Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/Go24FMyJ8r6Lg4d1hM4_mxr36K8.roa
File: Go24FMyJ8r6Lg4d1hM4_mxr36K8.roa (raw, json)
Hash identifier: kE/vfTeTzloUebKXowPwNHjS+4aff10gi9f7LFhwj5c=
Subject key identifier: 1A:8D:B8:14:CC:89:F2:BE:8B:83:87:75:84:CE:3F:9B:1A:F7:E8:AF
Certificate issuer: /CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Certificate serial: 018CC5DC84F15575FB64E77EE0F515A7E077
Authority key identifier: FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/Go24FMyJ8r6Lg4d1hM4_mxr36K8.roa
Signing time: Mon 01 Jan 2024 16:30:12 +0000
ROA not before: Mon 01 Jan 2024 16:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35332
IP address blocks: 185.100.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:84:f1:55:75:fb:64:e7:7e:e0:f5:15:a7:e0:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Validity
Not Before: Jan 1 16:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a8db814cc89f2be8b83877584ce3f9b1af7e8af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:04:4e:c7:9f:f0:d5:ad:70:dc:5e:4d:81:76:
02:0d:b5:6a:3d:33:30:e4:c9:81:d7:68:2f:1b:80:
12:a8:88:8f:7c:3a:9d:7e:6e:6b:de:4a:bd:79:54:
bd:86:2b:cb:65:7e:bd:40:31:ed:76:bc:65:7d:ec:
72:4f:db:02:f8:d1:11:00:cf:70:d1:93:e4:12:9a:
1a:f3:bb:b7:9d:0b:a4:70:1e:ea:8e:25:b9:e3:de:
53:62:4c:e1:ba:89:59:a3:6f:b0:a9:37:19:e6:29:
1f:5c:1b:e6:15:8b:12:00:9c:91:75:e4:26:bc:cb:
67:3f:ed:b6:18:b4:5c:4a:35:43:f3:33:f4:7f:ad:
a3:77:1c:69:1a:25:5a:7d:a3:cb:f1:86:44:e4:21:
39:76:97:05:03:f3:85:85:61:ff:55:00:bd:bc:36:
94:a1:c7:cd:0c:5f:65:c3:9f:73:bf:7f:ce:1b:13:
5b:93:f9:a4:51:83:a9:0b:3c:73:85:1a:b8:60:bc:
8d:31:44:ad:4c:94:c0:32:9e:24:be:25:eb:31:af:
50:d6:e1:ce:24:18:12:8f:5f:60:50:27:2a:a9:d0:
00:fe:64:dc:19:e2:b3:25:d3:e3:dd:f9:de:1a:b9:
85:66:d7:70:6a:ff:ee:ae:ae:83:a7:2c:a3:a1:f7:
a0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8D:B8:14:CC:89:F2:BE:8B:83:87:75:84:CE:3F:9B:1A:F7:E8:AF
X509v3 Authority Key Identifier:
keyid:FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/Go24FMyJ8r6Lg4d1hM4_mxr36K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.192.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:7e:41:ce:4c:0f:50:e1:79:e9:57:f3:dd:dd:80:92:bd:24:
3b:ad:6c:d4:79:57:fa:bc:45:d3:8d:3d:0b:c4:fc:0e:66:90:
77:b4:6c:39:40:01:29:bc:83:da:b6:a4:ed:05:02:86:83:11:
32:43:1e:a0:bd:f9:7d:ed:9d:29:d2:ab:02:6c:12:e8:60:99:
a9:a5:5e:b8:e0:66:c8:72:7d:1a:c9:f6:f6:72:74:51:5e:2b:
7b:1e:39:54:db:97:be:e0:6b:1c:bd:6c:c8:64:ee:5d:e4:10:
6a:e3:f3:7c:00:f2:48:b9:4a:c6:f2:23:7c:cd:4d:b4:ec:33:
ed:9a:78:3b:17:4c:65:b3:a7:6d:04:01:67:2e:a1:21:ff:68:
52:d2:a1:dd:6f:9c:6a:7c:c3:e9:f6:1d:51:f2:c7:98:80:53:
16:33:6d:52:04:88:b1:4f:c5:ea:46:d1:1d:82:b1:6b:09:59:
a1:89:67:27:05:44:99:7e:80:f5:a2:40:65:3b:fe:b0:3a:fe:
1b:71:78:73:ca:6e:d3:3b:a7:7c:65:dc:7b:de:a1:24:42:7d:
1b:94:55:5d:9c:85:96:55:4c:65:5c:33:39:6b:de:08:7b:dd:
ba:ca:c0:cc:a9:d5:e2:2d:4e:0f:40:a7:0f:31:2e:42:b3:89:
09:a2:09:3c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3ITxVXX7ZOd+4PUVp+B3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNzBiNDJkN2FmNmFkNzgyMjJiMzBmMDVmMmI3OTEzZjgw
NjM1NzAwHhcNMjQwMTAxMTYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYThkYjgxNGNjODlmMmJlOGI4Mzg3NzU4NGNlM2Y5YjFhZjdlOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwROx5/w1a1w3F5NgXYCDbVqPTMw
5MmB12gvG4ASqIiPfDqdfm5r3kq9eVS9hivLZX69QDHtdrxlfexyT9sC+NERAM9w
0ZPkEpoa87u3nQukcB7qjiW5495TYkzhuolZo2+wqTcZ5ikfXBvmFYsSAJyRdeQm
vMtnP+22GLRcSjVD8zP0f62jdxxpGiVafaPL8YZE5CE5dpcFA/OFhWH/VQC9vDaU
ocfNDF9lw59zv3/OGxNbk/mkUYOpCzxzhRq4YLyNMUStTJTAMp4kviXrMa9Q1uHO
JBgSj19gUCcqqdAA/mTcGeKzJdPj3fneGrmFZtdwav/urq6DpyyjofegmwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBqNuBTMifK+i4OHdYTOP5sa9+ivMB8GA1UdIwQY
MBaAFPpwtC169q14Iisw8F8reRP4BjVwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uQzBMWHIyclhnaUt6RHdYeXQ1RV9nR05YQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5
LWI5MTQxNTliYThhZC8xL0dvMjRGTXlKOHI2TGc0ZDFoTTRfbXhyMzZLOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5LWI5MTQxNTliYThh
ZC8xLzEtbkMwTFhyMnJYZ2lLekR3WHl0NUVfZ0dOWEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5ZMAw
DQYJKoZIhvcNAQELBQADggEBABt+Qc5MD1DheelX893dgJK9JDutbNR5V/q8RdON
PQvE/A5mkHe0bDlAASm8g9q2pO0FAoaDETJDHqC9+X3tnSnSqwJsEuhgmamlXrjg
ZshyfRrJ9vZydFFeK3seOVTbl77gaxy9bMhk7l3kEGrj83wA8ki5SsbyI3zNTbTs
M+2aeDsXTGWzp20EAWcuoSH/aFLSod1vnGp8w+n2HVHyx5iAUxYzbVIEiLFPxepG
0R2CsWsJWaGJZycFRJl+gPWiQGU7/rA6/htxeHPKbtM7p3xl3HveoSRCfRuUVV2c
hZZVTGVcMzlr3gh73brKwMyp1eItTg9Apw8xLkKziQmiCTw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:58 2024 by rpki-client on console-ams.rpki-client.org