Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/P_G-p6KrZoDkEeUrd6Sf3FGzgmA.roa
File: P_G-p6KrZoDkEeUrd6Sf3FGzgmA.roa (raw, json)
Hash identifier: XErbqPKIzX1FscItuzwTk1CIqD7yKJXXe9tYjnq9RnQ=
Subject key identifier: 3F:F1:BE:A7:A2:AB:66:80:E4:11:E5:2B:77:A4:9F:DC:51:B3:82:60
Certificate issuer: /CN=69726a961336fbe7820b3d748e812f495c872d35
Certificate serial: 018CC49287D52BAE37F7E5E3154757DFC4B2
Authority key identifier: 69:72:6A:96:13:36:FB:E7:82:0B:3D:74:8E:81:2F:49:5C:87:2D:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/P_G-p6KrZoDkEeUrd6Sf3FGzgmA.roa
Signing time: Mon 01 Jan 2024 10:29:46 +0000
ROA not before: Mon 01 Jan 2024 10:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210653
IP address blocks: 194.8.86.0/23 maxlen: 24
194.9.0.0/23 maxlen: 24
2a0f:ee80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:87:d5:2b:ae:37:f7:e5:e3:15:47:57:df:c4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69726a961336fbe7820b3d748e812f495c872d35
Validity
Not Before: Jan 1 10:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ff1bea7a2ab6680e411e52b77a49fdc51b38260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:6a:d8:f6:73:de:23:bd:1b:3d:83:de:1a:b7:
a4:f6:a9:74:82:d5:67:ff:aa:03:64:e1:96:4f:17:
0f:f7:14:85:65:a8:44:5a:33:c0:c7:bc:32:62:b9:
b3:8c:ae:75:95:35:19:f1:39:02:0b:a0:72:f3:fb:
a0:d0:2b:30:f9:97:54:11:04:3d:35:de:86:e8:4e:
5e:ee:4c:e1:3a:1c:81:a4:dd:89:ea:f0:67:31:4f:
b6:c1:ca:66:6c:54:ce:bf:6b:01:d2:9b:77:5b:bc:
a8:0e:69:ba:67:de:06:d3:70:b0:bc:28:4b:be:da:
4c:67:8e:53:e0:54:16:29:ab:d6:70:b6:b2:7b:54:
15:aa:d4:60:28:e6:9a:bc:7c:b4:f8:dc:bc:11:cd:
27:c4:dd:6f:1b:f1:b2:f7:ad:ab:8c:b3:cd:1a:4a:
1e:d5:12:79:43:ea:b8:18:e2:4e:d4:bd:ae:31:83:
1d:89:c1:a3:ea:3a:07:dd:c8:78:38:dd:6d:1e:cc:
b5:ae:b6:95:bf:de:56:bf:0f:af:19:1d:b4:94:2e:
65:9b:13:f4:e4:ff:10:20:e8:93:fd:d8:98:ee:c7:
a1:51:78:d5:a6:a2:b0:d4:24:0e:d1:8e:83:6b:b9:
06:da:4a:b6:47:3b:eb:b4:c7:d5:7a:af:00:67:17:
da:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F1:BE:A7:A2:AB:66:80:E4:11:E5:2B:77:A4:9F:DC:51:B3:82:60
X509v3 Authority Key Identifier:
keyid:69:72:6A:96:13:36:FB:E7:82:0B:3D:74:8E:81:2F:49:5C:87:2D:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXJqlhM2--eCCz10joEvSVyHLTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/P_G-p6KrZoDkEeUrd6Sf3FGzgmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25e972-2842-4514-8ade-c0166d97010d/1/aXJqlhM2--eCCz10joEvSVyHLTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.86.0/23
194.9.0.0/23
IPv6:
2a0f:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
a0:48:e0:19:6d:98:91:92:ae:6e:9f:39:9f:27:77:d6:fc:a9:
9d:eb:73:1b:f3:1d:b6:3f:51:7c:14:66:ef:ae:9e:f3:a8:b0:
36:7a:d9:0a:02:8a:05:05:13:ac:24:5b:35:9a:4a:81:db:19:
e7:aa:30:85:29:e9:e5:4d:f3:ab:8b:1f:b3:db:4c:95:54:40:
48:a7:10:0e:2c:28:98:d2:32:8e:9d:88:a5:00:46:c9:14:94:
08:b2:d1:d6:cd:d7:3e:16:74:e1:35:37:9b:ac:ea:9d:e4:b4:
df:f6:b5:6d:16:04:b7:1c:03:a1:b1:76:0f:be:31:45:9b:9f:
4f:4f:c6:f5:37:a3:fd:71:60:eb:46:59:e3:50:db:7f:48:38:
bc:40:9e:fb:cf:00:d1:42:74:52:2b:32:24:02:08:65:24:34:
91:f1:80:cd:3b:99:5a:70:39:7f:20:f5:4f:d9:6a:a3:f1:6a:
1d:41:13:a1:c8:e2:ea:3a:06:45:6b:d1:ca:35:dc:e3:f3:a9:
15:ac:ac:6b:1f:bd:02:eb:70:ff:9e:ea:c9:b2:2a:73:9b:3c:
d6:f2:45:39:2a:c3:93:4f:4c:c5:45:09:6b:f9:a0:95:7e:dd:
f0:e1:6e:23:01:72:6e:87:30:ae:30:b0:6e:5e:e0:83:29:36:
ec:c3:37:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkofVK6439+XjFUdX38SyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzI2YTk2MTMzNmZiZTc4MjBiM2Q3NDhlODEyZjQ5NWM4
NzJkMzUwHhcNMjQwMTAxMTAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmYxYmVhN2EyYWI2NjgwZTQxMWU1MmI3N2E0OWZkYzUxYjM4MjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8GrY9nPeI70bPYPeGrek9ql0gtVn
/6oDZOGWTxcP9xSFZahEWjPAx7wyYrmzjK51lTUZ8TkCC6By8/ug0Csw+ZdUEQQ9
Nd6G6E5e7kzhOhyBpN2J6vBnMU+2wcpmbFTOv2sB0pt3W7yoDmm6Z94G03CwvChL
vtpMZ45T4FQWKavWcLaye1QVqtRgKOaavHy0+Ny8Ec0nxN1vG/Gy962rjLPNGkoe
1RJ5Q+q4GOJO1L2uMYMdicGj6joH3ch4ON1tHsy1rraVv95Wvw+vGR20lC5lmxP0
5P8QIOiT/diY7sehUXjVpqKw1CQO0Y6Da7kG2kq2RzvrtMfVeq8AZxfaUwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD/xvqeiq2aA5BHlK3ekn9xRs4JgMB8GA1UdIwQY
MBaAFGlyapYTNvvnggs9dI6BL0lchy01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yNWU5NzItMjg0Mi00NTE0LThhZGUt
YzAxNjZkOTcwMTBkLzEvUF9HLXA2S3Jab0RrRWVVcmQ2U2YzRkd6Z21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yNWU5NzItMjg0Mi00NTE0LThhZGUtYzAxNjZkOTcwMTBk
LzEvYVhKcWxoTTItLWVDQ3oxMGpvRXZTVnlITFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwghWAwQB
wgkAMA0EAgACMAcDBQMqD+6AMA0GCSqGSIb3DQEBCwUAA4IBAQCgSOAZbZiRkq5u
nzmfJ3fW/Kmd63Mb8x22P1F8FGbvrp7zqLA2etkKAooFBROsJFs1mkqB2xnnqjCF
KenlTfOrix+z20yVVEBIpxAOLCiY0jKOnYilAEbJFJQIstHWzdc+FnThNTebrOqd
5LTf9rVtFgS3HAOhsXYPvjFFm59PT8b1N6P9cWDrRlnjUNt/SDi8QJ77zwDRQnRS
KzIkAghlJDSR8YDNO5lacDl/IPVP2Wqj8WodQROhyOLqOgZFa9HKNdzj86kVrKxr
H70C63D/nurJsipzmzzW8kU5KsOTT0zFRQlr+aCVft3w4W4jAXJuhzCuMLBuXuCD
KTbswzfN
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:24:04 2024 by rpki-client on console-fra.rpki-client.org