Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/HBcmEicAIyFwx_pNqLqn0wKMvDg.roa
File: HBcmEicAIyFwx_pNqLqn0wKMvDg.roa (raw, json)
Hash identifier: cAdzm7pi7qQPXpbj8qNAWI54o2gaItXy3ZBj/KM/yTc=
Subject key identifier: 1C:17:26:12:27:00:23:21:70:C7:FA:4D:A8:BA:A7:D3:02:8C:BC:38
Certificate issuer: /CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Certificate serial: 018CCAC63C3D6A24E6DD0B4CE862C69C5532
Authority key identifier: B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/HBcmEicAIyFwx_pNqLqn0wKMvDg.roa
Signing time: Tue 02 Jan 2024 15:23:58 +0000
ROA not before: Tue 02 Jan 2024 15:23:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60647
IP address blocks: 185.59.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:c6:3c:3d:6a:24:e6:dd:0b:4c:e8:62:c6:9c:55:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Validity
Not Before: Jan 2 15:23:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c1726122700232170c7fa4da8baa7d3028cbc38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:22:2b:89:bc:9f:0a:1e:30:4c:14:74:fc:
d4:bd:0e:dc:55:47:c0:18:8a:5d:77:60:84:f9:51:
ad:79:ac:15:f6:06:eb:d8:f1:1d:59:77:6b:91:79:
ba:40:03:5e:64:cd:4b:81:bd:f5:14:08:7a:a9:45:
c0:95:0f:85:43:a2:18:95:6f:03:97:98:b5:74:61:
02:3e:f6:0a:47:6b:c5:2d:60:04:c9:39:30:b2:b1:
09:29:80:7c:6e:48:68:1b:86:e7:30:c9:73:71:2e:
94:05:1e:6c:17:73:63:1f:09:29:f9:2c:d6:e1:1d:
db:7c:49:6e:65:8b:82:47:f4:27:bc:f5:33:07:92:
0a:38:79:d6:7e:e1:be:c2:8f:4f:12:89:81:ca:21:
32:c1:e9:78:34:d7:bc:f2:2a:30:c2:dc:60:02:64:
f3:a9:48:21:94:95:71:17:8c:27:49:ee:e5:e7:b8:
23:22:82:7f:24:12:c0:71:6e:de:c6:d6:05:88:0f:
1d:01:ad:76:67:58:43:54:52:dc:47:2a:26:91:f4:
62:fb:a1:cb:ae:b8:c9:29:df:c7:6e:50:2e:9c:36:
33:0d:72:52:94:53:5e:52:79:8f:20:17:16:3f:2f:
9d:7d:a3:9e:47:9a:f7:ca:70:07:03:15:e8:45:3d:
38:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:17:26:12:27:00:23:21:70:C7:FA:4D:A8:BA:A7:D3:02:8C:BC:38
X509v3 Authority Key Identifier:
keyid:B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/HBcmEicAIyFwx_pNqLqn0wKMvDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.59.29.0/24
Signature Algorithm: sha256WithRSAEncryption
24:43:5e:23:a5:8b:a9:5a:6c:ca:98:e7:61:d9:65:53:d9:d8:
e4:4a:9a:dc:95:a9:2f:26:41:55:41:5f:bc:13:e0:57:20:6d:
3f:17:6a:7a:71:33:c5:c4:c0:cb:37:e7:2d:75:aa:89:7d:57:
ed:01:ab:d8:ca:13:1a:3b:3f:1b:4a:58:7f:cc:3c:28:5e:ff:
78:07:b5:6e:8b:05:32:64:56:6f:e4:57:77:5a:31:0a:f0:64:
a9:a9:65:33:88:02:86:49:a7:07:8a:d8:08:d6:65:c4:2b:e5:
c9:04:90:63:3d:90:0e:a7:28:ce:69:e2:d0:94:82:93:26:fb:
a6:66:15:e2:d8:68:1a:73:c1:4a:7e:66:54:78:a7:4a:2d:b7:
86:33:38:1d:f6:98:64:64:40:97:04:3f:a6:81:74:5a:84:71:
ac:f9:81:dd:13:10:96:71:c1:44:c4:18:6b:d6:64:e1:17:f3:
2f:e9:aa:d4:02:d9:6e:19:42:04:ae:7e:06:64:65:72:41:0e:
ea:74:3b:c7:b6:1a:d4:61:47:e2:3d:6b:8c:a6:91:20:94:4e:
84:ab:38:1f:83:10:9f:d5:b7:85:34:e3:bd:2d:c1:bf:ae:8e:
b6:e7:69:8c:f8:d1:7e:72:9d:58:ee:74:15:df:db:d9:ec:d4:
39:af:57:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKxjw9aiTm3QtM6GLGnFUyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjllZTY2MTY0ZDNjYjQxZGJkMmRmNTQxNzgxN2MzMmY0
Y2VhMDUwHhcNMjQwMTAyMTUyMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzE3MjYxMjI3MDAyMzIxNzBjN2ZhNGRhOGJhYTdkMzAyOGNiYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEwiK4m8nwoeMEwUdPzUvQ7cVUfA
GIpdd2CE+VGteawV9gbr2PEdWXdrkXm6QANeZM1Lgb31FAh6qUXAlQ+FQ6IYlW8D
l5i1dGECPvYKR2vFLWAEyTkwsrEJKYB8bkhoG4bnMMlzcS6UBR5sF3NjHwkp+SzW
4R3bfEluZYuCR/QnvPUzB5IKOHnWfuG+wo9PEomByiEywel4NNe88iowwtxgAmTz
qUghlJVxF4wnSe7l57gjIoJ/JBLAcW7extYFiA8dAa12Z1hDVFLcRyomkfRi+6HL
rrjJKd/HblAunDYzDXJSlFNeUnmPIBcWPy+dfaOeR5r3ynAHAxXoRT04zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwXJhInACMhcMf6Tai6p9MCjLw4MB8GA1UdIwQY
MBaAFLhp7mYWTTy0Hb0t9UF4F8MvTOoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODkt
Y2QxZmE0ODQ0MTFiLzEvSEJjbUVpY0FJeUZ3eF9wTnFMcW4wd0tNdkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODktY2QxZmE0ODQ0MTFi
LzEvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTsdMA0G
CSqGSIb3DQEBCwUAA4IBAQAkQ14jpYupWmzKmOdh2WVT2djkSprclakvJkFVQV+8
E+BXIG0/F2p6cTPFxMDLN+ctdaqJfVftAavYyhMaOz8bSlh/zDwoXv94B7VuiwUy
ZFZv5Fd3WjEK8GSpqWUziAKGSacHitgI1mXEK+XJBJBjPZAOpyjOaeLQlIKTJvum
ZhXi2Ggac8FKfmZUeKdKLbeGMzgd9phkZECXBD+mgXRahHGs+YHdExCWccFExBhr
1mThF/Mv6arUAtluGUIErn4GZGVyQQ7qdDvHthrUYUfiPWuMppEglE6EqzgfgxCf
1beFNOO9LcG/ro6252mM+NF+cp1Y7nQV39vZ7NQ5r1c4
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:29:01 2024 by rpki-client on console-fra.rpki-client.org