Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/gbH6HcKKBlmZtU4rXumDA2xre6I.roa
File: gbH6HcKKBlmZtU4rXumDA2xre6I.roa (raw, json)
Hash identifier: mTwiNx0B1ajMybwPn5EhsJaS+TdNmLuKPGPut0aYFjs=
Subject key identifier: 81:B1:FA:1D:C2:8A:06:59:99:B5:4E:2B:5E:E9:83:03:6C:6B:7B:A2
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018EC228E237C023CE01DBC2495AAC2605C7
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/gbH6HcKKBlmZtU4rXumDA2xre6I.roa
Signing time: Tue 09 Apr 2024 09:20:42 +0000
ROA not before: Tue 09 Apr 2024 09:20:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:28:e2:37:c0:23:ce:01:db:c2:49:5a:ac:26:05:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Apr 9 09:20:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81b1fa1dc28a065999b54e2b5ee983036c6b7ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5e:8f:e9:5b:0f:33:50:26:18:7a:02:9e:da:
ad:6f:25:d5:6b:e2:22:0e:0c:f1:f8:90:47:35:3b:
f8:47:fb:aa:8c:8f:e2:e3:44:20:df:86:e7:cf:66:
70:38:62:93:c5:43:b6:f2:a1:69:58:63:e4:d7:1f:
eb:30:b5:5d:49:e5:3a:83:b6:76:60:89:5e:f8:68:
21:f8:b3:8e:19:72:75:b7:89:9e:b7:00:b7:7b:10:
f8:b6:81:8d:30:11:47:2d:65:47:35:65:27:23:0b:
bf:f3:94:47:15:56:53:1c:bf:9e:80:70:06:81:4b:
8b:cb:9c:98:98:33:03:b9:a2:68:e8:b8:ea:55:c1:
ce:c6:68:3e:23:21:ad:14:1e:a4:e1:cf:b8:db:76:
ce:b4:b7:6a:1e:c8:8c:30:87:e0:b0:3e:b1:08:40:
ba:fa:fe:d9:5b:5d:51:25:00:61:93:08:22:6c:2f:
43:22:1f:21:b4:f5:33:9a:76:ff:58:ba:e1:88:fd:
4d:55:43:ea:e0:2f:eb:ed:1d:4f:8d:c4:56:f9:59:
83:57:0b:94:df:7b:3e:11:94:33:8a:07:55:7c:e8:
7b:fe:88:10:bc:28:a5:5e:10:45:9f:e4:e0:e7:7c:
64:0e:56:a2:bc:bf:fe:dd:38:7a:4d:d1:ae:13:ef:
d1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B1:FA:1D:C2:8A:06:59:99:B5:4E:2B:5E:E9:83:03:6C:6B:7B:A2
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/gbH6HcKKBlmZtU4rXumDA2xre6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
Signature Algorithm: sha256WithRSAEncryption
29:f6:4f:c5:86:da:6a:dd:c2:40:b9:ab:cc:9e:f1:5f:6a:09:
e8:3f:50:38:02:50:38:d1:b7:aa:23:bd:5b:ac:8b:7e:37:b0:
ac:89:f2:ff:7c:92:38:b8:66:46:10:b1:f6:44:f0:7d:2b:43:
2a:b6:77:79:1c:07:1e:b4:a9:12:98:f2:e2:a1:38:ad:1c:b7:
d1:11:87:cb:ed:b4:aa:72:7e:9f:2f:9c:cb:c9:22:d7:26:20:
e7:91:c2:70:d4:63:71:f3:27:85:0a:30:44:47:d6:e9:a4:37:
e0:c3:a7:9d:ce:32:a9:95:e6:2f:57:f2:ba:75:38:91:8d:cc:
24:b6:21:93:b4:4d:0e:35:30:de:12:86:e8:ea:ec:0d:45:8c:
c3:52:04:89:8b:54:5d:48:1f:59:e4:25:d3:4f:33:3f:31:ad:
de:36:de:90:eb:f0:42:e4:b1:f4:89:ca:d9:c3:a3:0b:2a:a0:
08:f6:f9:fe:19:8f:bd:42:71:55:d2:dd:87:61:5a:19:91:7f:
f6:5a:a7:18:3f:0c:93:78:5d:7c:5a:38:0f:70:c0:98:ee:42:
12:4f:3f:88:b3:33:2f:4e:fa:0f:e3:cb:c5:fa:71:a0:51:1b:
d9:0c:22:7d:5f:61:8f:59:e0:79:a8:ef:31:2a:75:7c:d2:2a:
ad:d0:cc:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7CKOI3wCPOAdvCSVqsJgXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwNDA5MDkyMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWIxZmExZGMyOGEwNjU5OTliNTRlMmI1ZWU5ODMwMzZjNmI3YmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk16P6VsPM1AmGHoCntqtbyXVa+Ii
Dgzx+JBHNTv4R/uqjI/i40Qg34bnz2ZwOGKTxUO28qFpWGPk1x/rMLVdSeU6g7Z2
YIle+Ggh+LOOGXJ1t4metwC3exD4toGNMBFHLWVHNWUnIwu/85RHFVZTHL+egHAG
gUuLy5yYmDMDuaJo6LjqVcHOxmg+IyGtFB6k4c+423bOtLdqHsiMMIfgsD6xCEC6
+v7ZW11RJQBhkwgibC9DIh8htPUzmnb/WLrhiP1NVUPq4C/r7R1PjcRW+VmDVwuU
33s+EZQzigdVfOh7/ogQvCilXhBFn+Tg53xkDlaivL/+3Th6TdGuE+/R3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGx+h3CigZZmbVOK17pgwNsa3uiMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZ2JINkhjS0tCbG1adFU0clh1bURBMnhyZTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH6owAwQG
XkqAMA0GCSqGSIb3DQEBCwUAA4IBAQAp9k/Fhtpq3cJAuavMnvFfagnoP1A4AlA4
0beqI71brIt+N7CsifL/fJI4uGZGELH2RPB9K0Mqtnd5HAcetKkSmPLioTitHLfR
EYfL7bSqcn6fL5zLySLXJiDnkcJw1GNx8yeFCjBER9bppDfgw6edzjKpleYvV/K6
dTiRjcwktiGTtE0ONTDeEobo6uwNRYzDUgSJi1RdSB9Z5CXTTzM/Ma3eNt6Q6/BC
5LH0icrZw6MLKqAI9vn+GY+9QnFV0t2HYVoZkX/2WqcYPwyTeF18WjgPcMCY7kIS
Tz+IszMvTvoP48vF+nGgURvZDCJ9X2GPWeB5qO8xKnV80iqt0Mzq
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:46 2024 by rpki-client on console-ams.rpki-client.org