Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/gKm7vDseh63AP9vWAvHQSyo9xW0.roa
File: gKm7vDseh63AP9vWAvHQSyo9xW0.roa (raw, json)
Hash identifier: SNLKm/MMUzGxAauHrflUScArsN1mDoASex5cfaO+0hI=
Subject key identifier: 80:A9:BB:BC:3B:1E:87:AD:C0:3F:DB:D6:02:F1:D0:4B:2A:3D:C5:6D
Certificate issuer: /CN=70dbea0753df083e5782bb9f380b5d799cb78a06
Certificate serial: 018CC26CEF3A71C4FA91CBBF78B3AE54BA30
Authority key identifier: 70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/gKm7vDseh63AP9vWAvHQSyo9xW0.roa
Signing time: Mon 01 Jan 2024 00:29:28 +0000
ROA not before: Mon 01 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 132.252.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:ef:3a:71:c4:fa:91:cb:bf:78:b3:ae:54:ba:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70dbea0753df083e5782bb9f380b5d799cb78a06
Validity
Not Before: Jan 1 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80a9bbbc3b1e87adc03fdbd602f1d04b2a3dc56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:64:01:b3:3f:8c:54:af:bf:85:1d:6d:0b:d2:
c2:e9:ec:c9:4c:8a:6a:6c:34:32:1b:2d:72:75:af:
62:47:57:5b:48:37:d7:9f:55:2d:90:76:8a:c5:03:
b5:30:da:9e:ff:a5:35:c2:cd:84:b2:25:4c:18:99:
fd:1d:d2:f0:1b:65:1b:e0:81:2f:79:38:ef:e9:42:
e7:83:21:05:a0:95:b0:a8:af:82:18:a0:90:9c:4a:
a8:1c:3f:04:83:3f:cc:08:d3:94:e1:61:61:27:fc:
1e:98:a9:30:06:da:d4:72:6d:bc:9b:52:27:a4:cb:
7e:4a:d6:1c:5d:f8:ff:27:6e:ce:63:3f:a2:ea:5e:
cb:54:28:3e:6e:0d:41:5b:91:fe:4a:b9:4a:c4:b8:
4f:d0:0c:12:cb:54:b9:68:ca:d3:55:56:78:cf:e0:
19:85:6c:8b:97:dd:33:2b:32:b7:e9:17:77:4b:c9:
c8:2c:5d:fc:c1:7e:0e:b8:48:16:d9:16:67:68:af:
a1:e3:33:79:37:c1:ec:7b:d4:26:1c:e9:a8:d6:4c:
a6:cc:34:12:40:d6:c5:93:a6:6f:a8:cf:da:fa:e9:
b9:a8:4f:29:0e:d7:01:d8:c8:3a:36:49:7a:e1:76:
81:cd:13:e8:06:8f:e4:b2:34:af:50:5a:e4:e0:0b:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A9:BB:BC:3B:1E:87:AD:C0:3F:DB:D6:02:F1:D0:4B:2A:3D:C5:6D
X509v3 Authority Key Identifier:
keyid:70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/gKm7vDseh63AP9vWAvHQSyo9xW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.252.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:83:14:99:1e:24:50:8e:5e:cc:94:1f:0a:a7:e8:1a:03:34:
6d:9c:24:1b:5e:20:21:30:8a:42:d9:fb:24:82:09:b1:cf:1f:
2f:a8:0c:da:52:30:c1:2c:d8:da:9b:f8:10:16:cb:39:63:c6:
5e:70:63:69:30:13:24:5d:51:ea:2f:a5:69:eb:7b:6e:81:0e:
1e:cb:aa:9c:a2:ae:90:fc:56:5b:43:dd:ce:ec:67:b7:b4:ff:
51:64:0c:54:a0:5b:23:c9:66:63:1b:2c:d5:c8:97:01:cd:4d:
8d:90:a0:b3:0e:9a:90:e3:72:69:8d:62:a1:09:9d:76:08:9b:
6a:e8:4e:f9:1c:76:e5:69:00:af:b5:d7:47:a2:ee:34:54:19:
cb:61:36:ad:09:4c:7e:86:b8:c6:92:69:29:c6:2d:b5:32:1a:
1f:9d:c4:8f:3a:f4:c0:49:77:af:67:6d:d3:26:fe:17:2e:84:
3c:be:7a:3f:85:29:eb:f0:8b:49:77:d2:6e:61:a1:76:41:36:
ee:f9:b5:1e:16:7b:e8:2d:6f:5c:a8:c5:09:61:d3:b3:f3:14:
0f:cc:6d:b7:78:5a:b2:f0:ba:df:fb:8a:2d:32:89:8d:84:ee:
e1:97:62:cb:be:aa:70:07:12:5d:b4:a7:0e:b7:28:a8:28:71:
16:06:e7:ad
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzCbO86ccT6kcu/eLOuVLowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGJlYTA3NTNkZjA4M2U1NzgyYmI5ZjM4MGI1ZDc5OWNi
NzhhMDYwHhcNMjQwMTAxMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE5YmJiYzNiMWU4N2FkYzAzZmRiZDYwMmYxZDA0YjJhM2RjNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GQBsz+MVK+/hR1tC9LC6ezJTIpq
bDQyGy1yda9iR1dbSDfXn1UtkHaKxQO1MNqe/6U1ws2EsiVMGJn9HdLwG2Ub4IEv
eTjv6ULngyEFoJWwqK+CGKCQnEqoHD8Egz/MCNOU4WFhJ/wemKkwBtrUcm28m1In
pMt+StYcXfj/J27OYz+i6l7LVCg+bg1BW5H+SrlKxLhP0AwSy1S5aMrTVVZ4z+AZ
hWyLl90zKzK36Rd3S8nILF38wX4OuEgW2RZnaK+h4zN5N8Hse9QmHOmo1kymzDQS
QNbFk6ZvqM/a+um5qE8pDtcB2Mg6Nkl64XaBzRPoBo/ksjSvUFrk4AtENQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFICpu7w7HoetwD/b1gLx0EsqPcVtMB8GA1UdIwQY
MBaAFHDb6gdT3wg+V4K7nzgLXXmct4oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjkt
MmEwY2YxMzE3M2Q4LzEvZ0ttN3ZEc2VoNjNBUDl2V0F2SFFTeW85eFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjktMmEwY2YxMzE3M2Q4
LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhPwwDQYJ
KoZIhvcNAQELBQADggEBAH+DFJkeJFCOXsyUHwqn6BoDNG2cJBteICEwikLZ+ySC
CbHPHy+oDNpSMMEs2Nqb+BAWyzljxl5wY2kwEyRdUeovpWnre26BDh7LqpyirpD8
VltD3c7sZ7e0/1FkDFSgWyPJZmMbLNXIlwHNTY2QoLMOmpDjcmmNYqEJnXYIm2ro
TvkcduVpAK+110ei7jRUGcthNq0JTH6GuMaSaSnGLbUyGh+dxI869MBJd69nbdMm
/hcuhDy+ej+FKevwi0l30m5hoXZBNu75tR4We+gtb1yoxQlh07PzFA/Mbbd4WrLw
ut/7ii0yiY2E7uGXYsu+qnAHEl20pw63KKgocRYG560=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:09:44 2024 by rpki-client on console-fra.rpki-client.org