Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/gATvSTd7SYlOzl0RyYPZnXJFguk.roa
File: gATvSTd7SYlOzl0RyYPZnXJFguk.roa (raw, json)
Hash identifier: VNU5oKvRTeH7wisPWkZPlheKHw0W1uU7PeX3y0N/jm0=
Subject key identifier: 80:04:EF:49:37:7B:49:89:4E:CE:5D:11:C9:83:D9:9D:72:45:82:E9
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC794205E177F4DE6209A41A156B92083
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/gATvSTd7SYlOzl0RyYPZnXJFguk.roa
Signing time: Tue 02 Jan 2024 00:30:22 +0000
ROA not before: Tue 02 Jan 2024 00:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198150
IP address blocks: 46.8.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:20:5e:17:7f:4d:e6:20:9a:41:a1:56:b9:20:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8004ef49377b49894ece5d11c983d99d724582e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:91:13:36:b0:67:81:b0:e0:58:e0:0f:2c:3f:
37:c5:94:df:e1:67:a6:f1:d3:13:cd:73:8a:51:5c:
93:18:28:75:ad:24:24:b9:7a:19:7f:5a:bc:12:79:
80:27:66:8f:8c:13:19:bb:31:5b:96:ad:d7:cf:2f:
f5:b6:39:f1:2d:ab:6e:4c:15:57:92:c2:fc:80:fe:
2d:e5:f8:0f:fd:2b:dc:50:9f:64:2e:fd:e1:56:60:
78:98:78:75:57:51:ff:1e:f8:ca:05:6a:46:7b:95:
c6:37:d5:bd:9d:41:38:e8:55:b0:16:5b:6d:9b:c5:
15:fd:8c:dd:b8:c2:af:f2:c6:97:b1:26:17:f7:11:
a9:a6:28:80:c0:49:53:e0:2c:b6:91:11:1c:71:0c:
20:57:e2:00:66:90:4c:18:c5:e8:20:20:d8:73:a2:
85:43:8a:11:b6:33:d2:29:b0:34:40:58:22:a6:4d:
23:62:11:0d:cc:ae:80:b9:c8:2e:64:ef:eb:b4:62:
21:f8:a3:fd:9c:07:b8:4b:ac:65:05:84:c9:46:ee:
4a:f4:33:d6:8f:49:a7:93:a9:04:3e:de:27:43:24:
6a:1c:2e:05:97:8e:69:83:da:4c:f9:12:8a:e4:a9:
8c:27:a2:c9:28:f7:03:41:cc:d0:6d:de:2f:2e:10:
38:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:04:EF:49:37:7B:49:89:4E:CE:5D:11:C9:83:D9:9D:72:45:82:E9
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/gATvSTd7SYlOzl0RyYPZnXJFguk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.37.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:54:5a:fd:d6:cd:82:22:95:6e:b9:14:31:bd:86:cd:b1:d7:
c7:30:ed:05:a7:7e:b1:9c:b3:77:6b:0f:42:45:fd:09:61:60:
ba:4a:58:85:fb:00:c3:42:2e:17:8f:8c:06:e6:ed:61:58:78:
ab:de:c0:c8:ec:8b:63:be:81:67:8f:6c:37:19:93:22:c3:5d:
2e:93:68:0b:8e:92:a5:ff:74:24:91:eb:a3:5e:3e:bf:ac:5a:
10:69:23:44:b3:c3:cd:4b:de:1c:e2:c5:80:16:27:fc:1d:4c:
7e:85:29:00:f0:b5:5d:93:f7:66:1b:68:01:da:70:a5:10:ee:
eb:8a:c8:78:9b:08:35:37:f8:f0:b8:ff:5a:60:60:6f:49:42:
c9:5f:83:e9:d9:bf:4a:2f:4c:ef:94:7a:63:d8:58:73:76:81:
bd:e2:fb:1c:6e:75:cd:18:29:d7:87:0f:48:7a:ce:56:65:1c:
b7:92:cd:ec:47:54:f0:56:2a:09:5d:fa:11:94:ce:0c:03:5e:
f4:0f:1f:b5:76:5e:41:aa:60:3b:75:97:2c:56:f0:db:ca:da:
89:61:95:2b:30:a4:42:e3:46:4a:00:52:6d:38:b5:31:86:7e:
4c:0f:9b:29:c3:45:4d:e5:96:f4:96:bc:7f:0d:10:b7:65:1b:
d5:9c:62:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlCBeF39N5iCaQaFWuSCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDA0ZWY0OTM3N2I0OTg5NGVjZTVkMTFjOTgzZDk5ZDcyNDU4MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5ETNrBngbDgWOAPLD83xZTf4Wem
8dMTzXOKUVyTGCh1rSQkuXoZf1q8EnmAJ2aPjBMZuzFblq3Xzy/1tjnxLatuTBVX
ksL8gP4t5fgP/SvcUJ9kLv3hVmB4mHh1V1H/HvjKBWpGe5XGN9W9nUE46FWwFltt
m8UV/YzduMKv8saXsSYX9xGppiiAwElT4Cy2kREccQwgV+IAZpBMGMXoICDYc6KF
Q4oRtjPSKbA0QFgipk0jYhENzK6AucguZO/rtGIh+KP9nAe4S6xlBYTJRu5K9DPW
j0mnk6kEPt4nQyRqHC4Fl45pg9pM+RKK5KmMJ6LJKPcDQczQbd4vLhA4kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAE70k3e0mJTs5dEcmD2Z1yRYLpMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvZ0FUdlNUZDdTWWxPemwwUnlZUFpuWEpGZ3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgglMA0G
CSqGSIb3DQEBCwUAA4IBAQAMVFr91s2CIpVuuRQxvYbNsdfHMO0Fp36xnLN3aw9C
Rf0JYWC6SliF+wDDQi4Xj4wG5u1hWHir3sDI7ItjvoFnj2w3GZMiw10uk2gLjpKl
/3QkkeujXj6/rFoQaSNEs8PNS94c4sWAFif8HUx+hSkA8LVdk/dmG2gB2nClEO7r
ish4mwg1N/jwuP9aYGBvSULJX4Pp2b9KL0zvlHpj2FhzdoG94vscbnXNGCnXhw9I
es5WZRy3ks3sR1TwVioJXfoRlM4MA170Dx+1dl5BqmA7dZcsVvDbytqJYZUrMKRC
40ZKAFJtOLUxhn5MD5spw0VN5Zb0lrx/DRC3ZRvVnGII
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:32:24 2024 by rpki-client on console-ams.rpki-client.org