Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/gZjhDSTmGkdEXbq1GxTo7S_nXgw.roa
File: gZjhDSTmGkdEXbq1GxTo7S_nXgw.roa (raw, json)
Hash identifier: m9HbWHrfXcz1fgntuMWetEqpfimKmFpo0RtzcTl5TlA=
Subject key identifier: 81:98:E1:0D:24:E6:1A:47:44:5D:BA:B5:1B:14:E8:ED:2F:E7:5E:0C
Certificate issuer: /CN=7b11318d4bdd3ec5943386e701d7d02bd68300ad
Certificate serial: 019142B59EDB4AC41B879D491D3527C9BEE8
Authority key identifier: 7B:11:31:8D:4B:DD:3E:C5:94:33:86:E7:01:D7:D0:2B:D6:83:00:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/exExjUvdPsWUM4bnAdfQK9aDAK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/gZjhDSTmGkdEXbq1GxTo7S_nXgw.roa
Signing time: Sun 11 Aug 2024 18:31:24 +0000
ROA not before: Sun 11 Aug 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35384
IP address blocks: 176.119.223.0/24 maxlen: 24
194.156.188.0/24 maxlen: 24
2a14:60c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/exExjUvdPsWUM4bnAdfQK9aDAK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/exExjUvdPsWUM4bnAdfQK9aDAK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/exExjUvdPsWUM4bnAdfQK9aDAK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 21:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:42:b5:9e:db:4a:c4:1b:87:9d:49:1d:35:27:c9:be:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b11318d4bdd3ec5943386e701d7d02bd68300ad
Validity
Not Before: Aug 11 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8198e10d24e61a47445dbab51b14e8ed2fe75e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:71:31:6a:79:4e:4e:e8:09:e9:ec:63:99:
84:d6:69:da:7a:07:a8:62:57:73:15:26:cd:d2:b1:
25:fc:33:14:36:69:9a:10:f1:78:6b:0c:6a:74:b1:
9d:aa:42:02:ce:4b:40:72:f9:9d:95:ba:5b:3f:ee:
cc:a0:73:ab:aa:20:9e:93:0c:ff:8d:2d:a3:c7:2f:
4a:e4:56:74:17:92:b8:8d:4c:04:ed:b4:c6:d9:8d:
21:a1:6c:05:68:e8:44:03:06:6c:f8:be:3f:d7:1c:
35:98:68:b7:52:c2:df:bd:a4:b1:bb:f4:71:df:58:
f4:31:31:cd:57:75:82:85:9c:63:1b:db:4f:f2:7b:
62:97:d6:66:5b:6e:61:8b:f6:78:2e:0f:6b:f0:cb:
a8:4b:c4:66:63:d4:1a:c0:5c:3e:4a:2e:79:cd:ad:
f9:bf:f4:f4:19:21:fa:b2:35:ce:0f:08:11:e8:9e:
7c:38:94:63:68:ce:e3:97:fe:54:43:9f:80:24:e5:
9a:a2:93:e1:56:51:98:ea:8a:d7:7d:0f:c4:66:5a:
06:f2:2c:48:7e:80:16:d5:e4:fb:19:ab:9e:67:de:
6b:21:5f:88:d4:1f:6c:04:24:77:75:85:6b:b0:a6:
c6:bc:de:52:ed:ba:cf:a5:51:96:7d:9d:98:71:be:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:98:E1:0D:24:E6:1A:47:44:5D:BA:B5:1B:14:E8:ED:2F:E7:5E:0C
X509v3 Authority Key Identifier:
keyid:7B:11:31:8D:4B:DD:3E:C5:94:33:86:E7:01:D7:D0:2B:D6:83:00:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/exExjUvdPsWUM4bnAdfQK9aDAK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/gZjhDSTmGkdEXbq1GxTo7S_nXgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c9c370-7123-4081-b956-88ec579f88ca/1/exExjUvdPsWUM4bnAdfQK9aDAK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.223.0/24
194.156.188.0/24
IPv6:
2a14:60c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
a8:fe:71:35:64:30:b1:70:47:33:ef:30:92:c1:7f:d9:6d:01:
bd:02:dc:37:91:69:dc:89:df:42:c4:20:1f:d8:8d:36:02:98:
7f:29:f0:32:28:4f:26:af:56:b5:bb:a8:bd:c8:5f:00:5c:79:
01:4c:50:30:c8:a0:75:db:f9:42:01:ff:7d:07:8d:6d:99:00:
de:41:7d:1c:39:fc:d8:82:9a:8c:44:a3:d1:08:e1:ef:a4:4f:
39:26:ff:41:00:5c:eb:68:71:2c:0f:2c:c9:ee:3b:d8:ac:c5:
11:2b:58:57:97:f0:8d:ff:c8:62:c9:b7:44:42:b9:ad:e7:83:
db:de:19:24:51:16:82:dd:1f:c3:13:0f:5a:cf:f9:c8:6f:d7:
b4:b3:fb:97:cd:33:62:a6:a4:c4:d5:5e:36:00:93:73:ed:b1:
33:63:e6:dd:8b:97:4d:bb:ac:d5:d7:48:48:ba:7c:39:a0:64:
26:87:7b:2d:82:50:a2:03:93:e7:a6:8a:d4:e3:41:32:0e:4d:
10:f8:41:09:3a:67:64:50:8d:14:84:08:20:a5:bd:fa:60:75:
12:df:96:22:ca:87:1a:1a:b9:1c:72:91:3b:0a:6e:ed:a2:52:
bf:84:7f:f3:16:2f:e9:80:81:a4:39:25:92:bd:90:d9:da:25:
c7:ac:68:2c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZFCtZ7bSsQbh51JHTUnyb7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMTEzMThkNGJkZDNlYzU5NDMzODZlNzAxZDdkMDJiZDY4
MzAwYWQwHhcNMjQwODExMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTk4ZTEwZDI0ZTYxYTQ3NDQ1ZGJhYjUxYjE0ZThlZDJmZTc1ZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn5xMWp5Tk7oCensY5mE1mnaegeo
YldzFSbN0rEl/DMUNmmaEPF4awxqdLGdqkICzktAcvmdlbpbP+7MoHOrqiCekwz/
jS2jxy9K5FZ0F5K4jUwE7bTG2Y0hoWwFaOhEAwZs+L4/1xw1mGi3UsLfvaSxu/Rx
31j0MTHNV3WChZxjG9tP8ntil9ZmW25hi/Z4Lg9r8MuoS8RmY9QawFw+Si55za35
v/T0GSH6sjXODwgR6J58OJRjaM7jl/5UQ5+AJOWaopPhVlGY6orXfQ/EZloG8ixI
foAW1eT7GaueZ95rIV+I1B9sBCR3dYVrsKbGvN5S7brPpVGWfZ2Ycb6k/wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIGY4Q0k5hpHRF26tRsU6O0v514MMB8GA1UdIwQY
MBaAFHsRMY1L3T7FlDOG5wHX0CvWgwCtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXhFeGpVdmRQc1dVTTRibkFkZlFLOWFEQUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jOWMzNzAtNzEyMy00MDgxLWI5NTYt
ODhlYzU3OWY4OGNhLzEvZ1pqaERTVG1Ha2RFWGJxMUd4VG83U19uWGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jOWMzNzAtNzEyMy00MDgxLWI5NTYtODhlYzU3OWY4OGNh
LzEvZXhFeGpVdmRQc1dVTTRibkFkZlFLOWFEQUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsHffAwQA
wpy8MA8EAgACMAkDBwAqFGDA//8wDQYJKoZIhvcNAQELBQADggEBAKj+cTVkMLFw
RzPvMJLBf9ltAb0C3DeRadyJ30LEIB/YjTYCmH8p8DIoTyavVrW7qL3IXwBceQFM
UDDIoHXb+UIB/30HjW2ZAN5BfRw5/NiCmoxEo9EI4e+kTzkm/0EAXOtocSwPLMnu
O9isxRErWFeX8I3/yGLJt0RCua3ng9veGSRRFoLdH8MTD1rP+chv17Sz+5fNM2Km
pMTVXjYAk3PtsTNj5t2Ll027rNXXSEi6fDmgZCaHey2CUKIDk+emitTjQTIOTRD4
QQk6Z2RQjRSECCClvfpgdRLfliLKhxoauRxykTsKbu2iUr+Ef/MWL+mAgaQ5JZK9
kNnaJcesaCw=
-----END CERTIFICATE-----
Generated at Sat Sep 21 04:51:47 2024 by rpki-client on console-ams.rpki-client.org