Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/gSGg9qtewK0fp84hWq1R2p7K-fs.roa
File: gSGg9qtewK0fp84hWq1R2p7K-fs.roa (raw, json)
Hash identifier: nUyUdBYDygkUgrfQF+bQKRlZ3pErg5Eg+VQXgaHAOLU=
Subject key identifier: 81:21:A0:F6:AB:5E:C0:AD:1F:A7:CE:21:5A:AD:51:DA:9E:CA:F9:FB
Certificate issuer: /CN=a57b608fccf3230e445c983f9e36b50e11f72cf2
Certificate serial: 018CC4254AB02708D70E5DE0B88780CD7D06
Authority key identifier: A5:7B:60:8F:CC:F3:23:0E:44:5C:98:3F:9E:36:B5:0E:11:F7:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXtgj8zzIw5EXJg_nja1DhH3LPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/gSGg9qtewK0fp84hWq1R2p7K-fs.roa
Signing time: Mon 01 Jan 2024 08:30:27 +0000
ROA not before: Mon 01 Jan 2024 08:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203144
IP address blocks: 185.28.172.0/23 maxlen: 24
185.28.174.0/23 maxlen: 24
2a00:a0a0:2::/48 maxlen: 48
2a00:a0a0::/48 maxlen: 48
2a00:a0a0:3::/48 maxlen: 48
2a00:a0a0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/pXtgj8zzIw5EXJg_nja1DhH3LPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/pXtgj8zzIw5EXJg_nja1DhH3LPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXtgj8zzIw5EXJg_nja1DhH3LPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4a:b0:27:08:d7:0e:5d:e0:b8:87:80:cd:7d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a57b608fccf3230e445c983f9e36b50e11f72cf2
Validity
Not Before: Jan 1 08:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8121a0f6ab5ec0ad1fa7ce215aad51da9ecaf9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ab:10:82:b1:3f:ee:19:4f:ac:b6:16:c3:43:
d1:7d:dc:6a:88:00:93:3b:96:37:d7:9a:c7:b7:02:
ed:87:98:08:bb:e6:40:3f:e0:b1:1c:7e:e8:41:7a:
43:9d:9f:1c:27:82:36:21:1e:24:bb:67:19:da:54:
61:b8:0a:81:42:9b:f3:df:c2:8d:69:a4:36:75:35:
70:c5:f1:5f:c1:a2:07:6e:a8:9f:94:6e:84:a3:b3:
65:33:ed:50:00:05:1f:72:46:79:53:09:fa:4d:ce:
4f:bb:1e:f6:48:0b:b1:35:56:e0:dd:c2:e1:1f:b3:
86:f8:05:2d:1f:d5:26:6f:f1:f0:57:2e:37:a7:9e:
4f:b7:5f:af:a7:56:bc:11:ba:35:a6:45:b1:80:e6:
7e:5d:74:96:ea:cc:4c:a1:c3:16:96:16:bf:25:d6:
f1:e5:6f:1b:c4:75:16:c3:c6:d8:66:4f:00:11:d5:
35:29:17:08:7a:12:74:50:32:2b:30:db:ab:b0:2f:
b0:4b:91:7b:cc:92:bb:0b:08:51:a4:5d:c1:b8:8c:
86:f9:35:0f:aa:6e:40:d2:b5:5d:13:de:b4:11:ea:
43:f9:01:1a:e9:46:cf:3f:73:52:9e:61:8d:52:10:
56:22:fd:c3:77:bd:ae:12:48:46:ea:8b:84:9c:69:
e0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:21:A0:F6:AB:5E:C0:AD:1F:A7:CE:21:5A:AD:51:DA:9E:CA:F9:FB
X509v3 Authority Key Identifier:
keyid:A5:7B:60:8F:CC:F3:23:0E:44:5C:98:3F:9E:36:B5:0E:11:F7:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXtgj8zzIw5EXJg_nja1DhH3LPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/gSGg9qtewK0fp84hWq1R2p7K-fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/621629-ed3d-49af-bf39-85a37cf1b2ea/1/pXtgj8zzIw5EXJg_nja1DhH3LPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.172.0/22
IPv6:
2a00:a0a0::/46
Signature Algorithm: sha256WithRSAEncryption
64:a0:47:d6:9f:60:37:55:aa:76:dc:c8:b5:4a:27:1c:13:ac:
03:a1:c1:f8:fa:c1:a4:c5:87:99:46:1c:ec:e7:df:d0:22:4d:
68:7a:d5:e0:e2:8b:4d:54:1b:78:e8:55:dc:d8:22:2c:df:49:
25:74:d9:1c:90:6f:4c:c1:44:3b:34:7c:4d:31:46:eb:e6:e9:
e5:6b:85:6a:20:a2:66:a1:16:3a:46:21:2b:d5:1e:05:16:e1:
75:db:0c:38:3c:bc:b7:c0:cf:88:6f:fa:d4:73:a1:55:76:55:
be:c8:36:df:1f:28:08:61:56:fa:84:6a:b9:8e:fc:c5:51:9c:
64:df:11:a7:4a:b2:71:97:6e:64:41:94:9f:dc:32:28:73:76:
12:5a:38:a7:aa:33:3c:20:29:78:d4:39:e0:78:55:8e:f0:58:
3d:93:bb:a0:95:b1:da:8c:0b:f8:65:66:98:88:23:68:84:ee:
09:2b:c1:6e:5c:ba:10:4e:80:62:f2:bf:5d:4d:49:b1:da:b4:
e5:42:f3:86:12:28:d2:05:13:c5:e4:96:e1:70:57:12:ff:b3:
0e:e7:cb:01:44:4c:5c:64:56:df:e0:a5:2b:7d:aa:72:bd:3f:
ba:0c:f2:e2:ce:ab:b4:a2:19:eb:1c:5a:36:a8:29:ee:f1:92:
51:7c:00:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJUqwJwjXDl3guIeAzX0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1N2I2MDhmY2NmMzIzMGU0NDVjOTgzZjllMzZiNTBlMTFm
NzJjZjIwHhcNMjQwMTAxMDgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTIxYTBmNmFiNWVjMGFkMWZhN2NlMjE1YWFkNTFkYTllY2FmOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqsQgrE/7hlPrLYWw0PRfdxqiACT
O5Y315rHtwLth5gIu+ZAP+CxHH7oQXpDnZ8cJ4I2IR4ku2cZ2lRhuAqBQpvz38KN
aaQ2dTVwxfFfwaIHbqiflG6Eo7NlM+1QAAUfckZ5Uwn6Tc5Pux72SAuxNVbg3cLh
H7OG+AUtH9Umb/HwVy43p55Pt1+vp1a8Ebo1pkWxgOZ+XXSW6sxMocMWlha/Jdbx
5W8bxHUWw8bYZk8AEdU1KRcIehJ0UDIrMNursC+wS5F7zJK7CwhRpF3BuIyG+TUP
qm5A0rVdE960EepD+QEa6UbPP3NSnmGNUhBWIv3Dd72uEkhG6ouEnGngsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIEhoParXsCtH6fOIVqtUdqeyvn7MB8GA1UdIwQY
MBaAFKV7YI/M8yMORFyYP542tQ4R9yzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFh0Z2o4enpJdzVFWEpnX25qYTFEaEgzTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MjE2MjktZWQzZC00OWFmLWJmMzkt
ODVhMzdjZjFiMmVhLzEvZ1NHZzlxdGV3SzBmcDg0aFdxMVIycDdLLWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC82MjE2MjktZWQzZC00OWFmLWJmMzktODVhMzdjZjFiMmVh
LzEvcFh0Z2o4enpJdzVFWEpnX25qYTFEaEgzTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuRysMA8E
AgACMAkDBwIqAKCgAAAwDQYJKoZIhvcNAQELBQADggEBAGSgR9afYDdVqnbcyLVK
JxwTrAOhwfj6waTFh5lGHOzn39AiTWh61eDii01UG3joVdzYIizfSSV02RyQb0zB
RDs0fE0xRuvm6eVrhWogomahFjpGISvVHgUW4XXbDDg8vLfAz4hv+tRzoVV2Vb7I
Nt8fKAhhVvqEarmO/MVRnGTfEadKsnGXbmRBlJ/cMihzdhJaOKeqMzwgKXjUOeB4
VY7wWD2Tu6CVsdqMC/hlZpiII2iE7gkrwW5cuhBOgGLyv11NSbHatOVC84YSKNIF
E8XkluFwVxL/sw7nywFETFxkVt/gpSt9qnK9P7oM8uLOq7SiGescWjaoKe7xklF8
AH0=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:11:51 2024 by rpki-client on console-ams.rpki-client.org