Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/HHTmcX-4WtVvIYhXsxwAfb8GglE.roa
File: HHTmcX-4WtVvIYhXsxwAfb8GglE.roa (raw, json)
Hash identifier: JAjJHEHNrSXtK5lYElZOEmzIp43wPREM5p3qo+nAGkc=
Subject key identifier: 1C:74:E6:71:7F:B8:5A:D5:6F:21:88:57:B3:1C:00:7D:BF:06:82:51
Certificate issuer: /CN=5d6f2e49a31e8df9c5aa08aaf240b5c832b9cb93
Certificate serial: 018CC9BB3052633E9E213B2ED0DA82E6A863
Authority key identifier: 5D:6F:2E:49:A3:1E:8D:F9:C5:AA:08:AA:F2:40:B5:C8:32:B9:CB:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XW8uSaMejfnFqgiq8kC1yDK5y5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/HHTmcX-4WtVvIYhXsxwAfb8GglE.roa
Signing time: Tue 02 Jan 2024 10:32:17 +0000
ROA not before: Tue 02 Jan 2024 10:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47264
IP address blocks: 80.247.95.0/24 maxlen: 24
185.95.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/XW8uSaMejfnFqgiq8kC1yDK5y5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/XW8uSaMejfnFqgiq8kC1yDK5y5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XW8uSaMejfnFqgiq8kC1yDK5y5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:30:52:63:3e:9e:21:3b:2e:d0:da:82:e6:a8:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6f2e49a31e8df9c5aa08aaf240b5c832b9cb93
Validity
Not Before: Jan 2 10:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c74e6717fb85ad56f218857b31c007dbf068251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:63:89:b8:cf:dd:cd:a6:1e:c0:15:fd:73:00:
18:a8:9f:05:17:b6:dc:fa:99:ee:7c:7e:e0:f9:69:
ff:f9:28:29:5a:aa:0a:0b:85:17:cf:7a:05:bb:d1:
22:9b:89:87:49:0d:15:f3:07:18:c6:59:a0:f5:c9:
61:3f:36:16:8f:2e:27:8d:25:e9:47:08:86:7a:2d:
8a:dd:95:82:51:f8:f8:6b:ae:fd:b4:22:a7:18:81:
0d:4d:18:5a:03:a6:f9:a3:6e:6c:cc:7e:6f:51:dc:
58:e2:62:14:3a:88:2c:b2:c7:2f:e9:eb:6f:ab:e4:
d4:13:84:5b:f2:95:f8:a2:0d:bd:c2:fd:d8:6e:d5:
e7:2d:03:37:d8:ac:ac:2d:26:04:a6:bf:f0:ae:18:
36:49:9d:19:41:70:f6:0b:02:14:81:d3:8d:fc:b6:
14:d2:b1:cc:e0:bd:dd:34:5e:bb:f6:ba:cb:77:08:
75:3c:d6:83:b0:bf:8b:e2:d6:c3:6c:8c:6c:d6:a3:
1e:d2:96:de:49:d8:c9:b2:6b:ea:dd:e3:e3:d9:75:
b6:01:73:b8:71:e1:ff:ce:4d:90:fc:a1:24:ee:71:
85:dd:b0:3c:d5:96:ca:19:62:43:cc:15:80:b4:41:
1b:9f:bb:6c:09:37:79:09:b9:cc:a2:5e:9d:81:cc:
b3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:74:E6:71:7F:B8:5A:D5:6F:21:88:57:B3:1C:00:7D:BF:06:82:51
X509v3 Authority Key Identifier:
keyid:5D:6F:2E:49:A3:1E:8D:F9:C5:AA:08:AA:F2:40:B5:C8:32:B9:CB:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XW8uSaMejfnFqgiq8kC1yDK5y5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/HHTmcX-4WtVvIYhXsxwAfb8GglE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/5521f7-2f71-4bf9-a148-2e9de252d1f6/1/XW8uSaMejfnFqgiq8kC1yDK5y5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.95.0/24
185.95.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:8b:5a:66:fd:b2:17:51:19:12:c2:5c:5b:c9:a7:e6:aa:d5:
a7:81:e2:c0:1c:55:24:5d:cd:b6:de:2c:eb:4f:5c:6c:32:5e:
99:3f:33:ba:0a:25:de:ec:b1:2a:0e:af:e1:fa:85:ae:03:86:
94:59:c4:6a:49:4e:89:44:d5:35:fe:ab:fd:1f:0a:12:34:a1:
54:12:0a:8f:36:f1:4e:33:e4:95:82:2d:c6:1d:35:d0:68:8d:
56:93:90:d7:14:45:0d:ae:7a:ba:30:6b:6e:55:41:de:30:78:
3b:7c:9d:50:a6:00:81:b0:66:bd:76:3c:63:09:75:f9:99:2d:
d3:9d:c0:f1:22:b7:7e:ed:80:a5:e2:08:22:ef:97:c7:ad:17:
2e:9d:25:5d:06:ae:84:40:1b:5a:9e:74:68:07:e3:aa:ec:7c:
2a:22:6e:28:af:76:54:6a:4b:f0:97:ae:ac:92:a9:22:ae:8f:
24:01:23:18:0c:20:82:68:e8:75:d2:6f:61:cf:05:77:89:f2:
b2:d8:a9:e7:70:2a:ee:f2:1a:a5:d6:c2:64:d2:af:3d:ed:ea:
78:93:66:67:0d:ee:8f:27:5a:86:d2:8b:e2:80:3d:89:b0:96:
42:93:12:9a:3d:2f:4e:5c:5c:8c:6d:d1:a2:1f:21:b8:bf:bb:
be:09:9d:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJuzBSYz6eITsu0NqC5qhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNmYyZTQ5YTMxZThkZjljNWFhMDhhYWYyNDBiNWM4MzJi
OWNiOTMwHhcNMjQwMTAyMTAzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzc0ZTY3MTdmYjg1YWQ1NmYyMTg4NTdiMzFjMDA3ZGJmMDY4MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mOJuM/dzaYewBX9cwAYqJ8FF7bc
+pnufH7g+Wn/+SgpWqoKC4UXz3oFu9Eim4mHSQ0V8wcYxlmg9clhPzYWjy4njSXp
RwiGei2K3ZWCUfj4a679tCKnGIENTRhaA6b5o25szH5vUdxY4mIUOogssscv6etv
q+TUE4Rb8pX4og29wv3YbtXnLQM32KysLSYEpr/wrhg2SZ0ZQXD2CwIUgdON/LYU
0rHM4L3dNF679rrLdwh1PNaDsL+L4tbDbIxs1qMe0pbeSdjJsmvq3ePj2XW2AXO4
ceH/zk2Q/KEk7nGF3bA81ZbKGWJDzBWAtEEbn7tsCTd5CbnMol6dgcyzeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBx05nF/uFrVbyGIV7McAH2/BoJRMB8GA1UdIwQY
MBaAFF1vLkmjHo35xaoIqvJAtcgyucuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFc4dVNhTWVqZm5GcWdpcThrQzF5REs1eTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NTIxZjctMmY3MS00YmY5LWExNDgt
MmU5ZGUyNTJkMWY2LzEvSEhUbWNYLTRXdFZ2SVloWHN4d0FmYjhHZ2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81NTIxZjctMmY3MS00YmY5LWExNDgtMmU5ZGUyNTJkMWY2
LzEvWFc4dVNhTWVqZm5GcWdpcThrQzF5REs1eTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUPdfAwQC
uV8wMA0GCSqGSIb3DQEBCwUAA4IBAQCKi1pm/bIXURkSwlxbyafmqtWngeLAHFUk
Xc223izrT1xsMl6ZPzO6CiXe7LEqDq/h+oWuA4aUWcRqSU6JRNU1/qv9HwoSNKFU
EgqPNvFOM+SVgi3GHTXQaI1Wk5DXFEUNrnq6MGtuVUHeMHg7fJ1QpgCBsGa9djxj
CXX5mS3TncDxIrd+7YCl4ggi75fHrRcunSVdBq6EQBtannRoB+Oq7HwqIm4or3ZU
akvwl66skqkiro8kASMYDCCCaOh10m9hzwV3ifKy2KnncCru8hql1sJk0q897ep4
k2ZnDe6PJ1qG0ovigD2JsJZCkxKaPS9OXFyMbdGiHyG4v7u+CZ3A
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:50 2024 by rpki-client on console-ams.rpki-client.org