Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/G3g_VknYR8hFrcEKzJDq0iQ_dOo.roa
File: G3g_VknYR8hFrcEKzJDq0iQ_dOo.roa (raw, json)
Hash identifier: DVG7z9VLNzu7uAI8GaegKxyhZMjWpBA3DDdbk12IXMI=
Subject key identifier: 1B:78:3F:56:49:D8:47:C8:45:AD:C1:0A:CC:90:EA:D2:24:3F:74:EA
Certificate issuer: /CN=f05c6af3d022620f72c53b770e82e5c73ae5506d
Certificate serial: 018DABB9DC51AB44D78101D89532B6438A7F
Authority key identifier: F0:5C:6A:F3:D0:22:62:0F:72:C5:3B:77:0E:82:E5:C7:3A:E5:50:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/G3g_VknYR8hFrcEKzJDq0iQ_dOo.roa
Signing time: Thu 15 Feb 2024 07:45:00 +0000
ROA not before: Thu 15 Feb 2024 07:45:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207355
IP address blocks: 66.97.192.0/19 maxlen: 19
91.196.172.0/22 maxlen: 22
193.187.160.0/22 maxlen: 22
193.239.168.0/23 maxlen: 23
2a06:f240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/8Fxq89AiYg9yxTt3DoLlxzrlUG0.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/8Fxq89AiYg9yxTt3DoLlxzrlUG0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ab:b9:dc:51:ab:44:d7:81:01:d8:95:32:b6:43:8a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f05c6af3d022620f72c53b770e82e5c73ae5506d
Validity
Not Before: Feb 15 07:45:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b783f5649d847c845adc10acc90ead2243f74ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:81:27:84:6a:24:44:ce:b3:b0:29:ca:2f:3f:
6a:d2:e8:55:c3:99:62:44:3b:96:d0:d3:25:dc:ab:
33:e2:4e:eb:ff:1c:74:5b:1a:7b:7c:d4:bc:1c:5a:
1f:9d:2c:3a:0c:a4:de:e6:0a:59:04:93:04:dd:5f:
66:88:de:74:d7:e3:b9:f8:4f:b7:86:eb:dc:25:05:
ca:42:39:6e:ee:f9:cd:de:1c:04:5f:4c:66:24:75:
69:a6:57:89:f0:77:2b:8f:67:0a:1d:38:0b:61:2c:
a4:9c:a5:1b:1f:99:19:f9:b9:47:04:56:94:95:0f:
ed:08:19:0d:67:d2:4c:af:47:17:2c:e8:78:56:82:
92:94:30:d8:d7:46:60:77:75:62:dd:a8:66:0d:ac:
e9:16:85:2d:5e:d2:e6:bd:68:8a:85:f4:70:a9:9b:
97:99:49:04:8e:44:90:1f:40:94:1f:c6:45:55:f6:
0c:d9:13:83:1e:8c:5e:43:a5:46:fa:29:ba:30:73:
bd:56:be:72:b5:3f:73:3d:14:9b:52:05:c2:e0:99:
66:54:dd:06:39:eb:ed:ef:d7:5d:34:cc:49:ae:4d:
ef:39:68:89:05:98:10:87:f3:53:4a:00:68:07:5c:
43:93:69:75:7b:ef:6b:9d:95:4a:2b:f8:04:c3:a2:
6b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:78:3F:56:49:D8:47:C8:45:AD:C1:0A:CC:90:EA:D2:24:3F:74:EA
X509v3 Authority Key Identifier:
keyid:F0:5C:6A:F3:D0:22:62:0F:72:C5:3B:77:0E:82:E5:C7:3A:E5:50:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Fxq89AiYg9yxTt3DoLlxzrlUG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/G3g_VknYR8hFrcEKzJDq0iQ_dOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/f7b7c2-5d8d-4e88-8454-0a532156b2a6/1/8Fxq89AiYg9yxTt3DoLlxzrlUG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.97.192.0/19
91.196.172.0/22
193.187.160.0/22
193.239.168.0/23
IPv6:
2a06:f240::/29
Signature Algorithm: sha256WithRSAEncryption
2d:86:b3:92:46:4f:53:0d:9d:96:b7:ab:8f:c3:6e:2e:cd:07:
24:7a:3e:e3:12:45:69:4f:3f:3b:3e:71:e9:60:a6:bd:09:5a:
47:24:51:84:7c:62:54:ae:e1:76:72:cf:8d:c0:11:db:ae:3a:
b2:1d:de:fb:4c:b2:52:f8:c8:c0:f3:91:7f:bb:49:9a:bc:a7:
6c:22:f6:b6:40:2f:f3:4a:4a:14:4e:72:c9:4e:e0:81:7e:bb:
45:c2:f6:13:08:88:6d:59:3c:10:8f:77:72:54:b2:ad:9d:5a:
61:c8:8d:29:5d:af:c0:e8:1b:c2:b8:d5:a5:09:78:a3:ce:fa:
6e:5a:a5:b5:40:81:1c:1d:a8:81:8c:0f:e7:71:2e:39:ea:55:
1a:3a:d2:ef:6f:c1:e0:44:30:36:28:e2:6c:9d:db:91:44:3d:
5e:6e:80:77:c7:76:19:c2:67:fd:34:fd:89:d4:e8:b8:00:fc:
90:62:af:c1:f2:f5:a6:4d:64:cf:4f:3d:60:45:8f:fa:ce:87:
42:22:73:73:77:fc:48:09:17:a7:d9:6c:2e:4e:7f:9f:e6:d0:
f9:f6:bd:ec:db:da:0d:21:64:be:1e:d8:38:40:cb:2c:18:93:
14:d8:0d:3e:9b:57:68:37:cf:e0:e7:b7:d9:f1:99:bc:b8:b7:
a1:41:9e:3e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY2rudxRq0TXgQHYlTK2Q4p/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNWM2YWYzZDAyMjYyMGY3MmM1M2I3NzBlODJlNWM3M2Fl
NTUwNmQwHhcNMjQwMjE1MDc0NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc4M2Y1NjQ5ZDg0N2M4NDVhZGMxMGFjYzkwZWFkMjI0M2Y3NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4EnhGokRM6zsCnKLz9q0uhVw5li
RDuW0NMl3Ksz4k7r/xx0Wxp7fNS8HFofnSw6DKTe5gpZBJME3V9miN501+O5+E+3
huvcJQXKQjlu7vnN3hwEX0xmJHVppleJ8Hcrj2cKHTgLYSyknKUbH5kZ+blHBFaU
lQ/tCBkNZ9JMr0cXLOh4VoKSlDDY10Zgd3Vi3ahmDazpFoUtXtLmvWiKhfRwqZuX
mUkEjkSQH0CUH8ZFVfYM2RODHoxeQ6VG+im6MHO9Vr5ytT9zPRSbUgXC4JlmVN0G
Oevt79ddNMxJrk3vOWiJBZgQh/NTSgBoB1xDk2l1e+9rnZVKK/gEw6JrwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBt4P1ZJ2EfIRa3BCsyQ6tIkP3TqMB8GA1UdIwQY
MBaAFPBcavPQImIPcsU7dw6C5cc65VBtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZ4cTg5QWlZZzl5eFR0M0RvTGx4enJsVUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9mN2I3YzItNWQ4ZC00ZTg4LTg0NTQt
MGE1MzIxNTZiMmE2LzEvRzNnX1ZrbllSOGhGcmNFS3pKRHEwaVFfZE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9mN2I3YzItNWQ4ZC00ZTg4LTg0NTQtMGE1MzIxNTZiMmE2
LzEvOEZ4cTg5QWlZZzl5eFR0M0RvTGx4enJsVUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFQmHAAwQC
W8SsAwQCwbugAwQBwe+oMA0EAgACMAcDBQMqBvJAMA0GCSqGSIb3DQEBCwUAA4IB
AQAthrOSRk9TDZ2Wt6uPw24uzQckej7jEkVpTz87PnHpYKa9CVpHJFGEfGJUruF2
cs+NwBHbrjqyHd77TLJS+MjA85F/u0mavKdsIva2QC/zSkoUTnLJTuCBfrtFwvYT
CIhtWTwQj3dyVLKtnVphyI0pXa/A6BvCuNWlCXijzvpuWqW1QIEcHaiBjA/ncS45
6lUaOtLvb8HgRDA2KOJsnduRRD1eboB3x3YZwmf9NP2J1Oi4APyQYq/B8vWmTWTP
Tz1gRY/6zodCInNzd/xICRen2WwuTn+f5tD59r3s29oNIWS+Htg4QMssGJMU2A0+
m1doN8/g57fZ8Zm8uLehQZ4+
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:30:09 2024 by rpki-client on console-ams.rpki-client.org