Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/hKNKDsDwyK_1xnWFNJFA8DBbOeI.roa
File: hKNKDsDwyK_1xnWFNJFA8DBbOeI.roa (raw, json)
Hash identifier: 8Dswq0iF3xWVIF0r77Meyg1UO+ZNfivx6/23Agm5Bio=
Subject key identifier: 84:A3:4A:0E:C0:F0:C8:AF:F5:C6:75:85:34:91:40:F0:30:5B:39:E2
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF1804D8104B905E8BA840EACE1D3
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/hKNKDsDwyK_1xnWFNJFA8DBbOeI.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35773
IP address blocks: 109.160.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f1:80:4d:81:04:b9:05:e8:ba:84:0e:ac:e1:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84a34a0ec0f0c8aff5c67585349140f0305b39e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:42:fc:b4:af:cf:0a:f8:2b:a9:7c:b1:6c:44:
9f:e7:5f:e8:15:8c:27:14:cf:0e:96:81:e3:c0:94:
d4:e0:00:a8:9c:d4:ca:73:6a:53:1a:91:d8:23:8c:
72:6d:8c:ec:af:64:d0:91:57:c5:f5:29:d3:e9:80:
3d:b7:50:a6:8b:a8:22:0f:9f:81:e2:39:14:dc:61:
3a:46:fb:0d:0c:5f:ea:6b:be:d2:1e:24:c9:82:75:
8b:2c:00:94:88:25:44:c3:40:ed:97:10:de:7c:1e:
5b:25:3a:00:fa:09:1f:f3:89:77:c6:ec:a7:90:6d:
70:47:28:a5:f2:f6:e3:82:d0:2e:61:46:bc:08:75:
bf:ed:3c:39:f9:09:86:2f:60:e5:34:20:cf:0a:a3:
06:13:a3:1e:cd:64:eb:ea:90:06:41:2f:df:d0:8e:
8c:8e:ac:b2:a0:92:65:c8:a3:d9:76:0e:95:ea:50:
29:b3:59:af:fe:6c:b4:f6:cd:1e:f2:6b:33:34:82:
50:b3:09:8f:70:4b:28:33:40:f4:5f:22:42:a8:36:
69:6b:9c:14:18:46:58:bf:19:31:2a:23:8c:37:19:
83:2d:d6:74:9e:3b:f6:42:aa:54:0e:13:43:c1:92:
2a:52:5a:75:0f:b4:0c:63:f6:35:3f:e8:1f:03:ff:
da:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A3:4A:0E:C0:F0:C8:AF:F5:C6:75:85:34:91:40:F0:30:5B:39:E2
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/hKNKDsDwyK_1xnWFNJFA8DBbOeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.112.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:cb:d9:81:41:2b:b1:c2:db:d0:3e:c5:74:f3:4d:bf:ae:17:
5d:b1:9e:dc:13:05:73:d6:82:db:82:b5:c7:d8:07:06:1c:f7:
d4:c3:ee:07:6a:94:5d:59:d1:37:d4:d5:0e:cf:91:48:37:17:
a0:b8:45:10:93:2a:42:64:76:0a:a2:58:fc:f1:e5:57:1f:e3:
32:d6:f8:02:49:2f:95:02:c6:ad:3f:a6:67:78:e1:48:e1:f7:
73:f2:1f:6b:ad:72:9d:34:81:3a:3a:4d:e3:41:6c:b6:08:cd:
83:03:ed:38:81:8a:0c:f3:1c:f0:ff:49:0e:ea:01:e4:b6:7e:
6d:52:2a:1c:52:34:c6:18:1c:5c:29:c3:7d:bc:95:91:9e:29:
5a:77:bb:73:8e:2b:d9:78:cc:83:64:4e:c0:d6:40:54:be:85:
3b:e0:16:d5:c7:ee:85:73:d0:60:b8:1d:3c:a5:71:73:81:50:
e1:af:af:4d:2d:47:c1:d5:e1:ce:96:78:e4:15:1e:a1:23:a5:
01:f3:ee:56:cc:f5:eb:06:76:d1:ce:98:bf:7f:27:69:d5:31:
7c:e7:5e:00:d8:73:d2:62:d4:1e:ee:30:38:26:ed:dd:cc:53:
34:e7:33:19:f6:65:44:00:b0:dc:c3:61:11:0c:35:68:a5:a8:
cf:1d:b1:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvGATYEEuQXouoQOrOHTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGEzNGEwZWMwZjBjOGFmZjVjNjc1ODUzNDkxNDBmMDMwNWIzOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkL8tK/PCvgrqXyxbESf51/oFYwn
FM8OloHjwJTU4AConNTKc2pTGpHYI4xybYzsr2TQkVfF9SnT6YA9t1Cmi6giD5+B
4jkU3GE6RvsNDF/qa77SHiTJgnWLLACUiCVEw0DtlxDefB5bJToA+gkf84l3xuyn
kG1wRyil8vbjgtAuYUa8CHW/7Tw5+QmGL2DlNCDPCqMGE6MezWTr6pAGQS/f0I6M
jqyyoJJlyKPZdg6V6lAps1mv/my09s0e8mszNIJQswmPcEsoM0D0XyJCqDZpa5wU
GEZYvxkxKiOMNxmDLdZ0njv2QqpUDhNDwZIqUlp1D7QMY/Y1P+gfA//aWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISjSg7A8Miv9cZ1hTSRQPAwWzniMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvaEtOS0RzRHd5S18xeG5XRk5KRkE4REJiT2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaBwMA0G
CSqGSIb3DQEBCwUAA4IBAQCfy9mBQSuxwtvQPsV0802/rhddsZ7cEwVz1oLbgrXH
2AcGHPfUw+4HapRdWdE31NUOz5FINxeguEUQkypCZHYKolj88eVXH+My1vgCSS+V
AsatP6ZneOFI4fdz8h9rrXKdNIE6Ok3jQWy2CM2DA+04gYoM8xzw/0kO6gHktn5t
UiocUjTGGBxcKcN9vJWRnilad7tzjivZeMyDZE7A1kBUvoU74BbVx+6Fc9BguB08
pXFzgVDhr69NLUfB1eHOlnjkFR6hI6UB8+5WzPXrBnbRzpi/fydp1TF8514A2HPS
YtQe7jA4Ju3dzFM05zMZ9mVEALDcw2ERDDVopajPHbHV
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:15:30 2024 by rpki-client on console-ams.rpki-client.org