Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/HCGOvR2IFIulqK7x_RgHm2WmwEQ.roa
File: HCGOvR2IFIulqK7x_RgHm2WmwEQ.roa (raw, json)
Hash identifier: tzWBjKbSCsLvCvpRTVNPlcXjkVfyR5TXbLfCjtVdQbI=
Subject key identifier: 1C:21:8E:BD:1D:88:14:8B:A5:A8:AE:F1:FD:18:07:9B:65:A6:C0:44
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018CC727696BAC6E2FF77A35B23E8768AD45
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/HCGOvR2IFIulqK7x_RgHm2WmwEQ.roa
Signing time: Mon 01 Jan 2024 22:31:38 +0000
ROA not before: Mon 01 Jan 2024 22:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198591
IP address blocks: 78.133.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:69:6b:ac:6e:2f:f7:7a:35:b2:3e:87:68:ad:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 22:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c218ebd1d88148ba5a8aef1fd18079b65a6c044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:78:6e:22:0f:43:34:1c:0b:67:73:85:6b:
2e:42:05:99:4e:ff:44:b5:3c:52:35:2b:bc:30:fb:
90:27:88:56:15:bf:26:76:b3:e0:ec:fc:73:a4:d7:
ba:f1:4a:9a:b3:25:54:90:41:ab:89:0b:e6:d9:87:
0d:1a:17:8c:f9:a9:df:89:62:54:2c:4e:3e:4b:7a:
04:ce:8a:0b:4e:a4:4b:ed:13:ba:15:e4:fa:f3:e7:
4c:34:11:c8:51:9f:2d:b1:ba:84:13:de:57:5a:38:
03:cc:43:31:91:b8:5a:5a:36:52:0a:2f:91:6d:45:
e3:37:e4:8c:5a:38:a4:0d:10:ce:ff:1a:90:b9:27:
b7:a5:79:15:c6:91:35:51:be:dd:2f:66:2c:cb:e7:
b9:cd:f2:2c:96:63:ee:a2:fb:ed:e3:bb:57:91:37:
5c:2b:b2:72:06:7f:87:cf:52:1c:e9:2c:72:79:96:
9c:2f:cc:8b:0b:17:19:c4:29:f5:a7:ac:6b:0d:ea:
4d:40:70:9c:30:13:dc:d5:d2:12:c2:12:7b:80:e6:
ca:d6:f5:0e:cc:43:3f:87:83:53:a4:dd:37:b2:e0:
10:0d:ef:fa:53:ad:c2:7b:53:53:ee:22:32:73:89:
a4:2c:fa:08:89:ee:b1:16:fd:51:29:03:a8:b0:19:
15:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:21:8E:BD:1D:88:14:8B:A5:A8:AE:F1:FD:18:07:9B:65:A6:C0:44
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/HCGOvR2IFIulqK7x_RgHm2WmwEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e3:fb:46:5e:87:2c:52:9b:3f:d5:f6:0e:bb:b2:79:55:25:
95:2e:04:6c:81:4c:5e:16:1b:e2:5c:ff:75:37:73:25:96:d3:
f3:7d:24:02:03:f9:11:81:aa:a8:99:5d:ba:43:4e:26:97:d9:
b1:e9:c3:9c:54:6c:21:ab:32:ac:8b:83:33:42:a8:e5:cf:cd:
bf:f4:82:14:0f:da:aa:f2:36:61:4d:f9:1c:7b:8a:95:95:d0:
5b:0d:ed:1e:8a:cc:4c:e1:20:ec:2d:62:c4:66:41:9b:5b:76:
33:5c:2f:d7:ae:0e:7c:c2:49:e4:27:e7:4c:c6:95:a9:e5:21:
71:e3:57:0a:d6:05:38:d8:cf:19:cc:13:1a:9c:69:bc:eb:b8:
99:6e:a5:9d:96:83:f1:ef:fb:a8:82:a5:40:69:d7:6b:a2:14:
59:b5:65:06:2a:68:80:19:d5:f6:38:6d:4c:12:8b:b6:17:a5:
45:55:cf:60:58:11:51:01:5e:95:64:b9:2b:8f:ef:1c:23:76:
f6:67:ee:70:86:77:05:6a:8a:bc:42:87:29:07:dc:3a:0b:1b:
2d:c3:d1:93:fe:f3:54:2b:83:1f:90:32:6f:fd:76:1a:66:a9:
9e:78:05:d2:7b:6f:d9:55:16:02:63:de:42:c8:49:0a:94:d2:
37:9f:d1:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ2lrrG4v93o1sj6HaK1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjQwMTAxMjIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzIxOGViZDFkODgxNDhiYTVhOGFlZjFmZDE4MDc5YjY1YTZjMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVZ4biIPQzQcC2dzhWsuQgWZTv9E
tTxSNSu8MPuQJ4hWFb8mdrPg7PxzpNe68UqasyVUkEGriQvm2YcNGheM+anfiWJU
LE4+S3oEzooLTqRL7RO6FeT68+dMNBHIUZ8tsbqEE95XWjgDzEMxkbhaWjZSCi+R
bUXjN+SMWjikDRDO/xqQuSe3pXkVxpE1Ub7dL2Ysy+e5zfIslmPuovvt47tXkTdc
K7JyBn+Hz1Ic6SxyeZacL8yLCxcZxCn1p6xrDepNQHCcMBPc1dISwhJ7gObK1vUO
zEM/h4NTpN03suAQDe/6U63Ce1NT7iIyc4mkLPoIie6xFv1RKQOosBkV5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwhjr0diBSLpaiu8f0YB5tlpsBEMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvSENHT3ZSMklGSXVscUs3eF9SZ0htMldtd0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToX2MA0G
CSqGSIb3DQEBCwUAA4IBAQAc4/tGXocsUps/1fYOu7J5VSWVLgRsgUxeFhviXP91
N3MlltPzfSQCA/kRgaqomV26Q04ml9mx6cOcVGwhqzKsi4MzQqjlz82/9IIUD9qq
8jZhTfkce4qVldBbDe0eisxM4SDsLWLEZkGbW3YzXC/Xrg58wknkJ+dMxpWp5SFx
41cK1gU42M8ZzBManGm867iZbqWdloPx7/uogqVAaddrohRZtWUGKmiAGdX2OG1M
Eou2F6VFVc9gWBFRAV6VZLkrj+8cI3b2Z+5whncFaoq8QocpB9w6Cxstw9GT/vNU
K4MfkDJv/XYaZqmeeAXSe2/ZVRYCY95CyEkKlNI3n9FU
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:48 2024 by rpki-client on console-ams.rpki-client.org