Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GOQ6FwdYzDwNK1hnweH-Kr29Wf0.roa
File: GOQ6FwdYzDwNK1hnweH-Kr29Wf0.roa (raw, json)
Hash identifier: 1iVOWDbGXZMUP6eEWnKOFQ0ppGPcGq8jh1IM3ksr6Sk=
Subject key identifier: 18:E4:3A:17:07:58:CC:3C:0D:2B:58:67:C1:E1:FE:2A:BD:BD:59:FD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143E4140BAF04D25CD17829CE024D84
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GOQ6FwdYzDwNK1hnweH-Kr29Wf0.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48266
IP address blocks: 81.5.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e4:14:0b:af:04:d2:5c:d1:78:29:ce:02:4d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18e43a170758cc3c0d2b5867c1e1fe2abdbd59fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:10:64:ba:42:28:a4:71:be:c8:14:3a:a6:28:
3e:69:ea:f2:4c:2e:bc:c9:21:ec:1c:a0:d6:3a:e1:
d0:3d:95:d9:6a:b9:d1:fe:59:d8:5a:58:1f:cb:b7:
a0:80:03:9b:fa:5b:dc:d8:ae:02:4c:91:cc:e4:66:
08:41:de:1a:d2:e5:fb:0c:9b:9f:27:b9:d9:66:b8:
68:e0:f8:89:31:32:45:2d:e6:c8:9a:e0:7c:97:fa:
28:d9:f4:93:d2:41:70:fc:26:c1:62:3a:0d:f1:0f:
1f:01:f3:43:8f:37:67:82:e2:98:36:f3:4c:3f:77:
ac:2c:c6:d3:ea:ae:d1:f8:34:a9:ee:76:a2:82:cb:
ab:8d:8e:bd:31:d8:b5:a4:ae:7a:1d:14:0c:d3:22:
4b:48:8d:cb:ec:e9:96:50:63:c9:4e:8a:b4:f6:b9:
d1:72:67:36:a2:42:ca:9c:9d:8b:0d:a7:12:08:59:
2e:5a:b5:8e:37:7f:91:8b:79:24:23:47:29:fc:c1:
c7:e9:9e:9b:7d:3f:a0:ab:58:9e:8f:4c:a9:2c:cb:
2e:f9:f4:98:53:7e:0f:20:22:2d:e9:9e:f2:7e:12:
2e:da:98:7b:a5:71:19:08:cb:f7:2f:72:6a:cc:17:
33:19:d0:60:d5:f6:64:f8:55:07:3b:65:f9:f6:be:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E4:3A:17:07:58:CC:3C:0D:2B:58:67:C1:E1:FE:2A:BD:BD:59:FD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/GOQ6FwdYzDwNK1hnweH-Kr29Wf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.191.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:39:85:7a:0f:bb:a9:d5:0c:d2:34:b9:24:a9:36:51:07:7e:
2a:f1:ca:09:9a:18:31:29:ae:11:be:b3:92:49:bc:01:22:a8:
aa:9d:07:3b:c6:5e:26:3d:0b:aa:2a:61:85:3f:ce:b4:16:b4:
cd:6d:bc:bd:6a:4f:91:fc:0a:32:8c:6e:0c:30:5d:54:a3:f3:
54:b5:e1:9b:37:4a:16:d1:23:55:32:de:6f:72:89:88:43:fa:
e8:53:96:5b:f9:f7:14:ce:25:b5:5a:91:c3:cd:7f:57:99:94:
08:f7:a0:3c:bb:fa:53:6e:6b:a1:1f:f4:37:90:e2:02:4c:1f:
04:e0:14:67:ef:cb:69:1e:de:10:34:78:ab:c7:0d:be:b2:4d:
11:5a:6f:55:25:dd:68:41:ca:fe:7e:91:59:72:fb:f5:af:75:
cf:0c:43:90:a1:d5:8b:aa:f4:40:48:52:6c:5f:ea:56:0c:14:
08:97:1b:61:98:54:9d:85:2a:e4:af:6a:e5:7d:ba:90:4e:70:
90:fa:e8:e2:c1:f8:76:61:11:4b:8c:d5:f7:b3:4a:4d:f1:88:
4c:a3:b5:de:ee:ab:89:1c:ef:9c:6f:10:d1:b7:d8:1f:dd:53:
f7:6f:3d:d1:2a:a7:0f:68:8c:83:97:fe:ff:c2:06:cf:0b:be:
73:91:94:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+QUC68E0lzReCnOAk2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGU0M2ExNzA3NThjYzNjMGQyYjU4NjdjMWUxZmUyYWJkYmQ1OWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBBkukIopHG+yBQ6pig+aeryTC68
ySHsHKDWOuHQPZXZarnR/lnYWlgfy7eggAOb+lvc2K4CTJHM5GYIQd4a0uX7DJuf
J7nZZrho4PiJMTJFLebImuB8l/oo2fST0kFw/CbBYjoN8Q8fAfNDjzdnguKYNvNM
P3esLMbT6q7R+DSp7naigsurjY69Mdi1pK56HRQM0yJLSI3L7OmWUGPJToq09rnR
cmc2okLKnJ2LDacSCFkuWrWON3+Ri3kkI0cp/MHH6Z6bfT+gq1iej0ypLMsu+fSY
U34PICIt6Z7yfhIu2ph7pXEZCMv3L3JqzBczGdBg1fZk+FUHO2X59r7GbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjkOhcHWMw8DStYZ8Hh/iq9vVn9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR09RNkZ3ZFl6RHdOSzFobndlSC1LcjI5V2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQW/MA0G
CSqGSIb3DQEBCwUAA4IBAQB6OYV6D7up1QzSNLkkqTZRB34q8coJmhgxKa4RvrOS
SbwBIqiqnQc7xl4mPQuqKmGFP860FrTNbby9ak+R/AoyjG4MMF1Uo/NUteGbN0oW
0SNVMt5vcomIQ/roU5Zb+fcUziW1WpHDzX9XmZQI96A8u/pTbmuhH/Q3kOICTB8E
4BRn78tpHt4QNHirxw2+sk0RWm9VJd1oQcr+fpFZcvv1r3XPDEOQodWLqvRASFJs
X+pWDBQIlxthmFSdhSrkr2rlfbqQTnCQ+ujiwfh2YRFLjNX3s0pN8YhMo7Xe7quJ
HO+cbxDRt9gf3VP3bz3RKqcPaIyDl/7/wgbPC75zkZQn
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:37:08 2025 by rpki-client