Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ha2geyQsEApfQtIFDQBxhoDzMDk.roa
File: ha2geyQsEApfQtIFDQBxhoDzMDk.roa (raw, json)
Hash identifier: Mv0puJQJ1pF0AuZZM5/UBDqcjWrSXN0xV7t7TwlDF6w=
Subject key identifier: 85:AD:A0:7B:24:2C:10:0A:5F:42:D2:05:0D:00:71:86:80:F3:30:39
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DABC03AA9A999CFF0F8A867554923
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ha2geyQsEApfQtIFDQBxhoDzMDk.roa
Signing time: Tue 02 Jan 2024 08:32:39 +0000
ROA not before: Tue 02 Jan 2024 08:32:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42947
IP address blocks: 88.148.8.0/23 maxlen: 23
84.232.66.0/23 maxlen: 23
84.232.68.0/24 maxlen: 24
84.232.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ab:c0:3a:a9:a9:99:cf:f0:f8:a8:67:55:49:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85ada07b242c100a5f42d2050d00718680f33039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:00:b1:79:fb:30:e3:47:fb:8d:c9:ed:69:0a:
77:a7:4b:1c:bd:35:41:97:17:55:89:6c:ed:03:4a:
8e:ba:98:4e:2d:c2:4b:92:2a:8d:94:43:f8:cc:6e:
34:64:3e:12:15:91:99:4e:8f:b4:70:ab:77:14:ee:
00:52:0e:13:a7:4f:4f:54:9a:e8:59:aa:e0:24:45:
bd:ec:d2:47:89:b4:2d:04:c1:a8:f8:6c:fb:fd:db:
24:28:e2:45:dd:3d:22:23:c6:84:dc:68:ca:fa:7d:
b9:5b:4a:1b:45:1a:f0:da:48:a5:b2:a1:9f:3b:04:
a3:93:80:a2:b1:ea:f8:82:22:b2:a6:11:00:a4:6a:
e2:f8:57:c3:28:3d:8e:71:21:3a:4f:7c:c8:eb:ca:
73:a6:81:1c:74:38:fe:c4:4d:0b:32:3c:8b:7b:07:
95:05:7e:4d:a6:5b:c3:02:18:41:e8:dd:ec:3d:6c:
7d:21:0b:20:53:80:6d:cb:bb:b8:09:9d:14:ad:a1:
e9:f2:70:9c:0c:5f:d5:f0:80:0e:d8:4a:49:c4:1f:
2d:b7:f3:32:b9:a8:6b:63:0a:2f:4f:d8:8e:26:5e:
7f:e2:b3:9e:6a:a6:38:8a:93:7a:83:8a:80:21:2e:
e4:7b:76:82:9a:22:bc:04:91:de:6a:c4:30:20:2b:
49:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AD:A0:7B:24:2C:10:0A:5F:42:D2:05:0D:00:71:86:80:F3:30:39
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/ha2geyQsEApfQtIFDQBxhoDzMDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.66.0-84.232.68.255
84.232.94.0/24
88.148.8.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:00:ff:9d:c6:29:e9:f4:8a:57:7d:5b:bc:28:dc:22:3e:6b:
e7:32:cd:30:dd:d7:de:cd:74:3d:e8:cf:ed:a9:fe:47:f8:de:
3d:62:96:57:06:c8:b4:8b:0f:58:73:f5:d6:a2:ab:25:ae:15:
e8:a9:7d:7b:db:9a:96:f7:3c:a4:3a:db:43:67:71:bc:81:a6:
f1:d1:b1:d7:b3:11:f8:f5:3a:10:b1:d7:de:c1:69:4a:4e:18:
a6:e7:48:f2:d4:72:b1:b6:c4:dd:7c:9f:3f:26:8b:00:0e:ca:
0c:88:a8:45:fa:81:68:76:7e:ab:cf:66:83:b1:0e:5e:3d:be:
c9:1a:76:5d:0d:05:8c:94:8c:d5:7d:71:13:27:83:a4:b3:d0:
6d:5e:eb:3f:cf:f2:32:76:c1:71:31:08:9e:97:ff:a6:9a:67:
2d:20:9c:95:40:36:32:cb:0c:4a:6a:29:dd:dd:26:84:aa:3f:
30:97:3c:e0:54:28:3f:c1:e8:60:f8:c0:96:c7:df:5d:10:da:
74:04:fe:7c:cd:ea:97:ae:42:98:36:cd:15:39:ac:4c:10:e3:
76:5b:9f:61:8e:44:81:30:b9:66:33:e6:01:28:f0:43:22:e8:
d7:49:5f:83:e6:c6:83:be:05:96:ad:91:4d:15:1b:4d:26:41:
55:36:63:64
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJTavAOqmpmc/w+KhnVUkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFkYTA3YjI0MmMxMDBhNWY0MmQyMDUwZDAwNzE4NjgwZjMzMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgCxefsw40f7jcntaQp3p0scvTVB
lxdViWztA0qOuphOLcJLkiqNlEP4zG40ZD4SFZGZTo+0cKt3FO4AUg4Tp09PVJro
WargJEW97NJHibQtBMGo+Gz7/dskKOJF3T0iI8aE3GjK+n25W0obRRrw2kilsqGf
OwSjk4Ciser4giKyphEApGri+FfDKD2OcSE6T3zI68pzpoEcdDj+xE0LMjyLeweV
BX5NplvDAhhB6N3sPWx9IQsgU4Bty7u4CZ0UraHp8nCcDF/V8IAO2EpJxB8tt/My
uahrYwovT9iOJl5/4rOeaqY4ipN6g4qAIS7ke3aCmiK8BJHeasQwICtJiwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIWtoHskLBAKX0LSBQ0AcYaA8zA5MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvaGEyZ2V5UXNFQXBmUXRJRkRRQnhob0R6TURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFU6EID
BABU6EQDBABU6F4DBAFYlAgwDQYJKoZIhvcNAQELBQADggEBAFwA/53GKen0ild9
W7wo3CI+a+cyzTDd197NdD3oz+2p/kf43j1illcGyLSLD1hz9daiqyWuFeipfXvb
mpb3PKQ620NncbyBpvHRsdezEfj1OhCx197BaUpOGKbnSPLUcrG2xN18nz8miwAO
ygyIqEX6gWh2fqvPZoOxDl49vskadl0NBYyUjNV9cRMng6Sz0G1e6z/P8jJ2wXEx
CJ6X/6aaZy0gnJVANjLLDEpqKd3dJoSqPzCXPOBUKD/B6GD4wJbH310Q2nQE/nzN
6peuQpg2zRU5rEwQ43Zbn2GORIEwuWYz5gEo8EMi6NdJX4PmxoO+BZatkU0VG00m
QVU2Y2Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:39:03 2024 by rpki-client on console-fra.rpki-client.org