Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/gLVvIJg6kw4e5CMIb7-el9T0qH8.roa
File: gLVvIJg6kw4e5CMIb7-el9T0qH8.roa (raw, json)
Hash identifier: kitqaT30rNln3GNA2Zylh1NPuk++0WR7iRTgH19l4XM=
Subject key identifier: 80:B5:6F:20:98:3A:93:0E:1E:E4:23:08:6F:BF:9E:97:D4:F4:A8:7F
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01914C5C40DD51D5C448C93958BFF20BC0CD
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/gLVvIJg6kw4e5CMIb7-el9T0qH8.roa
Signing time: Tue 13 Aug 2024 15:29:59 +0000
ROA not before: Tue 13 Aug 2024 15:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206065
IP address blocks: 213.176.20.0/22 maxlen: 24
213.176.24.0/22 maxlen: 24
213.176.68.0/22 maxlen: 24
213.176.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:5c:40:dd:51:d5:c4:48:c9:39:58:bf:f2:0b:c0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 13 15:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80b56f20983a930e1ee423086fbf9e97d4f4a87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:84:f0:69:e7:e7:ed:d0:4f:5f:13:5b:f2:
7f:71:b7:a9:6b:74:fb:34:3f:f2:6e:f3:de:55:b1:
40:e4:30:31:ff:cb:72:59:db:dd:2a:ab:65:95:a3:
e2:56:a4:66:da:2c:bf:5c:18:43:da:fd:30:2c:8f:
81:15:42:a7:a5:77:c7:7f:0c:2c:2b:e7:4f:db:5a:
2b:44:61:11:97:1d:b4:65:c7:1f:9e:f5:33:eb:59:
ea:e6:76:1d:37:ea:2b:33:13:14:97:b0:d8:2f:7a:
7e:ea:4f:f8:08:46:e8:e2:2a:7e:61:d9:67:6f:01:
30:41:2a:e7:f2:ad:f4:0a:0c:c3:88:9c:99:70:80:
a0:aa:dc:f1:2b:85:41:a3:58:5c:73:d5:9c:a1:b6:
00:4d:f0:0b:49:ec:c7:0d:8e:c7:3d:2c:1e:d2:08:
d1:aa:ea:53:15:ae:55:d7:a1:fd:0f:4a:bc:5f:87:
76:55:25:1a:ef:b2:03:05:58:ef:21:07:28:f3:94:
84:6d:6f:af:56:26:2e:5e:e7:a5:d7:c5:53:0b:90:
37:5c:d5:71:3c:9a:4a:92:b3:9c:da:22:d9:d3:c3:
c7:23:c6:a5:b7:9a:d7:63:ec:dc:f4:24:e4:a2:f0:
c1:8a:58:e8:01:87:17:ce:78:bd:cf:2c:95:ce:f1:
ed:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B5:6F:20:98:3A:93:0E:1E:E4:23:08:6F:BF:9E:97:D4:F4:A8:7F
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/gLVvIJg6kw4e5CMIb7-el9T0qH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.20.0-213.176.27.255
213.176.68.0/22
213.176.88.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:5d:fd:66:22:78:89:4d:d4:fa:35:59:0e:31:c2:66:51:02:
6a:c2:9c:23:8f:fc:e9:1d:df:5e:f4:c4:e1:fa:9a:42:2c:c9:
7b:d4:c7:f2:8c:84:11:2d:b2:e5:66:61:d0:2d:73:c4:07:19:
dd:41:88:c0:ae:8c:26:18:6f:8a:6a:ba:37:ff:f8:09:c0:bc:
4f:ae:cc:0a:00:55:bf:2a:07:ba:a3:1b:98:c8:ee:e0:1b:39:
5a:37:d1:45:7b:71:fc:25:47:d5:f5:a0:43:a5:fb:3a:10:60:
e2:5d:d0:56:22:47:8f:a2:9a:d7:af:7a:78:c2:b9:a9:f6:ec:
02:50:36:32:a2:b6:69:32:aa:48:93:12:db:73:84:24:dd:96:
f0:8d:e8:c5:39:1f:e1:68:1a:7a:01:d9:e4:d2:fd:44:b4:3a:
b6:f1:2b:c1:d2:87:00:49:e4:23:6d:43:22:e4:33:0f:aa:fb:
86:56:bb:cc:fa:d1:dd:dc:81:f3:58:df:b0:77:76:3a:2c:25:
fc:dd:11:05:b6:1e:a4:2b:3a:07:16:24:4b:4d:51:9f:f7:74:
be:1f:ca:be:22:98:da:ec:37:d7:92:ae:ab:05:ef:72:f8:82:
3f:5a:5e:e1:f8:5a:0d:a2:73:c4:f2:00:95:bb:3b:c9:42:7f:
2d:09:65:a3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZFMXEDdUdXESMk5WL/yC8DNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwODEzMTUyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGI1NmYyMDk4M2E5MzBlMWVlNDIzMDg2ZmJmOWU5N2Q0ZjRhODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKGE8Gnn5+3QT18TW/J/cbepa3T7
ND/ybvPeVbFA5DAx/8tyWdvdKqtllaPiVqRm2iy/XBhD2v0wLI+BFUKnpXfHfwws
K+dP21orRGERlx20ZccfnvUz61nq5nYdN+orMxMUl7DYL3p+6k/4CEbo4ip+Ydln
bwEwQSrn8q30CgzDiJyZcICgqtzxK4VBo1hcc9WcobYATfALSezHDY7HPSwe0gjR
qupTFa5V16H9D0q8X4d2VSUa77IDBVjvIQco85SEbW+vViYuXuel18VTC5A3XNVx
PJpKkrOc2iLZ08PHI8alt5rXY+zc9CTkovDBiljoAYcXzni9zyyVzvHt+QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIC1byCYOpMOHuQjCG+/npfU9Kh/MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvZ0xWdklKZzZrdzRlNUNNSWI3LWVsOVQwcUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBALVsBQD
BALVsBgDBALVsEQDBALVsFgwDQYJKoZIhvcNAQELBQADggEBABxd/WYieIlN1Po1
WQ4xwmZRAmrCnCOP/Okd3170xOH6mkIsyXvUx/KMhBEtsuVmYdAtc8QHGd1BiMCu
jCYYb4pqujf/+AnAvE+uzAoAVb8qB7qjG5jI7uAbOVo30UV7cfwlR9X1oEOl+zoQ
YOJd0FYiR4+imtevenjCuan27AJQNjKitmkyqkiTEttzhCTdlvCN6MU5H+FoGnoB
2eTS/US0OrbxK8HShwBJ5CNtQyLkMw+q+4ZWu8z60d3cgfNY37B3djosJfzdEQW2
HqQrOgcWJEtNUZ/3dL4fyr4imNrsN9eSrqsF73L4gj9aXuH4Wg2ic8TyAJW7O8lC
fy0JZaM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:53:30 2024 by rpki-client on console-ams.rpki-client.org