Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/GwnHJX0SDZg_CHKQkNmpfefWv0c.roa
File: GwnHJX0SDZg_CHKQkNmpfefWv0c.roa (raw, json)
Hash identifier: tGcXq3BEazr1SVXx1gLB66SUB8MhQm1GzJbYHPbzOWw=
Subject key identifier: 1B:09:C7:25:7D:12:0D:98:3F:08:72:90:90:D9:A9:7D:E7:D6:BF:47
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 019353A03B7319E68EB9837C1F2C61B31128
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/GwnHJX0SDZg_CHKQkNmpfefWv0c.roa
Signing time: Fri 22 Nov 2024 11:27:10 +0000
ROA not before: Fri 22 Nov 2024 11:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 2a0e:d785::/32 maxlen: 48
2a0e:d786::/32 maxlen: 48
2a11:f881::/32 maxlen: 48
2a11:f882::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:a0:3b:73:19:e6:8e:b9:83:7c:1f:2c:61:b3:11:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Nov 22 11:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b09c7257d120d983f08729090d9a97de7d6bf47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7b:4d:36:c1:99:05:70:7a:4f:ba:73:32:26:
8c:e4:3c:36:ac:e9:eb:5b:40:b1:42:98:bf:90:01:
82:40:78:65:aa:be:d3:79:d2:10:e8:e3:41:5d:58:
e7:31:a9:fa:99:1d:c8:70:70:55:84:b2:c2:f9:82:
f4:59:de:c4:a0:64:99:c5:b4:ef:d8:9f:a1:1c:72:
0e:9e:a3:eb:85:2d:f2:d8:1e:7a:f2:14:fd:6e:98:
39:96:27:3e:88:8a:86:bc:b8:81:11:14:4d:c3:68:
c3:7f:5d:6f:fe:7e:05:99:a8:1f:ff:8b:12:87:2b:
6b:5f:fd:2a:94:81:a8:eb:eb:60:a0:f8:2d:22:7d:
85:cf:25:79:fa:7b:43:17:8e:20:8f:3f:a1:6d:a0:
c3:48:e4:57:b8:49:be:91:79:07:c2:07:b9:8e:a6:
80:e9:43:0f:d6:b7:bf:9e:d6:ec:9f:35:74:5b:c9:
d4:af:1d:c6:ea:a8:c1:9c:fd:8a:3f:da:02:6c:bd:
3e:47:a5:16:5e:88:42:89:c5:4d:3a:24:d3:68:72:
78:fd:a8:0f:e0:f0:06:4b:fa:30:64:04:9d:b9:b4:
fa:25:c0:83:b7:b3:7e:71:e7:aa:fc:ca:7c:17:bd:
94:f5:e3:35:ab:f8:c0:d0:93:fe:66:3d:49:be:fb:
81:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:09:C7:25:7D:12:0D:98:3F:08:72:90:90:D9:A9:7D:E7:D6:BF:47
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/GwnHJX0SDZg_CHKQkNmpfefWv0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d785::-2a0e:d786:ffff:ffff:ffff:ffff:ffff:ffff
2a11:f881::-2a11:f882:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:a7:00:3e:0e:bc:23:47:c9:ac:9e:eb:86:4b:f5:73:1f:4b:
5b:2d:85:6c:cc:c1:15:b2:92:aa:4e:94:de:59:c8:9d:d8:27:
f2:f4:c7:00:b0:4e:11:cd:ed:e7:70:9a:ef:e2:a4:87:60:e9:
ad:1e:23:ef:e0:99:25:55:e0:ba:ee:70:5f:1b:a1:59:48:86:
85:23:92:32:5f:09:ce:32:3e:8d:a3:e1:2e:a9:72:c4:b2:38:
cb:5c:1f:8b:bc:d2:89:77:51:1f:f7:bb:51:e3:24:9e:1f:86:
09:15:fa:ce:c9:02:94:b9:f0:50:d5:54:86:cd:63:02:27:b3:
6e:2b:c4:3a:64:2a:28:fb:1a:55:bd:5b:ad:7a:b6:f1:a1:79:
a8:91:12:67:ea:dd:f0:23:a2:ff:9c:5f:37:2a:22:c8:01:66:
46:59:28:72:29:75:43:69:5c:03:13:7a:b9:a9:08:c9:dc:d4:
ea:44:b3:e6:1f:f8:41:61:9d:be:87:29:95:e4:11:c8:c6:c2:
eb:af:08:e3:3c:a8:69:4c:88:fd:8b:40:5d:8e:b8:7e:d7:67:
b9:5e:ae:66:12:8c:19:4c:0c:4a:cb:30:6f:e7:7e:64:43:d6:
1f:4b:72:46:af:6f:1b:6e:e4:5f:60:69:47:80:43:7f:17:5f:
5e:88:25:e5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNToDtzGeaOuYN8HyxhsxEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQxMTIyMTEyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjA5YzcyNTdkMTIwZDk4M2YwODcyOTA5MGQ5YTk3ZGU3ZDZiZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHtNNsGZBXB6T7pzMiaM5Dw2rOnr
W0CxQpi/kAGCQHhlqr7TedIQ6ONBXVjnMan6mR3IcHBVhLLC+YL0Wd7EoGSZxbTv
2J+hHHIOnqPrhS3y2B568hT9bpg5lic+iIqGvLiBERRNw2jDf11v/n4Fmagf/4sS
hytrX/0qlIGo6+tgoPgtIn2FzyV5+ntDF44gjz+hbaDDSORXuEm+kXkHwge5jqaA
6UMP1re/ntbsnzV0W8nUrx3G6qjBnP2KP9oCbL0+R6UWXohCicVNOiTTaHJ4/agP
4PAGS/owZASdubT6JcCDt7N+ceeq/Mp8F72U9eM1q/jA0JP+Zj1JvvuB/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBsJxyV9Eg2YPwhykJDZqX3n1r9HMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvR3duSEpYMFNEWmdfQ0hLUWtObXBmZWZXdjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgMA4DBQAqDteF
AwUAKg7XhjAOAwUAKhH4gQMFACoR+IIwDQYJKoZIhvcNAQELBQADggEBAKunAD4O
vCNHyaye64ZL9XMfS1sthWzMwRWykqpOlN5ZyJ3YJ/L0xwCwThHN7edwmu/ipIdg
6a0eI+/gmSVV4LrucF8boVlIhoUjkjJfCc4yPo2j4S6pcsSyOMtcH4u80ol3UR/3
u1HjJJ4fhgkV+s7JApS58FDVVIbNYwIns24rxDpkKij7GlW9W616tvGheaiREmfq
3fAjov+cXzcqIsgBZkZZKHIpdUNpXAMTermpCMnc1OpEs+Yf+EFhnb6HKZXkEcjG
wuuvCOM8qGlMiP2LQF2OuH7XZ7lermYSjBlMDErLMG/nfmRD1h9Lckavbxtu5F9g
aUeAQ38XX16IJeU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:25 2024 by rpki-client on console-fra.rpki-client.org