Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/gZyquP1mxcwuOOXT6I9kTGvOEag.roa
File: gZyquP1mxcwuOOXT6I9kTGvOEag.roa (raw, json)
Hash identifier: TxXLvG//c6kHTnG8moS7GQZK6013BBe73jGmXDd0zL0=
Subject key identifier: 81:9C:AA:B8:FD:66:C5:CC:2E:38:E5:D3:E8:8F:64:4C:6B:CE:11:A8
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 018CC5003A92306EACEB4085B2223DF46F39
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/gZyquP1mxcwuOOXT6I9kTGvOEag.roa
Signing time: Mon 01 Jan 2024 12:29:35 +0000
ROA not before: Mon 01 Jan 2024 12:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212249
IP address blocks: 185.174.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft
rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:3a:92:30:6e:ac:eb:40:85:b2:22:3d:f4:6f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Jan 1 12:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=819caab8fd66c5cc2e38e5d3e88f644c6bce11a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fc:d4:a7:e2:d9:02:a1:af:22:b3:73:bb:7c:
4f:11:96:8e:25:12:4b:ac:5a:61:03:e2:2c:b5:04:
06:e5:d6:41:02:d9:10:a6:6f:d9:ba:9f:fc:50:5c:
19:fc:cc:a2:7d:fb:50:f0:a2:94:7b:7d:11:8a:a8:
40:14:01:fb:e0:c2:75:b4:87:ff:4b:10:ba:e8:3e:
23:81:d4:d4:19:0c:f4:7d:77:74:b5:32:34:d4:ea:
11:7d:c3:b2:4b:ce:76:be:cf:6a:ee:90:7a:28:89:
a7:e3:47:6c:e7:f0:d7:82:1e:ae:d0:45:f3:a3:d4:
06:41:b5:39:e0:51:c2:9b:8f:5c:94:e2:39:cf:65:
77:21:8e:29:15:f1:53:e4:58:f0:f6:a7:13:83:fe:
66:94:4b:31:bc:0b:f6:e4:88:77:d0:aa:d7:60:92:
a3:4f:a4:de:1a:8c:a1:a1:b9:8a:de:44:f8:eb:65:
df:b8:ad:17:01:87:61:f3:3e:f9:55:16:7b:69:cf:
d4:f0:92:70:17:de:f1:94:a9:3a:2f:4e:ef:7a:0f:
5d:10:47:01:f7:50:8b:3b:c7:31:ba:33:fd:5e:37:
17:67:5a:25:9f:9d:51:fd:18:54:57:07:f0:a0:58:
17:8b:bc:6f:a3:1e:5a:01:93:cc:76:97:dd:a6:c5:
58:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9C:AA:B8:FD:66:C5:CC:2E:38:E5:D3:E8:8F:64:4C:6B:CE:11:A8
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/gZyquP1mxcwuOOXT6I9kTGvOEag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.71.0/24
Signature Algorithm: sha256WithRSAEncryption
69:05:57:fb:37:ae:df:b8:90:5d:fd:c8:6e:5c:ce:27:1c:6b:
1b:50:23:9b:cf:c0:c2:cd:b4:9d:10:cb:14:e3:6c:05:75:3c:
57:0f:c6:8a:a3:0d:85:54:45:ef:bd:4d:e6:c2:9a:a1:bc:a2:
52:5d:89:21:9c:cf:49:5a:26:ea:d6:cc:77:cd:08:55:2c:c3:
c9:51:af:36:07:c1:f7:04:20:0d:69:0a:62:21:e8:47:c0:06:
3f:76:5d:3f:f6:d5:b1:55:54:cf:9f:1a:26:12:43:72:60:3e:
d3:28:0d:f0:d0:f7:d9:bf:6d:99:eb:06:cc:04:1f:2e:b5:58:
f3:86:3c:5b:3e:63:ef:61:a1:82:16:e2:58:37:4e:1f:e9:1c:
a4:df:ae:7a:bf:82:0c:f9:a6:76:e8:e4:85:25:85:68:66:18:
06:c3:78:77:26:62:d3:5d:7e:a3:7b:b8:ee:e4:ea:94:e7:02:
a4:30:68:a0:19:c2:24:f1:84:8f:f3:8b:83:b5:62:bf:c2:45:
49:68:fa:a5:15:27:a3:2f:84:80:48:15:c3:e2:ea:60:56:32:
04:69:25:ef:a9:95:f0:d9:05:82:43:64:dd:1b:c8:e4:d5:f4:
89:6e:bf:fb:7e:96:26:7c:9d:f2:2f:56:bd:c1:0b:7d:91:24:
b2:15:24:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFADqSMG6s60CFsiI99G85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMTAxMTIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTljYWFiOGZkNjZjNWNjMmUzOGU1ZDNlODhmNjQ0YzZiY2UxMWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/zUp+LZAqGvIrNzu3xPEZaOJRJL
rFphA+IstQQG5dZBAtkQpm/Zup/8UFwZ/MyifftQ8KKUe30RiqhAFAH74MJ1tIf/
SxC66D4jgdTUGQz0fXd0tTI01OoRfcOyS852vs9q7pB6KImn40ds5/DXgh6u0EXz
o9QGQbU54FHCm49clOI5z2V3IY4pFfFT5Fjw9qcTg/5mlEsxvAv25Ih30KrXYJKj
T6TeGoyhobmK3kT462XfuK0XAYdh8z75VRZ7ac/U8JJwF97xlKk6L07veg9dEEcB
91CLO8cxujP9XjcXZ1oln51R/RhUVwfwoFgXi7xvox5aAZPMdpfdpsVYUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGcqrj9ZsXMLjjl0+iPZExrzhGoMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvZ1p5cXVQMW14Y3d1T09YVDZJOWtUR3ZPRWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua5HMA0G
CSqGSIb3DQEBCwUAA4IBAQBpBVf7N67fuJBd/chuXM4nHGsbUCObz8DCzbSdEMsU
42wFdTxXD8aKow2FVEXvvU3mwpqhvKJSXYkhnM9JWibq1sx3zQhVLMPJUa82B8H3
BCANaQpiIehHwAY/dl0/9tWxVVTPnxomEkNyYD7TKA3w0PfZv22Z6wbMBB8utVjz
hjxbPmPvYaGCFuJYN04f6Ryk3656v4IM+aZ26OSFJYVoZhgGw3h3JmLTXX6je7ju
5OqU5wKkMGigGcIk8YSP84uDtWK/wkVJaPqlFSejL4SASBXD4upgVjIEaSXvqZXw
2QWCQ2TdG8jk1fSJbr/7fpYmfJ3yL1a9wQt9kSSyFSSO
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:30:30 2024 by rpki-client on console-fra.rpki-client.org