Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/C2gBvSwO0AhgdAajAF5TGKrxeEc.roa
File: C2gBvSwO0AhgdAajAF5TGKrxeEc.roa (raw, json)
Hash identifier: qBYNOlNZkt3/8Hh37NyPy++ymm0leEZL3DWk8n4AQ8I=
Subject key identifier: 0B:68:01:BD:2C:0E:D0:08:60:74:06:A3:00:5E:53:18:AA:F1:78:47
Certificate issuer: /CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Certificate serial: 018CC2DB0767C38D031FC09B2F5E49B88384
Authority key identifier: 11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/C2gBvSwO0AhgdAajAF5TGKrxeEc.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42168
IP address blocks: 194.230.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:07:67:c3:8d:03:1f:c0:9b:2f:5e:49:b8:83:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b6801bd2c0ed008607406a3005e5318aaf17847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:62:1b:01:4a:2d:d1:04:86:d9:ba:77:be:
0c:35:da:a5:e5:c0:9a:01:a9:17:15:e0:e1:5d:bd:
13:62:03:2a:f5:ea:27:64:9d:f2:25:a7:91:1d:87:
64:6a:de:78:89:7c:40:fc:4f:9a:9b:5c:21:4c:ba:
09:1a:ce:a3:8e:b6:0d:c6:54:51:3f:56:d5:c6:6c:
7a:3e:55:c7:aa:b1:30:aa:bd:92:17:4c:ba:d7:35:
a9:0f:d3:7c:f0:d5:24:a7:84:08:d0:97:2f:7c:e6:
9b:d4:25:9c:44:8a:ed:69:c0:51:24:00:99:96:c8:
ff:15:a0:06:95:e2:e9:d3:a5:23:8a:28:60:cf:ef:
3f:85:22:67:df:9b:10:e9:a8:50:6d:ec:50:26:0e:
0c:b9:eb:06:85:50:9b:86:76:37:eb:ed:60:ad:24:
f7:08:68:e1:bb:f7:7d:6d:2d:2a:d0:ed:cc:e4:83:
cc:9c:81:7b:ab:f3:b1:0e:bd:51:a5:80:ed:71:ce:
40:53:f0:71:42:70:8f:a8:29:59:43:f9:a8:56:36:
87:bc:6a:05:ff:1f:30:32:58:d2:a8:5f:f7:5b:31:
fb:99:91:91:39:ba:1b:72:b8:41:1c:ee:df:0a:5e:
5f:c2:3b:3c:5b:ab:15:ad:c3:ff:cb:4b:52:75:8a:
1c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:68:01:BD:2C:0E:D0:08:60:74:06:A3:00:5E:53:18:AA:F1:78:47
X509v3 Authority Key Identifier:
keyid:11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/C2gBvSwO0AhgdAajAF5TGKrxeEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.230.110.0/24
Signature Algorithm: sha256WithRSAEncryption
83:30:87:d0:a2:73:10:9a:9a:75:19:62:37:1e:49:8a:ad:22:
83:ec:3b:31:07:39:2a:ee:e8:62:33:e3:76:1d:fe:7f:fb:6d:
a5:56:02:a9:31:eb:d3:3f:44:e3:4a:8d:a3:36:90:86:32:a9:
7f:b4:b4:b5:63:a7:c0:b6:bc:e6:3b:d6:13:2f:75:05:b6:dc:
64:62:e4:9d:4c:27:0a:5d:53:22:d6:f4:5a:ad:98:00:cd:62:
d3:d9:16:ca:6f:42:4a:1f:98:6a:65:3f:9f:ab:f0:79:41:68:
0f:e2:58:40:05:2f:bb:d6:98:45:fd:bb:46:c5:8c:7b:14:51:
29:ab:9e:f8:ab:f5:85:0f:df:6f:33:cf:53:9a:72:24:a2:63:
72:40:33:23:80:a7:77:a0:9a:6c:b9:41:48:c4:5d:22:6d:df:
cf:0a:2e:f8:75:81:bb:62:89:65:0a:87:f3:d2:d8:a9:72:00:
fc:d7:34:5c:0d:b2:4b:b0:63:f7:a8:b1:6f:e8:4e:a0:a1:91:
a9:09:f9:05:48:14:0b:65:ee:48:0f:7b:78:33:4e:50:c3:5e:
4b:d2:62:c9:d2:4d:d6:07:25:73:cf:01:07:75:e2:22:0a:6d:
80:1c:51:df:58:5c:d9:f1:40:e3:5e:87:a7:4f:64:8f:fe:8a:
68:cc:f7:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wdnw40DH8CbL15JuIOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWRiYzAwNDMzZTI5ZjJhZGViMDM4ZmVhMmZiZDcwNDhm
YjYzMmYwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY4MDFiZDJjMGVkMDA4NjA3NDA2YTMwMDVlNTMxOGFhZjE3ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOhiGwFKLdEEhtm6d74MNdql5cCa
AakXFeDhXb0TYgMq9eonZJ3yJaeRHYdkat54iXxA/E+am1whTLoJGs6jjrYNxlRR
P1bVxmx6PlXHqrEwqr2SF0y61zWpD9N88NUkp4QI0JcvfOab1CWcRIrtacBRJACZ
lsj/FaAGleLp06Ujiihgz+8/hSJn35sQ6ahQbexQJg4MuesGhVCbhnY36+1grST3
CGjhu/d9bS0q0O3M5IPMnIF7q/OxDr1RpYDtcc5AU/BxQnCPqClZQ/moVjaHvGoF
/x8wMljSqF/3WzH7mZGRObobcrhBHO7fCl5fwjs8W6sVrcP/y0tSdYocKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtoAb0sDtAIYHQGowBeUxiq8XhHMB8GA1UdIwQY
MBaAFBFdvABDPinyresDj+ovvXBI+2MvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTkt
MjI5YjRhZTc0MmRlLzEvQzJnQnZTd08wQWhnZEFhakFGNVRHS3J4ZUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTktMjI5YjRhZTc0MmRl
LzEvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwuZuMA0G
CSqGSIb3DQEBCwUAA4IBAQCDMIfQonMQmpp1GWI3HkmKrSKD7DsxBzkq7uhiM+N2
Hf5/+22lVgKpMevTP0TjSo2jNpCGMql/tLS1Y6fAtrzmO9YTL3UFttxkYuSdTCcK
XVMi1vRarZgAzWLT2RbKb0JKH5hqZT+fq/B5QWgP4lhABS+71phF/btGxYx7FFEp
q574q/WFD99vM89TmnIkomNyQDMjgKd3oJpsuUFIxF0ibd/PCi74dYG7YollCofz
0tipcgD81zRcDbJLsGP3qLFv6E6goZGpCfkFSBQLZe5ID3t4M05Qw15L0mLJ0k3W
ByVzzwEHdeIiCm2AHFHfWFzZ8UDjXoenT2SP/opozPfk
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:10:26 2024 by rpki-client on console-ams.rpki-client.org