Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/g4YPnsvt9HohOEy_kgWCcE7YSHA.roa
File: g4YPnsvt9HohOEy_kgWCcE7YSHA.roa (raw, json)
Hash identifier: n8FC+ypN2+fbXf4iXjL4XzImy3b+imUaGfRz36V6ZrI=
Subject key identifier: 83:86:0F:9E:CB:ED:F4:7A:21:38:4C:BF:92:05:82:70:4E:D8:48:70
Certificate issuer: /CN=10773f32d3cb4e13e43f10a3dc422f1f3271bfba
Certificate serial: 018CC4922E68AF646B934D057767236343A2
Authority key identifier: 10:77:3F:32:D3:CB:4E:13:E4:3F:10:A3:DC:42:2F:1F:32:71:BF:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHc_MtPLThPkPxCj3EIvHzJxv7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/g4YPnsvt9HohOEy_kgWCcE7YSHA.roa
Signing time: Mon 01 Jan 2024 10:29:23 +0000
ROA not before: Mon 01 Jan 2024 10:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206754
IP address blocks: 185.194.112.0/24 maxlen: 24
2a0a:4a40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/EHc_MtPLThPkPxCj3EIvHzJxv7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/EHc_MtPLThPkPxCj3EIvHzJxv7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/EHc_MtPLThPkPxCj3EIvHzJxv7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:2e:68:af:64:6b:93:4d:05:77:67:23:63:43:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10773f32d3cb4e13e43f10a3dc422f1f3271bfba
Validity
Not Before: Jan 1 10:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83860f9ecbedf47a21384cbf920582704ed84870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e3:22:86:da:73:e1:84:ba:1a:24:7c:a2:a5:
07:ec:bd:cd:c5:51:5b:fa:45:86:1d:ff:08:f0:7a:
7c:f1:7e:b2:86:32:ba:dc:46:4c:38:b6:60:e0:13:
25:3c:95:90:6b:8e:31:f1:d8:39:d5:3c:aa:f3:6d:
a7:df:3b:b0:b4:6d:a7:c9:54:9c:eb:57:d8:b5:bf:
34:98:b4:9f:12:5d:01:a1:1e:8b:6c:30:67:49:46:
db:09:44:07:ec:76:ea:6e:ee:26:49:bf:07:e4:44:
c0:13:fc:d8:a6:3a:0d:3c:0f:dd:70:05:73:14:4d:
ab:ea:b6:2a:02:48:b0:97:ff:c6:c9:b9:dc:82:37:
73:f8:14:a4:13:f2:50:68:51:be:8b:a2:af:92:f4:
b7:4a:b6:36:c2:dd:7d:f3:0f:c1:91:5e:4f:0a:a9:
bb:0e:3f:81:33:05:a9:a2:45:17:14:2b:07:ae:0b:
34:f0:72:c1:02:84:95:e4:54:86:cc:85:26:ec:a1:
b5:cf:e9:70:cc:04:0a:72:1c:70:42:df:1c:e1:23:
cc:37:63:ad:d4:38:cd:0c:b3:48:9c:da:ce:26:f0:
cc:ea:88:31:a1:b9:63:9e:35:26:fa:cb:56:e7:e0:
8e:99:6e:6b:84:af:87:1e:da:68:51:82:39:06:92:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:86:0F:9E:CB:ED:F4:7A:21:38:4C:BF:92:05:82:70:4E:D8:48:70
X509v3 Authority Key Identifier:
keyid:10:77:3F:32:D3:CB:4E:13:E4:3F:10:A3:DC:42:2F:1F:32:71:BF:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHc_MtPLThPkPxCj3EIvHzJxv7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/g4YPnsvt9HohOEy_kgWCcE7YSHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/09cafd-68bc-41a2-8bab-80b84e4f20c9/1/EHc_MtPLThPkPxCj3EIvHzJxv7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.112.0/24
IPv6:
2a0a:4a40::/29
Signature Algorithm: sha256WithRSAEncryption
99:df:38:8c:db:35:2f:66:12:2c:d4:7b:65:24:7d:a1:2e:bf:
92:ff:fa:56:3f:39:90:2f:17:c0:ec:bf:f7:87:66:6d:7c:cd:
bc:93:22:b5:53:86:39:48:b7:39:55:34:14:1b:0a:7a:7b:e5:
00:aa:1b:6a:ca:c3:6d:c3:bf:13:3b:53:92:5c:c9:86:ab:e4:
01:2b:c6:4c:0c:2e:6d:e6:50:b3:37:65:4b:4e:dc:d4:2b:44:
0d:eb:ca:d4:ce:ad:d1:13:ec:d9:53:9c:33:fa:19:dc:da:fb:
38:33:3f:c8:3e:f9:90:fd:00:ad:79:75:25:37:a5:8b:7b:46:
f1:5e:5f:0c:ef:39:ef:02:39:e4:83:df:29:70:ea:f1:d8:c3:
d9:a7:4c:8c:34:f9:64:41:08:a9:0e:5d:04:5d:cf:0d:8c:ec:
e0:6d:e0:01:ce:38:cb:81:b5:3f:00:6c:33:07:ee:7a:76:9d:
f8:1b:60:d5:ca:b1:7f:15:9a:ad:3d:e2:50:65:be:b8:bc:5c:
30:f0:c7:bd:e6:0b:9d:d1:19:b0:54:a3:66:a4:f6:cf:ea:07:
d7:98:ca:05:2c:e2:c3:42:d3:e0:53:a8:eb:67:4d:48:7e:e8:
ab:b1:34:00:f6:12:69:2c:a5:93:55:2a:f3:0e:17:59:1d:3e:
a6:0d:92:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEki5or2Rrk00Fd2cjY0OiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzczZjMyZDNjYjRlMTNlNDNmMTBhM2RjNDIyZjFmMzI3
MWJmYmEwHhcNMjQwMTAxMTAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzg2MGY5ZWNiZWRmNDdhMjEzODRjYmY5MjA1ODI3MDRlZDg0ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOMihtpz4YS6GiR8oqUH7L3NxVFb
+kWGHf8I8Hp88X6yhjK63EZMOLZg4BMlPJWQa44x8dg51Tyq822n3zuwtG2nyVSc
61fYtb80mLSfEl0BoR6LbDBnSUbbCUQH7Hbqbu4mSb8H5ETAE/zYpjoNPA/dcAVz
FE2r6rYqAkiwl//Gybncgjdz+BSkE/JQaFG+i6KvkvS3SrY2wt198w/BkV5PCqm7
Dj+BMwWpokUXFCsHrgs08HLBAoSV5FSGzIUm7KG1z+lwzAQKchxwQt8c4SPMN2Ot
1DjNDLNInNrOJvDM6ogxobljnjUm+stW5+COmW5rhK+HHtpoUYI5BpKfZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIOGD57L7fR6IThMv5IFgnBO2EhwMB8GA1UdIwQY
MBaAFBB3PzLTy04T5D8Qo9xCLx8ycb+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhjX010UExUaFBrUHhDajNFSXZIekp4djdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wOWNhZmQtNjhiYy00MWEyLThiYWIt
ODBiODRlNGYyMGM5LzEvZzRZUG5zdnQ5SG9oT0V5X2tnV0NjRTdZU0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wOWNhZmQtNjhiYy00MWEyLThiYWItODBiODRlNGYyMGM5
LzEvRUhjX010UExUaFBrUHhDajNFSXZIekp4djdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucJwMA0E
AgACMAcDBQMqCkpAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ3ziM2zUvZhIs1HtlJH2h
Lr+S//pWPzmQLxfA7L/3h2ZtfM28kyK1U4Y5SLc5VTQUGwp6e+UAqhtqysNtw78T
O1OSXMmGq+QBK8ZMDC5t5lCzN2VLTtzUK0QN68rUzq3RE+zZU5wz+hnc2vs4Mz/I
PvmQ/QCteXUlN6WLe0bxXl8M7znvAjnkg98pcOrx2MPZp0yMNPlkQQipDl0EXc8N
jOzgbeABzjjLgbU/AGwzB+56dp34G2DVyrF/FZqtPeJQZb64vFww8Me95gud0Rmw
VKNmpPbP6gfXmMoFLOLDQtPgU6jrZ01IfuirsTQA9hJpLKWTVSrzDhdZHT6mDZIv
-----END CERTIFICATE-----
Generated at Sun May 19 06:43:30 2024 by rpki-client on console-ams.rpki-client.org