Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/gkCkfK6aeVwy8ObLjnY5oMIOPm4.roa
File: gkCkfK6aeVwy8ObLjnY5oMIOPm4.roa (raw, json)
Hash identifier: O3CYbaVmYYHDKRh7fqlC6/QADvljnto2um6DLzGJ8OU=
Subject key identifier: 82:40:A4:7C:AE:9A:79:5C:32:F0:E6:CB:8E:76:39:A0:C2:0E:3E:6E
Certificate issuer: /CN=cc9c41a123764cf7dc0f2db9841f732a3b961343
Certificate serial: 018CC725713DA8576553994E40FD3CCA6CFC
Authority key identifier: CC:9C:41:A1:23:76:4C:F7:DC:0F:2D:B9:84:1F:73:2A:3B:96:13:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zJxBoSN2TPfcDy25hB9zKjuWE0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/gkCkfK6aeVwy8ObLjnY5oMIOPm4.roa
Signing time: Mon 01 Jan 2024 22:29:28 +0000
ROA not before: Mon 01 Jan 2024 22:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201246
IP address blocks: 103.58.8.0/22 maxlen: 24
188.114.120.0/24 maxlen: 24
188.114.121.0/24 maxlen: 24
185.80.19.0/24 maxlen: 24
2a05:7980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/zJxBoSN2TPfcDy25hB9zKjuWE0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/zJxBoSN2TPfcDy25hB9zKjuWE0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/zJxBoSN2TPfcDy25hB9zKjuWE0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:71:3d:a8:57:65:53:99:4e:40:fd:3c:ca:6c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc9c41a123764cf7dc0f2db9841f732a3b961343
Validity
Not Before: Jan 1 22:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8240a47cae9a795c32f0e6cb8e7639a0c20e3e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:61:e5:87:3e:c4:b4:52:3f:df:52:fc:19:f9:
b2:40:d1:79:af:5b:68:65:9d:51:aa:27:69:08:42:
18:cc:fc:fa:24:b9:97:44:76:cf:86:99:98:e1:8d:
d1:a2:ba:34:b1:8e:77:6d:3b:d9:88:89:c9:35:3a:
71:6f:56:1b:ec:06:e7:70:aa:fc:9a:23:c4:ea:6e:
7a:0b:1e:18:01:e9:4e:f5:b1:e7:3e:b9:a6:12:01:
8c:9e:da:bd:eb:38:4b:f1:e0:0f:a7:54:6f:10:01:
64:f1:b4:86:76:45:90:85:49:33:f5:5d:7f:9c:02:
2c:83:0b:02:53:4b:8f:72:03:cf:74:86:13:93:0a:
51:38:6a:41:1c:b3:0c:13:cf:d0:80:21:e4:7b:81:
33:07:f3:e7:96:ba:cf:dc:7d:3d:a0:b2:75:c8:9c:
ed:45:15:55:01:50:a7:1e:7f:00:de:8d:87:c8:14:
89:08:be:a7:b9:2c:36:b9:07:40:57:7b:ad:7f:fa:
18:12:7a:04:e6:20:0e:0a:c2:57:d9:77:84:bb:69:
58:e0:5c:18:ae:c2:68:30:03:80:47:4f:54:a6:7f:
66:c3:c9:f6:8d:fc:2c:c2:97:7a:b3:3d:5e:a6:05:
9b:f9:2b:57:1c:94:19:61:a6:3e:af:af:78:6b:dd:
28:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:40:A4:7C:AE:9A:79:5C:32:F0:E6:CB:8E:76:39:A0:C2:0E:3E:6E
X509v3 Authority Key Identifier:
keyid:CC:9C:41:A1:23:76:4C:F7:DC:0F:2D:B9:84:1F:73:2A:3B:96:13:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJxBoSN2TPfcDy25hB9zKjuWE0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/gkCkfK6aeVwy8ObLjnY5oMIOPm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/zJxBoSN2TPfcDy25hB9zKjuWE0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.58.8.0/22
185.80.19.0/24
188.114.120.0/23
IPv6:
2a05:7980::/29
Signature Algorithm: sha256WithRSAEncryption
6e:83:36:ea:b7:c3:fb:39:4f:90:fb:c2:8b:46:21:90:e5:eb:
28:a9:36:15:cb:66:da:ea:51:c5:49:e9:a2:b2:f7:d6:50:15:
42:c6:14:f1:59:11:95:9e:f4:5e:77:6f:2d:6e:f8:56:6e:9f:
ac:f7:5b:46:52:5d:eb:69:52:fc:bf:a4:bb:a9:e2:eb:57:95:
96:a9:03:57:09:18:3e:48:ba:71:c4:6c:dc:42:c1:2b:38:50:
3a:67:24:f2:77:67:2e:e7:7d:7a:a2:2a:2d:f0:4e:1b:4b:bb:
2d:f9:ad:33:e4:f8:7f:de:2f:4b:db:5f:3e:31:7f:da:a2:15:
46:14:44:d4:40:81:6c:a5:7b:fc:33:db:35:2d:c9:12:fe:01:
7b:d5:e0:6c:de:74:96:29:6c:2e:ca:1c:6c:c6:3b:fb:aa:4e:
57:1d:b1:7e:05:14:af:c7:2e:cc:dc:6d:a0:8f:1d:f7:6d:65:
c5:4e:29:43:c7:64:cf:e3:fb:c9:c4:2c:a2:03:f6:62:8d:c8:
77:7c:51:eb:3a:46:6c:a4:92:38:b1:bc:d3:94:b0:63:31:33:
52:ee:e6:1c:24:9e:3e:61:e8:ac:c2:ee:b5:3d:27:fa:f7:71:
3e:c7:b1:1d:88:38:60:0e:fb:58:4c:26:51:00:99:09:c5:a5:
d0:3d:8c:ef
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJXE9qFdlU5lOQP08ymz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOWM0MWExMjM3NjRjZjdkYzBmMmRiOTg0MWY3MzJhM2I5
NjEzNDMwHhcNMjQwMTAxMjIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQwYTQ3Y2FlOWE3OTVjMzJmMGU2Y2I4ZTc2MzlhMGMyMGUzZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWHlhz7EtFI/31L8GfmyQNF5r1to
ZZ1RqidpCEIYzPz6JLmXRHbPhpmY4Y3Roro0sY53bTvZiInJNTpxb1Yb7AbncKr8
miPE6m56Cx4YAelO9bHnPrmmEgGMntq96zhL8eAPp1RvEAFk8bSGdkWQhUkz9V1/
nAIsgwsCU0uPcgPPdIYTkwpROGpBHLMME8/QgCHke4EzB/PnlrrP3H09oLJ1yJzt
RRVVAVCnHn8A3o2HyBSJCL6nuSw2uQdAV3utf/oYEnoE5iAOCsJX2XeEu2lY4FwY
rsJoMAOAR09Upn9mw8n2jfwswpd6sz1epgWb+StXHJQZYaY+r694a90oSQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIJApHyumnlcMvDmy452OaDCDj5uMB8GA1UdIwQY
MBaAFMycQaEjdkz33A8tuYQfcyo7lhNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekp4Qm9TTjJUUGZjRHkyNWhCOXpLanVXRTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8wZmViODktN2Q4Yy00MzAwLTk5YjUt
MDYyNDdhOTc4ZDY5LzEvZ2tDa2ZLNmFlVnd5OE9iTGpuWTVvTUlPUG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8wZmViODktN2Q4Yy00MzAwLTk5YjUtMDYyNDdhOTc4ZDY5
LzEvekp4Qm9TTjJUUGZjRHkyNWhCOXpLanVXRTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCZzoIAwQA
uVATAwQBvHJ4MA0EAgACMAcDBQMqBXmAMA0GCSqGSIb3DQEBCwUAA4IBAQBugzbq
t8P7OU+Q+8KLRiGQ5esoqTYVy2ba6lHFSemisvfWUBVCxhTxWRGVnvRed28tbvhW
bp+s91tGUl3raVL8v6S7qeLrV5WWqQNXCRg+SLpxxGzcQsErOFA6ZyTyd2cu5316
oiot8E4bS7st+a0z5Ph/3i9L218+MX/aohVGFETUQIFspXv8M9s1LckS/gF71eBs
3nSWKWwuyhxsxjv7qk5XHbF+BRSvxy7M3G2gjx33bWXFTilDx2TP4/vJxCyiA/Zi
jch3fFHrOkZspJI4sbzTlLBjMTNS7uYcJJ4+Yeiswu61PSf693E+x7EdiDhgDvtY
TCZRAJkJxaXQPYzv
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:45:40 2024 by rpki-client on console-ams.rpki-client.org