Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/G0lEK89M-JPoIRE0wzgaLBMol_I.roa
File: G0lEK89M-JPoIRE0wzgaLBMol_I.roa (raw, json)
Hash identifier: 2Ct6tRZ7lwiK18mcfDvHymDUpFPdnOgqzjZhdAatJ1E=
Subject key identifier: 1B:49:44:2B:CF:4C:F8:93:E8:21:11:34:C3:38:1A:2C:13:28:97:F2
Certificate issuer: /CN=d2e6ddda40d782559ee65e50f908e1689a65a800
Certificate serial: 018CC56E31861A92E14CC09A8FC9FE200C05
Authority key identifier: D2:E6:DD:DA:40:D7:82:55:9E:E6:5E:50:F9:08:E1:68:9A:65:A8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ubd2kDXglWe5l5Q-QjhaJplqAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/G0lEK89M-JPoIRE0wzgaLBMol_I.roa
Signing time: Mon 01 Jan 2024 14:29:42 +0000
ROA not before: Mon 01 Jan 2024 14:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211856
IP address blocks: 62.192.164.0/22 maxlen: 24
2a09:18c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/0ubd2kDXglWe5l5Q-QjhaJplqAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/0ubd2kDXglWe5l5Q-QjhaJplqAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0ubd2kDXglWe5l5Q-QjhaJplqAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:31:86:1a:92:e1:4c:c0:9a:8f:c9:fe:20:0c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2e6ddda40d782559ee65e50f908e1689a65a800
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b49442bcf4cf893e8211134c3381a2c132897f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:5e:8c:0b:01:1f:da:a1:06:c2:5a:12:c6:
cb:36:21:bd:ef:23:ad:2c:b1:6d:d3:d1:6c:93:b9:
06:21:56:b6:77:ce:a8:95:88:ef:0b:09:04:a0:c0:
12:d4:29:b4:63:bb:f0:94:1e:fd:ec:41:57:1a:ca:
25:93:73:6e:17:b8:20:04:81:6f:dd:6d:a4:84:ea:
a4:06:9c:71:df:58:f8:9c:e6:90:53:17:98:fa:7d:
01:b0:08:4e:5b:fb:2f:95:bc:43:9f:8f:43:f9:33:
dd:a1:c3:83:d3:bf:c4:eb:cd:2a:cc:f7:4e:9f:48:
18:c0:ec:57:04:b3:b7:fb:c3:d5:0e:5e:f0:a5:b4:
51:92:7e:ea:60:64:c5:76:cc:2b:b4:a4:5d:36:06:
00:a0:89:bd:0b:54:d2:7f:4a:b0:ad:ff:ac:0b:7d:
06:be:fe:75:ee:4d:9c:94:b4:15:24:15:93:16:76:
d1:c2:5a:cb:44:aa:9c:9e:05:d1:4e:89:cd:66:2c:
8c:1c:cc:88:5a:23:58:05:e9:ee:9e:4d:61:f7:cb:
24:a2:97:ad:d4:ff:b5:99:0d:3d:ec:ec:cf:59:38:
90:d5:c6:03:57:6d:fd:f4:4d:1e:a3:5c:25:55:58:
15:85:fa:36:30:c3:a7:fe:3f:b4:3e:c5:82:a7:fc:
5f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:49:44:2B:CF:4C:F8:93:E8:21:11:34:C3:38:1A:2C:13:28:97:F2
X509v3 Authority Key Identifier:
keyid:D2:E6:DD:DA:40:D7:82:55:9E:E6:5E:50:F9:08:E1:68:9A:65:A8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ubd2kDXglWe5l5Q-QjhaJplqAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/G0lEK89M-JPoIRE0wzgaLBMol_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/7335d2-3c3f-4fca-8000-ccf9b89e22e2/1/0ubd2kDXglWe5l5Q-QjhaJplqAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.164.0/22
IPv6:
2a09:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:69:28:4c:51:6d:06:94:a9:5f:45:d8:48:96:2d:fe:1f:90:
4b:6b:4a:48:a3:6e:19:3e:1d:ac:78:e1:90:df:89:38:c9:05:
36:1d:49:9e:fb:c4:45:82:fc:53:87:36:af:73:28:0a:a6:2f:
ee:c8:66:43:ca:2f:9a:23:b5:3d:74:9c:60:b9:b1:e8:d9:d8:
02:3b:fc:26:7b:4c:72:e3:f8:a7:86:67:fd:9b:8d:12:7e:7d:
2f:f0:15:79:18:2a:5c:c3:93:c7:ed:cd:e3:29:17:d1:84:08:
6b:16:a5:26:f2:61:6e:1c:5e:a0:91:d0:f4:c3:19:f2:09:98:
7b:cc:20:65:66:46:46:b3:32:52:3d:f0:9e:63:55:38:3f:db:
26:ee:0a:18:53:a6:55:0b:11:19:cb:1e:1d:fe:1f:99:15:da:
3a:50:44:1d:ba:3a:42:f8:d4:7f:09:b6:5e:69:ec:8c:0c:01:
98:17:70:2c:23:9d:0e:52:0d:e6:03:49:14:08:ea:d5:44:b2:
06:fc:38:93:e2:f3:e3:3d:1c:8a:5e:23:53:c8:bf:31:dd:58:
8b:16:1f:0f:ac:92:7d:87:92:f4:4b:c0:2d:a5:30:77:06:7a:
88:6b:0f:57:fb:e9:a4:02:41:81:81:50:61:f8:bd:a4:66:ad:
47:8f:89:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbjGGGpLhTMCaj8n+IAwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZTZkZGRhNDBkNzgyNTU5ZWU2NWU1MGY5MDhlMTY4OWE2
NWE4MDAwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQ5NDQyYmNmNGNmODkzZTgyMTExMzRjMzM4MWEyYzEzMjg5N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAxejAsBH9qhBsJaEsbLNiG97yOt
LLFt09Fsk7kGIVa2d86olYjvCwkEoMAS1Cm0Y7vwlB797EFXGsolk3NuF7ggBIFv
3W2khOqkBpxx31j4nOaQUxeY+n0BsAhOW/svlbxDn49D+TPdocOD07/E680qzPdO
n0gYwOxXBLO3+8PVDl7wpbRRkn7qYGTFdswrtKRdNgYAoIm9C1TSf0qwrf+sC30G
vv517k2clLQVJBWTFnbRwlrLRKqcngXRTonNZiyMHMyIWiNYBenunk1h98skopet
1P+1mQ097OzPWTiQ1cYDV2399E0eo1wlVVgVhfo2MMOn/j+0PsWCp/xfUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBtJRCvPTPiT6CERNMM4GiwTKJfyMB8GA1UdIwQY
MBaAFNLm3dpA14JVnuZeUPkI4WiaZagAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHViZDJrRFhnbFdlNWw1US1RamhhSnBscUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83MzM1ZDItM2MzZi00ZmNhLTgwMDAt
Y2NmOWI4OWUyMmUyLzEvRzBsRUs4OU0tSlBvSVJFMHd6Z2FMQk1vbF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83MzM1ZDItM2MzZi00ZmNhLTgwMDAtY2NmOWI4OWUyMmUy
LzEvMHViZDJrRFhnbFdlNWw1US1RamhhSnBscUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCPsCkMA0E
AgACMAcDBQAqCRjAMA0GCSqGSIb3DQEBCwUAA4IBAQBtaShMUW0GlKlfRdhIli3+
H5BLa0pIo24ZPh2seOGQ34k4yQU2HUme+8RFgvxThzavcygKpi/uyGZDyi+aI7U9
dJxgubHo2dgCO/wme0xy4/inhmf9m40Sfn0v8BV5GCpcw5PH7c3jKRfRhAhrFqUm
8mFuHF6gkdD0wxnyCZh7zCBlZkZGszJSPfCeY1U4P9sm7goYU6ZVCxEZyx4d/h+Z
Fdo6UEQdujpC+NR/CbZeaeyMDAGYF3AsI50OUg3mA0kUCOrVRLIG/DiT4vPjPRyK
XiNTyL8x3ViLFh8PrJJ9h5L0S8AtpTB3BnqIaw9X++mkAkGBgVBh+L2kZq1Hj4nK
-----END CERTIFICATE-----
Generated at Fri May 17 20:59:21 2024 by rpki-client on console-fra.rpki-client.org