Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/cGAcnya9tpWRusG8AgV4cWKAYk8.roa
File: cGAcnya9tpWRusG8AgV4cWKAYk8.roa (raw, json)
Hash identifier: HTqgy9ow/utJkGxnmqmU1CMEoTtvcClIXxQPvIV4Q+Q=
Subject key identifier: 70:60:1C:9F:26:BD:B6:95:91:BA:C1:BC:02:05:78:71:62:80:62:4F
Certificate issuer: /CN=351c7b5607c536657fd5748f6f65b24ac12eb17d
Certificate serial: 018ED50B3B4FF91B43A70D7EE0D898B91327
Authority key identifier: 35:1C:7B:56:07:C5:36:65:7F:D5:74:8F:6F:65:B2:4A:C1:2E:B1:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRx7VgfFNmV_1XSPb2WySsEusX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/cGAcnya9tpWRusG8AgV4cWKAYk8.roa
Signing time: Sat 13 Apr 2024 01:21:06 +0000
ROA not before: Sat 13 Apr 2024 01:21:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 146.19.191.0/24 maxlen: 24
193.111.248.0/24 maxlen: 24
193.111.249.0/24 maxlen: 24
2a12:eb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/NRx7VgfFNmV_1XSPb2WySsEusX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/NRx7VgfFNmV_1XSPb2WySsEusX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRx7VgfFNmV_1XSPb2WySsEusX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d5:0b:3b:4f:f9:1b:43:a7:0d:7e:e0:d8:98:b9:13:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351c7b5607c536657fd5748f6f65b24ac12eb17d
Validity
Not Before: Apr 13 01:21:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70601c9f26bdb69591bac1bc020578716280624f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:f4:a4:a6:8f:5f:44:55:74:c3:a1:af:fc:
7b:09:f7:3c:e2:97:2b:04:c3:9c:32:fa:e0:96:97:
5c:b5:8d:82:20:b7:d1:4f:fa:28:f0:bf:6c:26:25:
0f:5e:e3:72:d0:f0:52:19:ce:29:4b:b9:59:08:54:
66:6a:9b:39:20:16:e4:8c:4d:da:6b:7a:23:1b:d3:
f9:94:c8:4d:ec:fd:e9:eb:81:ff:ea:d5:60:bd:43:
b2:b8:ad:6d:e4:d4:15:47:16:a5:13:47:18:5b:0e:
b7:f1:b2:9c:1d:20:59:62:fc:e2:d8:07:2c:b4:07:
e7:97:30:39:ed:cc:6a:65:42:4d:7f:5a:72:e6:4b:
64:7c:d7:75:1c:05:d2:39:ba:53:66:f7:b5:0f:f7:
4a:49:6c:ac:45:d0:e6:96:5b:cf:a9:63:0c:c5:9f:
99:eb:96:24:c1:c1:4f:d4:ff:3e:c2:33:d6:c1:f5:
46:ad:02:c7:40:be:41:ab:1b:87:4c:35:ad:ec:89:
82:2c:6e:7c:87:db:13:a0:0e:ad:b2:47:8b:65:a7:
d1:29:f2:d8:92:e8:8c:49:6f:2b:90:0d:9f:e1:c5:
4f:48:bf:72:7e:24:02:55:63:bb:b7:a9:88:84:71:
34:8f:a7:50:d9:a8:2d:96:63:8b:9b:40:47:35:0b:
40:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:60:1C:9F:26:BD:B6:95:91:BA:C1:BC:02:05:78:71:62:80:62:4F
X509v3 Authority Key Identifier:
keyid:35:1C:7B:56:07:C5:36:65:7F:D5:74:8F:6F:65:B2:4A:C1:2E:B1:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRx7VgfFNmV_1XSPb2WySsEusX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/cGAcnya9tpWRusG8AgV4cWKAYk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c1ff21-5ac2-4e50-936c-651707c91fd3/1/NRx7VgfFNmV_1XSPb2WySsEusX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.191.0/24
193.111.248.0/23
IPv6:
2a12:eb00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:85:ec:34:21:13:9f:80:ac:0c:e1:23:26:e5:73:57:39:d6:
e0:10:f0:a5:5c:d6:49:44:7a:9a:63:82:c0:3e:3a:82:e2:16:
c4:34:89:a1:d4:b2:2f:a7:01:99:90:71:5f:f9:e2:8e:5f:0e:
56:59:79:93:63:90:d6:5e:7e:66:dc:97:3c:84:a9:cd:eb:0b:
1f:d5:56:37:5a:63:77:88:f3:31:fb:d5:39:62:19:97:95:bc:
b8:68:be:e3:55:e3:cb:75:c6:df:b3:d3:0e:b7:b7:d1:af:27:
04:2b:ae:72:e7:c3:28:db:fc:d5:74:be:af:21:61:40:30:53:
ef:38:66:c7:bb:ad:00:4d:6b:3f:fa:33:c0:fa:08:43:cc:29:
6a:f3:6d:63:b2:cd:50:11:2e:f5:ec:3b:14:7a:ce:fa:44:9d:
b3:ee:db:c2:e8:6a:8c:5b:af:fa:32:1c:d2:5d:ed:ef:55:d5:
bd:90:9f:4a:15:3d:50:30:18:69:64:eb:ac:e2:2c:62:68:e8:
d3:79:28:56:ed:ce:8d:c3:7d:e6:15:e5:df:f1:04:72:5e:3a:
93:c8:f9:0f:05:ba:cb:ba:01:d1:73:2d:f4:af:2e:5c:e8:ed:
65:0e:5d:96:a3:77:dc:38:7e:d0:a4:bc:81:24:6b:98:ba:1a:
1a:93:89:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY7VCztP+RtDpw1+4NiYuRMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWM3YjU2MDdjNTM2NjU3ZmQ1NzQ4ZjZmNjViMjRhYzEy
ZWIxN2QwHhcNMjQwNDEzMDEyMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDYwMWM5ZjI2YmRiNjk1OTFiYWMxYmMwMjA1Nzg3MTYyODA2MjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotH0pKaPX0RVdMOhr/x7Cfc84pcr
BMOcMvrglpdctY2CILfRT/oo8L9sJiUPXuNy0PBSGc4pS7lZCFRmaps5IBbkjE3a
a3ojG9P5lMhN7P3p64H/6tVgvUOyuK1t5NQVRxalE0cYWw638bKcHSBZYvzi2Acs
tAfnlzA57cxqZUJNf1py5ktkfNd1HAXSObpTZve1D/dKSWysRdDmllvPqWMMxZ+Z
65YkwcFP1P8+wjPWwfVGrQLHQL5BqxuHTDWt7ImCLG58h9sToA6tskeLZafRKfLY
kuiMSW8rkA2f4cVPSL9yfiQCVWO7t6mIhHE0j6dQ2agtlmOLm0BHNQtAgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHBgHJ8mvbaVkbrBvAIFeHFigGJPMB8GA1UdIwQY
MBaAFDUce1YHxTZlf9V0j29lskrBLrF9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJ4N1ZnZkZObVZfMVhTUGIyV3lTc0V1c1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jMWZmMjEtNWFjMi00ZTUwLTkzNmMt
NjUxNzA3YzkxZmQzLzEvY0dBY255YTl0cFdSdXNHOEFnVjRjV0tBWWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jMWZmMjEtNWFjMi00ZTUwLTkzNmMtNjUxNzA3YzkxZmQz
LzEvTlJ4N1ZnZkZObVZfMVhTUGIyV3lTc0V1c1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAkhO/AwQB
wW/4MA0EAgACMAcDBQMqEusAMA0GCSqGSIb3DQEBCwUAA4IBAQAchew0IROfgKwM
4SMm5XNXOdbgEPClXNZJRHqaY4LAPjqC4hbENImh1LIvpwGZkHFf+eKOXw5WWXmT
Y5DWXn5m3Jc8hKnN6wsf1VY3WmN3iPMx+9U5YhmXlby4aL7jVePLdcbfs9MOt7fR
rycEK65y58Mo2/zVdL6vIWFAMFPvOGbHu60ATWs/+jPA+ghDzClq821jss1QES71
7DsUes76RJ2z7tvC6GqMW6/6MhzSXe3vVdW9kJ9KFT1QMBhpZOus4ixiaOjTeShW
7c6Nw33mFeXf8QRyXjqTyPkPBbrLugHRcy30ry5c6O1lDl2Wo3fcOH7QpLyBJGuY
uhoak4lz
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:35:20 2024 by rpki-client on console-fra.rpki-client.org