Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/a_gv73vBHvW6M1OSN4SSwBehRck.roa
File: a_gv73vBHvW6M1OSN4SSwBehRck.roa (raw, json)
Hash identifier: NSlmlB5Cr/QqLyre0OJhz5KgGrs46zJK8Bm4bMW12f4=
Subject key identifier: 6B:F8:2F:EF:7B:C1:1E:F5:BA:33:53:92:37:84:92:C0:17:A1:45:C9
Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Certificate serial: 018CC2DAE944EBD2ECAD4A39E435025F0DA9
Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/a_gv73vBHvW6M1OSN4SSwBehRck.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212329
IP address blocks: 91.236.64.0/22 maxlen: 24
185.216.48.0/24 maxlen: 24
2a10:a700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e9:44:eb:d2:ec:ad:4a:39:e4:35:02:5f:0d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bf82fef7bc11ef5ba335392378492c017a145c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5e:81:b6:ff:74:a6:d4:15:36:f9:e6:6b:55:
ed:06:1f:03:15:c8:fd:7d:9e:9e:f7:77:34:50:29:
dd:d0:91:94:50:b0:25:b0:ea:f0:88:02:e4:54:20:
be:c9:83:cb:b4:a8:3b:cd:ee:af:97:d2:12:7c:24:
03:b7:6b:f7:a3:47:6c:5f:98:5e:42:fd:b2:49:bb:
33:f9:9b:02:42:c8:e2:0a:95:00:d5:11:ed:cf:cb:
64:38:e0:53:df:03:55:7e:69:e9:ba:49:79:a8:23:
d9:97:12:dc:68:ab:2a:e3:d7:90:55:af:49:33:71:
42:98:cc:10:6d:34:b9:76:fd:ea:71:3e:fe:c7:46:
92:7c:0d:7d:bb:3f:24:34:f7:65:bb:14:4b:92:c4:
a8:22:db:a5:27:c0:6e:99:d3:69:0f:bb:f8:df:23:
66:9f:15:6e:16:25:4a:68:8b:52:a3:47:57:c4:f6:
87:36:c3:ca:5f:0f:4b:c6:02:46:8e:50:1d:1e:9a:
9e:1d:63:d6:13:38:5d:54:03:c1:e9:99:ed:87:c5:
97:f3:5c:bf:a8:53:77:ca:46:ed:04:1a:f6:da:67:
7f:1e:82:79:2b:e7:74:c7:5e:41:e4:e6:7d:da:de:
ad:22:c2:f3:6b:6a:c8:cd:74:88:35:66:bc:1d:ae:
82:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F8:2F:EF:7B:C1:1E:F5:BA:33:53:92:37:84:92:C0:17:A1:45:C9
X509v3 Authority Key Identifier:
keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/a_gv73vBHvW6M1OSN4SSwBehRck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.64.0/22
185.216.48.0/24
IPv6:
2a10:a700::/29
Signature Algorithm: sha256WithRSAEncryption
79:2a:75:21:90:c8:46:73:bb:93:41:c6:9f:78:35:ee:df:3f:
a0:4f:1c:ef:ed:a9:4a:02:34:ee:84:dd:90:35:c0:d6:53:36:
27:eb:8a:ee:04:f9:98:eb:c1:03:f3:fe:ad:0a:32:3a:f5:a2:
40:84:7f:ca:5c:c7:8c:60:58:90:bb:b9:0d:d6:29:0f:ef:34:
bc:4b:e3:14:01:5a:f6:29:06:10:1c:65:67:f8:c4:be:13:dd:
84:3c:00:f0:bd:d9:47:e5:89:cb:d3:09:35:39:44:26:ca:e4:
f2:74:56:da:45:8e:0b:e9:83:f1:59:bf:9a:53:e0:bf:11:7c:
ea:96:b5:e9:20:12:a1:47:bc:7a:4e:25:cc:3e:fe:a9:85:ec:
0b:06:bb:60:c8:3f:45:ed:54:39:b3:6c:81:09:bd:5c:8d:09:
9b:78:47:84:12:b3:78:44:b6:f9:73:77:1c:f5:ee:5a:3e:da:
e1:1c:f4:d4:e9:e9:74:78:8d:1f:2a:5c:0c:b4:8d:cf:8d:68:
18:6e:59:e5:e8:23:11:c9:03:57:ea:3f:5e:9b:34:99:26:da:
c5:7f:d3:6d:eb:44:38:16:10:30:42:4a:12:7e:7b:00:6f:ae:
9f:5e:f7:a5:05:99:9e:88:49:95:75:45:b0:8d:65:34:b7:dd:
41:52:1f:e0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2ulE69LsrUo55DUCXw2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk
YmVmYzgwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmY4MmZlZjdiYzExZWY1YmEzMzUzOTIzNzg0OTJjMDE3YTE0NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgl6Btv90ptQVNvnma1XtBh8DFcj9
fZ6e93c0UCnd0JGUULAlsOrwiALkVCC+yYPLtKg7ze6vl9ISfCQDt2v3o0dsX5he
Qv2ySbsz+ZsCQsjiCpUA1RHtz8tkOOBT3wNVfmnpukl5qCPZlxLcaKsq49eQVa9J
M3FCmMwQbTS5dv3qcT7+x0aSfA19uz8kNPdluxRLksSoItulJ8BumdNpD7v43yNm
nxVuFiVKaItSo0dXxPaHNsPKXw9LxgJGjlAdHpqeHWPWEzhdVAPB6Znth8WX81y/
qFN3ykbtBBr22md/HoJ5K+d0x15B5OZ92t6tIsLza2rIzXSINWa8Ha6C2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGv4L+97wR71ujNTkjeEksAXoUXJMB8GA1UdIwQY
MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt
MzcyNzNkZjM5MDFjLzEvYV9ndjczdkJIdlc2TTFPU040U1N3QmVoUmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj
LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW+xAAwQA
udgwMA0EAgACMAcDBQMqEKcAMA0GCSqGSIb3DQEBCwUAA4IBAQB5KnUhkMhGc7uT
QcafeDXu3z+gTxzv7alKAjTuhN2QNcDWUzYn64ruBPmY68ED8/6tCjI69aJAhH/K
XMeMYFiQu7kN1ikP7zS8S+MUAVr2KQYQHGVn+MS+E92EPADwvdlH5YnL0wk1OUQm
yuTydFbaRY4L6YPxWb+aU+C/EXzqlrXpIBKhR7x6TiXMPv6phewLBrtgyD9F7VQ5
s2yBCb1cjQmbeEeEErN4RLb5c3cc9e5aPtrhHPTU6el0eI0fKlwMtI3PjWgYblnl
6CMRyQNX6j9emzSZJtrFf9Nt60Q4FhAwQkoSfnsAb66fXvelBZmeiEmVdUWwjWU0
t91BUh/g
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:45:37 2024 by rpki-client on console-ams.rpki-client.org