Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/gwFagO3zjmpFMj-I0nnjoysnyIE.roa
File: gwFagO3zjmpFMj-I0nnjoysnyIE.roa (raw, json)
Hash identifier: QNhOs2adQ7HfjWcbipcwz+tSkNX0pyW/pcnW3bpg33M=
Subject key identifier: 83:01:5A:80:ED:F3:8E:6A:45:32:3F:88:D2:79:E3:A3:2B:27:C8:81
Certificate issuer: /CN=1aac7db5193c1b3b7487e847d41a383ed5b26671
Certificate serial: 018FE6C259C90F080C9BD12BCDC1D6260EFA
Authority key identifier: 1A:AC:7D:B5:19:3C:1B:3B:74:87:E8:47:D4:1A:38:3E:D5:B2:66:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/gwFagO3zjmpFMj-I0nnjoysnyIE.roa
Signing time: Wed 05 Jun 2024 04:57:27 +0000
ROA not before: Wed 05 Jun 2024 04:57:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210991
IP address blocks: 195.66.96.0/24 maxlen: 24
2a12:7940::/29 maxlen: 29
2a12:7940:1::/48 maxlen: 48
2a12:7940:2::/48 maxlen: 48
2a12:7940:5::/48 maxlen: 48
2a12:7940:6::/48 maxlen: 48
2a12:7940:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e6:c2:59:c9:0f:08:0c:9b:d1:2b:cd:c1:d6:26:0e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aac7db5193c1b3b7487e847d41a383ed5b26671
Validity
Not Before: Jun 5 04:57:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83015a80edf38e6a45323f88d279e3a32b27c881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:91:b4:c0:de:cf:1b:ef:fa:26:7d:dd:17:4c:
49:a2:f4:87:f1:13:9a:08:03:d1:af:ea:f1:cf:ef:
72:0f:a0:31:33:b2:9f:70:79:ba:f7:e6:39:6b:20:
3a:eb:96:67:6f:1d:3d:46:f5:8b:7a:61:f4:c9:1a:
0d:54:80:5d:ab:e2:9a:ad:2b:e5:38:c7:02:d4:68:
f4:0f:7f:ec:c0:eb:2f:5d:91:8c:b0:e3:a1:b0:86:
c0:8b:23:47:6d:60:1f:6f:7a:5f:0a:4e:4f:f6:af:
62:a6:8c:e7:54:ab:6e:d8:ba:59:9b:d3:9c:0a:8a:
3f:e1:57:19:50:7c:10:82:4f:61:34:58:b8:ec:d8:
64:7c:c2:bf:38:b3:11:a5:71:26:71:25:94:32:89:
71:7b:57:15:3e:5e:af:fb:db:42:85:c7:1d:4c:3a:
6f:a7:e5:b5:31:96:ae:22:9f:bc:c4:2a:02:93:33:
f4:7a:6e:18:69:8a:ad:56:73:e2:59:da:04:56:6e:
ea:58:31:4a:f5:3e:ec:3b:a4:c7:84:ef:75:1e:49:
cd:b8:2a:49:b4:2f:2f:99:db:0d:55:61:d2:dc:6b:
f3:36:27:45:ce:5e:d2:62:3e:05:fd:a4:31:81:32:
be:ae:a7:54:47:8d:c8:4b:80:24:d9:cc:66:ca:a9:
7e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:01:5A:80:ED:F3:8E:6A:45:32:3F:88:D2:79:E3:A3:2B:27:C8:81
X509v3 Authority Key Identifier:
keyid:1A:AC:7D:B5:19:3C:1B:3B:74:87:E8:47:D4:1A:38:3E:D5:B2:66:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/gwFagO3zjmpFMj-I0nnjoysnyIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e6f1a4-a43e-47bd-a178-c36a96c04177/1/Gqx9tRk8Gzt0h-hH1Bo4PtWyZnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.96.0/24
IPv6:
2a12:7940::/29
Signature Algorithm: sha256WithRSAEncryption
66:30:c7:27:2d:81:51:d6:30:01:45:c5:2c:9a:f5:95:ce:e3:
99:cd:98:54:a4:00:94:f8:a2:8c:79:04:b5:89:2d:a2:a3:f7:
57:57:d7:c3:03:f4:93:e1:89:f1:81:38:93:49:84:85:36:07:
77:70:d0:e6:f8:72:9c:10:6b:1c:55:94:55:12:6e:b1:fc:af:
de:7d:d0:15:f5:47:f7:a0:26:39:a8:30:54:4b:8b:4b:4d:aa:
9f:b4:33:7d:17:0f:de:1a:7e:cd:98:b0:e5:2b:09:18:9b:a4:
85:cd:55:8d:79:ee:96:e4:e2:ce:29:fb:22:5e:6e:32:17:92:
76:43:be:5a:d8:ed:97:da:5b:e3:9a:83:bd:b9:ff:06:b9:af:
29:ea:34:ef:79:06:a7:38:a7:8e:4e:aa:df:d1:6f:92:ef:89:
b2:ec:8c:1f:01:6e:3d:f7:bf:0e:a3:3e:87:00:a8:fa:a9:fa:
98:99:00:49:ba:4b:ea:93:e8:ab:3e:8c:40:e6:85:3e:9f:d4:
3d:42:87:79:b4:f2:cc:b8:74:86:d0:29:5d:ce:1e:5e:c7:52:
5c:c2:1b:8e:1d:c2:70:ba:34:12:cf:26:00:49:1b:0b:75:d6:
81:03:02:93:24:b0:ff:31:e3:cc:bd:65:a6:74:bb:1c:55:7c:
fc:3e:24:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/mwlnJDwgMm9ErzcHWJg76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYWM3ZGI1MTkzYzFiM2I3NDg3ZTg0N2Q0MWEzODNlZDVi
MjY2NzEwHhcNMjQwNjA1MDQ1NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAxNWE4MGVkZjM4ZTZhNDUzMjNmODhkMjc5ZTNhMzJiMjdjODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJG0wN7PG+/6Jn3dF0xJovSH8ROa
CAPRr+rxz+9yD6AxM7KfcHm69+Y5ayA665Znbx09RvWLemH0yRoNVIBdq+KarSvl
OMcC1Gj0D3/swOsvXZGMsOOhsIbAiyNHbWAfb3pfCk5P9q9ipoznVKtu2LpZm9Oc
Coo/4VcZUHwQgk9hNFi47NhkfMK/OLMRpXEmcSWUMolxe1cVPl6v+9tChccdTDpv
p+W1MZauIp+8xCoCkzP0em4YaYqtVnPiWdoEVm7qWDFK9T7sO6THhO91HknNuCpJ
tC8vmdsNVWHS3GvzNidFzl7SYj4F/aQxgTK+rqdUR43IS4Ak2cxmyql+5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIMBWoDt845qRTI/iNJ546MrJ8iBMB8GA1UdIwQY
MBaAFBqsfbUZPBs7dIfoR9QaOD7VsmZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3F4OXRSazhHenQwaC1oSDFCbzRQdFd5Wm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lNmYxYTQtYTQzZS00N2JkLWExNzgt
YzM2YTk2YzA0MTc3LzEvZ3dGYWdPM3pqbXBGTWotSTBubmpveXNueUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lNmYxYTQtYTQzZS00N2JkLWExNzgtYzM2YTk2YzA0MTc3
LzEvR3F4OXRSazhHenQwaC1oSDFCbzRQdFd5Wm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw0JgMA0E
AgACMAcDBQMqEnlAMA0GCSqGSIb3DQEBCwUAA4IBAQBmMMcnLYFR1jABRcUsmvWV
zuOZzZhUpACU+KKMeQS1iS2io/dXV9fDA/ST4YnxgTiTSYSFNgd3cNDm+HKcEGsc
VZRVEm6x/K/efdAV9Uf3oCY5qDBUS4tLTaqftDN9Fw/eGn7NmLDlKwkYm6SFzVWN
ee6W5OLOKfsiXm4yF5J2Q75a2O2X2lvjmoO9uf8Gua8p6jTveQanOKeOTqrf0W+S
74my7IwfAW49978Ooz6HAKj6qfqYmQBJukvqk+irPoxA5oU+n9Q9Qod5tPLMuHSG
0Cldzh5ex1JcwhuOHcJwujQSzyYASRsLddaBAwKTJLD/MePMvWWmdLscVXz8PiSo
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:36 2024 by rpki-client on console-ams.rpki-client.org