Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/Cg9jnniW3hl5JJn2PxWRGeld7Mg.roa
File: Cg9jnniW3hl5JJn2PxWRGeld7Mg.roa (raw, json)
Hash identifier: R1Lw2M1Vj/8FcJ6CiGZdiX2llgLpA0gjO63OfdAJeJI=
Subject key identifier: 0A:0F:63:9E:78:96:DE:19:79:24:99:F6:3F:15:91:19:E9:5D:EC:C8
Certificate issuer: /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial: 018EF569F5E9839A262A70FC5EDD1EE09D84
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/Cg9jnniW3hl5JJn2PxWRGeld7Mg.roa
Signing time: Fri 19 Apr 2024 08:12:25 +0000
ROA not before: Fri 19 Apr 2024 08:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198668
IP address blocks: 176.119.192.0/24 maxlen: 24
185.87.140.0/22 maxlen: 22
185.243.172.0/22 maxlen: 22
2a05:aa00::/29 maxlen: 29
2a0d:1880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:69:f5:e9:83:9a:26:2a:70:fc:5e:dd:1e:e0:9d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
Validity
Not Before: Apr 19 08:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a0f639e7896de19792499f63f159119e95decc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3b:0b:3f:0c:41:7f:ac:de:22:73:55:7c:ae:
20:2b:91:5c:e2:43:34:3d:bb:f1:6f:3d:10:b7:2b:
f5:85:aa:01:0d:02:e5:87:df:90:f9:66:e2:9a:a8:
b7:65:9b:0e:bd:7d:9d:27:41:f0:75:a8:39:f1:2d:
53:72:2c:fa:55:0b:2a:b1:ca:1d:d3:1c:66:64:59:
9d:f1:85:d4:01:1f:06:9c:de:9f:79:53:2b:4d:53:
b7:a2:d9:67:e2:a8:70:b6:3c:28:5b:09:87:61:02:
36:63:2c:40:a2:0c:f3:0a:fb:b3:44:df:42:59:5e:
80:f5:0c:af:07:3a:be:6a:4d:eb:74:8c:73:52:85:
7b:9f:46:5e:fa:c2:8a:d5:21:33:7c:a0:6b:28:b0:
74:88:b5:8f:dd:21:ec:f7:38:cf:fa:ef:4d:cf:46:
90:a0:ab:e9:1e:87:29:84:19:a8:73:19:b2:3a:23:
4f:40:e1:84:18:ab:12:bf:ef:ba:81:39:e0:8f:00:
88:c8:60:45:95:d9:34:a4:9e:a2:83:ab:76:28:5a:
d3:c4:93:fa:07:be:83:67:90:57:fb:5b:9c:f7:a4:
86:a1:b4:62:7f:cc:2e:bf:d6:cc:d0:19:b1:59:6d:
07:ce:0a:b2:e8:13:23:a1:00:9e:23:3a:c9:62:f5:
3f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:0F:63:9E:78:96:DE:19:79:24:99:F6:3F:15:91:19:E9:5D:EC:C8
X509v3 Authority Key Identifier:
keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/Cg9jnniW3hl5JJn2PxWRGeld7Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.192.0/24
185.87.140.0/22
185.243.172.0/22
IPv6:
2a05:aa00::/29
2a0d:1880::/29
Signature Algorithm: sha256WithRSAEncryption
26:d9:20:18:48:f6:5d:29:dc:88:22:7d:dd:ed:57:f1:1c:25:
b6:d8:82:13:53:f6:e1:4e:d7:70:f6:f9:19:ce:23:64:8b:dc:
0e:f0:0f:ae:5c:16:e2:e5:45:be:83:7a:c1:4c:a4:5a:a6:46:
a3:c6:34:3d:79:03:75:03:be:eb:d1:e9:36:fb:b5:97:16:ea:
79:c3:f5:ba:6a:ce:1e:52:b9:76:27:e8:98:13:50:5b:6b:69:
27:92:cc:63:2f:2b:17:e3:4e:08:e4:4e:24:c3:1a:40:62:fc:
c8:ef:15:15:72:4a:65:d2:c1:15:52:65:df:48:89:42:f0:2b:
da:6d:45:60:fb:bd:c6:2a:bb:83:13:79:9d:06:28:0e:67:e2:
e5:0f:d9:2b:2b:62:76:b3:52:b5:ce:38:f3:cc:aa:8b:44:d0:
5c:31:fa:ed:3f:ec:d3:36:b8:9e:47:36:c7:31:d9:9d:76:75:
e6:10:a6:77:e4:7f:21:1c:8b:0b:91:d3:8d:04:6f:2e:fc:b6:
1b:3a:b6:66:fe:57:20:92:5b:e0:84:36:7d:81:ae:fe:2d:19:
21:c8:0e:3f:31:3e:29:1b:c3:73:f5:ce:4a:01:42:ad:25:28:
6f:b2:d1:94:89:c2:bf:cf:ed:32:54:3c:ed:01:26:f5:36:b4:
15:0f:d8:72
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY71afXpg5omKnD8Xt0e4J2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjQwNDE5MDgxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTBmNjM5ZTc4OTZkZTE5NzkyNDk5ZjYzZjE1OTExOWU5NWRlY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojsLPwxBf6zeInNVfK4gK5Fc4kM0
Pbvxbz0Qtyv1haoBDQLlh9+Q+Wbimqi3ZZsOvX2dJ0Hwdag58S1Tciz6VQsqscod
0xxmZFmd8YXUAR8GnN6feVMrTVO3otln4qhwtjwoWwmHYQI2YyxAogzzCvuzRN9C
WV6A9QyvBzq+ak3rdIxzUoV7n0Ze+sKK1SEzfKBrKLB0iLWP3SHs9zjP+u9Nz0aQ
oKvpHocphBmocxmyOiNPQOGEGKsSv++6gTngjwCIyGBFldk0pJ6ig6t2KFrTxJP6
B76DZ5BX+1uc96SGobRif8wuv9bM0BmxWW0Hzgqy6BMjoQCeIzrJYvU/zwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAoPY554lt4ZeSSZ9j8VkRnpXezIMB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xL0NnOWpubmlXM2hsNUpKbjJQeFdSR2VsZDdNZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQQYIKwYBBQUHAQcBAf8EMjAwMBgEAgABMBIDBACwd8AD
BAK5V4wDBAK586wwFAQCAAIwDgMFAyoFqgADBQMqDRiAMA0GCSqGSIb3DQEBCwUA
A4IBAQAm2SAYSPZdKdyIIn3d7VfxHCW22IITU/bhTtdw9vkZziNki9wO8A+uXBbi
5UW+g3rBTKRapkajxjQ9eQN1A77r0ek2+7WXFup5w/W6as4eUrl2J+iYE1Bba2kn
ksxjLysX404I5E4kwxpAYvzI7xUVckpl0sEVUmXfSIlC8CvabUVg+73GKruDE3md
BigOZ+LlD9krK2J2s1K1zjjzzKqLRNBcMfrtP+zTNrieRzbHMdmddnXmEKZ35H8h
HIsLkdONBG8u/LYbOrZm/lcgklvghDZ9ga7+LRkhyA4/MT4pG8Nz9c5KAUKtJShv
stGUicK/z+0yVDztASb1NrQVD9hy
-----END CERTIFICATE-----
Generated at Sun May 26 08:29:14 2024 by rpki-client on console-ams.rpki-client.org