Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/gwN_qmX_SNDyl_quw7xVA8oqgWk.roa
File: gwN_qmX_SNDyl_quw7xVA8oqgWk.roa (raw, json)
Hash identifier: JV/BbFL+N6YrVp9W1YDf4a1LpZWPefMxgjn2pzcrrS4=
Subject key identifier: 83:03:7F:AA:65:FF:48:D0:F2:97:FA:AE:C3:BC:55:03:CA:2A:81:69
Certificate issuer: /CN=a10c73530bb684fd569dfc432704675704183429
Certificate serial: 018CC56E85F7F7DC4FC5B6390CF249617781
Authority key identifier: A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/gwN_qmX_SNDyl_quw7xVA8oqgWk.roa
Signing time: Mon 01 Jan 2024 14:30:03 +0000
ROA not before: Mon 01 Jan 2024 14:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56595
IP address blocks: 185.94.232.0/24 maxlen: 24
185.94.232.0/22 maxlen: 24
185.94.232.0/23 maxlen: 24
185.94.233.0/24 maxlen: 24
185.94.234.0/23 maxlen: 24
185.94.234.0/24 maxlen: 24
185.94.235.0/24 maxlen: 24
2a03:e840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:85:f7:f7:dc:4f:c5:b6:39:0c:f2:49:61:77:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a10c73530bb684fd569dfc432704675704183429
Validity
Not Before: Jan 1 14:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83037faa65ff48d0f297faaec3bc5503ca2a8169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:2a:53:02:73:55:40:fb:d2:e7:0c:5c:1b:
ab:ad:df:70:1e:e0:a5:f3:9a:1d:2f:f6:35:ed:f0:
c4:25:cd:7e:1d:23:d2:20:4e:b6:51:ad:0d:6c:c4:
ff:df:58:06:90:f0:87:b7:27:50:31:76:53:24:25:
2b:39:cf:9e:b1:f3:84:bf:ca:13:ee:39:2c:a9:98:
90:19:a5:37:fc:9e:e4:61:0e:ee:d3:60:db:b1:86:
6d:5b:06:a0:59:c1:51:50:31:9c:8a:df:b5:ae:a2:
9e:34:26:30:2b:ca:ec:c4:eb:bf:85:6c:93:7d:ec:
c2:4c:5b:dc:5e:8e:28:28:07:d8:7a:dc:c8:ee:a5:
80:ec:c9:62:62:4b:fa:fd:91:66:bd:21:51:ab:ef:
93:10:af:69:17:a0:5f:b8:fa:da:96:2a:97:f8:a7:
25:1a:5d:45:92:a7:56:53:61:83:05:65:de:e0:b2:
69:7a:21:3d:92:64:a7:6b:1c:1d:43:48:36:ea:80:
6a:89:10:05:21:8f:b4:4c:dd:79:80:90:9a:9c:8e:
b9:75:e5:08:1b:5a:d4:eb:f1:8f:4c:af:d5:a2:39:
b5:56:15:01:a7:a2:e0:46:11:ef:cc:24:b7:34:b1:
6a:46:8a:49:81:31:be:1c:47:e2:3d:b3:df:93:6a:
3d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:03:7F:AA:65:FF:48:D0:F2:97:FA:AE:C3:BC:55:03:CA:2A:81:69
X509v3 Authority Key Identifier:
keyid:A1:0C:73:53:0B:B6:84:FD:56:9D:FC:43:27:04:67:57:04:18:34:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oQxzUwu2hP1WnfxDJwRnVwQYNCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/gwN_qmX_SNDyl_quw7xVA8oqgWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ed17c8-abd4-414f-bc30-7d08291a7662/1/oQxzUwu2hP1WnfxDJwRnVwQYNCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.232.0/22
IPv6:
2a03:e840::/32
Signature Algorithm: sha256WithRSAEncryption
0a:06:f5:b4:26:40:fc:96:26:2b:56:9b:45:cd:e1:46:e4:40:
03:69:2c:42:f4:05:43:7c:08:12:76:89:47:90:98:28:c7:f5:
e0:f0:f6:b5:0c:a2:ea:22:f9:3b:83:94:dd:00:dc:f2:94:64:
1c:a2:4a:be:8c:da:03:74:f4:1a:b4:0b:46:6b:dc:79:ce:e6:
56:2c:56:62:db:3b:76:f6:e0:51:ca:dc:7a:38:2b:db:4a:49:
d9:f0:d8:7d:ff:1e:b3:88:88:c6:b9:78:db:98:55:9f:0b:01:
32:de:4a:44:ed:ef:ae:fc:a5:0d:4e:f9:10:3e:4d:0e:41:22:
0d:e2:90:be:e3:f8:7a:a2:07:30:e1:53:df:cd:74:b1:e7:14:
ea:71:62:f0:7f:1f:44:5a:7b:7b:5f:3d:2c:c1:fb:32:9c:30:
e6:71:a3:35:c7:9f:62:f4:69:5c:76:e7:28:86:02:4b:1e:63:
40:24:3b:a7:09:17:f5:a3:05:4c:8b:ef:96:13:c3:bb:2e:94:
67:c2:60:3e:5a:4c:e8:24:06:49:14:f4:a8:63:ac:04:b2:27:
d3:67:ac:0e:44:f4:36:d6:01:db:ca:df:46:59:6a:98:42:f5:
27:3f:35:a3:76:2b:9a:97:47:ed:fa:ae:a6:0b:11:f0:7f:b5:
ad:7d:3b:99
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFboX399xPxbY5DPJJYXeBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMGM3MzUzMGJiNjg0ZmQ1NjlkZmM0MzI3MDQ2NzU3MDQx
ODM0MjkwHhcNMjQwMTAxMTQzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAzN2ZhYTY1ZmY0OGQwZjI5N2ZhYWVjM2JjNTUwM2NhMmE4MTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjcqUwJzVUD70ucMXBurrd9wHuCl
85odL/Y17fDEJc1+HSPSIE62Ua0NbMT/31gGkPCHtydQMXZTJCUrOc+esfOEv8oT
7jksqZiQGaU3/J7kYQ7u02DbsYZtWwagWcFRUDGcit+1rqKeNCYwK8rsxOu/hWyT
fezCTFvcXo4oKAfYetzI7qWA7MliYkv6/ZFmvSFRq++TEK9pF6BfuPraliqX+Kcl
Gl1FkqdWU2GDBWXe4LJpeiE9kmSnaxwdQ0g26oBqiRAFIY+0TN15gJCanI65deUI
G1rU6/GPTK/Vojm1VhUBp6LgRhHvzCS3NLFqRopJgTG+HEfiPbPfk2o9MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIMDf6pl/0jQ8pf6rsO8VQPKKoFpMB8GA1UdIwQY
MBaAFKEMc1MLtoT9Vp38QycEZ1cEGDQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAt
N2QwODI5MWE3NjYyLzEvZ3dOX3FtWF9TTkR5bF9xdXc3eFZBOG9xZ1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lZDE3YzgtYWJkNC00MTRmLWJjMzAtN2QwODI5MWE3NjYy
LzEvb1F4elV3dTJoUDFXbmZ4REp3Um5Wd1FZTkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV7oMA0E
AgACMAcDBQAqA+hAMA0GCSqGSIb3DQEBCwUAA4IBAQAKBvW0JkD8liYrVptFzeFG
5EADaSxC9AVDfAgSdolHkJgox/Xg8Pa1DKLqIvk7g5TdANzylGQcokq+jNoDdPQa
tAtGa9x5zuZWLFZi2zt29uBRytx6OCvbSknZ8Nh9/x6ziIjGuXjbmFWfCwEy3kpE
7e+u/KUNTvkQPk0OQSIN4pC+4/h6ogcw4VPfzXSx5xTqcWLwfx9EWnt7Xz0swfsy
nDDmcaM1x59i9GlcducohgJLHmNAJDunCRf1owVMi++WE8O7LpRnwmA+WkzoJAZJ
FPSoY6wEsifTZ6wORPQ21gHbyt9GWWqYQvUnPzWjdiual0ft+q6mCxHwf7WtfTuZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:41 2024 by rpki-client on console-fra.rpki-client.org