Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Cvgwg-uKvuUaS7cLg_cPYzdD6Uw.roa
File: Cvgwg-uKvuUaS7cLg_cPYzdD6Uw.roa (raw, json)
Hash identifier: 1GZIwwx254bndn2FBEU66FnntwLKhhpMMvGpQmLLXDw=
Subject key identifier: 0A:F8:30:83:EB:8A:BE:E5:1A:4B:B7:0B:83:F7:0F:63:37:43:E9:4C
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 0192B3406D654D03029F89BB606B45BD83DA
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Cvgwg-uKvuUaS7cLg_cPYzdD6Uw.roa
Signing time: Tue 22 Oct 2024 08:03:16 +0000
ROA not before: Tue 22 Oct 2024 08:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214159
IP address blocks: 185.189.44.0/22 maxlen: 32
2a02:ae00:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.mft
rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:40:6d:65:4d:03:02:9f:89:bb:60:6b:45:bd:83:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Oct 22 08:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0af83083eb8abee51a4bb70b83f70f633743e94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9a:2b:95:ac:79:7c:b3:ff:0b:6c:fe:a0:65:
69:89:a6:96:a9:42:05:e6:2d:3c:c9:82:9a:c1:21:
ad:24:c8:40:90:7a:a7:64:2c:73:ab:55:5e:88:03:
f1:32:97:d9:cd:6b:64:1e:9d:36:07:a1:06:26:b7:
b3:fd:ac:e8:e5:15:ee:c3:42:12:77:5a:c1:d3:22:
3e:29:36:71:63:b1:35:6c:b4:17:eb:c8:cd:50:a2:
d9:d1:ad:c8:d7:32:89:71:15:3a:9d:69:0c:af:88:
aa:e0:14:36:4a:0d:19:c2:a1:12:37:fd:89:06:ea:
1f:d4:b8:0b:9e:fb:35:a1:5d:ea:71:34:f5:68:8b:
dc:75:6b:80:4e:0e:aa:94:57:f0:c4:e6:86:2f:76:
85:dd:54:12:2a:87:25:bc:da:53:f7:0c:57:f2:78:
dc:68:2d:f3:bd:df:95:4f:5d:58:e9:fe:e6:05:f5:
03:07:d3:85:b8:cf:19:0d:37:fb:d2:4b:e0:a5:f3:
73:a5:73:a7:60:18:fe:1b:53:d5:42:01:a6:0b:97:
48:f8:3c:09:9d:1f:a3:91:e5:d6:81:18:88:3f:e9:
85:5b:55:fa:22:32:ef:78:da:20:f5:19:8c:bb:79:
6a:cd:20:88:c3:a1:31:a5:e6:90:5f:67:47:a6:cc:
5c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F8:30:83:EB:8A:BE:E5:1A:4B:B7:0B:83:F7:0F:63:37:43:E9:4C
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Cvgwg-uKvuUaS7cLg_cPYzdD6Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.44.0/22
IPv6:
2a02:ae00:2000::/36
Signature Algorithm: sha256WithRSAEncryption
59:82:00:95:27:fd:33:3c:c1:4c:c3:b9:d5:8b:70:a4:94:92:
ee:d0:8b:ef:86:5f:a3:14:b0:9b:84:22:74:6b:fb:da:13:73:
fb:68:d8:74:52:87:a7:1b:52:3b:5f:e2:e2:51:8a:98:dd:63:
a0:01:ca:a5:c8:7d:72:fd:c3:dc:ca:a3:40:71:3a:3c:6d:60:
cb:6e:9d:7d:c0:b8:52:f8:e5:15:fd:e5:85:62:62:9a:be:5a:
4a:ce:e8:06:f3:df:e0:11:ec:b7:cc:f6:50:7e:a3:49:07:04:
90:fa:1b:4a:6d:bb:4f:36:d6:4c:3b:4c:8d:f7:39:fd:5d:83:
27:40:cc:d1:16:84:68:b5:59:f6:7f:a4:57:f0:f1:a4:75:88:
4a:a6:58:1c:35:51:84:32:53:b5:6a:0c:61:ab:8f:28:a8:b5:
85:dd:ac:1e:28:02:ac:df:3f:c1:6f:4d:43:0d:62:1d:18:8d:
12:e1:8d:72:59:5f:6d:7a:51:1c:ed:d5:0f:27:9b:3d:ff:46:
cb:42:15:6a:fb:0c:7d:a9:c5:8d:09:a3:b5:ba:f6:e6:d5:ea:
0c:eb:31:73:3c:9c:6c:b2:b8:39:28:72:4c:9d:2c:ab:a8:bb:
49:40:83:5b:21:1a:2e:22:e3:1f:d4:19:9b:d5:e3:76:24:e5:
a8:26:07:3d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZKzQG1lTQMCn4m7YGtFvYPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjQxMDIyMDgwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY4MzA4M2ViOGFiZWU1MWE0YmI3MGI4M2Y3MGY2MzM3NDNlOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5orlax5fLP/C2z+oGVpiaaWqUIF
5i08yYKawSGtJMhAkHqnZCxzq1VeiAPxMpfZzWtkHp02B6EGJrez/azo5RXuw0IS
d1rB0yI+KTZxY7E1bLQX68jNUKLZ0a3I1zKJcRU6nWkMr4iq4BQ2Sg0ZwqESN/2J
Buof1LgLnvs1oV3qcTT1aIvcdWuATg6qlFfwxOaGL3aF3VQSKoclvNpT9wxX8njc
aC3zvd+VT11Y6f7mBfUDB9OFuM8ZDTf70kvgpfNzpXOnYBj+G1PVQgGmC5dI+DwJ
nR+jkeXWgRiIP+mFW1X6IjLveNog9RmMu3lqzSCIw6ExpeaQX2dHpsxcwwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAr4MIPrir7lGku3C4P3D2M3Q+lMMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvQ3Znd2ctdUt2dVVhUzdjTGdfY1BZemRENlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCub0sMA4E
AgACMAgDBgQqAq4AIDANBgkqhkiG9w0BAQsFAAOCAQEAWYIAlSf9MzzBTMO51Ytw
pJSS7tCL74ZfoxSwm4QidGv72hNz+2jYdFKHpxtSO1/i4lGKmN1joAHKpch9cv3D
3MqjQHE6PG1gy26dfcC4UvjlFf3lhWJimr5aSs7oBvPf4BHst8z2UH6jSQcEkPob
Sm27TzbWTDtMjfc5/V2DJ0DM0RaEaLVZ9n+kV/DxpHWISqZYHDVRhDJTtWoMYauP
KKi1hd2sHigCrN8/wW9NQw1iHRiNEuGNcllfbXpRHO3VDyebPf9Gy0IVavsMfanF
jQmjtbr25tXqDOsxczycbLK4OShyTJ0sq6i7SUCDWyEaLiLjH9QZm9XjdiTlqCYH
PQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:40 2024 by rpki-client on console-ams.rpki-client.org