Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/g3CX5JYd9UROTdhpJAvfjLWBqMo.roa
File: g3CX5JYd9UROTdhpJAvfjLWBqMo.roa (raw, json)
Hash identifier: Tj1I1wWcISXtvbxDXVp9BkofmzaAFDM9ftD7TCiB4YA=
Subject key identifier: 83:70:97:E4:96:1D:F5:44:4E:4D:D8:69:24:0B:DF:8C:B5:81:A8:CA
Certificate issuer: /CN=87dc1a9bffa2cf15a7d8099c8a3c317ce07db5ea
Certificate serial: 018CC94D93FB967375EA2E9BCA27091CD529
Authority key identifier: 87:DC:1A:9B:FF:A2:CF:15:A7:D8:09:9C:8A:3C:31:7C:E0:7D:B5:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9wam_-izxWn2AmcijwxfOB9teo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/g3CX5JYd9UROTdhpJAvfjLWBqMo.roa
Signing time: Tue 02 Jan 2024 08:32:33 +0000
ROA not before: Tue 02 Jan 2024 08:32:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211611
IP address blocks: 217.197.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/h9wam_-izxWn2AmcijwxfOB9teo.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/h9wam_-izxWn2AmcijwxfOB9teo.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9wam_-izxWn2AmcijwxfOB9teo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:93:fb:96:73:75:ea:2e:9b:ca:27:09:1c:d5:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87dc1a9bffa2cf15a7d8099c8a3c317ce07db5ea
Validity
Not Before: Jan 2 08:32:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=837097e4961df5444e4dd869240bdf8cb581a8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b0:b5:6a:62:3c:0a:10:5e:07:90:6d:9a:1c:
d2:3a:67:dc:ae:f8:48:8f:cf:f8:9e:2f:59:d1:f1:
39:c2:54:1b:82:d3:bf:9e:2c:da:55:22:cf:9e:17:
7a:12:40:52:40:46:f8:53:d2:cd:11:66:58:ae:0e:
d0:f6:6e:95:ed:28:02:23:0f:fb:ff:5c:9a:a3:81:
13:47:17:7d:38:2d:fb:59:59:81:0f:f0:ca:ce:c3:
51:9a:56:9f:7e:c5:05:dc:96:e6:cf:0b:91:84:2d:
62:77:7e:29:f6:42:4e:47:96:64:18:09:fc:f3:fe:
78:2e:ab:85:08:f4:78:c6:de:14:d7:85:b0:13:cd:
b4:bb:73:dd:3a:64:d5:15:8b:b2:92:2f:fa:46:39:
14:2f:d2:a2:bb:e2:b8:2c:42:30:82:b0:2e:5c:df:
64:07:85:ec:2b:f3:4a:63:4b:e0:ac:aa:e9:85:1d:
0c:ca:f7:eb:66:8e:ca:f3:3b:a0:ef:9c:08:48:e5:
59:5e:bc:00:1e:ad:9b:15:39:0c:9f:ba:97:58:f6:
97:64:4e:0d:20:25:96:37:4f:69:c2:9f:d3:69:37:
2c:86:c4:88:a2:f5:9e:66:4d:43:35:43:ef:f2:41:
e9:6f:27:e3:89:ce:4b:dd:ff:9d:4c:fb:af:67:78:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:70:97:E4:96:1D:F5:44:4E:4D:D8:69:24:0B:DF:8C:B5:81:A8:CA
X509v3 Authority Key Identifier:
keyid:87:DC:1A:9B:FF:A2:CF:15:A7:D8:09:9C:8A:3C:31:7C:E0:7D:B5:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9wam_-izxWn2AmcijwxfOB9teo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/g3CX5JYd9UROTdhpJAvfjLWBqMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/h9wam_-izxWn2AmcijwxfOB9teo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.98.0/24
Signature Algorithm: sha256WithRSAEncryption
78:0b:b5:a2:ba:4f:6f:1f:d5:9c:4b:1c:b0:60:5d:63:09:d4:
f4:d3:5e:1d:3a:e9:42:d2:0f:1c:7e:65:27:30:a1:ff:1f:80:
5f:3b:cd:43:ab:be:4d:7b:64:61:f4:65:dd:eb:5f:12:c5:13:
3a:d0:9e:43:e8:6e:d4:9a:e3:b0:60:09:f1:4b:3b:c2:8f:50:
a2:d2:b3:b4:cb:28:6e:56:3e:1b:90:a4:16:ca:f4:08:d9:2b:
26:ba:2e:fa:14:3e:27:3b:2c:e1:d7:a3:1c:b3:cd:9e:76:ff:
e1:2f:20:5e:79:b4:2a:89:2b:61:39:85:de:0f:2b:2d:1e:93:
a2:84:08:7a:74:c4:2a:61:db:b1:b6:d8:ab:15:7a:6b:01:f8:
a7:19:cb:79:58:4f:90:3d:63:40:74:e5:89:c4:c2:c9:23:82:
2a:45:fa:06:77:a4:1b:fc:39:d1:e8:e1:d1:dd:86:10:0d:02:
87:fa:e6:80:e2:b1:b8:21:15:e4:f8:49:29:2e:64:d8:7a:d4:
3d:ae:b7:a7:fe:40:bc:5e:78:25:53:86:55:ba:76:c7:72:c5:
aa:dd:9d:bb:00:25:10:9c:c2:c3:c8:23:8d:fb:bc:7f:f0:42:
68:a4:cd:2a:99:ca:a0:13:db:93:20:a2:78:cc:b6:54:a3:6f:
4b:29:47:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTZP7lnN16i6byicJHNUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGMxYTliZmZhMmNmMTVhN2Q4MDk5YzhhM2MzMTdjZTA3
ZGI1ZWEwHhcNMjQwMTAyMDgzMjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzcwOTdlNDk2MWRmNTQ0NGU0ZGQ4NjkyNDBiZGY4Y2I1ODFhOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbC1amI8ChBeB5BtmhzSOmfcrvhI
j8/4ni9Z0fE5wlQbgtO/nizaVSLPnhd6EkBSQEb4U9LNEWZYrg7Q9m6V7SgCIw/7
/1yao4ETRxd9OC37WVmBD/DKzsNRmlaffsUF3JbmzwuRhC1id34p9kJOR5ZkGAn8
8/54LquFCPR4xt4U14WwE820u3PdOmTVFYuyki/6RjkUL9Kiu+K4LEIwgrAuXN9k
B4XsK/NKY0vgrKrphR0MyvfrZo7K8zug75wISOVZXrwAHq2bFTkMn7qXWPaXZE4N
ICWWN09pwp/TaTcshsSIovWeZk1DNUPv8kHpbyfjic5L3f+dTPuvZ3jGbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINwl+SWHfVETk3YaSQL34y1gajKMB8GA1UdIwQY
MBaAFIfcGpv/os8Vp9gJnIo8MXzgfbXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDl3YW1fLWl6eFduMkFtY2lqd3hmT0I5dGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZDA1ZTktMzA5ZC00YWZlLTgxMWMt
NDlhZDk2ODRiMjE3LzEvZzNDWDVKWWQ5VVJPVGRocEpBdmZqTFdCcU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZDA1ZTktMzA5ZC00YWZlLTgxMWMtNDlhZDk2ODRiMjE3
LzEvaDl3YW1fLWl6eFduMkFtY2lqd3hmT0I5dGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cViMA0G
CSqGSIb3DQEBCwUAA4IBAQB4C7Wiuk9vH9WcSxywYF1jCdT0014dOulC0g8cfmUn
MKH/H4BfO81Dq75Ne2Rh9GXd618SxRM60J5D6G7UmuOwYAnxSzvCj1Ci0rO0yyhu
Vj4bkKQWyvQI2Ssmui76FD4nOyzh16Mcs82edv/hLyBeebQqiSthOYXeDystHpOi
hAh6dMQqYduxttirFXprAfinGct5WE+QPWNAdOWJxMLJI4IqRfoGd6Qb/DnR6OHR
3YYQDQKH+uaA4rG4IRXk+EkpLmTYetQ9rren/kC8XnglU4ZVunbHcsWq3Z27ACUQ
nMLDyCON+7x/8EJopM0qmcqgE9uTIKJ4zLZUo29LKUe4
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:39 2024 by rpki-client on console-ams.rpki-client.org