Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/HmKMu4EPt440QOirukTCdIEPNz4.roa
File: HmKMu4EPt440QOirukTCdIEPNz4.roa (raw, json)
Hash identifier: 02ZXzKy/gLBMbTNUQnbBeuWG+8AzzTFJ4W1JAHkP8dE=
Subject key identifier: 1E:62:8C:BB:81:0F:B7:8E:34:40:E8:AB:BA:44:C2:74:81:0F:37:3E
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018CC3B6875489B9CFB41A286DE3D6F1E5DD
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/HmKMu4EPt440QOirukTCdIEPNz4.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63473
IP address blocks: 150.107.201.0/24 maxlen: 32
150.107.200.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:87:54:89:b9:cf:b4:1a:28:6d:e3:d6:f1:e5:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e628cbb810fb78e3440e8abba44c274810f373e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1c:97:3f:0c:85:6f:51:aa:39:ef:f7:67:be:
22:ae:d4:16:7a:14:68:53:05:75:16:51:06:5e:f3:
e5:e0:8c:78:cc:af:92:04:2a:39:b5:b1:6f:11:24:
13:42:70:6c:cd:dc:c2:e4:24:65:39:27:5f:ec:0d:
e9:6c:93:a7:3d:ce:bb:be:3b:a3:5b:25:53:03:9c:
26:35:6a:f3:e4:4e:fb:fb:5b:26:03:5d:4b:e6:bc:
fe:27:6a:11:15:e5:c6:dd:91:23:55:01:3e:91:07:
80:82:31:b9:05:1d:c9:8d:69:97:25:95:ef:45:cf:
c3:19:f3:e7:30:2d:d2:f3:08:8c:52:11:01:d0:b6:
e9:0c:63:81:d5:9c:3a:80:ee:19:43:43:b4:51:e7:
cc:e1:80:0f:4f:85:cb:8c:01:88:05:83:a5:b9:ea:
2c:4e:9c:6a:74:85:9d:7a:f8:ed:4a:fc:e9:7f:86:
e8:9f:9d:58:ce:93:d1:5f:00:bf:1b:fd:c6:ee:d8:
ac:15:6e:e7:fd:19:9f:74:d5:ae:e1:54:d7:5c:1c:
83:28:83:72:9c:37:93:2a:b4:2c:19:65:e8:bb:ee:
57:dc:3d:6d:f7:9d:9d:61:a3:a8:5b:ef:e4:78:a5:
70:ce:fd:92:00:72:b5:9f:05:54:cb:b4:62:25:de:
59:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:62:8C:BB:81:0F:B7:8E:34:40:E8:AB:BA:44:C2:74:81:0F:37:3E
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/HmKMu4EPt440QOirukTCdIEPNz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.107.200.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:91:92:a6:80:19:6f:dd:1f:63:7b:28:36:16:db:cb:22:4a:
46:b5:77:a0:7c:22:b5:51:47:5a:5a:a2:09:86:d5:ce:37:09:
d0:e0:af:93:79:7b:d0:0b:d6:f3:f4:6c:15:7b:be:06:82:72:
b7:87:1d:12:89:97:6a:b9:98:57:f4:63:16:f0:dc:5d:d2:b0:
9a:c1:08:91:63:13:c9:ba:ec:8f:dd:5a:21:e9:03:14:97:3e:
90:d6:0d:5a:c4:03:48:24:fd:a0:13:30:0f:4f:bd:5c:b2:0c:
80:e3:00:ff:c9:f5:a1:39:79:9b:7b:83:23:a0:07:de:72:77:
96:14:dc:67:39:72:bd:d7:dd:33:b2:5e:a5:4b:b3:bd:64:8b:
da:ef:bd:63:69:43:db:e8:c9:12:74:1e:8e:75:08:77:61:c2:
41:de:4c:4e:53:d8:32:cc:16:42:3c:a7:43:81:36:20:13:54:
09:e5:78:c1:58:af:5e:7b:83:bc:80:96:d0:5d:af:86:00:b9:
7a:1c:2e:17:88:4b:c5:ac:65:8d:d4:04:35:93:b1:9b:1f:26:
7f:96:c3:cd:14:9b:ce:59:c8:b1:08:a9:8c:68:5b:8d:fb:48:
d2:c3:6a:67:6a:cf:fc:69:b0:94:2b:dc:00:77:a8:7d:93:f7:
d1:5c:2f:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtodUibnPtBoobePW8eXdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTYyOGNiYjgxMGZiNzhlMzQ0MGU4YWJiYTQ0YzI3NDgxMGYzNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRyXPwyFb1GqOe/3Z74irtQWehRo
UwV1FlEGXvPl4Ix4zK+SBCo5tbFvESQTQnBszdzC5CRlOSdf7A3pbJOnPc67vjuj
WyVTA5wmNWrz5E77+1smA11L5rz+J2oRFeXG3ZEjVQE+kQeAgjG5BR3JjWmXJZXv
Rc/DGfPnMC3S8wiMUhEB0LbpDGOB1Zw6gO4ZQ0O0UefM4YAPT4XLjAGIBYOlueos
TpxqdIWdevjtSvzpf4bon51YzpPRXwC/G/3G7tisFW7n/RmfdNWu4VTXXByDKINy
nDeTKrQsGWXou+5X3D1t952dYaOoW+/keKVwzv2SAHK1nwVUy7RiJd5ZKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5ijLuBD7eONEDoq7pEwnSBDzc+MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvSG1LTXU0RVB0NDQwUU9pcnVrVENkSUVQTno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlmvIMA0G
CSqGSIb3DQEBCwUAA4IBAQB6kZKmgBlv3R9jeyg2FtvLIkpGtXegfCK1UUdaWqIJ
htXONwnQ4K+TeXvQC9bz9GwVe74GgnK3hx0SiZdquZhX9GMW8Nxd0rCawQiRYxPJ
uuyP3Voh6QMUlz6Q1g1axANIJP2gEzAPT71csgyA4wD/yfWhOXmbe4MjoAfecneW
FNxnOXK9190zsl6lS7O9ZIva771jaUPb6MkSdB6OdQh3YcJB3kxOU9gyzBZCPKdD
gTYgE1QJ5XjBWK9ee4O8gJbQXa+GALl6HC4XiEvFrGWN1AQ1k7GbHyZ/lsPNFJvO
WcixCKmMaFuN+0jSw2pnas/8abCUK9wAd6h9k/fRXC/Z
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:11:13 2024 by rpki-client on console-ams.rpki-client.org