Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/CGy_yaeSngUeL8lGolgNc8H4cio.roa
File: CGy_yaeSngUeL8lGolgNc8H4cio.roa (raw, json)
Hash identifier: +sM7aP15rbRfFfw0Qy1Xlm4ZdDi1EZioqu9QFvDdmLU=
Subject key identifier: 08:6C:BF:C9:A7:92:9E:05:1E:2F:C9:46:A2:58:0D:73:C1:F8:72:2A
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 018CCA2A312E615E12968F40D0DCD18F5315
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/CGy_yaeSngUeL8lGolgNc8H4cio.roa
Signing time: Tue 02 Jan 2024 12:33:31 +0000
ROA not before: Tue 02 Jan 2024 12:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24875
IP address blocks: 2.58.21.0/24 maxlen: 24
2.58.22.0/24 maxlen: 24
46.182.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 22:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:31:2e:61:5e:12:96:8f:40:d0:dc:d1:8f:53:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: Jan 2 12:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=086cbfc9a7929e051e2fc946a2580d73c1f8722a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:3b:97:3b:5c:8d:07:e8:cc:25:12:5f:b4:ef:
41:51:b9:f9:a7:22:fa:13:d1:00:83:a3:3a:9a:51:
9c:06:7f:b4:e5:c1:50:93:0b:10:ac:df:b1:67:84:
44:e8:e7:41:65:6e:69:b5:5e:f8:6c:79:f1:ec:1f:
42:ae:a0:02:15:6f:5f:c0:89:48:b6:2c:5a:f0:82:
cb:5c:96:62:a0:49:35:48:7b:d9:dc:01:3e:85:3f:
80:72:98:f9:f9:b1:17:93:25:f1:38:1c:e8:70:03:
06:2c:36:0f:3b:9e:0b:85:23:d0:56:e8:f2:aa:14:
3d:31:30:b2:1c:da:26:a2:fc:28:db:db:ec:2e:f6:
0e:38:7e:9c:81:cc:aa:28:43:eb:6d:48:93:b9:35:
ff:b8:02:08:14:bf:9e:aa:1c:2d:7d:ad:db:aa:ee:
83:f7:76:be:91:3e:8f:06:06:c2:ea:06:c3:99:6c:
6e:5f:65:5c:6e:30:0f:60:37:f4:91:0b:29:f4:02:
0e:84:ea:0c:69:5e:54:b5:86:66:b0:fd:c4:ee:e8:
2d:5e:9f:fb:0c:52:bb:f8:03:e7:fa:ca:ea:cb:97:
10:b4:76:94:f5:6c:6a:cc:73:58:ad:ef:64:93:92:
6d:88:28:d4:a7:30:d4:29:e4:8e:d8:c9:49:73:63:
89:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6C:BF:C9:A7:92:9E:05:1E:2F:C9:46:A2:58:0D:73:C1:F8:72:2A
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/CGy_yaeSngUeL8lGolgNc8H4cio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.21.0-2.58.22.255
46.182.108.0/24
Signature Algorithm: sha256WithRSAEncryption
80:e4:b9:6f:ef:09:6a:2e:27:b9:34:9d:76:05:6c:54:ee:3f:
56:00:6a:af:a6:29:28:f5:17:44:ed:08:66:9a:ad:a1:ad:77:
58:c8:34:e8:d1:5b:67:4d:1a:8d:c9:c6:e1:23:12:e8:85:9f:
5b:29:09:b0:73:21:c6:fe:c5:03:92:36:83:6e:d7:0f:f9:59:
56:7f:86:2a:b9:d0:f5:59:ab:f1:5b:b5:15:f1:68:b1:78:3d:
4e:ab:87:1f:3e:c9:6b:74:f6:51:e4:c8:ba:40:da:5c:e5:5a:
15:b5:ed:e7:a6:04:c0:47:67:43:83:85:63:a5:9f:e5:74:bf:
97:75:c0:e7:38:00:1c:62:5b:df:7b:72:7d:7b:e0:fc:28:5d:
fa:0f:c7:d5:c5:63:d2:84:42:6b:1a:20:63:1e:19:1e:b0:07:
24:7f:3d:b9:34:56:6d:72:10:9d:88:a1:db:94:8f:78:01:ee:
59:ed:bd:d7:bf:17:10:42:c4:f9:26:12:c9:f4:6e:b8:f8:4b:
e0:da:4a:eb:51:62:b8:aa:03:cd:f5:33:d1:d2:a9:2d:b3:dc:
c6:5f:dc:a2:f8:b0:75:7f:b7:97:25:69:8d:26:15:f0:ec:1f:
9f:82:6a:9e:b7:5b:a6:69:0b:1b:35:e2:f6:5b:c4:28:d5:00:
e9:29:37:49
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzKKjEuYV4Slo9A0NzRj1MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGJkZGFmYjVkZjA5ODQxOTAyMGE4ZmJjN2E5MGIxNmUz
NDFkNjMwHhcNMjQwMTAyMTIzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZjYmZjOWE3OTI5ZTA1MWUyZmM5NDZhMjU4MGQ3M2MxZjg3MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzuXO1yNB+jMJRJftO9BUbn5pyL6
E9EAg6M6mlGcBn+05cFQkwsQrN+xZ4RE6OdBZW5ptV74bHnx7B9CrqACFW9fwIlI
tixa8ILLXJZioEk1SHvZ3AE+hT+Acpj5+bEXkyXxOBzocAMGLDYPO54LhSPQVujy
qhQ9MTCyHNomovwo29vsLvYOOH6cgcyqKEPrbUiTuTX/uAIIFL+eqhwtfa3bqu6D
93a+kT6PBgbC6gbDmWxuX2VcbjAPYDf0kQsp9AIOhOoMaV5UtYZmsP3E7ugtXp/7
DFK7+APn+srqy5cQtHaU9WxqzHNYre9kk5JtiCjUpzDUKeSO2MlJc2OJIwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAhsv8mnkp4FHi/JRqJYDXPB+HIqMB8GA1UdIwQY
MBaAFNlL3a+13wmEGQIKj7x6kLFuNB1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEt
NmUyNmI5MWY2OTEwLzEvQ0d5X3lhZVNuZ1VlTDhsR29sZ05jOEg0Y2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEtNmUyNmI5MWY2OTEw
LzEvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAACOhUD
BAACOhYDBAAutmwwDQYJKoZIhvcNAQELBQADggEBAIDkuW/vCWouJ7k0nXYFbFTu
P1YAaq+mKSj1F0TtCGaaraGtd1jINOjRW2dNGo3JxuEjEuiFn1spCbBzIcb+xQOS
NoNu1w/5WVZ/hiq50PVZq/FbtRXxaLF4PU6rhx8+yWt09lHkyLpA2lzlWhW17eem
BMBHZ0ODhWOln+V0v5d1wOc4ABxiW997cn174PwoXfoPx9XFY9KEQmsaIGMeGR6w
ByR/Pbk0Vm1yEJ2IoduUj3gB7lntvde/FxBCxPkmEsn0brj4S+DaSutRYriqA831
M9HSqS2z3MZf3KL4sHV/t5claY0mFfDsH5+Cap63W6ZpCxs14vZbxCjVAOkpN0k=
-----END CERTIFICATE-----
Generated at Fri May 17 07:04:08 2024 by rpki-client on console-ams.rpki-client.org