Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/cvN2HAeYqeK3Y1vsIURjrvbA3Tg.roa
File: cvN2HAeYqeK3Y1vsIURjrvbA3Tg.roa (raw, json)
Hash identifier: 4zS00FfNtIUx4G5C/WRgGcxzIPLnVDrMZ7Ant83DqQU=
Subject key identifier: 72:F3:76:1C:07:98:A9:E2:B7:63:5B:EC:21:44:63:AE:F6:C0:DD:38
Certificate issuer: /CN=1d54be79c892b5356bf1b7bcd131397f2c23adc0
Certificate serial: 018CC64AEBFA7E8B927239BC0C51BEB4E517
Authority key identifier: 1D:54:BE:79:C8:92:B5:35:6B:F1:B7:BC:D1:31:39:7F:2C:23:AD:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/cvN2HAeYqeK3Y1vsIURjrvbA3Tg.roa
Signing time: Mon 01 Jan 2024 18:30:47 +0000
ROA not before: Mon 01 Jan 2024 18:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 185.248.164.0/23 maxlen: 23
185.248.167.0/24 maxlen: 24
2a0d:ed80:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:eb:fa:7e:8b:92:72:39:bc:0c:51:be:b4:e5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d54be79c892b5356bf1b7bcd131397f2c23adc0
Validity
Not Before: Jan 1 18:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72f3761c0798a9e2b7635bec214463aef6c0dd38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b8:52:3b:76:64:cf:f1:d2:cf:e4:55:08:38:
1f:f6:3c:df:1f:f5:08:42:28:b0:46:06:2c:3e:87:
00:26:2b:6b:a8:05:20:45:e0:81:9a:68:2b:fa:44:
b0:81:5d:29:f9:85:a9:25:40:72:8a:2d:5b:b2:dd:
cb:90:92:9b:8c:ad:6e:70:67:df:4b:76:ba:68:d5:
cb:1a:4b:16:fc:4c:af:df:6e:39:40:b1:60:eb:ba:
32:7f:f2:04:2b:05:69:6b:b2:6d:5a:83:25:dc:99:
e6:cd:bc:b3:7e:a7:56:d9:c5:62:6f:5e:a3:c8:02:
be:8f:b0:55:c9:ec:14:ac:a3:0f:95:d6:f5:d7:2c:
3a:ee:c5:14:52:77:b4:09:11:8a:d6:73:51:8d:62:
a7:c2:eb:cd:c2:10:47:0a:ce:18:7f:da:aa:13:a3:
69:02:a6:4f:35:ab:4b:fd:ff:12:37:5f:67:a5:82:
3f:84:55:71:24:00:cd:9f:c8:6f:f2:4f:52:8e:d1:
8b:06:d8:23:87:41:71:30:96:23:91:66:d2:cf:5b:
35:c3:68:5c:f4:c8:aa:39:ef:41:20:ef:79:4c:9d:
11:26:09:d7:7e:16:ea:45:35:0a:3e:60:9c:08:12:
8a:61:e3:f6:26:5e:55:3d:f9:0e:e8:e4:b3:4d:82:
87:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F3:76:1C:07:98:A9:E2:B7:63:5B:EC:21:44:63:AE:F6:C0:DD:38
X509v3 Authority Key Identifier:
keyid:1D:54:BE:79:C8:92:B5:35:6B:F1:B7:BC:D1:31:39:7F:2C:23:AD:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HVS-eciStTVr8be80TE5fywjrcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/cvN2HAeYqeK3Y1vsIURjrvbA3Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/67769b-85a5-4a0a-889b-802b6376f743/1/HVS-eciStTVr8be80TE5fywjrcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.164.0/23
185.248.167.0/24
IPv6:
2a0d:ed80:300::/40
Signature Algorithm: sha256WithRSAEncryption
7e:04:64:72:ee:c0:73:ad:1d:bf:e4:9f:a8:53:71:88:03:53:
b6:00:8d:6d:fd:93:fa:cc:c2:0d:4f:72:b0:4d:8e:76:3f:f8:
c6:f2:01:80:66:fd:62:77:96:cd:71:91:ab:32:c5:74:b6:5c:
b7:8a:64:f2:4d:2b:b5:3c:fb:a8:4d:04:2d:9b:57:82:0e:3f:
e5:55:55:26:c8:0d:09:43:5c:30:61:03:34:7f:5d:d6:fd:c1:
82:dc:cf:30:5b:89:6b:54:61:b6:bd:3c:5a:be:12:b7:ab:39:
8a:45:c1:c7:6b:58:3b:c9:d1:c9:d6:6d:16:2b:8f:7e:48:19:
7c:1b:ef:da:b2:5f:ed:5e:a4:59:61:ef:5f:23:43:d1:64:cc:
a9:b8:30:68:5a:c8:29:53:9a:e0:16:96:d7:41:7e:39:0e:ec:
31:2c:cb:04:9f:16:24:49:73:2d:4f:fd:10:21:9d:c0:aa:87:
f7:0b:35:07:18:4d:38:70:4e:29:e0:a2:ae:06:f9:62:a2:88:
35:a6:d2:27:c0:c3:e0:5b:b8:5f:e4:ce:5e:b2:a7:b3:01:6f:
f3:b7:f1:15:c7:31:4a:3b:f6:fb:9c:a1:20:b1:78:b0:62:9f:
4d:f7:5d:f9:1c:ce:b0:7b:01:44:98:03:95:68:87:de:62:c7:
51:01:ec:9b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGSuv6fouScjm8DFG+tOUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNTRiZTc5Yzg5MmI1MzU2YmYxYjdiY2QxMzEzOTdmMmMy
M2FkYzAwHhcNMjQwMTAxMTgzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYzNzYxYzA3OThhOWUyYjc2MzViZWMyMTQ0NjNhZWY2YzBkZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLhSO3Zkz/HSz+RVCDgf9jzfH/UI
QiiwRgYsPocAJitrqAUgReCBmmgr+kSwgV0p+YWpJUByii1bst3LkJKbjK1ucGff
S3a6aNXLGksW/Eyv3245QLFg67oyf/IEKwVpa7JtWoMl3JnmzbyzfqdW2cVib16j
yAK+j7BVyewUrKMPldb11yw67sUUUne0CRGK1nNRjWKnwuvNwhBHCs4Yf9qqE6Np
AqZPNatL/f8SN19npYI/hFVxJADNn8hv8k9SjtGLBtgjh0FxMJYjkWbSz1s1w2hc
9MiqOe9BIO95TJ0RJgnXfhbqRTUKPmCcCBKKYeP2Jl5VPfkO6OSzTYKHQwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHLzdhwHmKnit2Nb7CFEY672wN04MB8GA1UdIwQY
MBaAFB1UvnnIkrU1a/G3vNExOX8sI63AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFZTLWVjaVN0VFZyOGJlODBURTVmeXdqcmNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82Nzc2OWItODVhNS00YTBhLTg4OWIt
ODAyYjYzNzZmNzQzLzEvY3ZOMkhBZVlxZUszWTF2c0lVUmpydmJBM1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82Nzc2OWItODVhNS00YTBhLTg4OWItODAyYjYzNzZmNzQz
LzEvSFZTLWVjaVN0VFZyOGJlODBURTVmeXdqcmNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBufikAwQA
ufinMA4EAgACMAgDBgAqDe2AAzANBgkqhkiG9w0BAQsFAAOCAQEAfgRkcu7Ac60d
v+SfqFNxiANTtgCNbf2T+szCDU9ysE2Odj/4xvIBgGb9YneWzXGRqzLFdLZct4pk
8k0rtTz7qE0ELZtXgg4/5VVVJsgNCUNcMGEDNH9d1v3BgtzPMFuJa1Rhtr08Wr4S
t6s5ikXBx2tYO8nRydZtFiuPfkgZfBvv2rJf7V6kWWHvXyND0WTMqbgwaFrIKVOa
4BaW10F+OQ7sMSzLBJ8WJElzLU/9ECGdwKqH9ws1BxhNOHBOKeCirgb5YqKINabS
J8DD4Fu4X+TOXrKnswFv87fxFccxSjv2+5yhILF4sGKfTfdd+RzOsHsBRJgDlWiH
3mLHUQHsmw==
-----END CERTIFICATE-----
Generated at Thu May 23 00:53:33 2024 by rpki-client on console-ams.rpki-client.org