Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/GoAocGreaQM4aszZUCOFZkFrqNQ.roa
File: GoAocGreaQM4aszZUCOFZkFrqNQ.roa (raw, json)
Hash identifier: IW+KlxqETXoRpi8Jt9xy8mB6qUPumvAr9Rt2XXXG34I=
Subject key identifier: 1A:80:28:70:6A:DE:69:03:38:6A:CC:D9:50:23:85:66:41:6B:A8:D4
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D5A2428BB985A429952E2A4DCF4F8
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/GoAocGreaQM4aszZUCOFZkFrqNQ.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49330
IP address blocks: 94.236.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5a:24:28:bb:98:5a:42:99:52:e2:a4:dc:f4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a8028706ade6903386accd950238566416ba8d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bb:42:d9:9c:93:3a:00:df:48:c5:08:6b:b7:
21:03:3e:64:49:d4:3a:7a:5b:17:fc:76:3a:18:00:
d7:65:91:a1:9d:c2:5b:f3:3b:87:dd:16:32:5a:29:
87:db:46:d6:5c:05:90:a7:69:b8:87:33:12:31:63:
43:cd:a6:1d:e6:bf:bc:ff:9b:18:61:14:11:48:cd:
18:01:89:b7:10:15:b6:e2:95:c8:1f:69:59:ba:5c:
2b:e5:14:05:ab:37:a3:ca:44:0b:29:d5:5f:99:c8:
80:aa:ad:ee:7a:4a:1e:ee:c2:2a:e8:7a:6c:e8:8e:
27:ed:76:3b:ef:dd:ab:02:14:46:44:56:0a:b3:97:
c1:62:c4:a3:80:9a:45:d8:90:5b:69:90:3c:43:f3:
78:14:4e:54:bd:9d:1b:92:85:b9:c9:7d:75:72:23:
68:92:e1:59:81:ad:0f:9d:9f:12:ae:a3:7c:09:5c:
5b:b5:e8:bd:9c:17:cd:39:f2:ab:fd:8f:9a:6f:fd:
db:ee:dd:5e:f3:62:80:6d:c1:9f:d8:23:dc:22:aa:
78:9b:18:b0:3d:f7:ae:2a:a6:b3:d2:74:8b:31:2a:
6d:2e:51:19:57:b7:6a:e6:50:79:ec:04:7b:21:87:
0b:2f:66:35:19:0e:bc:5a:c6:54:ad:0f:a4:2c:bb:
19:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:80:28:70:6A:DE:69:03:38:6A:CC:D9:50:23:85:66:41:6B:A8:D4
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/GoAocGreaQM4aszZUCOFZkFrqNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.236.162.0/24
Signature Algorithm: sha256WithRSAEncryption
af:11:5c:06:0c:de:e2:18:c5:bf:fe:6b:6b:9e:23:fd:6c:9d:
f6:76:fd:c2:1f:96:1f:e6:f1:23:ae:24:85:64:bc:4e:9e:05:
50:0b:b0:c2:e8:ac:18:41:af:c5:9e:56:87:e6:80:89:af:d0:
68:9a:99:da:89:90:67:d7:dd:99:57:c2:94:9c:a2:54:66:0c:
c1:2b:8f:4a:cd:22:22:41:23:5c:5c:30:55:00:b1:10:62:bb:
39:c3:98:af:07:10:5c:f8:58:15:d4:0c:9c:b2:56:b8:c2:12:
27:30:c2:ef:1d:64:49:c9:07:6d:67:1b:d4:f1:7a:6c:e9:8b:
97:2b:45:14:39:49:85:50:19:c9:90:5f:fd:02:65:b6:71:78:
12:d9:31:48:e7:5d:03:e9:4f:37:a6:e4:b5:48:17:83:ef:d1:
9b:e7:48:2a:81:b2:4c:1b:45:54:89:bc:36:bb:ab:15:ae:d5:
f6:53:3a:d3:87:85:ca:0b:ff:4a:0a:f0:af:df:68:e4:c2:7c:
ca:2e:19:6d:a0:6a:72:ec:c1:9b:59:1e:3a:31:c7:2a:9b:a9:
ab:6c:6c:0d:7c:0c:42:6b:07:47:a5:50:e2:0f:83:96:62:de:
82:73:54:be:ec:b6:90:5b:6f:8f:4f:cd:bb:b3:a1:81:51:ad:
b0:90:11:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVokKLuYWkKZUuKk3PT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTgwMjg3MDZhZGU2OTAzMzg2YWNjZDk1MDIzODU2NjQxNmJhOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrtC2ZyTOgDfSMUIa7chAz5kSdQ6
elsX/HY6GADXZZGhncJb8zuH3RYyWimH20bWXAWQp2m4hzMSMWNDzaYd5r+8/5sY
YRQRSM0YAYm3EBW24pXIH2lZulwr5RQFqzejykQLKdVfmciAqq3uekoe7sIq6Hps
6I4n7XY7792rAhRGRFYKs5fBYsSjgJpF2JBbaZA8Q/N4FE5UvZ0bkoW5yX11ciNo
kuFZga0PnZ8SrqN8CVxbtei9nBfNOfKr/Y+ab/3b7t1e82KAbcGf2CPcIqp4mxiw
PfeuKqaz0nSLMSptLlEZV7dq5lB57AR7IYcLL2Y1GQ68WsZUrQ+kLLsZyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBqAKHBq3mkDOGrM2VAjhWZBa6jUMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvR29Bb2NHcmVhUU00YXN6WlVDT0Zaa0ZycU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXuyiMA0G
CSqGSIb3DQEBCwUAA4IBAQCvEVwGDN7iGMW//mtrniP9bJ32dv3CH5Yf5vEjriSF
ZLxOngVQC7DC6KwYQa/FnlaH5oCJr9BompnaiZBn192ZV8KUnKJUZgzBK49KzSIi
QSNcXDBVALEQYrs5w5ivBxBc+FgV1Aycsla4whInMMLvHWRJyQdtZxvU8Xps6YuX
K0UUOUmFUBnJkF/9AmW2cXgS2TFI510D6U83puS1SBeD79Gb50gqgbJMG0VUibw2
u6sVrtX2UzrTh4XKC/9KCvCv32jkwnzKLhltoGpy7MGbWR46Mccqm6mrbGwNfAxC
awdHpVDiD4OWYt6Cc1S+7LaQW2+PT827s6GBUa2wkBHq
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:34 2024 by rpki-client on console-fra.rpki-client.org