Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/hvfevQextqnhtcXlfvezgrI9TM8.roa
File: hvfevQextqnhtcXlfvezgrI9TM8.roa (raw, json)
Hash identifier: 1/zJYsn2r6w56sX8pYNz69jHYCUxlet3pIvRBhZdqNA=
Subject key identifier: 86:F7:DE:BD:07:B1:B6:A9:E1:B5:C5:E5:7E:F7:B3:82:B2:3D:4C:CF
Certificate issuer: /CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Certificate serial: 018CC9BC50E70CD6D5D8A466E0D2C547B0A3
Authority key identifier: AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/hvfevQextqnhtcXlfvezgrI9TM8.roa
Signing time: Tue 02 Jan 2024 10:33:30 +0000
ROA not before: Tue 02 Jan 2024 10:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20647
IP address blocks: 185.27.156.0/22 maxlen: 22
194.29.224.0/19 maxlen: 19
91.102.8.0/21 maxlen: 21
2a02:f28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:50:e7:0c:d6:d5:d8:a4:66:e0:d2:c5:47:b0:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Validity
Not Before: Jan 2 10:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86f7debd07b1b6a9e1b5c5e57ef7b382b23d4ccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e5:49:74:dc:92:ed:d8:79:6a:2b:83:eb:c6:
da:7a:bd:b7:9c:23:6a:c8:e6:8f:27:b4:58:74:6b:
4b:23:93:36:ab:ed:5c:9d:b6:59:f1:24:c8:66:16:
ee:02:54:03:65:17:69:07:00:39:07:51:2e:2e:c8:
cf:72:82:f3:2f:0a:27:b5:8e:48:6a:61:e7:17:01:
eb:ce:fc:ec:00:6c:01:21:2c:c3:f6:f2:ef:09:27:
d0:4a:4f:6e:b8:b6:e2:cd:3a:12:80:c5:f2:69:6f:
30:2c:db:d0:9e:79:cd:21:37:55:c1:11:74:7a:32:
ba:7e:d2:1f:18:1a:df:82:3c:00:20:da:39:dc:fa:
ee:3f:87:e4:fb:6a:c2:2e:90:4e:60:ff:14:ed:9d:
7d:7c:1b:a3:f9:42:63:d5:02:95:d7:06:01:a5:13:
36:0e:8f:76:30:28:00:c8:96:a7:aa:23:76:4c:13:
dd:2d:36:b7:de:35:73:e1:a1:9b:12:68:3f:30:b6:
d6:19:56:7c:b4:07:7b:4c:0b:79:b1:1f:51:71:c2:
b5:f3:0a:f5:29:ed:19:0f:fb:e9:55:cb:ca:23:6c:
9f:a6:7d:a7:d0:59:23:d0:a4:63:ed:da:7e:c1:39:
42:5a:d3:38:5f:24:d0:ad:2a:0d:1b:70:2b:d3:58:
e4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F7:DE:BD:07:B1:B6:A9:E1:B5:C5:E5:7E:F7:B3:82:B2:3D:4C:CF
X509v3 Authority Key Identifier:
keyid:AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/hvfevQextqnhtcXlfvezgrI9TM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.8.0/21
185.27.156.0/22
194.29.224.0/19
IPv6:
2a02:f28::/32
Signature Algorithm: sha256WithRSAEncryption
34:5a:67:03:e1:9f:37:69:ed:23:d2:61:eb:c0:8b:fe:21:ab:
be:ea:a2:7f:b1:03:88:0c:a1:38:82:1f:41:a0:ec:9c:a7:81:
be:55:19:a6:68:43:35:93:de:e5:74:bc:d0:67:c7:25:b8:7a:
b3:7e:6d:1a:62:bd:c0:04:2d:96:4e:8c:04:9f:cf:9b:86:01:
f1:55:35:57:b0:43:b2:12:ce:55:6a:01:51:98:08:a9:c9:77:
01:67:b1:12:c7:25:ba:82:95:51:96:92:8d:a8:23:a9:d0:f5:
cc:25:b6:25:a0:b0:57:18:24:aa:da:05:95:9c:4e:98:f3:d9:
23:7d:c9:dd:36:37:de:01:91:a6:64:c9:9d:bb:b2:80:d4:85:
3a:82:24:77:f0:a0:ce:dc:23:d0:28:74:98:15:fb:6f:7c:9b:
fa:45:69:b5:de:b5:51:af:76:c1:b8:b3:af:92:a9:19:b8:30:
bf:2b:ec:88:97:f0:f0:23:00:57:c7:7c:42:12:b8:73:92:c6:
8b:e1:25:ba:58:c5:38:f3:1a:b8:77:30:32:62:f5:a4:e3:4f:
6d:6b:03:c7:d9:80:ef:64:7b:a2:0b:c6:61:40:9e:4c:5b:e3:
8b:9c:4c:79:54:f8:d2:26:9d:a1:45:10:11:6c:bc:95:df:37:
b0:6b:95:b3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJvFDnDNbV2KRm4NLFR7CjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMzVmOTA3ZWM3ZGJmOWM2NWI4MTVhYTNkNzIwMmI2ZGZh
ZTMxNDgwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY3ZGViZDA3YjFiNmE5ZTFiNWM1ZTU3ZWY3YjM4MmIyM2Q0Y2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOVJdNyS7dh5aiuD68baer23nCNq
yOaPJ7RYdGtLI5M2q+1cnbZZ8STIZhbuAlQDZRdpBwA5B1EuLsjPcoLzLwontY5I
amHnFwHrzvzsAGwBISzD9vLvCSfQSk9uuLbizToSgMXyaW8wLNvQnnnNITdVwRF0
ejK6ftIfGBrfgjwAINo53PruP4fk+2rCLpBOYP8U7Z19fBuj+UJj1QKV1wYBpRM2
Do92MCgAyJanqiN2TBPdLTa33jVz4aGbEmg/MLbWGVZ8tAd7TAt5sR9RccK18wr1
Ke0ZD/vpVcvKI2yfpn2n0Fkj0KRj7dp+wTlCWtM4XyTQrSoNG3Ar01jkkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIb33r0Hsbap4bXF5X73s4KyPUzPMB8GA1UdIwQY
MBaAFKo1+Qfsfb+cZbgVqj1yArbfrjFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMt
YjZmMWNmYWE2OTg1LzEvaHZmZXZRZXh0cW5odGNYbGZ2ZXpnckk5VE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMWM1MGUtYWYyNy00YTYyLWFlMjMtYjZmMWNmYWE2OTg1
LzEvcWpYNUIteDl2NXhsdUJXcVBYSUN0dC11TVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDW2YIAwQC
uRucAwQFwh3gMA0EAgACMAcDBQAqAg8oMA0GCSqGSIb3DQEBCwUAA4IBAQA0WmcD
4Z83ae0j0mHrwIv+Iau+6qJ/sQOIDKE4gh9BoOycp4G+VRmmaEM1k97ldLzQZ8cl
uHqzfm0aYr3ABC2WTowEn8+bhgHxVTVXsEOyEs5VagFRmAipyXcBZ7ESxyW6gpVR
lpKNqCOp0PXMJbYloLBXGCSq2gWVnE6Y89kjfcndNjfeAZGmZMmdu7KA1IU6giR3
8KDO3CPQKHSYFftvfJv6RWm13rVRr3bBuLOvkqkZuDC/K+yIl/DwIwBXx3xCErhz
ksaL4SW6WMU48xq4dzAyYvWk409tawPH2YDvZHuiC8ZhQJ5MW+OLnEx5VPjSJp2h
RRARbLyV3zewa5Wz
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:13:13 2024 by rpki-client on console-ams.rpki-client.org