Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/HaKViztu_iYJG_w8_ozryqygNLc.roa
File: HaKViztu_iYJG_w8_ozryqygNLc.roa (raw, json)
Hash identifier: UeX5586gsvlc0PFceRIQSpziyD7FXeyJmgELNOWyKUE=
Subject key identifier: 1D:A2:95:8B:3B:6E:FE:26:09:1B:FC:3C:FE:8C:EB:CA:AC:A0:34:B7
Certificate issuer: /CN=3c177b528043a85953fc250f991d9d8020e2810d
Certificate serial: 018CC492E06B6AAD45A7909D6458E214636A
Authority key identifier: 3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/HaKViztu_iYJG_w8_ozryqygNLc.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212754
IP address blocks: 193.19.248.0/22 maxlen: 24
2a0a:2302::/32 maxlen: 32
2a0a:2300::/31 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e0:6b:6a:ad:45:a7:90:9d:64:58:e2:14:63:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c177b528043a85953fc250f991d9d8020e2810d
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da2958b3b6efe26091bfc3cfe8cebcaaca034b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:fd:8c:80:22:0f:48:41:fd:2a:13:a1:81:
d1:74:92:aa:77:4a:dc:7d:49:46:28:c2:1e:e3:2b:
5b:fa:90:35:34:49:52:19:dc:bf:53:b3:ef:ec:05:
29:8d:c2:c6:58:d9:a2:c0:3a:4b:ea:d9:2e:b7:c1:
e1:5a:ba:8f:f4:b8:4f:1c:53:68:4e:07:ac:83:fc:
94:15:15:3a:21:8f:77:00:e3:47:f5:c6:cf:1e:f1:
78:85:63:d5:b8:ab:ca:5e:86:ba:71:57:d4:9a:fa:
55:03:7d:dd:d2:e5:1b:b3:9c:8e:b8:ac:de:3d:03:
88:4d:6f:a0:0b:fd:d6:81:ef:6f:f3:52:71:cb:af:
4b:67:5a:6d:81:11:0f:38:40:59:01:c6:a9:b0:7a:
22:d4:f5:52:91:8e:1b:6b:de:b5:24:51:36:9f:70:
32:ef:a4:96:3f:05:a2:da:bb:43:25:56:7e:db:f6:
f2:c3:41:53:04:27:a7:fa:ea:92:5d:71:79:0a:de:
49:5a:a4:0a:d4:00:c6:8c:b0:8d:9e:a7:1d:1e:8c:
1d:cd:b7:9f:2c:17:69:f8:2c:29:4c:8f:2a:da:54:
4c:33:15:9a:b3:f7:79:f0:a3:86:f3:ff:7f:5a:bf:
a2:32:ff:b8:69:bb:58:9a:b5:6a:c5:3b:63:b1:2a:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A2:95:8B:3B:6E:FE:26:09:1B:FC:3C:FE:8C:EB:CA:AC:A0:34:B7
X509v3 Authority Key Identifier:
keyid:3C:17:7B:52:80:43:A8:59:53:FC:25:0F:99:1D:9D:80:20:E2:81:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBd7UoBDqFlT_CUPmR2dgCDigQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/HaKViztu_iYJG_w8_ozryqygNLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5ed525-3f37-4c70-a2ec-a4151b5e2fcf/1/PBd7UoBDqFlT_CUPmR2dgCDigQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.248.0/22
IPv6:
2a0a:2300::-2a0a:2302:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
20:d5:f1:91:13:5e:17:3d:58:02:36:b8:79:20:e4:9d:4a:36:
cf:64:0a:b2:72:7a:95:2f:80:6a:0e:6b:c6:ee:b2:19:e6:ec:
6d:b1:87:b3:79:14:c3:70:a0:7b:6c:f6:95:68:13:e6:e7:24:
c2:5c:6a:1c:bc:8c:86:66:9a:45:9d:01:48:9e:23:29:7f:9b:
eb:b3:bd:66:f4:04:8b:7f:e6:3b:2a:e9:6d:a0:54:eb:d2:27:
1b:9b:40:24:68:ad:c9:73:e8:9c:0a:eb:46:7f:6c:f8:e0:33:
d2:4b:18:90:0d:22:58:2f:ef:bd:43:1d:cd:4d:ab:df:7f:53:
a9:67:32:00:45:c3:78:44:92:41:a5:dc:cf:08:30:50:5b:f7:
11:c0:b2:81:33:98:cb:15:08:1c:46:f7:2d:b0:1c:b4:ab:14:
7e:b4:c6:c2:85:f6:41:55:a3:08:46:00:4b:83:1c:6c:ab:52:
ea:4c:1e:e9:4b:5c:fe:72:52:22:fb:c2:fc:b4:d6:b5:cc:34:
42:65:32:71:23:bd:08:4f:b2:5b:8a:c9:52:25:fe:a2:5f:90:
dc:a2:2b:58:7c:e2:28:70:e3:56:7d:62:2c:b8:96:03:c0:f0:
2d:12:72:ee:e4:f1:87:bd:ed:1e:8f:a3:0f:46:43:42:68:50:
25:f0:94:0f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEkuBraq1Fp5CdZFjiFGNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTc3YjUyODA0M2E4NTk1M2ZjMjUwZjk5MWQ5ZDgwMjBl
MjgxMGQwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEyOTU4YjNiNmVmZTI2MDkxYmZjM2NmZThjZWJjYWFjYTAzNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2X9jIAiD0hB/SoToYHRdJKqd0rc
fUlGKMIe4ytb+pA1NElSGdy/U7Pv7AUpjcLGWNmiwDpL6tkut8HhWrqP9LhPHFNo
Tgesg/yUFRU6IY93AONH9cbPHvF4hWPVuKvKXoa6cVfUmvpVA33d0uUbs5yOuKze
PQOITW+gC/3Wge9v81Jxy69LZ1ptgREPOEBZAcapsHoi1PVSkY4ba961JFE2n3Ay
76SWPwWi2rtDJVZ+2/byw0FTBCen+uqSXXF5Ct5JWqQK1ADGjLCNnqcdHowdzbef
LBdp+CwpTI8q2lRMMxWas/d58KOG8/9/Wr+iMv+4abtYmrVqxTtjsSpf9wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB2ilYs7bv4mCRv8PP6M68qsoDS3MB8GA1UdIwQY
MBaAFDwXe1KAQ6hZU/wlD5kdnYAg4oENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMt
YTQxNTFiNWUyZmNmLzEvSGFLVml6dHVfaVlKR193OF9venJ5cXlnTkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81ZWQ1MjUtM2YzNy00YzcwLWEyZWMtYTQxNTFiNWUyZmNm
LzEvUEJkN1VvQkRxRmxUX0NVUG1SMmRnQ0RpZ1EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQCwRP4MBUE
AgACMA8wDQMEACoKIwMFACoKIwIwDQYJKoZIhvcNAQELBQADggEBACDV8ZETXhc9
WAI2uHkg5J1KNs9kCrJyepUvgGoOa8bushnm7G2xh7N5FMNwoHts9pVoE+bnJMJc
ahy8jIZmmkWdAUieIyl/m+uzvWb0BIt/5jsq6W2gVOvSJxubQCRorclz6JwK60Z/
bPjgM9JLGJANIlgv771DHc1Nq99/U6lnMgBFw3hEkkGl3M8IMFBb9xHAsoEzmMsV
CBxG9y2wHLSrFH60xsKF9kFVowhGAEuDHGyrUupMHulLXP5yUiL7wvy01rXMNEJl
MnEjvQhPsluKyVIl/qJfkNyiK1h84ihw41Z9Yiy4lgPA8C0Scu7k8Ye97R6Pow9G
Q0JoUCXwlA8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:32 2024 by rpki-client on console-ams.rpki-client.org