Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/HAKoJA_4VVRjUB9p7Aq16OPdGgo.roa
File: HAKoJA_4VVRjUB9p7Aq16OPdGgo.roa (raw, json)
Hash identifier: TJ0kFVUE0nvOqu5DKW8gaMLrYYvWCee27XHAym+SLcc=
Subject key identifier: 1C:02:A8:24:0F:F8:55:54:63:50:1F:69:EC:0A:B5:E8:E3:DD:1A:0A
Certificate issuer: /CN=199ef1b4eb6a0f812511b6bb2704801a3311f709
Certificate serial: 018CC870C40FA4F43037880A8A0F23D887B9
Authority key identifier: 19:9E:F1:B4:EB:6A:0F:81:25:11:B6:BB:27:04:80:1A:33:11:F7:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/HAKoJA_4VVRjUB9p7Aq16OPdGgo.roa
Signing time: Tue 02 Jan 2024 04:31:22 +0000
ROA not before: Tue 02 Jan 2024 04:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206060
IP address blocks: 185.197.177.0/24 maxlen: 24
185.197.178.0/24 maxlen: 24
185.197.179.0/24 maxlen: 24
185.197.176.0/22 maxlen: 22
185.197.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:c4:0f:a4:f4:30:37:88:0a:8a:0f:23:d8:87:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199ef1b4eb6a0f812511b6bb2704801a3311f709
Validity
Not Before: Jan 2 04:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c02a8240ff8555463501f69ec0ab5e8e3dd1a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0f:57:0b:e4:55:69:89:8a:57:51:b0:7b:99:
4f:6d:b8:86:10:85:79:5f:3f:5f:af:bd:95:53:21:
0f:b5:a6:10:33:30:ef:0a:f5:dd:c6:fb:5b:c8:e0:
6c:18:40:e3:ee:e3:c2:cd:b5:9b:cb:45:24:42:eb:
76:b6:0a:4c:e5:03:02:d0:3c:01:6e:d4:c7:af:67:
47:8a:5d:99:6b:ca:a7:eb:db:d8:70:e3:14:6e:cc:
13:9b:40:47:52:0c:64:8e:4c:10:28:5e:a8:2d:99:
77:ec:a7:30:cd:cf:af:7b:30:2e:ca:ad:00:e5:d5:
af:79:48:2f:0d:ac:cf:42:07:5b:c5:85:fe:10:73:
ef:cf:c3:dd:71:f0:d1:ba:96:60:2c:dc:a0:f3:2c:
e3:44:a6:3e:76:69:6c:50:82:c7:79:9e:17:a9:1c:
16:de:70:17:c1:30:e6:1f:9c:18:3d:8c:fe:7f:bd:
25:30:b7:55:32:fb:63:c1:49:d0:e2:d3:dd:01:58:
de:f3:48:fb:29:5d:7e:9f:be:7a:55:21:9f:ca:7b:
41:3f:ff:79:0d:f5:20:4a:b6:81:ff:c1:b0:bb:eb:
64:56:4c:c1:81:3e:8f:ee:72:c7:4d:23:17:49:c0:
88:04:60:38:c2:4f:6f:e4:24:96:c9:75:c9:14:ba:
04:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:02:A8:24:0F:F8:55:54:63:50:1F:69:EC:0A:B5:E8:E3:DD:1A:0A
X509v3 Authority Key Identifier:
keyid:19:9E:F1:B4:EB:6A:0F:81:25:11:B6:BB:27:04:80:1A:33:11:F7:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZ7xtOtqD4ElEba7JwSAGjMR9wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/HAKoJA_4VVRjUB9p7Aq16OPdGgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/eafe6e-cfe3-4245-9c36-07a28ad3cb64/1/GZ7xtOtqD4ElEba7JwSAGjMR9wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.176.0/22
Signature Algorithm: sha256WithRSAEncryption
69:67:6a:76:57:58:35:90:6c:0c:7d:fa:df:be:45:0f:18:c4:
a8:92:b6:db:81:34:5b:cf:ef:2b:56:84:09:7d:38:98:c7:86:
e4:a2:98:85:70:16:a6:7f:18:27:e9:20:2b:7d:c4:c6:da:07:
b4:68:51:a8:e0:52:ec:89:03:cf:97:aa:e0:c0:c2:b4:62:94:
f1:be:f2:a8:47:08:14:ef:6d:48:93:98:b9:00:e7:23:13:de:
03:3d:09:c0:c2:2f:74:0d:ab:32:6c:be:8b:cd:d1:ee:a9:14:
96:16:fc:3a:67:ef:62:9c:20:aa:1c:0a:4f:84:8a:55:38:76:
fd:84:89:5a:fd:5b:ed:a6:86:a1:4b:ee:ea:41:18:b3:b0:cd:
29:42:f2:e6:92:14:b3:cc:23:9e:de:38:5e:82:fe:dc:c2:1e:
15:0a:2e:25:53:a0:67:e2:eb:18:be:21:47:aa:5d:40:71:2d:
ac:4d:c9:56:60:94:15:0a:a8:36:ba:9c:6a:0c:e4:48:bf:d0:
45:e2:68:0d:40:ff:35:59:70:79:89:29:07:c3:34:3f:5f:86:
ba:ab:0e:e4:7c:1b:8f:8c:0c:a4:17:11:50:23:3b:7c:d8:05:
94:0a:01:88:23:02:28:7b:a1:07:34:88:7a:0c:8b:d6:a1:b2:
ab:e8:44:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcMQPpPQwN4gKig8j2Ie5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OWVmMWI0ZWI2YTBmODEyNTExYjZiYjI3MDQ4MDFhMzMx
MWY3MDkwHhcNMjQwMTAyMDQzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzAyYTgyNDBmZjg1NTU0NjM1MDFmNjllYzBhYjVlOGUzZGQxYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA9XC+RVaYmKV1Gwe5lPbbiGEIV5
Xz9fr72VUyEPtaYQMzDvCvXdxvtbyOBsGEDj7uPCzbWby0UkQut2tgpM5QMC0DwB
btTHr2dHil2Za8qn69vYcOMUbswTm0BHUgxkjkwQKF6oLZl37Kcwzc+vezAuyq0A
5dWveUgvDazPQgdbxYX+EHPvz8PdcfDRupZgLNyg8yzjRKY+dmlsUILHeZ4XqRwW
3nAXwTDmH5wYPYz+f70lMLdVMvtjwUnQ4tPdAVje80j7KV1+n756VSGfyntBP/95
DfUgSraB/8Gwu+tkVkzBgT6P7nLHTSMXScCIBGA4wk9v5CSWyXXJFLoElQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwCqCQP+FVUY1AfaewKtejj3RoKMB8GA1UdIwQY
MBaAFBme8bTrag+BJRG2uycEgBozEfcJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1o3eHRPdHFENEVsRWJhN0p3U0FHak1SOXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9lYWZlNmUtY2ZlMy00MjQ1LTljMzYt
MDdhMjhhZDNjYjY0LzEvSEFLb0pBXzRWVlJqVUI5cDdBcTE2T1BkR2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9lYWZlNmUtY2ZlMy00MjQ1LTljMzYtMDdhMjhhZDNjYjY0
LzEvR1o3eHRPdHFENEVsRWJhN0p3U0FHak1SOXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucWwMA0G
CSqGSIb3DQEBCwUAA4IBAQBpZ2p2V1g1kGwMffrfvkUPGMSokrbbgTRbz+8rVoQJ
fTiYx4bkopiFcBamfxgn6SArfcTG2ge0aFGo4FLsiQPPl6rgwMK0YpTxvvKoRwgU
721Ik5i5AOcjE94DPQnAwi90DasybL6LzdHuqRSWFvw6Z+9inCCqHApPhIpVOHb9
hIla/VvtpoahS+7qQRizsM0pQvLmkhSzzCOe3jhegv7cwh4VCi4lU6Bn4usYviFH
ql1AcS2sTclWYJQVCqg2upxqDORIv9BF4mgNQP81WXB5iSkHwzQ/X4a6qw7kfBuP
jAykFxFQIzt82AWUCgGIIwIoe6EHNIh6DIvWobKr6ERY
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:45:56 2024 by rpki-client on console-ams.rpki-client.org