Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/Gin6T3dsFfBFNzpAFSA7PquXNH4.roa
File: Gin6T3dsFfBFNzpAFSA7PquXNH4.roa (raw, json)
Hash identifier: 8RYd4lZteZcaaaTEX0wfHgw6tY3pLC089+EOILGATIo=
Subject key identifier: 1A:29:FA:4F:77:6C:15:F0:45:37:3A:40:15:20:3B:3E:AB:97:34:7E
Certificate issuer: /CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Certificate serial: 018CC72572A3E95A7B04F3AC9330D1896433
Authority key identifier: 42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/Gin6T3dsFfBFNzpAFSA7PquXNH4.roa
Signing time: Mon 01 Jan 2024 22:29:29 +0000
ROA not before: Mon 01 Jan 2024 22:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203968
IP address blocks: 109.109.192.0/21 maxlen: 24
185.114.212.0/22 maxlen: 24
2a06:71c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:72:a3:e9:5a:7b:04:f3:ac:93:30:d1:89:64:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a29fa4f776c15f045373a4015203b3eab97347e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:fd:bc:87:49:44:58:70:01:53:ae:71:e2:
fb:5a:1c:7c:19:86:75:37:fb:bd:03:97:5c:c3:c0:
5e:4d:5c:5b:25:27:10:61:05:31:0b:bd:a4:ab:fe:
63:28:bb:28:bc:74:3c:71:24:0e:f6:a9:92:a0:fd:
07:48:78:7a:28:38:0c:71:e0:dd:92:dc:20:9a:96:
bc:5f:c3:29:0a:ef:12:f6:ad:b8:6c:15:50:75:09:
34:8a:ac:8d:64:f2:37:36:fd:fa:13:62:9e:31:40:
62:9b:a4:b3:73:0f:57:d0:7a:04:33:ab:49:7f:ec:
6f:a2:d2:27:2e:a2:b7:8b:3f:bf:70:9c:e5:ea:22:
df:ea:db:c6:ff:bc:74:68:09:86:2b:5e:7c:22:fc:
7f:de:7f:fb:58:a2:14:da:78:ff:25:17:e4:f9:d9:
34:10:c6:ee:a0:59:e2:70:fa:f5:c4:bd:c6:59:46:
63:6f:43:3b:7b:a6:8e:a7:eb:e5:f9:8c:a3:4a:6f:
70:c9:e8:84:25:19:05:26:d7:28:96:90:13:27:da:
c0:b1:05:ca:6e:a2:cb:a0:ea:38:bb:5d:51:c6:d0:
75:c0:dd:bb:1d:77:a3:10:2f:93:e9:f9:ba:90:c8:
58:7e:b2:29:59:ec:91:44:3a:70:c6:8b:53:83:78:
d8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:29:FA:4F:77:6C:15:F0:45:37:3A:40:15:20:3B:3E:AB:97:34:7E
X509v3 Authority Key Identifier:
keyid:42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/Gin6T3dsFfBFNzpAFSA7PquXNH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.109.192.0/21
185.114.212.0/22
IPv6:
2a06:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:4a:98:ed:10:ba:4d:f3:15:05:36:a6:4f:5d:1f:8e:ed:0c:
0e:63:e8:75:c8:de:13:fe:48:80:96:32:52:f8:50:4a:58:e9:
42:8b:81:a4:6f:5a:1b:ca:ad:7e:f2:78:a7:b9:d8:55:f8:25:
32:61:ad:e0:49:62:ad:67:b2:fe:11:24:80:42:25:12:1a:b6:
71:8f:90:8e:14:9d:50:59:66:f8:e1:87:8e:e5:56:4d:1c:d6:
6f:e5:0d:60:c2:bb:c0:cf:5f:c9:9c:28:6b:54:98:d4:46:21:
1c:33:2d:c3:80:28:47:a5:74:92:ba:8f:97:a5:7e:67:45:e3:
b2:bb:78:bf:39:1c:71:a4:c9:95:a2:74:d7:63:e5:ed:a4:5e:
00:36:56:0a:07:01:d0:77:94:4b:d3:40:0a:77:3b:9b:e9:25:
46:79:df:f9:7a:85:95:9c:42:eb:4c:4a:cf:3b:ef:ef:63:6a:
97:32:e1:6e:35:c6:45:ef:70:c9:a4:95:ae:ec:8d:2c:e3:54:
54:2c:1b:34:ad:e1:12:c0:0f:87:c2:f8:05:73:c3:dc:52:12:
98:fd:de:0f:a9:11:0e:63:24:a8:e5:29:a0:22:e5:63:90:84:
53:f9:76:7f:c5:0f:36:06:fc:80:23:fa:77:ed:90:a9:ac:33:
7e:82:fa:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJXKj6Vp7BPOskzDRiWQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNTEyNTYxZmM0ZWU1NGI3OTljNWFmNDI4ZmZmYmNiYWZk
NDU0ZWYwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTI5ZmE0Zjc3NmMxNWYwNDUzNzNhNDAxNTIwM2IzZWFiOTczNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdb9vIdJRFhwAVOuceL7Whx8GYZ1
N/u9A5dcw8BeTVxbJScQYQUxC72kq/5jKLsovHQ8cSQO9qmSoP0HSHh6KDgMceDd
ktwgmpa8X8MpCu8S9q24bBVQdQk0iqyNZPI3Nv36E2KeMUBim6Szcw9X0HoEM6tJ
f+xvotInLqK3iz+/cJzl6iLf6tvG/7x0aAmGK158Ivx/3n/7WKIU2nj/JRfk+dk0
EMbuoFnicPr1xL3GWUZjb0M7e6aOp+vl+YyjSm9wyeiEJRkFJtcolpATJ9rAsQXK
bqLLoOo4u11RxtB1wN27HXejEC+T6fm6kMhYfrIpWeyRRDpwxotTg3jYVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBop+k93bBXwRTc6QBUgOz6rlzR+MB8GA1UdIwQY
MBaAFEJRJWH8TuVLeZxa9Cj/+8uv1FTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUt
N2E3MmUyNmM4OTE4LzEvR2luNlQzZHNGZkJGTnpwQUZTQTdQcXVYTkg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUtN2E3MmUyNmM4OTE4
LzEvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbW3AAwQC
uXLUMA0EAgACMAcDBQMqBnHAMA0GCSqGSIb3DQEBCwUAA4IBAQBZSpjtELpN8xUF
NqZPXR+O7QwOY+h1yN4T/kiAljJS+FBKWOlCi4Gkb1obyq1+8ninudhV+CUyYa3g
SWKtZ7L+ESSAQiUSGrZxj5COFJ1QWWb44YeO5VZNHNZv5Q1gwrvAz1/JnChrVJjU
RiEcMy3DgChHpXSSuo+XpX5nReOyu3i/ORxxpMmVonTXY+XtpF4ANlYKBwHQd5RL
00AKdzub6SVGed/5eoWVnELrTErPO+/vY2qXMuFuNcZF73DJpJWu7I0s41RULBs0
reESwA+HwvgFc8PcUhKY/d4PqREOYySo5SmgIuVjkIRT+XZ/xQ82BvyAI/p37ZCp
rDN+gvoW
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:10:17 2024 by rpki-client on console-ams.rpki-client.org