Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/gOSAZ4GuL3kxY6b4ETjFf4zNDwI.roa
File: gOSAZ4GuL3kxY6b4ETjFf4zNDwI.roa (raw, json)
Hash identifier: Y5xnWnvt/tRPwQ7uSd+1G+UV3H6aVE3wx8GoCC0qfzk=
Subject key identifier: 80:E4:80:67:81:AE:2F:79:31:63:A6:F8:11:38:C5:7F:8C:CD:0F:02
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018CC64A7418496A2417B890E12F6391BB33
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/gOSAZ4GuL3kxY6b4ETjFf4zNDwI.roa
Signing time: Mon 01 Jan 2024 18:30:17 +0000
ROA not before: Mon 01 Jan 2024 18:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 195.198.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:74:18:49:6a:24:17:b8:90:e1:2f:63:91:bb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 18:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=80e4806781ae2f793163a6f81138c57f8ccd0f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5c:17:92:15:41:2c:c3:90:76:13:39:49:4b:
14:7b:bc:06:1e:15:d4:bd:e9:88:82:db:96:33:56:
c7:c4:a7:dd:d3:ea:6d:6e:50:1e:9a:2e:2d:57:48:
31:3a:7b:92:fd:ad:69:40:76:5e:4a:ae:5e:10:ea:
20:26:7b:1b:0b:98:82:ea:de:09:61:f4:d4:9b:7e:
6c:db:02:38:68:85:a3:9e:e5:0e:a6:3b:2b:7d:dc:
96:cf:5a:6a:6f:34:b1:23:01:28:d5:02:00:dc:8d:
10:08:fc:cf:02:ae:14:04:de:10:8e:94:8b:fd:47:
10:53:52:c4:fe:0c:6a:42:89:10:4b:c3:a8:b7:f8:
b9:fa:97:24:4e:82:fe:25:b6:1c:96:c6:d4:46:3a:
73:a3:38:38:8c:39:72:94:30:3c:ac:96:c0:22:65:
80:7e:79:4a:fb:63:a4:8d:00:f5:cd:48:0f:07:48:
c5:18:8f:a5:dc:51:67:ba:5a:a2:f4:8b:49:7a:f6:
4c:6b:8a:41:d8:24:e7:67:33:6f:40:08:1b:1a:70:
7b:dd:03:6f:7f:ff:c7:f1:1a:76:ba:1f:a2:e1:94:
34:49:0c:0d:51:cd:a5:d7:ca:61:25:82:80:3b:b3:
b9:dd:32:d7:90:83:4d:e6:8a:63:ee:cf:82:8b:4c:
23:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E4:80:67:81:AE:2F:79:31:63:A6:F8:11:38:C5:7F:8C:CD:0F:02
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/gOSAZ4GuL3kxY6b4ETjFf4zNDwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.198.52.0/24
Signature Algorithm: sha256WithRSAEncryption
45:29:af:47:56:1f:db:14:84:98:78:31:c6:39:d6:c9:38:c7:
31:ae:07:bf:91:d6:0a:c1:98:8f:c2:2e:c0:9b:c6:14:1b:8d:
2c:a6:36:40:4b:0b:cd:9e:56:43:94:c7:10:cd:ef:e4:98:1c:
c5:83:43:7a:60:42:d1:05:e9:ac:2a:68:f3:ca:57:4b:06:bb:
4e:8f:d8:a8:85:d3:66:4c:5c:50:03:35:5b:36:0c:45:90:0d:
5b:36:7b:2d:2a:a6:fc:0f:77:38:10:74:18:ff:52:fe:d0:dd:
b1:86:ac:d9:ac:e0:cc:d8:8d:95:a3:e2:f7:8f:cc:40:7b:b0:
b4:24:30:cc:d0:14:75:b5:1c:83:55:43:d0:76:ed:1b:db:0f:
7f:a2:18:cd:0f:df:b1:ab:82:49:d7:7b:cd:e1:f0:bf:0a:a5:
a6:bb:f9:0e:58:4b:c0:d8:7a:06:d4:39:37:89:fd:56:42:62:
a6:f7:4f:c0:52:72:fc:54:8c:a1:a2:ef:34:a2:3d:96:6d:8a:
cf:11:33:dd:42:69:b0:9e:b2:1f:3e:f2:9c:2a:f8:e9:a6:37:
e3:88:58:9b:2f:0c:bb:36:c5:ba:31:37:29:9b:8f:5b:eb:3f:
4c:81:28:3b:09:b9:98:4d:29:8b:20:3b:fa:55:86:3f:47:e2:
7f:bb:2c:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSnQYSWokF7iQ4S9jkbszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwMTAxMTgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGU0ODA2NzgxYWUyZjc5MzE2M2E2ZjgxMTM4YzU3ZjhjY2QwZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVwXkhVBLMOQdhM5SUsUe7wGHhXU
vemIgtuWM1bHxKfd0+ptblAemi4tV0gxOnuS/a1pQHZeSq5eEOogJnsbC5iC6t4J
YfTUm35s2wI4aIWjnuUOpjsrfdyWz1pqbzSxIwEo1QIA3I0QCPzPAq4UBN4QjpSL
/UcQU1LE/gxqQokQS8Oot/i5+pckToL+JbYclsbURjpzozg4jDlylDA8rJbAImWA
fnlK+2OkjQD1zUgPB0jFGI+l3FFnulqi9ItJevZMa4pB2CTnZzNvQAgbGnB73QNv
f//H8Rp2uh+i4ZQ0SQwNUc2l18phJYKAO7O53TLXkINN5opj7s+Ci0wjsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIDkgGeBri95MWOm+BE4xX+MzQ8CMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvZ09TQVo0R3VMM2t4WTZiNEVUakZmNHpORHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8Y0MA0G
CSqGSIb3DQEBCwUAA4IBAQBFKa9HVh/bFISYeDHGOdbJOMcxrge/kdYKwZiPwi7A
m8YUG40spjZASwvNnlZDlMcQze/kmBzFg0N6YELRBemsKmjzyldLBrtOj9iohdNm
TFxQAzVbNgxFkA1bNnstKqb8D3c4EHQY/1L+0N2xhqzZrODM2I2Vo+L3j8xAe7C0
JDDM0BR1tRyDVUPQdu0b2w9/ohjND9+xq4JJ13vN4fC/CqWmu/kOWEvA2HoG1Dk3
if1WQmKm90/AUnL8VIyhou80oj2WbYrPETPdQmmwnrIfPvKcKvjppjfjiFibLwy7
NsW6MTcpm49b6z9MgSg7CbmYTSmLIDv6VYY/R+J/uyy5
-----END CERTIFICATE-----
Generated at Fri May 24 19:47:41 2024 by rpki-client on console-ams.rpki-client.org