Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/F2tTxdAMZ9cundJPo_hvAu60SEk.roa
File: F2tTxdAMZ9cundJPo_hvAu60SEk.roa (raw, json)
Hash identifier: GktWY6fl5sAaSDccgRTHmwEHMx0Zmv64V5aRj1qu4H8=
Subject key identifier: 17:6B:53:C5:D0:0C:67:D7:2E:9D:D2:4F:A3:F8:6F:02:EE:B4:48:49
Certificate issuer: /CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Certificate serial: 019016CE907357D0F07E0BB61490D901E95D
Authority key identifier: 80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/F2tTxdAMZ9cundJPo_hvAu60SEk.roa
Signing time: Fri 14 Jun 2024 12:52:34 +0000
ROA not before: Fri 14 Jun 2024 12:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49290
IP address blocks: 62.122.232.0/21 maxlen: 21
91.195.92.0/23 maxlen: 23
91.198.89.0/24 maxlen: 24
185.242.252.0/22 maxlen: 22
193.25.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.mft
rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:ce:90:73:57:d0:f0:7e:0b:b6:14:90:d9:01:e9:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=804ae76b1975fb4a8cbab2207189eed20232ff5f
Validity
Not Before: Jun 14 12:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=176b53c5d00c67d72e9dd24fa3f86f02eeb44849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d4:e8:71:80:b1:f7:f2:49:eb:4a:44:0b:41:
5b:b9:fb:92:2e:32:79:4a:6f:28:60:bf:6e:80:39:
34:9f:2e:d0:bd:85:8d:c4:a5:4d:01:fe:b2:1c:b8:
e8:4b:0e:fe:3e:4a:f5:98:14:64:17:d7:84:b1:b3:
a4:2a:87:fc:5d:be:30:b6:76:92:c7:fa:df:80:dd:
94:d4:b2:ee:2d:28:b7:dd:51:8e:c3:6b:02:0c:51:
71:92:e8:d9:40:5a:78:7e:95:dc:4f:f5:7e:76:5e:
bf:f3:a0:64:3b:d7:d9:11:d4:cf:59:5f:73:64:03:
f9:e3:d7:0e:a3:a6:b4:93:b5:30:fd:3b:01:11:5f:
18:d9:29:5b:5d:5f:cf:74:c7:dd:49:8c:bf:f7:37:
e1:4b:2c:66:6c:f0:aa:4a:97:49:b9:5f:e1:2b:bd:
fd:b0:13:ac:ed:40:b1:a0:0f:33:a6:2d:22:40:a3:
e4:3b:03:7d:0a:b2:52:11:2c:dd:05:50:cc:3f:05:
34:55:cf:45:b0:4f:22:73:f4:66:8b:89:aa:05:d4:
e2:8d:66:fa:c4:31:13:e2:fe:6b:79:19:2b:fb:30:
7a:84:fe:03:b8:47:c7:a9:41:f0:c3:f6:9f:4d:d2:
cc:5a:d2:e1:8e:96:2a:97:e8:bf:e8:29:47:19:45:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6B:53:C5:D0:0C:67:D7:2E:9D:D2:4F:A3:F8:6F:02:EE:B4:48:49
X509v3 Authority Key Identifier:
keyid:80:4A:E7:6B:19:75:FB:4A:8C:BA:B2:20:71:89:EE:D2:02:32:FF:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gErnaxl1-0qMurIgcYnu0gIy_18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/F2tTxdAMZ9cundJPo_hvAu60SEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/680992-38da-498f-a349-94227293c88e/1/gErnaxl1-0qMurIgcYnu0gIy_18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.122.232.0/21
91.195.92.0/23
91.198.89.0/24
185.242.252.0/22
193.25.248.0/22
Signature Algorithm: sha256WithRSAEncryption
59:a7:41:df:60:e9:5f:46:d2:0d:97:d2:59:03:d3:fd:68:27:
5a:a0:7d:93:8e:f9:c9:bd:a1:20:30:bc:70:28:fd:e5:65:68:
d6:4d:9c:35:8f:02:c1:b9:63:54:8e:eb:0b:7b:af:4e:8d:f4:
23:11:5b:73:cf:4b:91:41:df:b8:d2:ef:f2:3d:94:4a:b6:fb:
45:09:21:0d:46:1d:44:3c:67:86:31:3e:ed:4f:79:02:57:83:
04:d5:fe:c6:ca:d2:d3:c3:1a:4a:69:11:24:ec:e1:46:7c:c4:
54:69:ba:c2:1e:4d:1a:70:91:7f:34:05:6d:a5:d9:db:bb:68:
cc:98:98:bc:b9:92:16:59:33:85:e6:ec:0d:3d:3e:1f:ea:26:
7c:50:36:44:f4:5a:76:ed:ca:62:5a:03:9b:38:52:ef:de:1f:
0d:e8:69:eb:43:ad:7f:50:aa:2f:85:bb:83:cf:35:fd:a1:da:
88:38:85:f3:aa:30:0f:40:8b:26:b1:ea:6e:fc:bb:c3:72:06:
0e:93:29:23:61:72:10:37:15:22:33:ce:a3:07:f9:69:bc:6f:
36:40:1f:42:ea:3b:2a:52:24:ce:c7:38:bb:36:f5:56:b4:48:
b0:1b:ad:9a:59:ed:8d:90:02:09:d3:30:f7:ac:6d:f8:0c:29:
d1:80:87:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZAWzpBzV9Dwfgu2FJDZAeldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNGFlNzZiMTk3NWZiNGE4Y2JhYjIyMDcxODllZWQyMDIz
MmZmNWYwHhcNMjQwNjE0MTI1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZiNTNjNWQwMGM2N2Q3MmU5ZGQyNGZhM2Y4NmYwMmVlYjQ0ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNTocYCx9/JJ60pEC0FbufuSLjJ5
Sm8oYL9ugDk0ny7QvYWNxKVNAf6yHLjoSw7+Pkr1mBRkF9eEsbOkKof8Xb4wtnaS
x/rfgN2U1LLuLSi33VGOw2sCDFFxkujZQFp4fpXcT/V+dl6/86BkO9fZEdTPWV9z
ZAP549cOo6a0k7Uw/TsBEV8Y2SlbXV/PdMfdSYy/9zfhSyxmbPCqSpdJuV/hK739
sBOs7UCxoA8zpi0iQKPkOwN9CrJSESzdBVDMPwU0Vc9FsE8ic/Rmi4mqBdTijWb6
xDET4v5reRkr+zB6hP4DuEfHqUHww/afTdLMWtLhjpYql+i/6ClHGUXUpQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBdrU8XQDGfXLp3ST6P4bwLutEhJMB8GA1UdIwQY
MBaAFIBK52sZdftKjLqyIHGJ7tICMv9fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDkt
OTQyMjcyOTNjODhlLzEvRjJ0VHhkQU1aOWN1bmRKUG9faHZBdTYwU0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82ODA5OTItMzhkYS00OThmLWEzNDktOTQyMjcyOTNjODhl
LzEvZ0VybmF4bDEtMHFNdXJJZ2NZbnUwZ0l5XzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDPnroAwQB
W8NcAwQAW8ZZAwQCufL8AwQCwRn4MA0GCSqGSIb3DQEBCwUAA4IBAQBZp0HfYOlf
RtINl9JZA9P9aCdaoH2TjvnJvaEgMLxwKP3lZWjWTZw1jwLBuWNUjusLe69OjfQj
EVtzz0uRQd+40u/yPZRKtvtFCSENRh1EPGeGMT7tT3kCV4ME1f7GytLTwxpKaREk
7OFGfMRUabrCHk0acJF/NAVtpdnbu2jMmJi8uZIWWTOF5uwNPT4f6iZ8UDZE9Fp2
7cpiWgObOFLv3h8N6GnrQ61/UKovhbuDzzX9odqIOIXzqjAPQIsmsepu/LvDcgYO
kykjYXIQNxUiM86jB/lpvG82QB9C6jsqUiTOxzi7NvVWtEiwG62aWe2NkAIJ0zD3
rG34DCnRgIeU
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:36:57 2024 by rpki-client on console-ams.rpki-client.org