Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/GxK70MZxLYx8qXLUPuipKdF6AD4.roa
File: GxK70MZxLYx8qXLUPuipKdF6AD4.roa (raw, json)
Hash identifier: YnqugVgTD4pnamRm/fSWmHvH92SK1OGc52L7IowKS14=
Subject key identifier: 1B:12:BB:D0:C6:71:2D:8C:7C:A9:72:D4:3E:E8:A9:29:D1:7A:00:3E
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 018CCA2B50C6BF7CE8BDD1D00AAF746A3C46
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/GxK70MZxLYx8qXLUPuipKdF6AD4.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49666
IP address blocks: 176.65.243.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:50:c6:bf:7c:e8:bd:d1:d0:0a:af:74:6a:3c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b12bbd0c6712d8c7ca972d43ee8a929d17a003e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:8f:03:46:97:db:81:45:e8:a0:61:ed:63:
f4:fb:9b:28:6c:5f:6f:d9:ae:a9:d7:db:d8:f5:db:
67:4f:4f:89:93:0e:c6:5e:51:39:ee:8d:8c:02:1d:
8c:22:22:a4:97:78:d3:f6:82:7d:66:16:04:63:a5:
9c:4d:66:fd:78:3d:70:35:0c:ad:a5:ad:3a:11:6f:
05:d4:9d:48:79:5e:86:23:7d:6e:c3:a0:3e:a1:07:
e3:c2:1d:3a:f5:88:55:25:70:1c:e3:c2:e6:48:80:
07:2d:2e:07:13:09:40:77:6f:25:61:89:01:4c:72:
c3:80:3e:7e:07:76:e0:78:4e:1b:71:78:63:47:28:
df:2d:37:90:df:06:c1:77:44:b1:e9:54:5b:a6:43:
5f:52:26:b3:1b:42:3f:1d:2d:e2:37:fd:c8:8e:cd:
1a:e2:2e:34:43:72:87:a0:04:07:74:5e:5e:c7:1e:
94:02:f7:e3:cc:89:bb:38:b1:39:e0:ca:b0:b7:01:
16:bb:e7:47:e1:e6:ce:fa:6b:33:3f:95:d9:0d:18:
f4:db:2c:84:a9:b6:21:c9:11:8f:40:6d:8d:67:3d:
86:ef:22:37:74:19:43:09:72:68:28:93:06:a8:01:
82:7f:d2:c1:1a:60:0d:05:ac:3f:a9:7d:e8:70:af:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:12:BB:D0:C6:71:2D:8C:7C:A9:72:D4:3E:E8:A9:29:D1:7A:00:3E
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/GxK70MZxLYx8qXLUPuipKdF6AD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.243.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f7:58:18:80:08:03:f1:1a:fb:fe:1e:e9:65:d3:3e:63:7b:
8d:2f:b9:86:51:01:68:b1:15:35:d2:96:72:23:be:5d:c1:2e:
f1:a3:1f:40:95:91:1e:41:6b:72:5d:7e:9a:df:8e:b9:94:d4:
c1:bc:15:07:63:65:2f:db:b3:38:89:ca:ec:28:ae:9c:53:12:
fc:ac:6b:22:5f:b2:21:7d:36:a7:97:cd:0f:72:b8:42:1d:b0:
2a:9f:c9:bc:82:98:58:7e:a6:8c:01:7c:94:ce:e2:9f:89:ce:
fe:23:1c:e1:c4:2b:34:fa:f8:a5:ca:8a:b9:23:18:30:7e:84:
d8:cc:8a:54:83:ed:26:3d:41:81:89:e3:49:20:26:5e:ad:cb:
0a:22:7a:d2:f8:bc:5b:32:a5:27:7a:bd:98:40:ca:83:70:3e:
cc:9b:6d:9e:0f:77:b3:76:19:ec:47:12:e4:bd:a4:67:ef:08:
3d:e8:4b:8e:25:1d:c4:3f:df:5d:0a:4b:b4:33:71:5c:ad:e0:
64:6b:5e:92:0e:c3:f8:f2:85:99:fd:67:2d:57:e8:28:b5:15:
f2:51:58:af:db:6e:9b:6b:2c:52:ae:6d:05:5b:2b:6d:78:00:
d3:63:b3:c2:a4:d2:81:69:01:20:37:90:74:f9:39:8b:67:b4:
34:22:6a:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK1DGv3zovdHQCq90ajxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjEyYmJkMGM2NzEyZDhjN2NhOTcyZDQzZWU4YTkyOWQxN2EwMDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMaPA0aX24FF6KBh7WP0+5sobF9v
2a6p19vY9dtnT0+Jkw7GXlE57o2MAh2MIiKkl3jT9oJ9ZhYEY6WcTWb9eD1wNQyt
pa06EW8F1J1IeV6GI31uw6A+oQfjwh069YhVJXAc48LmSIAHLS4HEwlAd28lYYkB
THLDgD5+B3bgeE4bcXhjRyjfLTeQ3wbBd0Sx6VRbpkNfUiazG0I/HS3iN/3Ijs0a
4i40Q3KHoAQHdF5exx6UAvfjzIm7OLE54MqwtwEWu+dH4ebO+mszP5XZDRj02yyE
qbYhyRGPQG2NZz2G7yI3dBlDCXJoKJMGqAGCf9LBGmANBaw/qX3ocK8uGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBsSu9DGcS2MfKly1D7oqSnRegA+MB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvR3hLNzBNWnhMWXg4cVhMVVB1aXBLZEY2QUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsEHzMA0G
CSqGSIb3DQEBCwUAA4IBAQAk91gYgAgD8Rr7/h7pZdM+Y3uNL7mGUQFosRU10pZy
I75dwS7xox9AlZEeQWtyXX6a3465lNTBvBUHY2Uv27M4icrsKK6cUxL8rGsiX7Ih
fTanl80PcrhCHbAqn8m8gphYfqaMAXyUzuKfic7+IxzhxCs0+vilyoq5IxgwfoTY
zIpUg+0mPUGBieNJICZercsKInrS+LxbMqUner2YQMqDcD7Mm22eD3ezdhnsRxLk
vaRn7wg96EuOJR3EP99dCku0M3FcreBka16SDsP48oWZ/WctV+gotRXyUViv226b
ayxSrm0FWytteADTY7PCpNKBaQEgN5B0+TmLZ7Q0ImoU
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:41 2024 by rpki-client on console-fra.rpki-client.org