Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/GNhoTLricbZlnGJZklHdjqbLD5U.roa
File: GNhoTLricbZlnGJZklHdjqbLD5U.roa (raw, json)
Hash identifier: 1CcFdcfXRaGXa3Y7DGwZ6lpQ1SVZLMsmv5yIPavq2bg=
Subject key identifier: 18:D8:68:4C:BA:E2:71:B6:65:9C:62:59:92:51:DD:8E:A6:CB:0F:95
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018CC56E64A29E9BC7A34574F36FFCEE5D50
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/GNhoTLricbZlnGJZklHdjqbLD5U.roa
Signing time: Mon 01 Jan 2024 14:29:55 +0000
ROA not before: Mon 01 Jan 2024 14:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216024
IP address blocks: 217.196.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:64:a2:9e:9b:c7:a3:45:74:f3:6f:fc:ee:5d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 14:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18d8684cbae271b6659c62599251dd8ea6cb0f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2d:ca:27:e1:89:dc:61:75:66:2b:82:2c:29:
0d:54:dd:3f:f2:ef:3c:84:0e:be:b2:21:dc:38:5b:
28:44:f2:a5:46:23:9e:ab:f9:ee:3e:43:db:37:1e:
82:3f:c3:81:1c:b7:c2:10:03:6d:ac:80:5a:65:1e:
f0:63:7b:80:8f:57:33:ae:42:9c:96:3c:56:07:3d:
93:41:f5:84:e6:c6:d2:26:4d:c2:9a:79:39:90:86:
90:27:ac:b9:21:bb:33:99:28:b3:2f:aa:28:08:e0:
f8:3c:e5:8d:5b:1d:14:72:12:7f:23:87:4a:e2:9d:
30:75:02:a7:8c:24:c1:e3:c7:11:b0:83:b0:a2:d6:
ca:9a:9b:74:f2:c1:e5:e0:83:ed:d4:6c:dc:05:e4:
96:5c:81:18:47:2a:fe:b2:f0:c3:e2:e3:1f:2a:56:
60:9d:4a:48:83:51:73:94:4f:42:aa:8c:dd:24:61:
71:c3:5f:4b:41:ca:b8:db:00:b0:7b:62:96:90:fc:
52:2b:e4:fc:ba:37:69:86:d3:d4:d6:b3:5d:52:e1:
64:ba:46:2c:58:bc:18:8c:b4:15:d2:b5:61:0a:18:
f6:02:59:60:b6:ec:05:ac:39:8d:79:a7:4f:38:09:
9f:50:b3:44:6e:b5:be:63:d9:45:8c:44:ec:a7:c3:
e1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D8:68:4C:BA:E2:71:B6:65:9C:62:59:92:51:DD:8E:A6:CB:0F:95
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/GNhoTLricbZlnGJZklHdjqbLD5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.104.0/24
Signature Algorithm: sha256WithRSAEncryption
09:11:d9:6e:cd:9e:8f:90:39:ef:e5:2c:4b:ec:cd:35:a8:87:
9c:ad:71:dd:a4:95:2d:cf:4b:9c:42:1e:2c:28:a3:e8:f4:30:
fe:e9:4c:19:d5:c4:5c:2c:b0:3a:e7:6e:8a:60:ea:84:54:94:
0d:9b:a7:2c:f2:7c:ea:8a:39:b3:ad:0d:0c:9e:45:32:78:b1:
98:4a:a1:f5:22:08:50:14:ee:ac:f5:57:a3:07:bd:2e:f3:11:
02:72:9a:92:48:08:be:d3:36:ba:b5:a5:71:d1:c7:0e:2f:dd:
31:91:55:2c:97:12:42:9a:4e:d8:1f:34:6d:69:62:6d:17:9e:
85:f0:4f:f9:02:b9:7b:7a:9a:88:5d:f3:a2:b7:fb:6f:41:cf:
1f:20:aa:be:a2:e4:0b:be:7d:54:6b:52:46:cc:82:dd:18:55:
57:2c:8f:95:46:73:5e:d3:a0:9a:92:59:40:5d:aa:7e:4c:8f:
63:f4:15:62:fb:ca:ab:15:3f:71:b2:00:78:ba:6f:d2:a1:50:
67:b7:64:00:32:29:21:79:c4:53:bc:e0:46:9d:3c:f4:6c:e2:
03:16:37:04:a7:56:91:a6:6f:c1:b8:03:2f:73:10:dc:66:7d:
46:66:50:72:6f:f8:ba:9b:a9:1b:21:9e:7c:09:6e:86:8d:dd:
c5:41:2f:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbmSinpvHo0V082/87l1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjQwMTAxMTQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ4Njg0Y2JhZTI3MWI2NjU5YzYyNTk5MjUxZGQ4ZWE2Y2IwZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS3KJ+GJ3GF1ZiuCLCkNVN0/8u88
hA6+siHcOFsoRPKlRiOeq/nuPkPbNx6CP8OBHLfCEANtrIBaZR7wY3uAj1czrkKc
ljxWBz2TQfWE5sbSJk3Cmnk5kIaQJ6y5IbszmSizL6ooCOD4POWNWx0UchJ/I4dK
4p0wdQKnjCTB48cRsIOwotbKmpt08sHl4IPt1GzcBeSWXIEYRyr+svDD4uMfKlZg
nUpIg1FzlE9CqozdJGFxw19LQcq42wCwe2KWkPxSK+T8ujdphtPU1rNdUuFkukYs
WLwYjLQV0rVhChj2AllgtuwFrDmNeadPOAmfULNEbrW+Y9lFjETsp8PhLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBjYaEy64nG2ZZxiWZJR3Y6myw+VMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvR05ob1RMcmljYlpsbkdKWmtsSGRqcWJMRDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cRoMA0G
CSqGSIb3DQEBCwUAA4IBAQAJEdluzZ6PkDnv5SxL7M01qIecrXHdpJUtz0ucQh4s
KKPo9DD+6UwZ1cRcLLA6526KYOqEVJQNm6cs8nzqijmzrQ0MnkUyeLGYSqH1IghQ
FO6s9VejB70u8xECcpqSSAi+0za6taVx0ccOL90xkVUslxJCmk7YHzRtaWJtF56F
8E/5Arl7epqIXfOit/tvQc8fIKq+ouQLvn1Ua1JGzILdGFVXLI+VRnNe06CakllA
Xap+TI9j9BVi+8qrFT9xsgB4um/SoVBnt2QAMikhecRTvOBGnTz0bOIDFjcEp1aR
pm/BuAMvcxDcZn1GZlByb/i6m6kbIZ58CW6Gjd3FQS+H
-----END CERTIFICATE-----
Generated at Tue Jul 2 16:42:36 2024 by rpki-client on console-ams.rpki-client.org