Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/hSBV-N1UnRmxOamroDv_mdotSIw.roa
File: hSBV-N1UnRmxOamroDv_mdotSIw.roa (raw, json)
Hash identifier: cLBKVVJikZBHRPx+VfxAYrkjXetZ3lZUw7rA4MG1u2I=
Subject key identifier: 85:20:55:F8:DD:54:9D:19:B1:39:A9:AB:A0:3B:FF:99:DA:2D:48:8C
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 0192FCD55345CD656DF7E0E11EA30EF39967
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/hSBV-N1UnRmxOamroDv_mdotSIw.roa
Signing time: Tue 05 Nov 2024 14:58:11 +0000
ROA not before: Tue 05 Nov 2024 14:58:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12902
IP address blocks: 79.98.168.0/21 maxlen: 21
79.98.170.0/24 maxlen: 24
185.240.112.0/22 maxlen: 24
217.77.128.0/19 maxlen: 24
217.77.144.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:d5:53:45:cd:65:6d:f7:e0:e1:1e:a3:0e:f3:99:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Nov 5 14:58:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=852055f8dd549d19b139a9aba03bff99da2d488c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4e:77:0e:c1:24:d1:3d:c7:a8:06:11:7e:5c:
5b:5d:83:54:ff:06:23:86:95:67:f7:54:b3:7c:4a:
d3:af:cb:9f:fc:8b:10:b6:bf:c3:e5:5e:18:4b:08:
7d:31:7c:08:83:41:2b:f1:97:0b:df:fc:75:a6:d6:
05:1b:cd:69:42:0a:72:73:e2:5b:c8:9e:b8:2d:74:
4b:c8:ad:e5:7c:48:7f:d6:c2:fe:ba:f7:53:17:47:
0c:40:5b:c0:d9:26:90:6d:52:04:c3:7f:38:3a:c6:
34:8e:3e:55:cc:f2:60:3a:a3:b9:05:87:8e:d5:41:
03:ad:e8:4b:4b:d8:72:ff:52:4a:63:4d:0d:22:51:
c5:90:c9:39:1b:7f:94:bf:6f:5c:95:7a:0b:1f:7a:
4e:57:53:43:33:fd:60:f2:6d:39:66:e5:24:57:0b:
2f:c9:ac:39:15:03:99:a8:1d:ce:30:a7:a5:3a:df:
4f:93:4c:cb:91:78:0e:d0:f2:f4:b8:43:ac:2d:4b:
40:a4:49:c1:c7:1d:dc:22:8c:16:2d:29:83:fb:90:
f0:09:50:07:97:d3:be:94:73:d2:a3:ed:12:2e:22:
63:c3:6a:28:43:7d:f3:cb:75:c2:9a:63:8d:35:75:
bf:2e:29:2a:fa:3b:9b:70:57:02:98:94:a4:3f:fd:
2f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:20:55:F8:DD:54:9D:19:B1:39:A9:AB:A0:3B:FF:99:DA:2D:48:8C
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/hSBV-N1UnRmxOamroDv_mdotSIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
185.240.112.0/22
217.77.128.0/19
IPv6:
2001:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:4e:08:0b:02:2a:db:43:75:dc:b6:23:c0:b5:af:f6:44:1d:
7b:99:0d:c6:f6:3e:82:70:4d:9f:04:33:bf:2e:d1:9d:1e:fe:
a2:10:41:85:d6:35:d4:47:31:d8:95:21:60:16:a5:b9:16:8d:
d1:34:07:0b:4e:00:70:d2:1d:2a:6b:b2:52:bb:2d:2e:43:43:
56:58:2c:47:5b:a7:4a:bb:48:27:d2:bd:9d:32:2f:3a:d8:7c:
41:56:1d:67:30:17:6b:ee:9c:87:13:a3:98:91:5d:89:5d:52:
ed:d6:ff:21:6a:97:ce:3c:65:8a:55:ab:fa:3b:b6:bc:ef:ee:
6b:4e:a4:6d:92:20:4d:ee:05:0a:36:bf:de:f2:93:1f:bb:75:
32:19:2f:84:c6:ff:61:96:0a:9c:a8:c5:a0:2c:7b:9c:1a:5c:
b9:46:58:b1:b5:f7:e9:cb:17:7d:79:48:92:e7:6f:9e:ac:66:
57:79:94:0b:33:35:f6:e7:fa:20:57:93:fa:dd:5b:a1:46:ed:
fd:aa:83:ba:11:0d:9a:13:10:2c:29:b9:33:6c:a0:97:1a:10:
5c:59:0c:29:6e:94:90:57:04:97:81:6c:1f:e7:c2:91:5b:5b:
15:0f:1a:99:6e:74:65:5b:aa:3a:9c:f3:f1:16:a5:53:af:91:
14:e2:2c:02
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZL81VNFzWVt9+DhHqMO85lnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjQxMTA1MTQ1ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTIwNTVmOGRkNTQ5ZDE5YjEzOWE5YWJhMDNiZmY5OWRhMmQ0ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk53DsEk0T3HqAYRflxbXYNU/wYj
hpVn91SzfErTr8uf/IsQtr/D5V4YSwh9MXwIg0Er8ZcL3/x1ptYFG81pQgpyc+Jb
yJ64LXRLyK3lfEh/1sL+uvdTF0cMQFvA2SaQbVIEw384OsY0jj5VzPJgOqO5BYeO
1UEDrehLS9hy/1JKY00NIlHFkMk5G3+Uv29clXoLH3pOV1NDM/1g8m05ZuUkVwsv
yaw5FQOZqB3OMKelOt9Pk0zLkXgO0PL0uEOsLUtApEnBxx3cIowWLSmD+5DwCVAH
l9O+lHPSo+0SLiJjw2ooQ33zy3XCmmONNXW/Likq+jubcFcCmJSkP/0v9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIUgVfjdVJ0ZsTmpq6A7/5naLUiMMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvaFNCVi1OMVVuUm14T2Ftcm9Edl9tZG90U0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT2KoAwQC
ufBwAwQF2U2AMA0EAgACMAcDBQAgAQnAMA0GCSqGSIb3DQEBCwUAA4IBAQAMTggL
AirbQ3XctiPAta/2RB17mQ3G9j6CcE2fBDO/LtGdHv6iEEGF1jXURzHYlSFgFqW5
Fo3RNAcLTgBw0h0qa7JSuy0uQ0NWWCxHW6dKu0gn0r2dMi862HxBVh1nMBdr7pyH
E6OYkV2JXVLt1v8hapfOPGWKVav6O7a87+5rTqRtkiBN7gUKNr/e8pMfu3UyGS+E
xv9hlgqcqMWgLHucGly5Rlixtffpyxd9eUiS52+erGZXeZQLMzX25/ogV5P63Vuh
Ru39qoO6EQ2aExAsKbkzbKCXGhBcWQwpbpSQVwSXgWwf58KRW1sVDxqZbnRlW6o6
nPPxFqVTr5EU4iwC
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:47 2024 by rpki-client on console-ams.rpki-client.org