Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ga9mynnvXaYD8cEa1n35AXIMerE.roa
File: Ga9mynnvXaYD8cEa1n35AXIMerE.roa (raw, json)
Hash identifier: z/PrQLaf/NyU5hDF3UwYwqTa9O16NpZnSH/ZGQ6yFGg=
Subject key identifier: 19:AF:66:CA:79:EF:5D:A6:03:F1:C1:1A:D6:7D:F9:01:72:0C:7A:B1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01933E4A31BC24EF07B4F8135FFD5D091BE6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ga9mynnvXaYD8cEa1n35AXIMerE.roa
Signing time: Mon 18 Nov 2024 08:01:10 +0000
ROA not before: Mon 18 Nov 2024 08:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.89.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.135.33.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.37.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.1.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:4a:31:bc:24:ef:07:b4:f8:13:5f:fd:5d:09:1b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 18 08:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19af66ca79ef5da603f1c11ad67df901720c7ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:81:6a:6f:cd:55:08:74:28:95:86:2d:50:2c:
6b:e7:1e:27:0e:81:44:ac:1b:6f:9f:d6:1b:d8:95:
c7:65:b1:a2:16:44:a0:89:4f:05:54:bd:5e:48:a5:
8d:13:ee:90:f2:cb:50:85:84:62:92:d6:88:51:f0:
a8:5f:00:8d:ca:a9:f2:bf:c3:f4:ca:cd:5d:f0:58:
50:98:b4:a9:6c:1f:cc:89:12:63:dd:27:ea:5c:5f:
03:f8:4a:b6:91:51:26:f3:42:14:df:d2:33:63:3e:
7c:76:41:6f:41:58:b4:4b:01:04:7c:a4:d8:27:5d:
31:b5:cb:e9:8e:9c:06:d1:a7:96:80:5f:dc:ad:0a:
3c:92:08:93:95:40:56:4c:40:b6:6f:86:19:be:7b:
14:39:b5:42:30:5d:7d:fa:df:65:38:91:a4:14:e5:
81:fc:1c:59:e9:7f:b2:e1:36:3b:63:85:7c:de:8b:
48:e3:c6:fe:b3:a8:77:bf:2d:be:bb:ed:32:66:17:
f2:b7:ff:9f:25:89:c5:91:9a:db:67:2c:75:04:6d:
e7:d3:88:8d:f7:7c:4b:ac:cd:eb:4a:1b:af:10:50:
3a:7b:99:61:aa:b1:fa:08:c8:ab:0f:7a:92:66:83:
b3:5b:5c:d3:9f:9d:76:cc:a0:8b:2a:9c:31:a2:9a:
2a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AF:66:CA:79:EF:5D:A6:03:F1:C1:1A:D6:7D:F9:01:72:0C:7A:B1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Ga9mynnvXaYD8cEa1n35AXIMerE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.89.0/24
194.58.155.0/24
194.85.251.0/24
194.87.17.0/24
194.87.108.0/24
194.87.169.0/24
194.87.178.0/24
194.87.224.0/24
194.135.33.0/24
195.133.24.0/23
195.133.37.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.1.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
4c:72:c8:1a:2e:96:7b:e4:29:6e:22:2e:67:58:65:fd:54:ae:
44:ca:1b:85:3b:a0:48:2c:7f:b4:88:eb:5c:d8:dc:69:2a:34:
90:33:ed:63:15:ee:ce:25:ec:02:90:af:c5:30:e9:1c:95:66:
76:2d:8f:3c:69:b4:49:1a:a3:88:e4:5d:3f:89:6d:d4:88:cc:
7c:a1:43:47:64:66:5e:42:f4:d2:e0:c7:f0:0e:b7:b3:2e:84:
c0:3d:5a:33:e3:14:62:5e:02:a6:7d:c9:6c:93:2f:12:5a:00:
b3:4e:1a:0c:fd:94:3d:dc:d3:83:7c:d9:38:9a:0e:4f:73:99:
4f:23:ab:d0:4e:4e:19:ad:c0:a0:ff:6f:33:19:d7:37:49:b0:
0a:9c:e6:34:fa:eb:04:ca:c7:07:7f:4e:d0:f1:44:f9:4c:8d:
65:97:b4:74:50:f9:6c:af:12:b5:64:6c:89:68:bf:ec:61:83:
fb:92:33:dc:72:4b:a7:a3:5a:87:4f:9c:3b:86:87:96:09:c0:
48:0f:93:8a:c0:e5:a8:c4:e5:d3:b6:1e:b5:4e:a9:a1:aa:3a:
df:99:8d:85:49:dc:30:91:7e:cb:6d:a3:af:67:52:f3:03:de:
6f:a3:32:a2:35:8f:8f:08:60:e6:41:2e:76:00:47:e0:20:4d:
d7:17:bf:bd
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZM+SjG8JO8HtPgTX/1dCRvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTE4MDgwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWFmNjZjYTc5ZWY1ZGE2MDNmMWMxMWFkNjdkZjkwMTcyMGM3YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooFqb81VCHQolYYtUCxr5x4nDoFE
rBtvn9Yb2JXHZbGiFkSgiU8FVL1eSKWNE+6Q8stQhYRiktaIUfCoXwCNyqnyv8P0
ys1d8FhQmLSpbB/MiRJj3SfqXF8D+Eq2kVEm80IU39IzYz58dkFvQVi0SwEEfKTY
J10xtcvpjpwG0aeWgF/crQo8kgiTlUBWTEC2b4YZvnsUObVCMF19+t9lOJGkFOWB
/BxZ6X+y4TY7Y4V83otI48b+s6h3vy2+u+0yZhfyt/+fJYnFkZrbZyx1BG3n04iN
93xLrM3rShuvEFA6e5lhqrH6CMirD3qSZoOzW1zTn512zKCLKpwxopoqSQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBmvZsp5712mA/HBGtZ9+QFyDHqxMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvR2E5bXlubnZYYVlEOGNFYTFuMzVBWElNZXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBADBfFkD
BADCOpsDBADCVfsDBADCVxEDBADCV2wDBADCV6kDBADCV7IDBADCV+ADBADChyED
BAHDhRgDBADDhSUDBAHDhSgDBAHDhTIDBAHDhVwDBADUwAEDBAHUwRowFAQCAAIw
DgMFAyoBV8ADBQMqDP9AMA0GCSqGSIb3DQEBCwUAA4IBAQBMcsgaLpZ75CluIi5n
WGX9VK5EyhuFO6BILH+0iOtc2NxpKjSQM+1jFe7OJewCkK/FMOkclWZ2LY88abRJ
GqOI5F0/iW3UiMx8oUNHZGZeQvTS4MfwDrezLoTAPVoz4xRiXgKmfclsky8SWgCz
ThoM/ZQ93NODfNk4mg5Pc5lPI6vQTk4ZrcCg/28zGdc3SbAKnOY0+usEyscHf07Q
8UT5TI1ll7R0UPlsrxK1ZGyJaL/sYYP7kjPcckuno1qHT5w7hoeWCcBID5OKwOWo
xOXTth61TqmhqjrfmY2FSdwwkX7LbaOvZ1LzA95vozKiNY+PCGDmQS52AEfgIE3X
F7+9
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:43:13 2024 by rpki-client on console-ams.rpki-client.org