Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/GhAaP9Hz0wEnatGQlwUhidBvfq8.roa
File: GhAaP9Hz0wEnatGQlwUhidBvfq8.roa (raw, json)
Hash identifier: bGNqMy/DdU/zJm0fjcmUHvc0A1hVrAPEVCXM9INVlBw=
Subject key identifier: 1A:10:1A:3F:D1:F3:D3:01:27:6A:D1:90:97:05:21:89:D0:6F:7E:AF
Certificate issuer: /CN=c011ee066641750a51147d8dc99a1b105658d203
Certificate serial: 018CC4939BB01C47716CA434A867598F741B
Authority key identifier: C0:11:EE:06:66:41:75:0A:51:14:7D:8D:C9:9A:1B:10:56:58:D2:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/GhAaP9Hz0wEnatGQlwUhidBvfq8.roa
Signing time: Mon 01 Jan 2024 10:30:57 +0000
ROA not before: Mon 01 Jan 2024 10:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43232
IP address blocks: 185.123.184.0/22 maxlen: 22
2a03:9120::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/wBHuBmZBdQpRFH2NyZobEFZY0gM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/wBHuBmZBdQpRFH2NyZobEFZY0gM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:03:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:9b:b0:1c:47:71:6c:a4:34:a8:67:59:8f:74:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c011ee066641750a51147d8dc99a1b105658d203
Validity
Not Before: Jan 1 10:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a101a3fd1f3d301276ad19097052189d06f7eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6a:71:c5:ae:15:f6:28:23:a9:a6:8f:c4:eb:
94:24:65:7d:8a:3c:12:8e:ce:9d:b0:fb:a1:89:be:
af:85:7d:7c:5c:cf:14:10:af:69:67:ed:04:3b:8c:
16:b0:6e:6f:be:d9:68:32:9c:18:99:2c:90:ad:cf:
f6:77:f8:0a:e3:4f:3e:e7:f2:41:74:f9:a1:88:4c:
fc:83:c7:a2:4f:30:95:af:61:78:56:72:e5:d8:03:
2e:7b:20:b6:88:e3:36:5f:b4:c6:73:cd:cb:d9:62:
0f:fa:fc:58:ab:42:f7:26:53:54:80:7e:81:1f:f1:
66:c5:d7:88:00:d7:4c:79:7a:ad:9b:8c:de:a3:c1:
0d:25:c7:8d:ca:e6:79:b1:66:41:97:ff:42:73:c4:
84:d2:e2:fc:fa:bb:28:c4:bf:9d:5a:d5:3b:67:1b:
01:0f:50:b0:e1:1a:8b:95:bf:6d:8b:c5:d6:4f:41:
62:ef:56:02:6c:f5:25:21:8b:56:35:79:d4:5d:06:
5a:fc:72:c4:d7:3a:b6:69:78:61:47:b0:79:25:16:
80:d0:a5:c8:2b:8c:00:49:19:dd:17:bd:aa:cd:47:
66:76:5c:65:de:dc:5d:d2:9e:24:4e:46:93:5d:87:
8e:09:e0:da:39:f2:46:3f:e6:a6:ee:fc:75:6c:24:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:10:1A:3F:D1:F3:D3:01:27:6A:D1:90:97:05:21:89:D0:6F:7E:AF
X509v3 Authority Key Identifier:
keyid:C0:11:EE:06:66:41:75:0A:51:14:7D:8D:C9:9A:1B:10:56:58:D2:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBHuBmZBdQpRFH2NyZobEFZY0gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/GhAaP9Hz0wEnatGQlwUhidBvfq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/9be856-0e32-400f-8e89-369cd8be25fe/1/wBHuBmZBdQpRFH2NyZobEFZY0gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.184.0/22
IPv6:
2a03:9120::/32
Signature Algorithm: sha256WithRSAEncryption
31:6e:8d:77:49:2d:86:7e:f8:95:aa:6a:4d:ca:18:18:d3:c4:
69:b4:42:b9:f7:5c:42:30:18:2c:34:d8:53:41:1d:32:b3:21:
3f:49:8f:f5:5b:05:c3:4d:eb:2b:0f:4b:c8:da:1c:37:7b:0e:
f7:72:11:3f:fe:50:f6:f9:9f:30:22:e5:79:7b:3d:6e:2e:d5:
aa:28:58:aa:28:a0:5e:57:77:e5:68:1e:8e:2c:11:f5:d3:fa:
88:49:ee:2f:35:29:9c:6b:81:15:db:02:ea:80:aa:08:57:19:
74:f7:fc:b9:8c:ec:30:ed:25:e9:11:64:58:89:d8:ff:6f:aa:
5a:2e:70:f6:17:07:ef:83:c2:f9:c0:e9:df:96:72:38:23:05:
45:6e:41:13:9e:c5:a2:d3:44:d8:85:03:71:3b:83:2b:94:1d:
25:2f:4d:22:b4:21:19:96:6e:5a:98:08:bc:68:f4:19:16:c0:
7f:1b:4b:b1:03:86:f8:9e:7b:f9:4b:53:e4:76:e0:7f:35:40:
e7:b3:b3:c7:d6:25:4b:04:c2:b2:54:b1:15:5f:87:99:26:e4:
65:1f:8c:d3:a4:e4:5a:ca:3a:f2:39:ed:99:e5:95:8d:fa:5c:
c8:0c:f7:b4:b1:a4:4a:5c:c1:f1:3f:ed:9e:36:23:28:46:e0:
29:6a:b4:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk5uwHEdxbKQ0qGdZj3QbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTFlZTA2NjY0MTc1MGE1MTE0N2Q4ZGM5OWExYjEwNTY1
OGQyMDMwHhcNMjQwMTAxMTAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTEwMWEzZmQxZjNkMzAxMjc2YWQxOTA5NzA1MjE4OWQwNmY3ZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGpxxa4V9igjqaaPxOuUJGV9ijwS
js6dsPuhib6vhX18XM8UEK9pZ+0EO4wWsG5vvtloMpwYmSyQrc/2d/gK408+5/JB
dPmhiEz8g8eiTzCVr2F4VnLl2AMueyC2iOM2X7TGc83L2WIP+vxYq0L3JlNUgH6B
H/FmxdeIANdMeXqtm4zeo8ENJceNyuZ5sWZBl/9Cc8SE0uL8+rsoxL+dWtU7ZxsB
D1Cw4RqLlb9ti8XWT0Fi71YCbPUlIYtWNXnUXQZa/HLE1zq2aXhhR7B5JRaA0KXI
K4wASRndF72qzUdmdlxl3txd0p4kTkaTXYeOCeDaOfJGP+am7vx1bCTUNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBoQGj/R89MBJ2rRkJcFIYnQb36vMB8GA1UdIwQY
MBaAFMAR7gZmQXUKURR9jcmaGxBWWNIDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JIdUJtWkJkUXBSRkgyTnlab2JFRlpZMGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi85YmU4NTYtMGUzMi00MDBmLThlODkt
MzY5Y2Q4YmUyNWZlLzEvR2hBYVA5SHowd0VuYXRHUWx3VWhpZEJ2ZnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi85YmU4NTYtMGUzMi00MDBmLThlODktMzY5Y2Q4YmUyNWZl
LzEvd0JIdUJtWkJkUXBSRkgyTnlab2JFRlpZMGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXu4MA0E
AgACMAcDBQAqA5EgMA0GCSqGSIb3DQEBCwUAA4IBAQAxbo13SS2GfviVqmpNyhgY
08RptEK591xCMBgsNNhTQR0ysyE/SY/1WwXDTesrD0vI2hw3ew73chE//lD2+Z8w
IuV5ez1uLtWqKFiqKKBeV3flaB6OLBH10/qISe4vNSmca4EV2wLqgKoIVxl09/y5
jOww7SXpEWRYidj/b6paLnD2Fwfvg8L5wOnflnI4IwVFbkETnsWi00TYhQNxO4Mr
lB0lL00itCEZlm5amAi8aPQZFsB/G0uxA4b4nnv5S1PkduB/NUDns7PH1iVLBMKy
VLEVX4eZJuRlH4zTpORayjryOe2Z5ZWN+lzIDPe0saRKXMHxP+2eNiMoRuAparTl
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:13:58 2024 by rpki-client on console-ams.rpki-client.org