Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/GoAF_mpYTMRszaDgbKaPin6SaaA.roa
File: GoAF_mpYTMRszaDgbKaPin6SaaA.roa (raw, json)
Hash identifier: xRjd6gMpFRhx/R8pVpmBJ7FUqiLD9jylbxa99O1f8dw=
Subject key identifier: 1A:80:05:FE:6A:58:4C:C4:6C:CD:A0:E0:6C:A6:8F:8A:7E:92:69:A0
Certificate issuer: /CN=c9c4d3412791e3a3e994040589ec8ad2f58fe312
Certificate serial: 018CC8030672439DD4C1543ECDF25E7A52CD
Authority key identifier: C9:C4:D3:41:27:91:E3:A3:E9:94:04:05:89:EC:8A:D2:F5:8F:E3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ycTTQSeR46PplAQFieyK0vWP4xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/GoAF_mpYTMRszaDgbKaPin6SaaA.roa
Signing time: Tue 02 Jan 2024 02:31:30 +0000
ROA not before: Tue 02 Jan 2024 02:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20775
IP address blocks: 217.194.224.0/21 maxlen: 21
217.194.224.0/20 maxlen: 20
217.194.232.0/21 maxlen: 21
2a02:22d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/ycTTQSeR46PplAQFieyK0vWP4xI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/ycTTQSeR46PplAQFieyK0vWP4xI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ycTTQSeR46PplAQFieyK0vWP4xI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:06:72:43:9d:d4:c1:54:3e:cd:f2:5e:7a:52:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9c4d3412791e3a3e994040589ec8ad2f58fe312
Validity
Not Before: Jan 2 02:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a8005fe6a584cc46ccda0e06ca68f8a7e9269a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0e:cb:5c:d9:8f:88:7f:25:63:86:3f:4f:6a:
5b:05:0a:44:1c:5f:e6:73:f7:43:e1:58:c0:e8:b8:
10:e0:c0:2c:57:92:12:fe:9c:a1:60:91:84:d2:f2:
06:b4:4f:75:39:de:f6:f1:52:00:6c:48:54:9b:ea:
7b:9f:7f:2f:fe:50:18:89:5d:98:1f:b5:da:6b:6f:
4a:80:81:19:22:44:e3:7c:bd:bc:74:55:fa:c2:7b:
6c:f1:f6:b8:eb:4e:93:00:7f:da:23:77:0e:27:60:
0b:24:9b:c5:f5:ad:14:9c:54:61:f9:66:d2:af:9f:
59:3d:fe:af:23:ea:60:94:1a:b7:b5:5f:52:52:fd:
e3:8e:26:a0:4f:d7:09:c8:c2:a4:0a:be:f0:97:62:
e0:46:9a:8b:1c:9c:3b:64:87:37:fc:58:d8:d6:dc:
79:79:8d:ba:7f:43:06:d4:35:25:df:c1:a1:bd:51:
9b:fa:fa:fe:d6:28:ef:07:27:27:d4:43:4f:eb:2f:
96:78:56:a1:ad:bb:92:71:5b:a1:8c:86:1c:05:ad:
2c:32:e7:2a:c1:94:a3:3e:2c:5e:45:8f:f7:de:c8:
98:71:7b:83:65:05:9c:1b:5e:29:52:c7:2b:9b:3a:
ba:5b:f8:f3:88:08:ab:ec:5c:2b:b6:f5:42:00:59:
0c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:80:05:FE:6A:58:4C:C4:6C:CD:A0:E0:6C:A6:8F:8A:7E:92:69:A0
X509v3 Authority Key Identifier:
keyid:C9:C4:D3:41:27:91:E3:A3:E9:94:04:05:89:EC:8A:D2:F5:8F:E3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ycTTQSeR46PplAQFieyK0vWP4xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/GoAF_mpYTMRszaDgbKaPin6SaaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/ycTTQSeR46PplAQFieyK0vWP4xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.194.224.0/20
IPv6:
2a02:22d8::/32
Signature Algorithm: sha256WithRSAEncryption
a9:55:9a:49:c2:8c:d8:19:0c:2b:f5:ae:4f:e0:a5:b9:2c:98:
54:1f:7d:2d:92:34:07:93:3d:73:9f:b8:a3:01:a1:e7:c5:70:
e5:e2:c2:bd:3b:5a:64:83:c3:95:23:9b:22:aa:98:a5:45:9b:
19:19:91:79:a3:26:a3:36:54:bb:77:d1:61:e2:c5:43:17:15:
e7:80:81:03:76:e8:07:01:0c:df:2b:08:a0:91:d0:fa:c7:98:
53:7f:58:3d:92:35:73:f0:aa:6c:7f:b4:94:ce:37:ed:ee:fc:
42:9d:0f:dc:a9:8a:5f:f6:30:f9:83:33:84:fc:bb:68:90:f3:
88:0c:72:c2:64:70:1b:8f:e9:c0:b5:0c:36:0d:83:57:65:61:
d2:83:e3:95:02:fd:a2:90:2d:2d:42:06:de:4e:ac:2f:f8:c6:
64:e3:09:56:7f:ab:60:a2:32:d1:4c:2e:48:01:65:7c:53:e6:
8b:b1:a7:60:d5:76:9d:30:bf:6f:54:9f:9d:a6:a3:0b:9e:0a:
f6:91:98:10:42:07:7b:73:5b:3f:61:27:f2:f2:b1:74:d7:1e:
85:6f:65:04:c7:9b:26:35:22:2c:37:4a:e3:79:58:1c:0d:7e:
0f:41:46:e2:8a:35:36:1a:aa:60:15:77:7a:4d:60:5f:1e:65:
4e:73:a6:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAwZyQ53UwVQ+zfJeelLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YzRkMzQxMjc5MWUzYTNlOTk0MDQwNTg5ZWM4YWQyZjU4
ZmUzMTIwHhcNMjQwMTAyMDIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTgwMDVmZTZhNTg0Y2M0NmNjZGEwZTA2Y2E2OGY4YTdlOTI2OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw7LXNmPiH8lY4Y/T2pbBQpEHF/m
c/dD4VjA6LgQ4MAsV5IS/pyhYJGE0vIGtE91Od728VIAbEhUm+p7n38v/lAYiV2Y
H7Xaa29KgIEZIkTjfL28dFX6wnts8fa4606TAH/aI3cOJ2ALJJvF9a0UnFRh+WbS
r59ZPf6vI+pglBq3tV9SUv3jjiagT9cJyMKkCr7wl2LgRpqLHJw7ZIc3/FjY1tx5
eY26f0MG1DUl38GhvVGb+vr+1ijvBycn1ENP6y+WeFahrbuScVuhjIYcBa0sMucq
wZSjPixeRY/33siYcXuDZQWcG14pUscrmzq6W/jziAir7FwrtvVCAFkM9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBqABf5qWEzEbM2g4Gymj4p+kmmgMB8GA1UdIwQY
MBaAFMnE00EnkeOj6ZQEBYnsitL1j+MSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWNUVFFTZVI0NlBwbEFRRmlleUswdldQNHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jMmM4YmYtZGNlNC00MjgzLWJmNzIt
Y2M3Zjg3ZjRhOTUwLzEvR29BRl9tcFlUTVJzemFEZ2JLYVBpbjZTYWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jMmM4YmYtZGNlNC00MjgzLWJmNzItY2M3Zjg3ZjRhOTUw
LzEveWNUVFFTZVI0NlBwbEFRRmlleUswdldQNHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2cLgMA0E
AgACMAcDBQAqAiLYMA0GCSqGSIb3DQEBCwUAA4IBAQCpVZpJwozYGQwr9a5P4KW5
LJhUH30tkjQHkz1zn7ijAaHnxXDl4sK9O1pkg8OVI5siqpilRZsZGZF5oyajNlS7
d9Fh4sVDFxXngIEDdugHAQzfKwigkdD6x5hTf1g9kjVz8Kpsf7SUzjft7vxCnQ/c
qYpf9jD5gzOE/LtokPOIDHLCZHAbj+nAtQw2DYNXZWHSg+OVAv2ikC0tQgbeTqwv
+MZk4wlWf6tgojLRTC5IAWV8U+aLsadg1XadML9vVJ+dpqMLngr2kZgQQgd7c1s/
YSfy8rF01x6Fb2UEx5smNSIsN0rjeVgcDX4PQUbiijU2GqpgFXd6TWBfHmVOc6bt
-----END CERTIFICATE-----
Generated at Mon Jun 3 14:28:25 2024 by rpki-client on console-ams.rpki-client.org