Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Havc9gRWt9dTud1o75hJqIXrwHQ.roa
File: Havc9gRWt9dTud1o75hJqIXrwHQ.roa (raw, json)
Hash identifier: 8IG4cwRapG9oxLx8jrZA+8uZLVvFHMlfX0+gScAoRDg=
Subject key identifier: 1D:AB:DC:F6:04:56:B7:D7:53:B9:DD:68:EF:98:49:A8:85:EB:C0:74
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0192B1453B127729468D66CA273FD97648EC
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Havc9gRWt9dTud1o75hJqIXrwHQ.roa
Signing time: Mon 21 Oct 2024 22:49:17 +0000
ROA not before: Mon 21 Oct 2024 22:49:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 95.82.8.0/21 maxlen: 24
95.82.16.0/20 maxlen: 24
109.111.52.0/22 maxlen: 24
176.221.20.0/23 maxlen: 24
176.221.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b1:45:3b:12:77:29:46:8d:66:ca:27:3f:d9:76:48:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 21 22:49:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dabdcf60456b7d753b9dd68ef9849a885ebc074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6f:a2:38:e4:0e:ad:fa:05:b0:93:93:de:27:
2d:00:35:46:c3:cc:06:bc:7c:9f:e0:db:b8:2c:18:
f0:83:33:67:a9:27:06:16:c6:9c:2d:6f:9f:5a:ed:
1e:f8:31:0b:c8:70:ff:68:d1:96:89:4e:fc:76:17:
6f:5a:4d:0f:cd:bb:3b:44:6b:a2:2f:6e:9f:a3:37:
4d:ed:f8:67:15:e1:12:38:eb:60:9c:56:71:07:bf:
38:19:76:a6:61:1c:9b:86:64:d5:a8:0a:02:8d:80:
08:e2:9b:7b:ae:7c:8e:ab:21:76:73:e7:4b:92:d6:
f9:b5:d8:c3:45:71:44:00:93:86:01:f3:05:37:02:
f7:85:07:8a:ac:c0:8b:b8:2c:a8:ac:21:4a:48:95:
a0:ea:6e:6d:76:fa:bf:e6:8e:03:2c:10:0d:64:ba:
d1:b3:f8:d3:74:55:af:bc:0b:19:16:1f:da:cc:65:
33:68:cf:bf:c6:cb:0b:07:bd:ea:3e:97:9e:e6:4e:
96:61:d6:d4:18:68:b5:31:00:b9:09:44:e9:9f:48:
04:5c:8e:14:d9:67:47:81:4a:9e:ed:74:19:75:a7:
c1:9d:a8:00:f4:ce:8e:e1:fa:be:f9:6d:a3:77:d5:
3b:77:bd:a1:de:af:cb:25:6f:f1:10:b2:6f:c7:89:
42:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AB:DC:F6:04:56:B7:D7:53:B9:DD:68:EF:98:49:A8:85:EB:C0:74
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Havc9gRWt9dTud1o75hJqIXrwHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.8.0-95.82.31.255
109.111.52.0/22
176.221.20.0/22
Signature Algorithm: sha256WithRSAEncryption
46:b7:c7:c2:15:b7:2e:02:96:ca:f7:b8:66:bb:e8:ad:e2:c9:
a2:4a:a9:f7:31:32:19:5d:66:6b:26:38:fe:6d:12:d9:14:9b:
ec:fc:01:a9:93:99:4a:eb:16:5e:19:70:22:10:8f:35:81:8c:
0d:65:ac:5c:4e:29:f1:9c:65:44:90:39:76:b5:92:6a:f9:03:
93:f5:7c:c3:1f:61:60:e9:39:b4:2e:69:4a:e4:fd:01:62:5b:
d0:ea:c5:3f:8e:f5:69:7a:a1:26:68:b6:87:f7:5d:d6:6f:fc:
60:07:d1:14:74:1c:18:9f:32:bb:52:6e:ba:83:a3:16:2d:34:
82:ed:3f:30:4c:a5:99:24:ed:08:18:f7:5f:91:6b:7b:d6:d4:
de:63:61:aa:41:24:ad:83:e5:ec:48:92:b8:68:ab:75:f4:97:
3b:8f:87:2e:28:0e:bf:83:73:28:78:80:de:18:a3:7d:1c:e9:
91:f8:2f:22:92:54:7d:bf:b7:d3:d8:35:e9:e0:96:31:fe:f0:
f6:b0:fd:7b:75:5e:40:8b:0a:1a:ac:f8:90:8d:ce:05:73:6f:
34:f3:bc:18:5c:38:29:f4:dc:cd:4b:ea:db:48:a6:0f:a5:75:
c7:e2:81:1d:b6:12:2e:fb:4a:a3:4d:dc:f0:75:2f:22:a1:d9:
38:1e:85:ac
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKxRTsSdylGjWbKJz/ZdkjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQxMDIxMjI0OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFiZGNmNjA0NTZiN2Q3NTNiOWRkNjhlZjk4NDlhODg1ZWJjMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG+iOOQOrfoFsJOT3ictADVGw8wG
vHyf4Nu4LBjwgzNnqScGFsacLW+fWu0e+DELyHD/aNGWiU78dhdvWk0Pzbs7RGui
L26fozdN7fhnFeESOOtgnFZxB784GXamYRybhmTVqAoCjYAI4pt7rnyOqyF2c+dL
ktb5tdjDRXFEAJOGAfMFNwL3hQeKrMCLuCyorCFKSJWg6m5tdvq/5o4DLBANZLrR
s/jTdFWvvAsZFh/azGUzaM+/xssLB73qPpee5k6WYdbUGGi1MQC5CUTpn0gEXI4U
2WdHgUqe7XQZdafBnagA9M6O4fq++W2jd9U7d72h3q/LJW/xELJvx4lCsQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB2r3PYEVrfXU7ndaO+YSaiF68B0MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSGF2YzlnUld0OWRUdWQxbzc1aEpxSVhyd0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBANfUggD
BAVfUgADBAJtbzQDBAKw3RQwDQYJKoZIhvcNAQELBQADggEBAEa3x8IVty4Clsr3
uGa76K3iyaJKqfcxMhldZmsmOP5tEtkUm+z8AamTmUrrFl4ZcCIQjzWBjA1lrFxO
KfGcZUSQOXa1kmr5A5P1fMMfYWDpObQuaUrk/QFiW9DqxT+O9Wl6oSZotof3XdZv
/GAH0RR0HBifMrtSbrqDoxYtNILtPzBMpZkk7QgY91+Ra3vW1N5jYapBJK2D5exI
krhoq3X0lzuPhy4oDr+Dcyh4gN4Yo30c6ZH4LyKSVH2/t9PYNengljH+8Paw/Xt1
XkCLChqs+JCNzgVzbzTzvBhcOCn03M1L6ttIpg+ldcfigR22Ei77SqNN3PB1LyKh
2Tgehaw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:47 2024 by rpki-client on console-ams.rpki-client.org