Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/gu8BgqfW0cxWsNgZxX9LYK2fydA.roa
File: gu8BgqfW0cxWsNgZxX9LYK2fydA.roa (raw, json)
Hash identifier: KQ2QYOvbI4Bv9zKDyuthHD7d/J7rloVHkaNOqC0kViw=
Subject key identifier: 82:EF:01:82:A7:D6:D1:CC:56:B0:D8:19:C5:7F:4B:60:AD:9F:C9:D0
Certificate issuer: /CN=f57331288d908dd762e4b56f003b448f01881d24
Certificate serial: 018CC5015438762EDE7939473E30ADB8FFD1
Authority key identifier: F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/gu8BgqfW0cxWsNgZxX9LYK2fydA.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42244
IP address blocks: 185.191.196.0/22 maxlen: 22
2a0a:2540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:54:38:76:2e:de:79:39:47:3e:30:ad:b8:ff:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57331288d908dd762e4b56f003b448f01881d24
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82ef0182a7d6d1cc56b0d819c57f4b60ad9fc9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:df:74:c3:c7:35:85:c8:b4:bd:31:cf:67:f5:
fd:8a:47:52:60:a7:77:fc:8b:c3:91:32:fd:d1:24:
d6:a5:da:69:84:a0:f3:9e:7b:83:57:aa:56:90:d7:
ee:e2:4d:43:8f:3e:3e:e1:04:fe:93:ae:82:29:ed:
bd:76:10:40:22:11:e4:bc:08:38:b1:7b:e1:85:fb:
51:41:2f:de:74:bc:af:64:86:62:53:68:b1:50:a7:
3a:50:42:67:97:55:a9:e9:4c:36:e7:8f:36:70:a3:
1f:0d:04:01:5a:15:48:66:27:0c:8c:4f:a3:8f:82:
fa:d3:d9:8a:65:6e:ad:dc:85:6c:c7:d6:5e:c1:da:
73:47:dc:00:01:89:bf:69:75:a2:c6:ca:ab:e4:44:
69:e9:7b:96:8a:3c:bd:f9:e5:78:a4:80:12:df:44:
e6:94:12:a8:6e:67:80:34:f0:b3:d5:27:2d:2e:81:
bb:c4:cc:2d:08:55:56:29:9e:ce:02:06:de:10:43:
3c:90:5f:56:ba:a8:b5:e4:7a:b7:67:32:e4:88:b7:
67:a4:d1:b2:56:7f:c8:a0:9b:e2:b3:72:88:71:60:
5a:36:75:e6:df:2d:80:42:3a:0f:fb:c1:fc:98:42:
ca:91:f3:97:71:fe:e8:30:24:00:d6:75:01:5a:7e:
0b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:EF:01:82:A7:D6:D1:CC:56:B0:D8:19:C5:7F:4B:60:AD:9F:C9:D0
X509v3 Authority Key Identifier:
keyid:F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/gu8BgqfW0cxWsNgZxX9LYK2fydA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.196.0/22
IPv6:
2a0a:2540::/29
Signature Algorithm: sha256WithRSAEncryption
c9:ab:23:0b:08:58:d8:cd:be:11:e9:d0:f5:92:64:3c:42:83:
36:67:3b:7f:ca:ab:bd:3c:e4:32:c1:96:31:55:35:4c:25:cc:
c8:4b:6a:cf:5b:b6:8b:02:91:76:d9:c2:f7:15:aa:26:51:92:
2c:24:a8:c3:01:37:ca:cb:bd:fa:b7:f5:7a:2f:82:8b:d5:df:
f3:a9:39:8f:01:15:73:5a:8d:f7:b3:cd:50:c8:1e:93:2d:85:
3b:4b:aa:e3:6a:91:ea:7d:a8:ef:3e:d9:2a:0a:63:79:bc:5b:
c4:31:95:78:ea:af:8e:4a:d0:0d:b9:58:92:d8:c7:c8:69:e6:
ea:2d:34:98:3f:05:96:63:e4:7b:4d:37:e1:01:c9:44:df:75:
27:96:40:1b:d3:4d:23:25:68:89:11:1e:14:1b:e7:ea:2b:9f:
22:9f:0d:67:46:e9:57:9d:25:61:e1:d9:be:3c:bf:13:25:78:
09:87:93:48:89:8e:d4:0f:54:b8:6e:46:35:05:43:fb:c0:15:
d4:6d:d4:b9:c3:89:10:20:3b:89:eb:dd:27:85:6c:6c:b3:45:
73:e6:1b:6a:95:3a:ba:94:b8:33:de:08:94:f0:33:f6:0e:a2:
b5:bc:80:28:b8:37:7b:7b:7d:26:36:4d:1e:4f:45:07:c5:be:
66:0e:17:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAVQ4di7eeTlHPjCtuP/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzMzMTI4OGQ5MDhkZDc2MmU0YjU2ZjAwM2I0NDhmMDE4
ODFkMjQwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmVmMDE4MmE3ZDZkMWNjNTZiMGQ4MTljNTdmNGI2MGFkOWZjOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd90w8c1hci0vTHPZ/X9ikdSYKd3
/IvDkTL90STWpdpphKDznnuDV6pWkNfu4k1Djz4+4QT+k66CKe29dhBAIhHkvAg4
sXvhhftRQS/edLyvZIZiU2ixUKc6UEJnl1Wp6Uw25482cKMfDQQBWhVIZicMjE+j
j4L609mKZW6t3IVsx9ZewdpzR9wAAYm/aXWixsqr5ERp6XuWijy9+eV4pIAS30Tm
lBKobmeANPCz1SctLoG7xMwtCFVWKZ7OAgbeEEM8kF9Wuqi15Hq3ZzLkiLdnpNGy
Vn/IoJvis3KIcWBaNnXm3y2AQjoP+8H8mELKkfOXcf7oMCQA1nUBWn4LVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFILvAYKn1tHMVrDYGcV/S2Ctn8nQMB8GA1UdIwQY
MBaAFPVzMSiNkI3XYuS1bwA7RI8BiB0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgt
OGFlYTFmNjhiNzliLzEvZ3U4QmdxZlcwY3hXc05nWnhYOUxZSzJmeWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgtOGFlYTFmNjhiNzli
LzEvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/EMA0E
AgACMAcDBQMqCiVAMA0GCSqGSIb3DQEBCwUAA4IBAQDJqyMLCFjYzb4R6dD1kmQ8
QoM2Zzt/yqu9POQywZYxVTVMJczIS2rPW7aLApF22cL3FaomUZIsJKjDATfKy736
t/V6L4KL1d/zqTmPARVzWo33s81QyB6TLYU7S6rjapHqfajvPtkqCmN5vFvEMZV4
6q+OStANuViS2MfIaebqLTSYPwWWY+R7TTfhAclE33UnlkAb000jJWiJER4UG+fq
K58inw1nRulXnSVh4dm+PL8TJXgJh5NIiY7UD1S4bkY1BUP7wBXUbdS5w4kQIDuJ
690nhWxss0Vz5htqlTq6lLgz3giU8DP2DqK1vIAouDd7e30mNk0eT0UHxb5mDhfN
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:12:28 2024 by rpki-client on console-fra.rpki-client.org