Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/f45f60-f4ee-42ad-b6ab-735a399f0102/1/GoTo-d6dizc-s-SVPNOuXq-51mw.roa
File: GoTo-d6dizc-s-SVPNOuXq-51mw.roa (raw, json)
Hash identifier: A772JdyLAAvpXfe2YIHzF73jvjYfexJGttpqmbVkVXk=
Subject key identifier: 1A:84:E8:F9:DE:9D:8B:37:3E:B3:E4:95:3C:D3:AE:5E:AF:B9:D6:6C
Certificate issuer: /CN=ba404396ec776ebc663b37904f53bf6f2db697de
Certificate serial: 018CC726DBA328125A0B549FF02DD03B1E05
Authority key identifier: BA:40:43:96:EC:77:6E:BC:66:3B:37:90:4F:53:BF:6F:2D:B6:97:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ukBDlux3brxmOzeQT1O_by22l94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/f45f60-f4ee-42ad-b6ab-735a399f0102/1/GoTo-d6dizc-s-SVPNOuXq-51mw.roa
Signing time: Mon 01 Jan 2024 22:31:01 +0000
ROA not before: Mon 01 Jan 2024 22:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199081
IP address blocks: 185.232.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/f45f60-f4ee-42ad-b6ab-735a399f0102/1/ukBDlux3brxmOzeQT1O_by22l94.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/f45f60-f4ee-42ad-b6ab-735a399f0102/1/ukBDlux3brxmOzeQT1O_by22l94.mft
rsync://rpki.ripe.net/repository/DEFAULT/ukBDlux3brxmOzeQT1O_by22l94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:db:a3:28:12:5a:0b:54:9f:f0:2d:d0:3b:1e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba404396ec776ebc663b37904f53bf6f2db697de
Validity
Not Before: Jan 1 22:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a84e8f9de9d8b373eb3e4953cd3ae5eafb9d66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ad:f3:5f:12:79:97:77:3e:65:39:d2:fe:d5:
37:15:51:23:f1:06:04:e1:a5:42:bc:83:60:26:2c:
41:f1:32:f3:15:07:b7:24:ad:b6:e4:0e:c5:b1:f2:
d2:cf:e0:14:e3:3c:48:5f:bd:c4:f0:71:e4:91:2a:
65:0a:a9:7d:2c:09:b9:f3:0e:4a:46:b5:2f:7a:d8:
bd:1f:b5:ff:31:d3:20:c3:be:07:7b:0a:13:1b:83:
67:91:43:99:e6:53:0b:a2:29:77:bd:c1:76:31:b5:
b0:e2:27:96:ad:4b:3e:3e:4c:4e:7c:95:1a:46:19:
f4:e3:d4:41:64:7b:d7:3b:fd:ec:4a:25:65:e2:28:
8e:29:cb:8c:82:d8:77:62:f9:54:11:6f:30:59:78:
e9:63:69:b8:f4:1b:88:87:fc:64:8e:36:6d:3e:ad:
39:60:0a:66:6e:f1:7d:7b:d1:aa:56:30:d7:7c:cd:
16:21:3a:c9:ff:c3:44:9d:98:d5:d5:5b:02:ba:f2:
6f:08:ae:05:bf:15:3e:ac:22:08:9c:cb:b8:38:e1:
a3:f4:8d:79:80:ca:b2:72:67:6f:c5:3d:88:2b:48:
b5:2f:9e:4c:e4:52:80:97:7c:ee:c4:9d:c5:01:69:
1f:63:7d:56:33:61:ba:32:b2:f6:27:c5:1b:23:41:
a3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:84:E8:F9:DE:9D:8B:37:3E:B3:E4:95:3C:D3:AE:5E:AF:B9:D6:6C
X509v3 Authority Key Identifier:
keyid:BA:40:43:96:EC:77:6E:BC:66:3B:37:90:4F:53:BF:6F:2D:B6:97:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ukBDlux3brxmOzeQT1O_by22l94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/f45f60-f4ee-42ad-b6ab-735a399f0102/1/GoTo-d6dizc-s-SVPNOuXq-51mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/f45f60-f4ee-42ad-b6ab-735a399f0102/1/ukBDlux3brxmOzeQT1O_by22l94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.240.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:67:66:7c:fe:f8:e6:b5:29:2a:43:8c:6a:11:40:0c:60:94:
3b:73:0c:c0:fd:e8:3c:87:b7:93:59:08:59:ca:e0:b0:4b:4c:
22:7e:85:16:7e:ee:29:ce:42:37:84:17:83:9c:bd:35:c3:c3:
9f:f5:9e:b8:1c:95:f2:a3:6a:d6:16:ab:4e:c8:52:02:7b:54:
04:e2:4f:af:c0:b7:1c:34:1c:08:a1:ec:98:71:34:50:fb:a4:
e3:f0:59:24:68:b8:3a:97:c3:9f:88:17:34:0e:57:e9:15:d8:
06:fc:9b:47:27:d0:14:dc:2c:ec:27:1f:db:10:ea:69:36:ef:
4d:9b:ad:31:77:0d:f6:6c:1a:dc:e3:bd:62:03:97:2d:91:0b:
bf:7d:3f:0e:1c:87:83:9e:d1:5e:0c:06:fa:b9:6f:6a:65:c4:
64:46:18:29:99:fa:29:29:a3:70:74:7f:a9:f6:aa:2c:b4:af:
d8:6f:72:97:ab:c9:b9:2b:0f:15:24:7a:90:56:98:09:80:61:
0f:07:7e:d1:5e:e5:8c:0d:f1:34:ef:c2:de:0f:9b:68:f0:4e:
3e:9f:b1:b6:53:0f:56:9c:95:5e:79:14:ae:5f:82:22:51:a9:
0e:1c:6c:99:b4:46:aa:8f:02:e2:77:9a:04:9c:bd:67:67:bb:
12:0e:0a:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJtujKBJaC1Sf8C3QOx4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNDA0Mzk2ZWM3NzZlYmM2NjNiMzc5MDRmNTNiZjZmMmRi
Njk3ZGUwHhcNMjQwMTAxMjIzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTg0ZThmOWRlOWQ4YjM3M2ViM2U0OTUzY2QzYWU1ZWFmYjlkNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz63zXxJ5l3c+ZTnS/tU3FVEj8QYE
4aVCvINgJixB8TLzFQe3JK225A7FsfLSz+AU4zxIX73E8HHkkSplCql9LAm58w5K
RrUveti9H7X/MdMgw74HewoTG4NnkUOZ5lMLoil3vcF2MbWw4ieWrUs+PkxOfJUa
Rhn049RBZHvXO/3sSiVl4iiOKcuMgth3YvlUEW8wWXjpY2m49BuIh/xkjjZtPq05
YApmbvF9e9GqVjDXfM0WITrJ/8NEnZjV1VsCuvJvCK4FvxU+rCIInMu4OOGj9I15
gMqycmdvxT2IK0i1L55M5FKAl3zuxJ3FAWkfY31WM2G6MrL2J8UbI0GjRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqE6PnenYs3PrPklTzTrl6vudZsMB8GA1UdIwQY
MBaAFLpAQ5bsd268Zjs3kE9Tv28ttpfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWtCRGx1eDNicnhtT3plUVQxT19ieTIybDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9mNDVmNjAtZjRlZS00MmFkLWI2YWIt
NzM1YTM5OWYwMTAyLzEvR29Uby1kNmRpemMtcy1TVlBOT3VYcS01MW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9mNDVmNjAtZjRlZS00MmFkLWI2YWItNzM1YTM5OWYwMTAy
LzEvdWtCRGx1eDNicnhtT3plUVQxT19ieTIybDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuejwMA0G
CSqGSIb3DQEBCwUAA4IBAQBdZ2Z8/vjmtSkqQ4xqEUAMYJQ7cwzA/eg8h7eTWQhZ
yuCwS0wifoUWfu4pzkI3hBeDnL01w8Of9Z64HJXyo2rWFqtOyFICe1QE4k+vwLcc
NBwIoeyYcTRQ+6Tj8FkkaLg6l8OfiBc0DlfpFdgG/JtHJ9AU3CzsJx/bEOppNu9N
m60xdw32bBrc471iA5ctkQu/fT8OHIeDntFeDAb6uW9qZcRkRhgpmfopKaNwdH+p
9qostK/Yb3KXq8m5Kw8VJHqQVpgJgGEPB37RXuWMDfE078LeD5to8E4+n7G2Uw9W
nJVeeRSuX4IiUakOHGyZtEaqjwLid5oEnL1nZ7sSDgpc
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:46 2024 by rpki-client on console-fra.rpki-client.org