Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/2G0aA9WeNc8hSUz91i_ssdjmYpU.roa
File: 2G0aA9WeNc8hSUz91i_ssdjmYpU.roa (raw, json)
Hash identifier: RCRi5dV122qlgePbodlkVl4rH7RAJ29nSO/brPOjJlA=
Subject key identifier: D8:6D:1A:03:D5:9E:35:CF:21:49:4C:FD:D6:2F:EC:B1:D8:E6:62:95
Certificate issuer: /CN=6821c8ff0437f7edd829166fde03446f86109d80
Certificate serial: 01930C20E12565F517E95D7B0F438EED6A40
Authority key identifier: 68:21:C8:FF:04:37:F7:ED:D8:29:16:6F:DE:03:44:6F:86:10:9D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/2G0aA9WeNc8hSUz91i_ssdjmYpU.roa
Signing time: Fri 08 Nov 2024 14:15:01 +0000
ROA not before: Fri 08 Nov 2024 14:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57498
IP address blocks: 194.187.30.0/23 maxlen: 23
194.187.30.0/24 maxlen: 24
194.187.31.0/24 maxlen: 24
2001:678:b8c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/aCHI_wQ39-3YKRZv3gNEb4YQnYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/aCHI_wQ39-3YKRZv3gNEb4YQnYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0c:20:e1:25:65:f5:17:e9:5d:7b:0f:43:8e:ed:6a:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6821c8ff0437f7edd829166fde03446f86109d80
Validity
Not Before: Nov 8 14:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86d1a03d59e35cf21494cfdd62fecb1d8e66295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b6:9f:25:0f:af:95:35:81:9f:86:b7:e0:c7:
d0:2e:70:0a:80:42:24:56:46:8b:ef:6a:26:0a:da:
e0:f1:46:42:84:b9:0d:07:64:6b:97:89:bf:0c:a0:
13:0a:35:8a:53:78:4f:74:27:f8:0b:99:d6:5c:7d:
76:48:88:a7:41:10:fe:51:63:48:7c:2e:a9:b6:80:
e5:0f:7f:b8:02:64:d7:8a:19:52:f4:24:4a:c1:88:
0a:d8:b9:e4:32:76:a7:1b:88:da:e9:80:1a:27:4e:
c5:c3:b8:30:e0:31:75:1d:6b:ba:ac:67:32:1f:e2:
f6:31:b4:2a:e1:5b:fd:6a:eb:ea:0a:ee:92:c5:c1:
1b:6d:47:03:ee:61:7c:4d:c4:f0:6a:52:a4:da:85:
41:27:43:e7:03:bd:ee:4c:e0:f2:a3:a5:f6:40:f5:
52:91:e9:31:87:56:9d:5d:d7:04:50:d4:c3:2b:2c:
ed:dc:35:db:1d:78:93:84:af:fc:3c:25:d1:b0:a7:
ad:36:7b:51:f1:4e:fb:b7:1a:4a:39:0d:d9:c7:28:
1f:1f:9e:ea:b9:c0:6b:32:b4:4d:64:1c:f3:2e:24:
56:65:b0:00:51:2b:21:8b:65:91:02:8d:b7:4b:72:
9f:96:41:1e:f7:c8:2d:41:80:d4:10:d6:ea:00:58:
fb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6D:1A:03:D5:9E:35:CF:21:49:4C:FD:D6:2F:EC:B1:D8:E6:62:95
X509v3 Authority Key Identifier:
keyid:68:21:C8:FF:04:37:F7:ED:D8:29:16:6F:DE:03:44:6F:86:10:9D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCHI_wQ39-3YKRZv3gNEb4YQnYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/2G0aA9WeNc8hSUz91i_ssdjmYpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/13b144-be16-4922-a983-25ae9293f6b4/1/aCHI_wQ39-3YKRZv3gNEb4YQnYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.30.0/23
IPv6:
2001:678:b8c::/48
Signature Algorithm: sha256WithRSAEncryption
9f:9e:c4:2f:ff:fc:3c:bd:67:e6:a2:53:72:2b:7e:5d:10:09:
bf:ae:9b:12:18:51:95:54:cf:ce:ea:18:a6:91:b7:df:e5:7e:
02:08:89:69:ba:c2:d3:c7:fb:c9:a9:a9:b6:69:4a:a4:92:2a:
3c:b7:1f:7a:4a:f6:c4:e4:b2:25:78:91:6b:2b:73:7f:92:93:
43:d3:9a:9c:b2:f8:94:dc:33:4d:35:4d:9b:28:c0:a6:ee:1b:
0f:03:0b:95:34:1a:f5:06:26:35:16:78:e6:18:29:3d:47:ca:
89:67:b7:66:86:29:ab:7f:1c:16:33:dc:c4:f1:e3:f8:8c:60:
40:6b:32:45:35:9b:ea:77:c3:86:79:a5:21:25:64:bd:1b:90:
d9:e3:95:e0:d7:ae:09:92:4b:87:49:b9:9b:20:e9:0a:0a:78:
40:c6:dd:1f:6f:66:5a:0a:82:02:ae:f9:aa:e6:ed:dd:72:16:
dd:6b:d7:e6:0f:0e:bf:a1:11:2b:0c:47:93:fa:43:0b:15:93:
c1:81:24:69:dc:48:89:40:56:eb:8e:0b:e1:bc:86:fb:84:0a:
c8:06:a6:c5:30:17:3c:99:7f:5b:57:c1:07:d6:90:a1:19:ed:
68:83:81:5d:e6:38:d3:bc:6a:9e:e9:cf:58:87:2c:8b:b7:96:
bf:9c:11:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZMMIOElZfUX6V17D0OO7WpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjFjOGZmMDQzN2Y3ZWRkODI5MTY2ZmRlMDM0NDZmODYx
MDlkODAwHhcNMjQxMTA4MTQxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZkMWEwM2Q1OWUzNWNmMjE0OTRjZmRkNjJmZWNiMWQ4ZTY2Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7afJQ+vlTWBn4a34MfQLnAKgEIk
VkaL72omCtrg8UZChLkNB2Rrl4m/DKATCjWKU3hPdCf4C5nWXH12SIinQRD+UWNI
fC6ptoDlD3+4AmTXihlS9CRKwYgK2LnkMnanG4ja6YAaJ07Fw7gw4DF1HWu6rGcy
H+L2MbQq4Vv9auvqCu6SxcEbbUcD7mF8TcTwalKk2oVBJ0PnA73uTODyo6X2QPVS
kekxh1adXdcEUNTDKyzt3DXbHXiThK/8PCXRsKetNntR8U77txpKOQ3ZxygfH57q
ucBrMrRNZBzzLiRWZbAAUSshi2WRAo23S3KflkEe98gtQYDUENbqAFj7LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNhtGgPVnjXPIUlM/dYv7LHY5mKVMB8GA1UdIwQY
MBaAFGghyP8EN/ft2CkWb94DRG+GEJ2AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNISV93UTM5LTNZS1JadjNnTkViNFlRbllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8xM2IxNDQtYmUxNi00OTIyLWE5ODMt
MjVhZTkyOTNmNmI0LzEvMkcwYUE5V2VOYzhoU1V6OTFpX3NzZGptWXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8xM2IxNDQtYmUxNi00OTIyLWE5ODMtMjVhZTkyOTNmNmI0
LzEvYUNISV93UTM5LTNZS1JadjNnTkViNFlRbllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwrseMA8E
AgACMAkDBwAgAQZ4C4wwDQYJKoZIhvcNAQELBQADggEBAJ+exC///Dy9Z+aiU3Ir
fl0QCb+umxIYUZVUz87qGKaRt9/lfgIIiWm6wtPH+8mpqbZpSqSSKjy3H3pK9sTk
siV4kWsrc3+Sk0PTmpyy+JTcM001TZsowKbuGw8DC5U0GvUGJjUWeOYYKT1Hyoln
t2aGKat/HBYz3MTx4/iMYEBrMkU1m+p3w4Z5pSElZL0bkNnjleDXrgmSS4dJuZsg
6QoKeEDG3R9vZloKggKu+arm7d1yFt1r1+YPDr+hESsMR5P6QwsVk8GBJGncSIlA
VuuOC+G8hvuECsgGpsUwFzyZf1tXwQfWkKEZ7WiDgV3mONO8ap7pz1iHLIu3lr+c
ET4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:42 2024 by rpki-client on console-ams.rpki-client.org