1:6a:e6:f9:38:6a:44:b2:12:31:34:60:a6:74:
4d:c4:e1:ec:23:91:d4:10:06:98:2a:48:08:c9:f9:ab:32:8f:
52:49:8b:86:bb:54:7e:4f:9d:70:20:e7:3d:21:5b:a7:24:1d:
c5:53:f9:4c:a5:87:4f:24:28:85:12:8b:ef:07:58:35:26:07:
ba:56:cb:cd:54:11:5c:72:7f:42:28:09:3e:a9:5f:bc:a2:87:
9a:5e:4b:c9:2c:13:f7:1e:4d:a4:da:93:fd:1b:65:a7:71:46:
7f:6e:6e:5a:0a:8c:57:91:24:84:64:95:bc:9d:42:87:1f:57:
2e:89:ea:5b:04:3a:92:af:29:c1:dc:28:93:31:a9:13:3b:10:
f4:4d:fd:18:09:90:a5:de:08:41:26:71:bd:ce:7e:82:f8:d0:
3b:52:fa:e7:aa:ef:20:a5:3e:c2:81:ef:6c:bd:ef:44:9e:13:
51:2f:4d:05
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY2TzTTNjNPFQ7lyMei5mrQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNzQ4Y2QwMGNkN2ZlNmEyMTc1NWFmNjQyZDg4MWI4ZGQ5
YTM5ZjcwHhcNMjQwMjEwMTYxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzM4YWI4OTY2ZDQ1MDgwODIzNzc2ZThiMmVkMTUyZjE3ODEyYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoETSduJFTUO7hmL46lqS/VXU4D1I
ZUYc4PnyGPlXapcsHRf1/2QV3PCfTnbicx8fHjnSDg8eeCv/EqCeHZpCOajZ6GgM
7dBxGbo4kWVVnOHrYfijWzJJQRgz1PnH5AnVPGJBGQQnww1JXuyWdYe0yoVj1mBh
HpombSXbfdAk1iiC7GKOqwaoIgS1JVTBqkNBAiI2SXnvjE1I3DTsqcx0Bm/rWsvK
2CZdeK7iVix4AOsJ82KxtS9ufB6bvuaGizJ1PhRnnVJ5jo5I/BAiVLiOmly8eXv5
G37JmuPTZtgegnOAVda4Opo1rOqd3h6dPCvEL0bP+pLa6ttr4s2u5HLOYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBw4q4lm1FCAgjd26LLtFS8XgSsuMB8GA1UdIwQY
MBaAFMp0jNAM1/5qIXVa9kLYgbjdmjn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgt
MmEzZGY5YjMzMzEzLzEvSERpcmlXYlVVSUNDTjNib3N1MFZMeGVCS3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xNmVlYjItYzgyNy00MmM5LThlNDgtMmEzZGY5YjMzMzEz
LzEveW5TTTBBelhfbW9oZFZyMlF0aUJ1TjJhT2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAVZ9yAwQA
occfMA0EAgACMAcDBQEqD+/AMA0GCSqGSIb3DQEBCwUAA4IBAQA6wETuDR9W8ki/
+0uL8U5+K5XsnYEgROEkZWQPqrCPcMjOge+b641OTk017SFlNVm2y/HZq4iXHLcl
tgXRYUvCW4P55CMIJHO0qjx54Wrm+ThqRLISMTRgpnRNxOHsI5HUEAaYKkgIyfmr
Mo9SSYuGu1R+T51wIOc9IVunJB3FU/lMpYdPJCiFEovvB1g1Jge6VsvNVBFccn9C
KAk+qV+8ooeaXkvJLBP3Hk2k2pP9G2WncUZ/bm5aCoxXkSSEZJW8nUKHH1cuiepb
BDqSrynB3CiTMakTOxD0Tf0YCZCl3ghBJnG9zn6C+NA7Uvrnqu8gpT7Cge9sve9E
nhNRL00F
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:20 2024 by rpki-client on console-ams.rpki-client.org