Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/gBgJovMUDf48ufXPZsqoCWsRrEI.roa
File: gBgJovMUDf48ufXPZsqoCWsRrEI.roa (raw, json)
Hash identifier: JRu3akivkQVrGN+/guef9PIib0clNpHe+c1+d7NF7IM=
Subject key identifier: 80:18:09:A2:F3:14:0D:FE:3C:B9:F5:CF:66:CA:A8:09:6B:11:AC:42
Certificate issuer: /CN=e7b33e9e3c932f7a542eb021056ce94b1e8b8f0b
Certificate serial: 018D4546E9EA8192D0F1D01A17DCB1AB91EA
Authority key identifier: E7:B3:3E:9E:3C:93:2F:7A:54:2E:B0:21:05:6C:E9:4B:1E:8B:8F:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/57M-njyTL3pULrAhBWzpSx6Ljws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/gBgJovMUDf48ufXPZsqoCWsRrEI.roa
Signing time: Fri 26 Jan 2024 10:18:11 +0000
ROA not before: Fri 26 Jan 2024 10:18:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210246
IP address blocks: 109.196.32.0/21 maxlen: 32
109.196.41.0/24 maxlen: 32
109.196.43.0/24 maxlen: 32
109.196.44.0/24 maxlen: 32
109.196.46.0/23 maxlen: 32
193.31.76.0/22 maxlen: 32
2a0d:6040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/57M-njyTL3pULrAhBWzpSx6Ljws.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/57M-njyTL3pULrAhBWzpSx6Ljws.mft
rsync://rpki.ripe.net/repository/DEFAULT/57M-njyTL3pULrAhBWzpSx6Ljws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:46:e9:ea:81:92:d0:f1:d0:1a:17:dc:b1:ab:91:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7b33e9e3c932f7a542eb021056ce94b1e8b8f0b
Validity
Not Before: Jan 26 10:18:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=801809a2f3140dfe3cb9f5cf66caa8096b11ac42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:33:ef:33:9a:c8:3d:30:82:94:0c:e9:41:9c:
9e:3c:23:ac:a4:bb:e0:04:be:89:89:41:62:0a:ad:
74:56:24:a6:06:4f:25:71:6c:17:a2:e9:40:de:14:
7c:bb:45:ea:fb:37:4f:f3:d3:4f:aa:af:32:9d:d1:
11:40:90:33:f5:e9:2d:bf:bc:cf:aa:b5:25:04:f4:
cc:28:42:52:27:b7:a0:3f:aa:26:b1:9d:ff:f8:9e:
67:0f:b9:63:fc:b2:1e:32:40:c0:34:5e:69:40:fc:
e4:1c:bb:23:29:68:2d:fb:f0:73:46:63:57:c6:3c:
f6:92:db:61:16:1d:aa:e9:a8:8b:f8:93:7e:8d:d2:
b5:cc:f3:49:c9:a2:1e:42:7b:21:52:b0:88:d0:33:
f9:cb:56:98:31:bf:da:b5:7f:80:ad:49:fa:c0:88:
36:fb:b2:d2:d5:e5:25:41:a8:1c:83:ff:e8:9b:19:
ce:f0:0b:20:02:43:ad:94:e4:1e:2f:47:2c:fb:5c:
23:6a:9b:ff:7e:d9:ea:8c:0e:ff:de:11:ea:f1:6f:
41:47:d2:22:88:eb:d2:25:63:aa:31:a7:1a:62:33:
18:67:15:06:0c:e6:d5:24:d9:a7:49:0b:b0:0a:c3:
c8:89:7e:e9:22:63:8f:fa:da:dc:ff:14:d9:bb:a4:
de:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:18:09:A2:F3:14:0D:FE:3C:B9:F5:CF:66:CA:A8:09:6B:11:AC:42
X509v3 Authority Key Identifier:
keyid:E7:B3:3E:9E:3C:93:2F:7A:54:2E:B0:21:05:6C:E9:4B:1E:8B:8F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/57M-njyTL3pULrAhBWzpSx6Ljws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/gBgJovMUDf48ufXPZsqoCWsRrEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/a5a175-8092-4c63-b038-2c4406b48941/1/57M-njyTL3pULrAhBWzpSx6Ljws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.32.0/21
109.196.41.0/24
109.196.43.0-109.196.44.255
109.196.46.0/23
193.31.76.0/22
IPv6:
2a0d:6040::/29
Signature Algorithm: sha256WithRSAEncryption
6d:73:a6:47:64:da:9b:7a:3a:4c:a5:f4:18:05:7e:29:f5:1a:
8a:92:7a:3d:3e:9a:5b:8d:cd:56:4a:af:55:58:83:85:a3:b0:
d5:48:76:4e:91:d6:5c:1c:d2:32:ff:d4:25:2a:0e:b6:ee:33:
0e:1f:29:32:a1:6f:8c:94:69:42:12:7a:eb:12:e1:d6:d9:1e:
b4:0f:8c:0e:2c:3b:a3:9e:e2:1d:b9:90:ac:ed:b3:01:72:ab:
6f:f1:ba:38:ad:2b:14:75:e9:a0:61:78:c6:6d:76:65:be:7b:
4a:89:16:06:bc:bb:d3:be:f7:b3:cc:74:cd:41:6f:99:de:29:
58:0a:77:56:ec:a1:a3:37:dd:03:32:86:7b:81:ff:3d:95:34:
c3:a2:02:ab:d2:4b:9d:64:22:c6:07:dd:69:76:e6:f6:61:7d:
5e:a7:1f:aa:16:75:73:a8:10:af:89:66:3a:7f:1f:65:cb:bd:
63:92:fa:8a:66:63:42:a6:5c:f8:82:13:17:b2:3a:24:f5:8b:
ea:39:c9:50:b7:d5:55:59:d3:f4:74:7b:bc:b4:8d:4c:db:f7:
de:ca:ef:25:ce:75:b4:96:2b:58:d2:bc:f0:6b:36:d0:58:db:
77:3e:7a:18:87:e4:c0:d9:88:4a:bb:ae:58:76:7f:71:5b:54:
82:40:f6:44
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY1FRunqgZLQ8dAaF9yxq5HqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3YjMzZTllM2M5MzJmN2E1NDJlYjAyMTA1NmNlOTRiMWU4
YjhmMGIwHhcNMjQwMTI2MTAxODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE4MDlhMmYzMTQwZGZlM2NiOWY1Y2Y2NmNhYTgwOTZiMTFhYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDPvM5rIPTCClAzpQZyePCOspLvg
BL6JiUFiCq10ViSmBk8lcWwXoulA3hR8u0Xq+zdP89NPqq8yndERQJAz9ektv7zP
qrUlBPTMKEJSJ7egP6omsZ3/+J5nD7lj/LIeMkDANF5pQPzkHLsjKWgt+/BzRmNX
xjz2ktthFh2q6aiL+JN+jdK1zPNJyaIeQnshUrCI0DP5y1aYMb/atX+ArUn6wIg2
+7LS1eUlQagcg//omxnO8AsgAkOtlOQeL0cs+1wjapv/ftnqjA7/3hHq8W9BR9Ii
iOvSJWOqMacaYjMYZxUGDObVJNmnSQuwCsPIiX7pImOP+trc/xTZu6Te4wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIAYCaLzFA3+PLn1z2bKqAlrEaxCMB8GA1UdIwQY
MBaAFOezPp48ky96VC6wIQVs6Usei48LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTdNLW5qeVRMM3BVTHJBaEJXenBTeDZMandzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9hNWExNzUtODA5Mi00YzYzLWIwMzgt
MmM0NDA2YjQ4OTQxLzEvZ0JnSm92TVVEZjQ4dWZYUFpzcW9DV3NSckVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9hNWExNzUtODA5Mi00YzYzLWIwMzgtMmM0NDA2YjQ4OTQx
LzEvNTdNLW5qeVRMM3BVTHJBaEJXenBTeDZMandzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDbcQgAwQA
bcQpMAwDBABtxCsDBABtxCwDBAFtxC4DBALBH0wwDQQCAAIwBwMFAyoNYEAwDQYJ
KoZIhvcNAQELBQADggEBAG1zpkdk2pt6Okyl9BgFfin1GoqSej0+mluNzVZKr1VY
g4WjsNVIdk6R1lwc0jL/1CUqDrbuMw4fKTKhb4yUaUISeusS4dbZHrQPjA4sO6Oe
4h25kKztswFyq2/xujitKxR16aBheMZtdmW+e0qJFga8u9O+97PMdM1Bb5neKVgK
d1bsoaM33QMyhnuB/z2VNMOiAqvSS51kIsYH3Wl25vZhfV6nH6oWdXOoEK+JZjp/
H2XLvWOS+opmY0KmXPiCExeyOiT1i+o5yVC31VVZ0/R0e7y0jUzb997K7yXOdbSW
K1jSvPBrNtBY23c+ehiH5MDZiEq7rlh2f3FbVIJA9kQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:28:40 2024 by rpki-client on console-ams.rpki-client.org