Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/HvTRiwdDqGX98QvkHPWXSJ9-ZB8.roa
File: HvTRiwdDqGX98QvkHPWXSJ9-ZB8.roa (raw, json)
Hash identifier: C4uQMCKqvYW0LYBqA0D8beNPM4+7ABK0o7Ls1pvQbgU=
Subject key identifier: 1E:F4:D1:8B:07:43:A8:65:FD:F1:0B:E4:1C:F5:97:48:9F:7E:64:1F
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 018CC4252ECAFFC14FCB80AC8DECE7061F85
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/HvTRiwdDqGX98QvkHPWXSJ9-ZB8.roa
Signing time: Mon 01 Jan 2024 08:30:20 +0000
ROA not before: Mon 01 Jan 2024 08:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60718
IP address blocks: 109.74.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2e:ca:ff:c1:4f:cb:80:ac:8d:ec:e7:06:1f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 08:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ef4d18b0743a865fdf10be41cf597489f7e641f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:00:8c:86:c7:11:88:2f:72:6d:05:de:4d:
fd:4f:0f:5b:4e:61:8c:da:1e:a3:8b:db:8b:a8:95:
0c:00:b9:91:df:d0:77:59:f6:e0:50:80:ee:18:be:
eb:a0:2b:c9:06:dd:bb:b8:ee:a8:f6:42:14:a3:78:
2c:57:cc:cd:5c:ab:39:05:2f:11:a5:82:8f:5f:f9:
bd:88:4b:0b:42:1d:bf:53:6b:de:b4:7c:7d:1f:bd:
94:ca:7a:c2:48:36:03:30:09:fa:9b:97:c0:74:c9:
4a:77:bf:84:87:bb:a7:04:6d:21:ce:00:1b:0c:48:
a9:44:22:25:58:5f:22:c8:5b:48:3b:2a:cb:77:50:
5e:4c:63:83:4c:65:e7:91:82:a1:37:e0:8a:68:d6:
54:e5:c1:90:14:1b:87:dd:1c:9a:9e:f9:82:d5:8f:
d2:f2:ff:7a:02:95:7b:29:d2:73:2f:94:84:d5:95:
0b:62:4c:fe:10:5f:20:73:19:70:bb:a7:ed:d7:c8:
99:42:2a:f9:5d:87:27:fb:10:cc:fd:a5:32:cf:82:
b4:7f:c4:bd:c5:c1:e2:5b:f2:31:b2:80:f2:95:23:
20:ae:b5:54:18:93:7e:43:af:a7:dc:99:e0:3c:cb:
f8:ce:85:31:c2:bf:26:16:38:8b:82:10:60:95:94:
ab:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F4:D1:8B:07:43:A8:65:FD:F1:0B:E4:1C:F5:97:48:9F:7E:64:1F
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/HvTRiwdDqGX98QvkHPWXSJ9-ZB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.86.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:04:cf:cc:ed:dd:77:43:c3:78:5c:46:76:9a:aa:f1:f3:42:
71:5c:c5:0f:7e:d4:b4:dc:20:49:e5:cb:88:8f:6b:2c:b4:d7:
8b:f6:04:51:88:65:9f:98:c8:31:c2:d5:9b:70:f8:24:42:48:
50:11:40:4b:c5:b3:73:92:c1:17:59:04:ad:65:08:0e:82:58:
a9:64:56:d7:35:80:32:40:b6:61:42:ae:e3:a7:1a:46:16:31:
37:17:42:2a:35:48:cb:f4:8b:74:0b:66:10:2b:f4:3c:2f:ee:
cb:4b:24:0d:43:b0:c1:ae:04:23:db:75:7e:b4:a4:31:08:07:
a3:79:b6:eb:3b:ae:16:34:cc:ee:37:46:de:55:7b:24:b7:44:
af:53:57:23:08:b1:65:0e:fa:66:16:35:fc:00:60:cc:21:08:
50:2b:b2:1b:b3:69:29:d4:29:f7:3b:70:00:ce:45:bd:cb:92:
7d:db:e2:4c:45:f7:06:41:7a:e5:38:73:26:f0:c9:78:82:8d:
86:7f:ed:96:61:12:4f:05:ed:be:2b:42:91:17:7a:14:e1:13:
8d:ad:cb:5e:15:16:be:0a:59:04:fe:48:58:c3:1a:6c:9c:85:
88:70:e7:6d:af:ae:a5:e4:c9:e3:ac:76:ea:1c:47:43:12:0b:
4e:30:33:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJS7K/8FPy4CsjeznBh+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjQwMTAxMDgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWY0ZDE4YjA3NDNhODY1ZmRmMTBiZTQxY2Y1OTc0ODlmN2U2NDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0UAjIbHEYgvcm0F3k39Tw9bTmGM
2h6ji9uLqJUMALmR39B3WfbgUIDuGL7roCvJBt27uO6o9kIUo3gsV8zNXKs5BS8R
pYKPX/m9iEsLQh2/U2vetHx9H72UynrCSDYDMAn6m5fAdMlKd7+Eh7unBG0hzgAb
DEipRCIlWF8iyFtIOyrLd1BeTGODTGXnkYKhN+CKaNZU5cGQFBuH3RyanvmC1Y/S
8v96ApV7KdJzL5SE1ZULYkz+EF8gcxlwu6ft18iZQir5XYcn+xDM/aUyz4K0f8S9
xcHiW/IxsoDylSMgrrVUGJN+Q6+n3JngPMv4zoUxwr8mFjiLghBglZSrcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB700YsHQ6hl/fEL5Bz1l0iffmQfMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvSHZUUml3ZERxR1g5OFF2a0hQV1hTSjktWkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUpWMA0G
CSqGSIb3DQEBCwUAA4IBAQBdBM/M7d13Q8N4XEZ2mqrx80JxXMUPftS03CBJ5cuI
j2sstNeL9gRRiGWfmMgxwtWbcPgkQkhQEUBLxbNzksEXWQStZQgOglipZFbXNYAy
QLZhQq7jpxpGFjE3F0IqNUjL9It0C2YQK/Q8L+7LSyQNQ7DBrgQj23V+tKQxCAej
ebbrO64WNMzuN0beVXskt0SvU1cjCLFlDvpmFjX8AGDMIQhQK7Ibs2kp1Cn3O3AA
zkW9y5J92+JMRfcGQXrlOHMm8Ml4go2Gf+2WYRJPBe2+K0KRF3oU4RONrcteFRa+
ClkE/khYwxpsnIWIcOdtr66l5MnjrHbqHEdDEgtOMDM3
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:04 2024 by rpki-client on console-ams.rpki-client.org