Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/RCGdBHOW-ieIyjHRH9DiMck05qw.roa
File: RCGdBHOW-ieIyjHRH9DiMck05qw.roa (raw, json)
Hash identifier: Gj4QEjANWYieJlNtrT/ZQAyuooEW2GgUD+VOzxqM/WU=
Subject key identifier: 44:21:9D:04:73:96:FA:27:88:CA:31:D1:1F:D0:E2:31:C9:34:E6:AC
Certificate issuer: /CN=c3bd26fe2295e462be2678533efa531e23b7f102
Certificate serial: 018CCA2BD428BA9508C133CB8E59A513B55F
Authority key identifier: C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/RCGdBHOW-ieIyjHRH9DiMck05qw.roa
Signing time: Tue 02 Jan 2024 12:35:19 +0000
ROA not before: Tue 02 Jan 2024 12:35:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57773
IP address blocks: 91.208.188.0/24 maxlen: 24
85.208.80.0/22 maxlen: 22
185.141.112.0/22 maxlen: 22
171.22.68.0/22 maxlen: 22
194.33.80.0/24 maxlen: 24
185.205.50.0/23 maxlen: 23
185.205.48.0/23 maxlen: 23
185.205.48.0/22 maxlen: 22
2a09:3b40::/29 maxlen: 29
2a0b:145::/43 maxlen: 43
2a0b:140::/29 maxlen: 29
2a0b:143::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 12:54:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d4:28:ba:95:08:c1:33:cb:8e:59:a5:13:b5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3bd26fe2295e462be2678533efa531e23b7f102
Validity
Not Before: Jan 2 12:35:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44219d047396fa2788ca31d11fd0e231c934e6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:79:7a:98:96:86:b4:11:c5:80:fa:46:d1:e3:
92:37:40:b8:70:b5:70:58:ff:68:8e:ec:ea:c0:ea:
22:9f:92:f7:62:d4:ab:82:7a:ff:3c:26:22:40:9c:
a8:5f:f8:8e:72:9d:fe:0d:db:4f:68:67:8c:c7:9c:
47:73:7f:ff:68:9f:df:94:e5:7e:76:6c:3e:1b:84:
9c:8d:a3:d0:98:08:38:46:bf:47:4c:b9:4a:6e:35:
6a:fe:5c:f4:eb:b3:63:25:6f:52:7d:aa:d8:aa:1d:
c8:74:c2:b4:ac:e2:49:d1:17:fa:44:60:47:ee:0b:
d0:89:93:ca:87:c7:c6:24:10:bb:47:bf:c7:6a:55:
8e:78:9c:ba:17:dc:86:14:3e:5f:7f:3e:89:be:b3:
c6:8f:ba:53:d2:67:ac:8a:50:68:56:ca:c6:9e:df:
08:f7:38:14:06:ae:25:4e:f2:62:54:f9:81:63:0e:
d9:18:3b:21:c6:94:8e:f8:7e:16:c3:b7:57:27:3d:
fd:79:26:e5:9c:d0:c2:f6:38:d5:15:93:19:7a:4d:
b2:6c:12:79:be:a3:80:6e:49:53:20:3f:5e:94:87:
18:58:8a:78:2a:02:de:c5:c3:03:47:ca:a1:91:4e:
28:29:3f:22:74:b0:89:da:df:1a:01:6c:7d:86:5d:
84:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:21:9D:04:73:96:FA:27:88:CA:31:D1:1F:D0:E2:31:C9:34:E6:AC
X509v3 Authority Key Identifier:
keyid:C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/RCGdBHOW-ieIyjHRH9DiMck05qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.80.0/22
91.208.188.0/24
171.22.68.0/22
185.141.112.0/22
185.205.48.0/22
194.33.80.0/24
IPv6:
2a09:3b40::/29
2a0b:140::/29
Signature Algorithm: sha256WithRSAEncryption
71:cf:d1:81:18:b7:33:e6:07:77:2e:9e:47:23:80:1c:ca:d0:
49:55:b6:b8:59:24:06:69:b2:fa:c9:64:2e:db:84:62:6b:23:
b3:05:26:80:0e:5d:56:c3:74:48:89:5b:47:3d:3d:7b:c0:3f:
bf:b8:f3:d4:04:e4:11:6c:70:18:92:62:df:3b:e2:d3:e9:ec:
30:cc:95:57:9b:1f:62:89:90:c7:c6:d9:d1:c7:b6:2f:2e:f1:
6a:cf:45:a9:5b:79:1f:e0:fe:93:b1:e8:35:07:63:72:fa:5c:
f6:3c:c9:a7:b9:22:97:34:86:1d:17:7f:ac:13:b6:62:06:f0:
ad:07:40:d7:89:72:cb:74:fc:4c:0c:50:12:17:fe:43:0f:76:
b9:91:25:23:20:0c:6e:ed:ac:46:be:9c:35:5c:94:b0:24:f0:
5e:9f:03:86:0c:5b:b9:40:07:67:82:e0:da:d3:d7:b9:93:10:
ca:62:2c:e4:51:3d:b7:38:00:6c:8b:5b:30:ac:df:8d:b0:ef:
cb:78:6c:84:d1:4c:27:42:d3:1c:03:93:3a:ce:e3:ac:f3:63:
ed:64:10:64:3d:3d:ae:63:94:53:a9:4a:5f:a6:35:d3:85:24:
8b:b2:d7:3a:59:0e:1a:6f:ae:e2:c7:3c:42:c8:56:d1:c7:78:
4d:0f:a9:92
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzKK9QoupUIwTPLjlmlE7VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYmQyNmZlMjI5NWU0NjJiZTI2Nzg1MzNlZmE1MzFlMjNi
N2YxMDIwHhcNMjQwMTAyMTIzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIxOWQwNDczOTZmYTI3ODhjYTMxZDExZmQwZTIzMWM5MzRlNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3l6mJaGtBHFgPpG0eOSN0C4cLVw
WP9ojuzqwOoin5L3YtSrgnr/PCYiQJyoX/iOcp3+DdtPaGeMx5xHc3//aJ/flOV+
dmw+G4ScjaPQmAg4Rr9HTLlKbjVq/lz067NjJW9SfarYqh3IdMK0rOJJ0Rf6RGBH
7gvQiZPKh8fGJBC7R7/HalWOeJy6F9yGFD5ffz6JvrPGj7pT0mesilBoVsrGnt8I
9zgUBq4lTvJiVPmBYw7ZGDshxpSO+H4Ww7dXJz39eSblnNDC9jjVFZMZek2ybBJ5
vqOAbklTID9elIcYWIp4KgLexcMDR8qhkU4oKT8idLCJ2t8aAWx9hl2EhQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEQhnQRzlvoniMox0R/Q4jHJNOasMB8GA1UdIwQY
MBaAFMO9Jv4ileRiviZ4Uz76Ux4jt/ECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgt
OGJkOTc2OTEwZGJmLzEvUkNHZEJIT1ctaWVJeWpIUkg5RGlNY2swNXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgtOGJkOTc2OTEwZGJm
LzEvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCVdBQAwQA
W9C8AwQCqxZEAwQCuY1wAwQCuc0wAwQAwiFQMBQEAgACMA4DBQMqCTtAAwUDKgsB
QDANBgkqhkiG9w0BAQsFAAOCAQEAcc/RgRi3M+YHdy6eRyOAHMrQSVW2uFkkBmmy
+slkLtuEYmsjswUmgA5dVsN0SIlbRz09e8A/v7jz1ATkEWxwGJJi3zvi0+nsMMyV
V5sfYomQx8bZ0ce2Ly7xas9FqVt5H+D+k7HoNQdjcvpc9jzJp7kilzSGHRd/rBO2
YgbwrQdA14lyy3T8TAxQEhf+Qw92uZElIyAMbu2sRr6cNVyUsCTwXp8DhgxbuUAH
Z4Lg2tPXuZMQymIs5FE9tzgAbItbMKzfjbDvy3hshNFMJ0LTHAOTOs7jrPNj7WQQ
ZD09rmOUU6lKX6Y104Uki7LXOlkOGm+u4sc8QshW0cd4TQ+pkg==
-----END CERTIFICATE-----
Generated at Sun Jun 30 16:48:03 2024 by rpki-client on console-ams.rpki-client.org