Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/HbhBPLE5Mg8xLzFRyr1utQtjtb0.roa
File: HbhBPLE5Mg8xLzFRyr1utQtjtb0.roa (raw, json)
Hash identifier: x8g998Bd20Hi8C3BXe5Mheeloa96lmP31Kdn5Ml4jzU=
Subject key identifier: 1D:B8:41:3C:B1:39:32:0F:31:2F:31:51:CA:BD:6E:B5:0B:63:B5:BD
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018FC39F85E1F9FB56282D6907AAADF4AC3D
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/HbhBPLE5Mg8xLzFRyr1utQtjtb0.roa
Signing time: Wed 29 May 2024 09:12:42 +0000
ROA not before: Wed 29 May 2024 09:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48263
IP address blocks: 185.95.65.0/24 maxlen: 24
2a00:4bc0:600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:9f:85:e1:f9:fb:56:28:2d:69:07:aa:ad:f4:ac:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: May 29 09:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db8413cb139320f312f3151cabd6eb50b63b5bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:06:02:22:84:38:3e:e3:61:3c:5d:21:ea:71:
95:5e:b0:d6:6c:cf:df:07:1f:a8:27:ec:31:3c:91:
25:da:80:d2:5c:af:83:ee:c6:07:e2:42:49:d7:e8:
fc:5e:83:dd:a9:6d:91:96:c2:0c:5f:37:a5:bf:4a:
08:78:72:7d:ec:48:b5:19:2f:58:35:ff:2c:16:a0:
80:a2:a1:9a:fa:3a:32:5c:fc:01:a1:95:6e:f2:c6:
77:28:79:63:79:b9:03:c1:26:16:3e:4a:23:f6:a4:
cb:02:79:f4:53:3c:a0:99:f3:a4:75:a3:95:2c:6b:
07:ce:4b:ac:7f:2e:ae:ab:bf:93:35:5d:e2:5a:9a:
6b:1f:e0:4a:a6:14:77:9a:80:a7:fd:29:45:92:73:
4d:ff:39:08:4c:48:2a:f1:c4:5d:4b:28:da:53:c6:
1d:62:fd:21:ac:18:74:72:0b:8a:d9:78:9d:82:86:
04:ef:bb:61:a4:73:32:db:e1:c2:2e:6a:88:8d:80:
35:b2:fb:6b:70:e0:55:90:f2:ef:b5:46:8b:65:c9:
7d:02:c9:b2:eb:d6:37:0c:11:85:8a:3c:fc:4c:ef:
c3:af:b7:96:72:22:bf:de:0a:ed:95:16:e9:cf:74:
db:66:44:9d:83:f8:b9:96:f3:30:c6:9f:db:2b:a1:
9e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B8:41:3C:B1:39:32:0F:31:2F:31:51:CA:BD:6E:B5:0B:63:B5:BD
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/HbhBPLE5Mg8xLzFRyr1utQtjtb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.65.0/24
IPv6:
2a00:4bc0:600::/40
Signature Algorithm: sha256WithRSAEncryption
10:91:6d:77:aa:07:49:ac:28:8b:3e:1c:7f:50:47:b5:55:c2:
00:23:7e:43:8e:2f:63:35:6d:1a:f8:37:84:c8:70:4f:e7:92:
ba:19:64:0b:d9:3d:a5:13:4c:a8:81:69:8f:e5:1c:b8:2a:31:
e8:bd:ad:3e:b4:61:5f:e9:91:d2:98:55:b9:95:4b:a8:83:f2:
fe:56:d5:b8:d8:25:d1:c2:09:05:75:03:dc:fb:d8:4e:33:29:
fd:66:e4:f3:e5:b1:4b:36:25:f0:81:d6:46:cf:6a:96:cf:44:
8d:d6:5f:69:5e:39:13:f8:c0:23:43:b1:ea:89:46:d4:26:ec:
f4:84:01:aa:a0:ee:e8:f8:8f:61:e4:d7:7b:e7:e3:08:93:b8:
6c:ad:0c:83:4d:20:f1:64:7e:25:ec:9f:01:7e:17:86:33:65:
0d:41:5b:88:f0:44:aa:67:ad:6e:4a:2b:ca:59:05:63:d8:26:
fb:d8:a2:b1:59:0a:6b:99:9a:2d:a4:9b:e1:90:c8:5f:96:38:
8c:95:53:25:db:e7:78:16:23:30:a6:14:47:27:59:c8:4c:d2:
00:6f:a9:79:2f:29:1a:7c:2b:3a:e2:b2:eb:b2:b4:49:c4:37:
24:b0:5b:78:92:5d:5d:97:b4:f4:c4:1e:50:72:4e:dd:53:dc:
9a:03:99:3e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY/Dn4Xh+ftWKC1pB6qt9Kw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjQwNTI5MDkxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGI4NDEzY2IxMzkzMjBmMzEyZjMxNTFjYWJkNmViNTBiNjNiNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywYCIoQ4PuNhPF0h6nGVXrDWbM/f
Bx+oJ+wxPJEl2oDSXK+D7sYH4kJJ1+j8XoPdqW2RlsIMXzelv0oIeHJ97Ei1GS9Y
Nf8sFqCAoqGa+joyXPwBoZVu8sZ3KHljebkDwSYWPkoj9qTLAnn0UzygmfOkdaOV
LGsHzkusfy6uq7+TNV3iWpprH+BKphR3moCn/SlFknNN/zkITEgq8cRdSyjaU8Yd
Yv0hrBh0cguK2XidgoYE77thpHMy2+HCLmqIjYA1svtrcOBVkPLvtUaLZcl9Asmy
69Y3DBGFijz8TO/Dr7eWciK/3grtlRbpz3TbZkSdg/i5lvMwxp/bK6GezQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB24QTyxOTIPMS8xUcq9brULY7W9MB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvSGJoQlBMRTVNZzh4THpGUnlyMXV0UXRqdGIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuV9BMA4E
AgACMAgDBgAqAEvABjANBgkqhkiG9w0BAQsFAAOCAQEAEJFtd6oHSawoiz4cf1BH
tVXCACN+Q44vYzVtGvg3hMhwT+eSuhlkC9k9pRNMqIFpj+UcuCox6L2tPrRhX+mR
0phVuZVLqIPy/lbVuNgl0cIJBXUD3PvYTjMp/Wbk8+WxSzYl8IHWRs9qls9EjdZf
aV45E/jAI0Ox6olG1Cbs9IQBqqDu6PiPYeTXe+fjCJO4bK0Mg00g8WR+JeyfAX4X
hjNlDUFbiPBEqmetbkorylkFY9gm+9iisVkKa5maLaSb4ZDIX5Y4jJVTJdvneBYj
MKYURydZyEzSAG+peS8pGnwrOuKy67K0ScQ3JLBbeJJdXZe09MQeUHJO3VPcmgOZ
Pg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:40:29 2024 by rpki-client on console-ams.rpki-client.org