Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/97334a-c97f-47c4-9982-d8676a80cfc7/1/HvGAbkDvndEozV86olP1mR8Chn0.roa
File: HvGAbkDvndEozV86olP1mR8Chn0.roa (raw, json)
Hash identifier: U47FehNEv9StYT8x1ByFscZWk5t/Vr9aPBPYaSr1JiE=
Subject key identifier: 1E:F1:80:6E:40:EF:9D:D1:28:CD:5F:3A:A2:53:F5:99:1F:02:86:7D
Certificate issuer: /CN=3c45ce4085f02eb8a0ed1afd2b7991a8aa998334
Certificate serial: 018CC80120DBA691637AD3CC1C79E64985B4
Authority key identifier: 3C:45:CE:40:85:F0:2E:B8:A0:ED:1A:FD:2B:79:91:A8:AA:99:83:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PEXOQIXwLrig7Rr9K3mRqKqZgzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/97334a-c97f-47c4-9982-d8676a80cfc7/1/HvGAbkDvndEozV86olP1mR8Chn0.roa
Signing time: Tue 02 Jan 2024 02:29:26 +0000
ROA not before: Tue 02 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24707
IP address blocks: 185.122.82.0/24 maxlen: 24
185.122.82.0/23 maxlen: 23
185.122.83.0/24 maxlen: 24
185.122.80.0/24 maxlen: 24
185.122.80.0/22 maxlen: 22
185.122.80.0/23 maxlen: 23
185.122.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/97334a-c97f-47c4-9982-d8676a80cfc7/1/PEXOQIXwLrig7Rr9K3mRqKqZgzQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/97334a-c97f-47c4-9982-d8676a80cfc7/1/PEXOQIXwLrig7Rr9K3mRqKqZgzQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PEXOQIXwLrig7Rr9K3mRqKqZgzQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:20:db:a6:91:63:7a:d3:cc:1c:79:e6:49:85:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c45ce4085f02eb8a0ed1afd2b7991a8aa998334
Validity
Not Before: Jan 2 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ef1806e40ef9dd128cd5f3aa253f5991f02867d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:27:ee:85:28:26:d9:fb:c9:75:4f:5e:21:ab:
b4:c7:7c:29:34:d9:53:8e:14:5d:fe:d7:42:9d:86:
b1:55:fc:a4:02:d9:ba:30:a3:89:8a:c2:49:3b:44:
5c:f5:06:cd:68:05:93:df:88:28:60:d6:9f:3d:dc:
93:45:63:49:8c:19:af:d9:a1:32:be:ac:49:83:78:
aa:9f:bc:dd:03:79:e4:c1:22:ca:b7:6c:bd:af:e3:
13:d3:61:e6:d3:61:ae:40:b4:16:97:08:12:cb:42:
15:bf:a1:01:56:06:4f:84:8b:0d:b7:e7:1e:6e:10:
c7:3f:2f:1e:4e:b8:d7:fe:19:d5:96:fc:68:52:6b:
8c:23:7a:63:5c:f0:f8:83:d8:d7:73:33:4c:d0:bc:
23:0a:3f:5a:54:2d:62:bb:78:f0:e2:81:e9:01:62:
d8:b7:64:8c:57:a6:b1:7f:5a:fb:fd:62:25:2a:48:
d5:d1:e6:71:d1:0d:5e:97:2d:6f:37:5a:92:5a:ea:
63:f6:a9:22:2f:0c:ca:31:7b:48:ab:6d:ef:3f:7c:
4e:f1:b0:3e:80:0f:94:54:c0:e1:91:7c:21:ba:20:
38:37:53:c7:ea:6a:c0:bd:19:36:19:12:89:5d:37:
71:4c:bc:45:79:6a:dd:0e:eb:7a:5c:c1:ca:c1:91:
11:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F1:80:6E:40:EF:9D:D1:28:CD:5F:3A:A2:53:F5:99:1F:02:86:7D
X509v3 Authority Key Identifier:
keyid:3C:45:CE:40:85:F0:2E:B8:A0:ED:1A:FD:2B:79:91:A8:AA:99:83:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PEXOQIXwLrig7Rr9K3mRqKqZgzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/97334a-c97f-47c4-9982-d8676a80cfc7/1/HvGAbkDvndEozV86olP1mR8Chn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/97334a-c97f-47c4-9982-d8676a80cfc7/1/PEXOQIXwLrig7Rr9K3mRqKqZgzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.80.0/22
Signature Algorithm: sha256WithRSAEncryption
63:c8:20:c3:98:07:1d:88:47:12:81:2f:16:28:f2:7a:b5:8d:
e8:f7:a6:b9:ea:9a:6e:13:6f:08:ea:ea:ed:09:12:86:ad:c6:
d9:f4:c3:85:ae:a1:86:ae:b1:89:12:39:3d:80:17:c8:7e:21:
23:b4:e4:5d:77:4e:d6:84:b4:ea:1e:30:af:fe:48:a4:ed:5b:
cf:6b:73:6b:fb:af:db:20:59:d5:12:a6:9d:59:66:6e:6f:40:
1f:a5:e3:90:c8:47:a2:d0:ac:39:59:bb:d9:be:0e:f0:08:7b:
f7:a0:3f:d5:c2:0a:cd:b7:2b:b6:b3:2a:2b:10:63:d7:6b:27:
3c:2c:ee:b3:df:8b:19:9d:02:b4:15:62:49:4d:7f:83:70:dd:
da:d1:46:4d:5a:a1:21:f5:53:6b:1b:6d:94:60:d5:52:45:48:
6d:c0:8a:d3:f9:e2:fe:d0:d1:a1:50:76:c2:cd:5f:2b:ef:a9:
e4:f1:b6:0f:c0:56:e2:16:87:e9:b6:d1:3d:44:fa:25:98:7b:
5d:a6:4e:e1:1e:78:f3:63:29:33:91:c5:eb:0e:1e:7e:06:a4:
a7:0a:2e:5d:20:a6:03:39:61:f0:b9:d5:aa:9b:c1:27:30:2c:
48:13:34:44:81:24:b5:c2:1a:43:be:85:22:62:fb:2b:b4:c5:
0e:92:93:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIASDbppFjetPMHHnmSYW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNDVjZTQwODVmMDJlYjhhMGVkMWFmZDJiNzk5MWE4YWE5
OTgzMzQwHhcNMjQwMTAyMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYxODA2ZTQwZWY5ZGQxMjhjZDVmM2FhMjUzZjU5OTFmMDI4NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmifuhSgm2fvJdU9eIau0x3wpNNlT
jhRd/tdCnYaxVfykAtm6MKOJisJJO0Rc9QbNaAWT34goYNafPdyTRWNJjBmv2aEy
vqxJg3iqn7zdA3nkwSLKt2y9r+MT02Hm02GuQLQWlwgSy0IVv6EBVgZPhIsNt+ce
bhDHPy8eTrjX/hnVlvxoUmuMI3pjXPD4g9jXczNM0LwjCj9aVC1iu3jw4oHpAWLY
t2SMV6axf1r7/WIlKkjV0eZx0Q1ely1vN1qSWupj9qkiLwzKMXtIq23vP3xO8bA+
gA+UVMDhkXwhuiA4N1PH6mrAvRk2GRKJXTdxTLxFeWrdDut6XMHKwZERJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7xgG5A753RKM1fOqJT9ZkfAoZ9MB8GA1UdIwQY
MBaAFDxFzkCF8C64oO0a/St5kaiqmYM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEVYT1FJWHdMcmlnN1JyOUszbVJxS3FaZ3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85NzMzNGEtYzk3Zi00N2M0LTk5ODIt
ZDg2NzZhODBjZmM3LzEvSHZHQWJrRHZuZEVvelY4Nm9sUDFtUjhDaG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85NzMzNGEtYzk3Zi00N2M0LTk5ODItZDg2NzZhODBjZmM3
LzEvUEVYT1FJWHdMcmlnN1JyOUszbVJxS3FaZ3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBjyCDDmAcdiEcSgS8WKPJ6tY3o96a56ppuE28I6urt
CRKGrcbZ9MOFrqGGrrGJEjk9gBfIfiEjtORdd07WhLTqHjCv/kik7VvPa3Nr+6/b
IFnVEqadWWZub0AfpeOQyEei0Kw5WbvZvg7wCHv3oD/VwgrNtyu2syorEGPXayc8
LO6z34sZnQK0FWJJTX+DcN3a0UZNWqEh9VNrG22UYNVSRUhtwIrT+eL+0NGhUHbC
zV8r76nk8bYPwFbiFofpttE9RPolmHtdpk7hHnjzYykzkcXrDh5+BqSnCi5dIKYD
OWHwudWqm8EnMCxIEzREgSS1whpDvoUiYvsrtMUOkpPH
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:12:48 2024 by rpki-client on console-fra.rpki-client.org