Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/hqn5OqIRzDFOWt4xxJhB7uICooU.roa
File: hqn5OqIRzDFOWt4xxJhB7uICooU.roa (raw, json)
Hash identifier: BdaE0tZAgPAHAmb1+HDKEAcBF95nyj4qsCT959y+VQc=
Subject key identifier: 86:A9:F9:3A:A2:11:CC:31:4E:5A:DE:31:C4:98:41:EE:E2:02:A2:85
Certificate issuer: /CN=07f2a175be20108641c649553213f212511667a5
Certificate serial: 018CCA2A1436D27B566A254B53BB5AEFF88D
Authority key identifier: 07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/hqn5OqIRzDFOWt4xxJhB7uICooU.roa
Signing time: Tue 02 Jan 2024 12:33:24 +0000
ROA not before: Tue 02 Jan 2024 12:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64403
IP address blocks: 185.166.232.0/23 maxlen: 24
185.166.234.0/24 maxlen: 24
185.166.235.0/24 maxlen: 24
2a0b:2200::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:14:36:d2:7b:56:6a:25:4b:53:bb:5a:ef:f8:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f2a175be20108641c649553213f212511667a5
Validity
Not Before: Jan 2 12:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86a9f93aa211cc314e5ade31c49841eee202a285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:ff:a7:44:26:88:b6:69:56:15:20:60:2e:
24:14:b6:a5:1a:04:b6:f6:7b:22:f7:06:0b:83:e8:
16:6c:1d:61:dd:82:47:22:ac:80:e5:a6:fc:92:e1:
50:49:c4:25:07:29:95:70:08:c4:e0:2d:d0:e5:f4:
ee:be:2d:60:4c:6e:39:18:db:98:f8:33:e6:5c:ba:
18:23:60:cb:69:3e:88:ad:90:c0:23:71:1f:3d:46:
a5:48:f8:85:ad:a7:ba:c5:e1:a3:c2:ab:ff:cc:6b:
1d:a5:d1:8a:e3:91:bc:24:60:89:9e:ab:78:81:94:
83:38:aa:92:84:af:e3:da:26:36:6a:37:c7:4e:25:
9a:09:30:c3:3e:22:ea:44:2b:27:28:ab:ce:23:d9:
3d:4a:ff:7f:64:38:99:bf:3e:c3:fb:de:46:37:2d:
0d:41:12:a2:f6:8a:e8:ad:7a:92:4b:a8:41:d9:fb:
2e:d6:d4:1c:89:20:ee:46:c3:3b:e3:c9:b4:71:ad:
96:ee:46:68:cd:9e:73:d6:a6:8b:0b:98:2a:c8:c4:
8c:56:d2:c1:2c:b2:9a:65:39:c5:0e:6d:64:c6:3a:
f2:50:32:dd:c8:12:c8:00:2c:1a:2c:fc:61:a0:23:
fb:4f:78:72:0b:84:27:ac:4c:05:00:7a:b1:d5:2d:
3a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A9:F9:3A:A2:11:CC:31:4E:5A:DE:31:C4:98:41:EE:E2:02:A2:85
X509v3 Authority Key Identifier:
keyid:07:F2:A1:75:BE:20:10:86:41:C6:49:55:32:13:F2:12:51:16:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_Khdb4gEIZBxklVMhPyElEWZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/hqn5OqIRzDFOWt4xxJhB7uICooU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/36b085-1a5b-4af9-878b-376426ffd662/1/B_Khdb4gEIZBxklVMhPyElEWZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.232.0/22
IPv6:
2a0b:2200::/29
Signature Algorithm: sha256WithRSAEncryption
37:48:43:90:ec:61:88:31:17:6f:5b:00:39:49:db:0c:f7:5f:
36:f7:7a:cb:e8:51:5b:ba:ee:35:7f:0d:cc:c2:46:82:d5:06:
4b:ad:5a:af:96:41:21:2e:eb:46:71:c9:8b:1c:84:dc:53:7a:
25:b2:27:0e:2a:31:20:be:a3:03:2d:55:99:a1:e9:f8:ce:15:
c9:97:de:28:2d:7a:20:a4:60:78:48:26:8a:5c:6e:79:5d:4d:
99:27:b6:a6:8b:fb:64:fe:f8:33:b6:63:f4:85:ec:1b:f1:1f:
a8:52:02:0d:1a:9b:32:c6:41:40:07:69:78:38:37:ba:9c:70:
a9:03:ec:7d:29:86:72:dc:d6:c5:57:42:a3:0b:16:bd:7d:9f:
59:fc:34:35:93:6a:44:20:7f:c7:12:4c:02:fe:db:38:84:20:
71:33:67:93:de:1c:82:b9:75:ee:8a:47:1b:99:4b:b2:8a:7b:
33:76:ee:ef:d2:1c:07:9e:fd:67:63:1f:a0:71:0e:80:7e:23:
56:c2:a3:8d:03:ac:38:12:b8:1a:4d:aa:17:85:cf:c9:aa:63:
13:1c:c9:a5:33:28:f7:55:54:64:50:58:45:f2:e0:63:c0:9e:
67:56:cf:36:60:dd:3f:45:cb:ed:f8:bd:bd:4e:e4:0f:93:01:
c2:7f:ad:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKhQ20ntWaiVLU7ta7/iNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjJhMTc1YmUyMDEwODY0MWM2NDk1NTMyMTNmMjEyNTEx
NjY3YTUwHhcNMjQwMTAyMTIzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE5ZjkzYWEyMTFjYzMxNGU1YWRlMzFjNDk4NDFlZWUyMDJhMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7L/p0QmiLZpVhUgYC4kFLalGgS2
9nsi9wYLg+gWbB1h3YJHIqyA5ab8kuFQScQlBymVcAjE4C3Q5fTuvi1gTG45GNuY
+DPmXLoYI2DLaT6IrZDAI3EfPUalSPiFrae6xeGjwqv/zGsdpdGK45G8JGCJnqt4
gZSDOKqShK/j2iY2ajfHTiWaCTDDPiLqRCsnKKvOI9k9Sv9/ZDiZvz7D+95GNy0N
QRKi9ororXqSS6hB2fsu1tQciSDuRsM748m0ca2W7kZozZ5z1qaLC5gqyMSMVtLB
LLKaZTnFDm1kxjryUDLdyBLIACwaLPxhoCP7T3hyC4QnrEwFAHqx1S06awIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIap+TqiEcwxTlreMcSYQe7iAqKFMB8GA1UdIwQY
MBaAFAfyoXW+IBCGQcZJVTIT8hJRFmelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGIt
Mzc2NDI2ZmZkNjYyLzEvaHFuNU9xSVJ6REZPV3Q0eHhKaEI3dUlDb29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zNmIwODUtMWE1Yi00YWY5LTg3OGItMzc2NDI2ZmZkNjYy
LzEvQl9LaGRiNGdFSVpCeGtsVk1oUHlFbEVXWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaboMA0E
AgACMAcDBQMqCyIAMA0GCSqGSIb3DQEBCwUAA4IBAQA3SEOQ7GGIMRdvWwA5SdsM
918293rL6FFbuu41fw3MwkaC1QZLrVqvlkEhLutGccmLHITcU3olsicOKjEgvqMD
LVWZoen4zhXJl94oLXogpGB4SCaKXG55XU2ZJ7ami/tk/vgztmP0hewb8R+oUgIN
GpsyxkFAB2l4ODe6nHCpA+x9KYZy3NbFV0KjCxa9fZ9Z/DQ1k2pEIH/HEkwC/ts4
hCBxM2eT3hyCuXXuikcbmUuyinszdu7v0hwHnv1nYx+gcQ6AfiNWwqONA6w4Erga
TaoXhc/JqmMTHMmlMyj3VVRkUFhF8uBjwJ5nVs82YN0/Rcvt+L29TuQPkwHCf61v
-----END CERTIFICATE-----
Generated at Sun May 26 09:12:16 2024 by rpki-client on console-fra.rpki-client.org