Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/cGU-6BFVEBoovwsnWJRDzRH5wLI.roa
File: cGU-6BFVEBoovwsnWJRDzRH5wLI.roa (raw, json)
Hash identifier: Jvk6dJVoXHMO7mLmHuHIncyTThaxV5N+IM+z5b5TWck=
Subject key identifier: 70:65:3E:E8:11:55:10:1A:28:BF:0B:27:58:94:43:CD:11:F9:C0:B2
Certificate issuer: /CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Certificate serial: 018D178C68A2CDC405F2FE1E8F084E3536B8
Authority key identifier: 3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/cGU-6BFVEBoovwsnWJRDzRH5wLI.roa
Signing time: Wed 17 Jan 2024 13:11:34 +0000
ROA not before: Wed 17 Jan 2024 13:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 86.36.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:8c:68:a2:cd:c4:05:f2:fe:1e:8f:08:4e:35:36:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Validity
Not Before: Jan 17 13:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70653ee81155101a28bf0b27589443cd11f9c0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bf:62:ee:03:c5:2d:e6:40:11:4e:99:52:2b:
b3:ab:ff:52:36:68:03:ed:4b:d6:13:80:0f:89:e3:
48:4c:69:45:d1:ba:67:2c:d4:b5:25:5c:c7:c9:3a:
c6:36:d1:9a:44:40:04:85:70:f8:b9:35:7c:d5:a6:
67:f2:7d:ac:22:79:4c:6f:eb:2e:93:be:bd:c0:d3:
ff:c0:bf:1f:96:da:0b:d7:28:26:50:c1:c2:68:41:
67:90:86:77:55:23:24:8a:d6:97:7a:42:47:12:f1:
0c:cb:3b:d8:ea:89:e5:78:4f:76:c8:16:4a:8e:d3:
3b:4d:59:06:a7:0c:df:e5:d1:ef:72:cb:8c:ad:bd:
54:a2:6d:fc:26:9e:a8:a6:8d:ee:e9:4f:16:6c:19:
7a:37:3b:4c:a4:fa:78:56:ae:77:d7:df:8e:eb:c9:
c5:af:04:b2:5b:20:4a:06:04:9e:23:78:fc:ce:60:
35:f9:64:89:5b:5d:ef:f3:20:fd:ac:c3:d3:25:95:
e1:88:8a:3b:e6:69:8b:be:df:50:7e:34:98:d9:8f:
1a:80:ee:0e:d9:07:4c:68:57:30:be:f3:a1:bf:4b:
3b:be:c7:bb:bc:7d:d9:ab:35:9b:24:24:66:10:73:
86:ae:39:21:57:29:0b:01:28:7f:8d:cc:f8:1c:78:
01:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:65:3E:E8:11:55:10:1A:28:BF:0B:27:58:94:43:CD:11:F9:C0:B2
X509v3 Authority Key Identifier:
keyid:3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/cGU-6BFVEBoovwsnWJRDzRH5wLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.36.20.0/22
Signature Algorithm: sha256WithRSAEncryption
47:cb:09:eb:b1:ed:be:63:48:1c:9a:07:75:2c:12:db:f6:14:
bb:4e:f5:e9:01:1d:24:96:58:32:f6:da:1e:38:e3:83:8d:a2:
53:eb:b3:4c:b7:07:b8:63:c1:84:5f:f9:f4:73:ac:ed:89:3e:
a7:1c:1b:07:a6:47:3c:47:f9:5d:85:5d:72:b7:0d:a1:84:e1:
f1:07:96:0e:0e:a5:9e:7c:8d:df:2f:fc:e3:e7:60:3f:a4:eb:
58:b2:46:a5:4b:7f:9b:13:ea:7b:4f:4c:a5:d3:18:20:2d:2c:
7e:bc:43:3d:37:6d:a7:25:6c:39:4b:b4:3a:16:d8:8b:f7:2f:
62:16:7c:15:3b:c6:e9:13:20:a2:59:d7:cf:d5:ae:a1:62:ef:
8a:e7:93:ad:06:51:2a:ca:bb:3a:be:c6:19:69:71:1e:c2:aa:
7d:a9:8c:b8:6f:c9:18:05:e0:b3:e1:4a:9e:02:f3:f1:c6:1c:
59:8f:d3:e5:9a:76:df:6d:5c:82:55:25:c6:01:78:4a:47:27:
6e:6f:d6:d4:68:bd:9a:2f:13:68:4c:25:1b:0d:cf:86:07:fd:
7a:40:18:1b:bc:51:8c:e9:9b:5d:c0:c7:aa:16:54:bc:cb:73:
7f:ad:78:bc:78:22:da:62:47:96:76:cd:57:64:f8:30:ed:85:
be:b8:c3:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0XjGiizcQF8v4ejwhONTa4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGQzZmIwNDRlYjFjMGExMWJlMDYwMmFjZWVmODhlNWY1
ZDJkZGYwHhcNMjQwMTE3MTMxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY1M2VlODExNTUxMDFhMjhiZjBiMjc1ODk0NDNjZDExZjljMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir9i7gPFLeZAEU6ZUiuzq/9SNmgD
7UvWE4APieNITGlF0bpnLNS1JVzHyTrGNtGaREAEhXD4uTV81aZn8n2sInlMb+su
k769wNP/wL8fltoL1ygmUMHCaEFnkIZ3VSMkitaXekJHEvEMyzvY6onleE92yBZK
jtM7TVkGpwzf5dHvcsuMrb1Uom38Jp6opo3u6U8WbBl6NztMpPp4Vq5319+O68nF
rwSyWyBKBgSeI3j8zmA1+WSJW13v8yD9rMPTJZXhiIo75mmLvt9QfjSY2Y8agO4O
2QdMaFcwvvOhv0s7vse7vH3ZqzWbJCRmEHOGrjkhVykLASh/jcz4HHgBFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBlPugRVRAaKL8LJ1iUQ80R+cCyMB8GA1UdIwQY
MBaAFDxNP7BE6xwKEb4GAqzu+I5fXS3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEt
YjE4NGUzZjRiNTBlLzEvY0dVLTZCRlZFQm9vdndzbldKUkR6Ukg1d0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEtYjE4NGUzZjRiNTBl
LzEvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCViQUMA0G
CSqGSIb3DQEBCwUAA4IBAQBHywnrse2+Y0gcmgd1LBLb9hS7TvXpAR0kllgy9toe
OOODjaJT67NMtwe4Y8GEX/n0c6ztiT6nHBsHpkc8R/ldhV1ytw2hhOHxB5YODqWe
fI3fL/zj52A/pOtYskalS3+bE+p7T0yl0xggLSx+vEM9N22nJWw5S7Q6FtiL9y9i
FnwVO8bpEyCiWdfP1a6hYu+K55OtBlEqyrs6vsYZaXEewqp9qYy4b8kYBeCz4Uqe
AvPxxhxZj9PlmnbfbVyCVSXGAXhKRydub9bUaL2aLxNoTCUbDc+GB/16QBgbvFGM
6ZtdwMeqFlS8y3N/rXi8eCLaYkeWds1XZPgw7YW+uMOg
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:59 2024 by rpki-client on console-ams.rpki-client.org