Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/g_1xa2QB__VMgGcaaZC4kfLupoI.roa
File: g_1xa2QB__VMgGcaaZC4kfLupoI.roa (raw, json)
Hash identifier: nFH82JXdMcckLTpfXpzIdjHHm4hRQUgXZUF5AJonqZ8=
Subject key identifier: 83:FD:71:6B:64:01:FF:F5:4C:80:67:1A:69:90:B8:91:F2:EE:A6:82
Certificate issuer: /CN=1fafca53ac54e57e52c010138a212794c670e0cd
Certificate serial: 018CC7954F720815F86181D4A1B359F143DA
Authority key identifier: 1F:AF:CA:53:AC:54:E5:7E:52:C0:10:13:8A:21:27:94:C6:70:E0:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6_KU6xU5X5SwBATiiEnlMZw4M0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/g_1xa2QB__VMgGcaaZC4kfLupoI.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42724
IP address blocks: 194.169.120.0/24 maxlen: 24
185.235.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/H6_KU6xU5X5SwBATiiEnlMZw4M0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/H6_KU6xU5X5SwBATiiEnlMZw4M0.mft
rsync://rpki.ripe.net/repository/DEFAULT/H6_KU6xU5X5SwBATiiEnlMZw4M0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4f:72:08:15:f8:61:81:d4:a1:b3:59:f1:43:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fafca53ac54e57e52c010138a212794c670e0cd
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83fd716b6401fff54c80671a6990b891f2eea682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b5:d7:c6:ca:6f:a9:c1:10:41:ff:fb:85:0f:
24:70:5a:39:d4:0d:80:c9:e8:b5:9e:81:b0:48:06:
62:2e:9e:61:a6:7e:e1:85:4a:e3:30:ba:ca:aa:d9:
bf:02:2b:9a:54:ac:07:76:80:4b:15:6c:5f:c7:b4:
31:87:5e:c3:4e:82:20:50:db:36:be:ed:6e:13:be:
50:47:06:28:51:0c:5e:0f:ec:43:74:c4:cf:32:54:
e0:d2:d8:00:cd:95:00:db:95:fd:7f:68:a2:89:a3:
cd:60:aa:c9:92:01:d8:4e:ee:69:14:0e:07:88:ca:
a2:5a:d5:1c:d8:83:55:86:ee:61:00:60:0b:c7:fb:
70:a1:fd:46:94:0f:3a:44:ec:da:5d:b9:47:62:44:
7f:94:76:5e:c7:6e:20:70:c2:71:72:7f:4b:2b:9d:
65:f1:cd:ca:79:dd:d7:22:51:26:b7:a6:17:9f:08:
b7:d9:d2:51:58:4e:13:ea:26:58:52:38:a9:32:12:
fc:42:a0:87:b3:16:5c:ae:3b:dd:ca:5c:5a:bb:8b:
33:c9:58:51:bc:db:cc:a8:0e:51:67:51:e1:09:30:
0c:6c:4c:41:fe:ec:b8:a9:7a:e1:b6:8d:33:a8:6a:
f8:fe:72:e6:e4:76:ee:ba:d5:7f:4e:95:6d:2e:98:
a3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FD:71:6B:64:01:FF:F5:4C:80:67:1A:69:90:B8:91:F2:EE:A6:82
X509v3 Authority Key Identifier:
keyid:1F:AF:CA:53:AC:54:E5:7E:52:C0:10:13:8A:21:27:94:C6:70:E0:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6_KU6xU5X5SwBATiiEnlMZw4M0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/g_1xa2QB__VMgGcaaZC4kfLupoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/H6_KU6xU5X5SwBATiiEnlMZw4M0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.77.0/24
194.169.120.0/24
Signature Algorithm: sha256WithRSAEncryption
16:8e:e5:c5:ea:79:a5:79:17:b8:16:22:26:84:37:89:4d:50:
80:36:44:01:8f:7e:fa:60:2b:67:5f:71:39:c5:b4:f7:71:23:
5f:36:52:44:78:a6:e8:e5:7c:c5:9b:7e:42:bc:f1:dc:48:0e:
b8:5c:32:5c:32:18:23:18:aa:aa:82:9e:10:8a:be:f4:a7:61:
f6:b0:29:b3:40:80:07:a8:ce:46:c9:05:25:f5:5e:a9:26:4d:
ab:8e:0f:3c:73:5b:1a:e3:51:4a:7d:a2:6a:d3:c6:86:4e:d0:
4e:85:23:a0:05:80:d8:e6:13:a1:f5:54:58:88:a9:65:f0:ba:
2e:d7:09:0c:ac:b5:3c:dc:04:71:69:3f:bf:1b:c4:c5:c6:2f:
46:43:44:e3:c8:88:18:f7:95:05:03:97:ec:b2:43:85:74:89:
57:32:87:5c:12:73:0e:d7:b8:cb:39:2d:06:69:b2:7c:63:72:
ce:78:fa:45:dd:a8:88:5a:55:ec:40:f1:1e:22:8c:61:1e:a4:
d2:76:9e:af:6c:97:90:21:e6:af:7e:f0:df:66:03:f8:5a:b5:
4e:8f:a9:af:7f:35:cb:a1:fb:cc:fd:07:1f:2f:d4:9f:81:32:
1c:0b:25:1b:d2:90:46:6c:14:e1:1b:a7:f2:d6:ff:90:b7:62:
ab:09:0a:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlU9yCBX4YYHUobNZ8UPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYWZjYTUzYWM1NGU1N2U1MmMwMTAxMzhhMjEyNzk0YzY3
MGUwY2QwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZkNzE2YjY0MDFmZmY1NGM4MDY3MWE2OTkwYjg5MWYyZWVhNjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorXXxspvqcEQQf/7hQ8kcFo51A2A
yei1noGwSAZiLp5hpn7hhUrjMLrKqtm/AiuaVKwHdoBLFWxfx7Qxh17DToIgUNs2
vu1uE75QRwYoUQxeD+xDdMTPMlTg0tgAzZUA25X9f2iiiaPNYKrJkgHYTu5pFA4H
iMqiWtUc2INVhu5hAGALx/twof1GlA86ROzaXblHYkR/lHZex24gcMJxcn9LK51l
8c3Ked3XIlEmt6YXnwi32dJRWE4T6iZYUjipMhL8QqCHsxZcrjvdylxau4szyVhR
vNvMqA5RZ1HhCTAMbExB/uy4qXrhto0zqGr4/nLm5HbuutV/TpVtLpijlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIP9cWtkAf/1TIBnGmmQuJHy7qaCMB8GA1UdIwQY
MBaAFB+vylOsVOV+UsAQE4ohJ5TGcODNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZfS1U2eFU1WDVTd0JBVGlpRW5sTVp3NE0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83NjhlMjktMjRjNS00ZmE3LTliMzYt
Yzk5NWQyZWM5ZTk0LzEvZ18xeGEyUUJfX1ZNZ0djYWFaQzRrZkx1cG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83NjhlMjktMjRjNS00ZmE3LTliMzYtYzk5NWQyZWM5ZTk0
LzEvSDZfS1U2eFU1WDVTd0JBVGlpRW5sTVp3NE0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuetNAwQA
wql4MA0GCSqGSIb3DQEBCwUAA4IBAQAWjuXF6nmleRe4FiImhDeJTVCANkQBj376
YCtnX3E5xbT3cSNfNlJEeKbo5XzFm35CvPHcSA64XDJcMhgjGKqqgp4Qir70p2H2
sCmzQIAHqM5GyQUl9V6pJk2rjg88c1sa41FKfaJq08aGTtBOhSOgBYDY5hOh9VRY
iKll8Lou1wkMrLU83ARxaT+/G8TFxi9GQ0TjyIgY95UFA5fsskOFdIlXModcEnMO
17jLOS0GabJ8Y3LOePpF3aiIWlXsQPEeIoxhHqTSdp6vbJeQIeavfvDfZgP4WrVO
j6mvfzXLofvM/QcfL9SfgTIcCyUb0pBGbBThG6fy1v+Qt2KrCQpg
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:23 2024 by rpki-client on console-fra.rpki-client.org