Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gNXDjGJgnElzGJw3o-3Ql5EZL4o.roa
File: gNXDjGJgnElzGJw3o-3Ql5EZL4o.roa (raw, json)
Hash identifier: TJgckhJBBRpGYhyFD0yw9m34NxU8anFsSaa5uVJg8R8=
Subject key identifier: 80:D5:C3:8C:62:60:9C:49:73:18:9C:37:A3:ED:D0:97:91:19:2F:8A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0191E5B8A403CA0C25D8FF5E67D84295E8FE
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gNXDjGJgnElzGJw3o-3Ql5EZL4o.roa
Signing time: Thu 12 Sep 2024 10:12:48 +0000
ROA not before: Thu 12 Sep 2024 10:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28022
IP address blocks: 190.106.64.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:b8:a4:03:ca:0c:25:d8:ff:5e:67:d8:42:95:e8:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Sep 12 10:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80d5c38c62609c4973189c37a3edd09791192f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5b:24:07:79:24:40:31:27:7a:03:9a:ae:ca:
43:ac:2d:2a:8a:c1:f2:6e:97:53:0c:81:67:44:b9:
2c:18:3c:75:6e:03:ff:73:25:2f:a1:2c:29:2d:29:
0f:4e:d9:00:07:2c:15:11:bc:a0:e3:dd:2e:f3:00:
d8:02:73:9f:b8:4f:5e:78:48:5a:cc:40:10:11:dd:
8e:01:a9:90:97:18:46:99:34:70:cb:b1:c7:a8:24:
bc:c9:96:9c:db:2a:71:92:53:75:3b:a4:e7:cd:53:
30:7f:2a:e9:b3:fa:7e:38:cd:72:5a:9b:ca:3e:d3:
42:63:c3:ee:96:93:c4:5f:5f:fe:33:9c:bd:da:b0:
1a:17:cf:31:51:e8:59:f6:ae:0a:41:7d:6c:53:31:
86:d6:b8:4b:e8:b9:25:3d:de:45:33:59:30:c4:2e:
c0:80:c6:06:a9:54:01:98:7e:2e:a4:90:d8:2f:c7:
ad:3b:38:20:ad:8f:26:19:cc:bb:88:01:7e:8a:6a:
d0:35:c1:69:93:2e:19:6f:e0:96:df:10:b6:8d:47:
21:6c:a9:c6:c1:15:65:74:2f:32:1e:ea:6f:3b:2b:
1d:62:bc:6d:15:0e:fc:bb:3f:d5:3c:05:9a:89:f3:
be:cd:ea:90:16:03:dc:87:27:58:da:84:19:1f:14:
e3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D5:C3:8C:62:60:9C:49:73:18:9C:37:A3:ED:D0:97:91:19:2F:8A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gNXDjGJgnElzGJw3o-3Ql5EZL4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
190.106.64.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:67:ce:c2:30:48:0f:a8:c6:ca:3e:7a:3e:84:4f:8c:6f:53:
26:2e:1a:ef:81:b9:00:2e:bc:aa:f3:f1:83:e0:d6:b8:3c:f1:
57:e8:49:9e:0a:9c:20:95:9f:49:09:6d:40:99:b2:ef:e9:98:
04:88:63:48:98:1c:9f:fd:e3:77:a5:50:72:7d:c1:25:21:38:
a2:10:87:7e:ee:22:27:4c:e0:6c:2d:ff:4d:cf:83:36:52:79:
5a:0c:c8:f3:d3:a4:e3:af:e3:be:7e:7c:56:49:2d:2d:75:8b:
93:77:8a:2d:f4:be:87:08:ac:47:8e:d3:d1:f1:b9:0a:52:a9:
06:56:6c:b6:68:d4:bf:e8:9d:17:4b:2f:a7:34:33:6d:1d:60:
66:41:b6:49:eb:04:47:b0:75:f2:e5:5a:8a:76:ec:a6:3b:df:
14:ae:91:c0:69:29:a8:08:22:54:c3:45:55:fd:12:4d:67:46:
3c:9f:b7:d6:2b:2a:a9:35:00:7e:5b:e9:77:0d:ae:ab:77:14:
ff:81:53:c3:98:aa:48:2e:66:56:62:a5:0a:4e:6e:1a:3e:40:
22:10:06:24:db:ee:d6:b1:09:82:77:a4:bf:49:c0:9e:69:ec:
4e:c4:5a:71:70:0f:bc:1a:00:d5:0a:3a:96:d4:f0:a6:0c:8d:
fe:6d:84:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHluKQDygwl2P9eZ9hClej+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwOTEyMTAxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQ1YzM4YzYyNjA5YzQ5NzMxODljMzdhM2VkZDA5NzkxMTkyZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVskB3kkQDEnegOarspDrC0qisHy
bpdTDIFnRLksGDx1bgP/cyUvoSwpLSkPTtkABywVEbyg490u8wDYAnOfuE9eeEha
zEAQEd2OAamQlxhGmTRwy7HHqCS8yZac2ypxklN1O6TnzVMwfyrps/p+OM1yWpvK
PtNCY8PulpPEX1/+M5y92rAaF88xUehZ9q4KQX1sUzGG1rhL6LklPd5FM1kwxC7A
gMYGqVQBmH4upJDYL8etOzggrY8mGcy7iAF+imrQNcFpky4Zb+CW3xC2jUchbKnG
wRVldC8yHupvOysdYrxtFQ78uz/VPAWaifO+zeqQFgPchydY2oQZHxTjlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDVw4xiYJxJcxicN6Pt0JeRGS+KMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZ05YRGpHSmduRWx6R0p3M28tM1FsNUVaTDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvmpAMA0G
CSqGSIb3DQEBCwUAA4IBAQCeZ87CMEgPqMbKPno+hE+Mb1MmLhrvgbkALryq8/GD
4Na4PPFX6EmeCpwglZ9JCW1AmbLv6ZgEiGNImByf/eN3pVByfcElITiiEId+7iIn
TOBsLf9Nz4M2UnlaDMjz06Tjr+O+fnxWSS0tdYuTd4ot9L6HCKxHjtPR8bkKUqkG
Vmy2aNS/6J0XSy+nNDNtHWBmQbZJ6wRHsHXy5VqKduymO98UrpHAaSmoCCJUw0VV
/RJNZ0Y8n7fWKyqpNQB+W+l3Da6rdxT/gVPDmKpILmZWYqUKTm4aPkAiEAYk2+7W
sQmCd6S/ScCeaexOxFpxcA+8GgDVCjqW1PCmDI3+bYRI
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:15 2024 by rpki-client on console-ams.rpki-client.org