Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/2gmmvuFlRhOZLHqOMiz56fV8jss.roa
File: 2gmmvuFlRhOZLHqOMiz56fV8jss.roa (raw, json)
Hash identifier: /evxrOguyJ4XordpyBySMjBh9YL47E7QN+T4npofl8M=
Subject key identifier: DA:09:A6:BE:E1:65:46:13:99:2C:7A:8E:32:2C:F9:E9:F5:7C:8E:CB
Certificate issuer: /CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Certificate serial: 018CC4250F6CB30ECABC642A5B3CB37C0B78
Authority key identifier: F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/2gmmvuFlRhOZLHqOMiz56fV8jss.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34225
IP address blocks: 185.48.92.0/22 maxlen: 22
193.138.164.0/22 maxlen: 22
91.184.32.0/20 maxlen: 20
2a01:198::/32 maxlen: 32
2001:67c:20e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0f:6c:b3:0e:ca:bc:64:2a:5b:3c:b3:7c:0b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da09a6bee1654613992c7a8e322cf9e9f57c8ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e9:2b:aa:60:4c:04:e6:f3:a6:d4:fd:28:e6:
c9:26:6f:33:aa:cb:c7:af:d9:7e:d2:20:70:30:b3:
cc:a2:c4:c9:4b:26:ba:8d:c4:ea:2b:d7:2d:2d:ab:
70:d4:92:59:b7:f3:19:67:00:67:f3:27:fc:9f:93:
0e:e7:9c:75:58:de:f2:13:f0:04:de:86:8b:2c:0f:
0b:c0:a9:c7:bf:92:b4:6d:68:8c:81:98:21:a7:ac:
3c:e2:28:15:0e:c3:e8:b3:11:fc:f4:d2:78:05:c3:
e2:b4:7e:77:75:b7:94:6e:f9:49:19:ae:5d:ec:9c:
02:62:b6:dd:06:80:59:1a:06:c8:95:de:76:33:d0:
30:fa:ef:e2:dc:8b:eb:46:ab:f2:2b:0f:cf:d1:0a:
ca:24:9b:72:ab:1b:fe:ac:5c:18:45:8e:1b:4e:39:
22:f2:43:6a:61:74:9f:fd:ff:a8:47:b8:0b:46:21:
84:88:7d:52:f9:a6:d9:2b:00:bb:b9:3f:44:ec:3b:
d2:23:cb:e6:37:12:34:27:c4:a1:f3:02:44:fa:bc:
c8:60:f4:18:66:de:46:84:43:7a:93:af:32:38:46:
52:c6:2c:f8:60:25:86:1c:74:f1:dd:37:fd:42:62:
65:51:8e:75:80:9f:d1:5b:6b:43:d3:0e:a3:ba:bc:
15:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:09:A6:BE:E1:65:46:13:99:2C:7A:8E:32:2C:F9:E9:F5:7C:8E:CB
X509v3 Authority Key Identifier:
keyid:F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/2gmmvuFlRhOZLHqOMiz56fV8jss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.32.0/20
185.48.92.0/22
193.138.164.0/22
IPv6:
2001:67c:20e0::/48
2a01:198::/32
Signature Algorithm: sha256WithRSAEncryption
b6:81:b5:25:7e:1e:a1:63:86:c3:0b:60:6b:93:f2:f3:37:be:
22:68:2a:5d:66:a0:5b:a7:35:78:23:de:17:cd:86:93:94:9d:
ae:1e:12:a1:0f:de:16:84:62:8b:72:81:d8:ff:2a:ca:6b:5d:
3e:b3:b4:a2:cb:9d:f0:d5:75:97:e8:fc:48:d2:13:1d:5d:90:
d1:f6:64:6a:60:f8:3a:44:35:e3:8f:48:a2:c1:ae:59:6b:e7:
2d:54:64:a5:b0:b8:e1:7b:da:09:44:b3:82:81:87:7c:4a:3b:
3a:6d:69:91:e1:dd:d5:ca:0d:dc:d0:44:4e:09:a2:eb:bb:c7:
a5:4a:dc:e9:04:bc:ab:af:70:8e:87:7a:02:6e:f2:13:cc:f4:
b3:97:06:de:a9:66:19:61:62:78:c2:7c:54:0f:f0:2e:fa:86:
6d:a5:be:a1:14:a8:e6:d8:ea:58:18:6c:db:6d:e5:ff:c4:d8:
1b:38:97:10:ca:1b:c0:cc:65:75:c5:c6:15:c9:a2:5b:39:81:
f2:bf:1b:05:90:a2:78:9d:87:a7:1d:99:47:9a:ed:f2:0f:7f:
3c:01:3f:2c:a6:0d:40:62:cb:8d:73:9c:e6:58:cd:f3:63:3b:
56:40:bf:17:94:29:3e:07:ed:36:1d:de:81:26:dc:8c:da:22:
c2:e6:f8:8d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEJQ9ssw7KvGQqWzyzfAt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NGRmMmY4ZjVhMTNjNjQ1MzY4OTE0ZTNkYmU0MmEyNGEz
NmRhNWQwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA5YTZiZWUxNjU0NjEzOTkyYzdhOGUzMjJjZjllOWY1N2M4ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkekrqmBMBObzptT9KObJJm8zqsvH
r9l+0iBwMLPMosTJSya6jcTqK9ctLatw1JJZt/MZZwBn8yf8n5MO55x1WN7yE/AE
3oaLLA8LwKnHv5K0bWiMgZghp6w84igVDsPosxH89NJ4BcPitH53dbeUbvlJGa5d
7JwCYrbdBoBZGgbIld52M9Aw+u/i3IvrRqvyKw/P0QrKJJtyqxv+rFwYRY4bTjki
8kNqYXSf/f+oR7gLRiGEiH1S+abZKwC7uT9E7DvSI8vmNxI0J8Sh8wJE+rzIYPQY
Zt5GhEN6k68yOEZSxiz4YCWGHHTx3Tf9QmJlUY51gJ/RW2tD0w6jurwVDQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNoJpr7hZUYTmSx6jjIs+en1fI7LMB8GA1UdIwQY
MBaAFPlN8vj1oTxkU2iRTj2+QqJKNtpdMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1VM3ktUFdoUEdSVGFKRk9QYjVDb2tvMjJsMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRk
LTY2YmRmZmE4YmRjMS8xLzJnbW12dUZsUmhPWkxIcU9NaXo1NmZWOGpzcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRkLTY2YmRmZmE4YmRj
MS8xLzEtVTN5LVBXaFBHUlRhSkZPUGI1Q29rbzIybDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMBgEAgABMBIDBARbuCAD
BAK5MFwDBALBiqQwFgQCAAIwEAMHACABBnwg4AMFACoBAZgwDQYJKoZIhvcNAQEL
BQADggEBALaBtSV+HqFjhsMLYGuT8vM3viJoKl1moFunNXgj3hfNhpOUna4eEqEP
3haEYotygdj/KsprXT6ztKLLnfDVdZfo/EjSEx1dkNH2ZGpg+DpENeOPSKLBrllr
5y1UZKWwuOF72glEs4KBh3xKOzptaZHh3dXKDdzQRE4Jouu7x6VK3OkEvKuvcI6H
egJu8hPM9LOXBt6pZhlhYnjCfFQP8C76hm2lvqEUqObY6lgYbNtt5f/E2Bs4lxDK
G8DMZXXFxhXJols5gfK/GwWQonidh6cdmUea7fIPfzwBPyymDUBiy41znOZYzfNj
O1ZAvxeUKT4H7TYd3oEm3IzaIsLm+I0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:53:37 2024 by rpki-client on console-ams.rpki-client.org