Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/gXsnJLvq4RrJMSAItrBhvLUwjUI.roa
File: gXsnJLvq4RrJMSAItrBhvLUwjUI.roa (raw, json)
Hash identifier: uaMt2RM6isuZ2VdSSk5IkaM3w/d33BhNRJN6sjz20MA=
Subject key identifier: 81:7B:27:24:BB:EA:E1:1A:C9:31:20:08:B6:B0:61:BC:B5:30:8D:42
Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial: 0192AF239250879E15991FD7FF1C05BDE305
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/gXsnJLvq4RrJMSAItrBhvLUwjUI.roa
Signing time: Mon 21 Oct 2024 12:53:16 +0000
ROA not before: Mon 21 Oct 2024 12:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397688
IP address blocks: 2.58.8.0/24 maxlen: 24
2.58.9.0/24 maxlen: 24
2.58.10.0/24 maxlen: 24
31.222.58.0/24 maxlen: 24
147.189.164.0/24 maxlen: 24
147.189.165.0/24 maxlen: 24
147.189.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:23:92:50:87:9e:15:99:1f:d7:ff:1c:05:bd:e3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Validity
Not Before: Oct 21 12:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=817b2724bbeae11ac9312008b6b061bcb5308d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:7a:1a:b5:49:ac:34:6a:2a:0a:a3:99:4d:
5e:cb:b0:9e:5b:b6:77:51:17:b0:cf:2a:d0:8b:d1:
ed:79:10:fb:99:50:e2:a9:da:f9:44:d8:12:6e:d4:
4b:56:bd:a1:6b:ee:46:bd:71:19:69:d1:81:e9:49:
73:a2:93:50:0c:4e:40:81:d1:db:46:9b:21:b2:9b:
8a:5d:ed:04:43:28:58:31:a3:12:81:05:79:83:c8:
74:13:89:07:27:4a:c6:f4:48:e9:8d:c7:a7:2a:bc:
e5:7c:be:1b:e4:4a:43:56:a5:8f:e1:ea:8a:74:ec:
9b:87:ed:f3:14:ea:65:4f:4b:c7:d3:85:1a:3b:f8:
e6:6f:bd:5f:1c:c1:97:3d:79:85:9c:37:14:b6:7a:
9f:87:eb:fd:aa:6c:f5:9c:24:00:27:36:d5:94:76:
49:50:91:90:f5:23:80:21:56:c9:0d:c9:02:bb:e9:
de:14:a7:8e:8e:44:ea:f1:5f:d8:40:bc:b3:b9:28:
13:f7:0d:77:e3:77:0e:88:36:98:cf:18:10:ed:55:
a0:d4:5c:76:99:93:dd:10:d7:04:e3:da:56:bf:bd:
78:ee:ed:7e:ce:ab:10:c9:15:2d:0e:61:ca:28:0e:
7e:c1:41:ca:76:96:84:e7:69:f5:9d:af:9f:1a:6f:
ad:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:7B:27:24:BB:EA:E1:1A:C9:31:20:08:B6:B0:61:BC:B5:30:8D:42
X509v3 Authority Key Identifier:
keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/gXsnJLvq4RrJMSAItrBhvLUwjUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.8.0-2.58.10.255
31.222.58.0/24
147.189.164.0-147.189.166.255
Signature Algorithm: sha256WithRSAEncryption
b1:ca:17:3e:58:50:b9:3b:59:fd:37:58:fb:d4:72:23:f6:ac:
c7:7e:69:93:bd:19:6f:94:cf:f9:67:dd:80:d4:de:25:e2:10:
4d:b4:8a:85:02:c1:d9:d3:ed:a9:d3:a4:54:a7:00:a5:de:31:
4c:7b:48:3c:f0:78:2b:d1:64:0d:5d:de:4f:4a:c7:b0:d2:9f:
13:69:56:97:e7:f7:20:6f:47:06:a8:13:8e:82:a9:32:ab:c0:
4e:82:8c:5e:90:3a:d5:e3:00:82:d6:4e:0a:a9:2e:f5:e6:a0:
4b:9b:ba:65:bb:77:7c:44:d2:2d:ff:0a:22:49:b1:77:e2:68:
e2:97:95:26:bd:de:c3:28:47:ce:7f:7d:d5:c5:9b:bb:12:f6:
57:bc:d1:b7:0f:55:db:dc:0b:39:94:4f:69:83:3a:2a:73:53:
8d:fa:59:72:73:2c:84:d3:84:bf:5e:7c:90:ba:37:03:77:75:
5a:f1:b3:79:a8:45:c5:0c:58:d2:27:3a:7b:2b:c5:aa:e5:71:
38:95:b0:b1:50:ce:a5:bc:bd:94:00:e2:1c:a6:d9:86:c1:bb:
aa:01:a2:52:88:d4:14:ca:ca:b0:50:1d:bd:cd:d7:83:95:b8:
26:3d:cb:35:9c:8b:4e:c9:4e:7f:e2:7b:9e:43:d2:65:87:6e:
fa:81:32:53
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZKvI5JQh54VmR/X/xwFveMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjQxMDIxMTI1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTdiMjcyNGJiZWFlMTFhYzkzMTIwMDhiNmIwNjFiY2I1MzA4ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtZ6GrVJrDRqKgqjmU1ey7CeW7Z3
URewzyrQi9HteRD7mVDiqdr5RNgSbtRLVr2ha+5GvXEZadGB6UlzopNQDE5AgdHb
RpshspuKXe0EQyhYMaMSgQV5g8h0E4kHJ0rG9EjpjcenKrzlfL4b5EpDVqWP4eqK
dOybh+3zFOplT0vH04UaO/jmb71fHMGXPXmFnDcUtnqfh+v9qmz1nCQAJzbVlHZJ
UJGQ9SOAIVbJDckCu+neFKeOjkTq8V/YQLyzuSgT9w1343cOiDaYzxgQ7VWg1Fx2
mZPdENcE49pWv7147u1+zqsQyRUtDmHKKA5+wUHKdpaE52n1na+fGm+tTwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIF7JyS76uEayTEgCLawYby1MI1CMB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEvZ1hzbkpMdnE0UnJKTVNBSXRyQmh2TFV3alVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAMCOggD
BAACOgoDBAAf3jowDAMEApO9pAMEAJO9pjANBgkqhkiG9w0BAQsFAAOCAQEAscoX
PlhQuTtZ/TdY+9RyI/asx35pk70Zb5TP+WfdgNTeJeIQTbSKhQLB2dPtqdOkVKcA
pd4xTHtIPPB4K9FkDV3eT0rHsNKfE2lWl+f3IG9HBqgTjoKpMqvAToKMXpA61eMA
gtZOCqku9eagS5u6Zbt3fETSLf8KIkmxd+Jo4peVJr3ewyhHzn991cWbuxL2V7zR
tw9V29wLOZRPaYM6KnNTjfpZcnMshNOEv158kLo3A3d1WvGzeahFxQxY0ic6eyvF
quVxOJWwsVDOpby9lADiHKbZhsG7qgGiUojUFMrKsFAdvc3Xg5W4Jj3LNZyLTslO
f+J7nkPSZYdu+oEyUw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 21:59:43 2024 by rpki-client on console-fra.rpki-client.org