Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/5b55b7-44b6-4f64-9b5a-9e0a5a2f61b8/1/gaphe0g9TRAmDjBGsKo3O-0fmvI.roa
File: gaphe0g9TRAmDjBGsKo3O-0fmvI.roa (raw, json)
Hash identifier: k2038kpc9mVCA6v+MAKuM2AqrFaWJ990DWpmtGfdV2Q=
Subject key identifier: 81:AA:61:7B:48:3D:4D:10:26:0E:30:46:B0:AA:37:3B:ED:1F:9A:F2
Certificate issuer: /CN=0df10c8a580543f92d19fd5f8f564beeaa48ca1e
Certificate serial: 0190028DEFAB5CFAD7F25BF449A8FC289605
Authority key identifier: 0D:F1:0C:8A:58:05:43:F9:2D:19:FD:5F:8F:56:4B:EE:AA:48:CA:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DfEMilgFQ_ktGf1fj1ZL7qpIyh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/5b55b7-44b6-4f64-9b5a-9e0a5a2f61b8/1/gaphe0g9TRAmDjBGsKo3O-0fmvI.roa
Signing time: Mon 10 Jun 2024 14:29:34 +0000
ROA not before: Mon 10 Jun 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208788
IP address blocks: 91.210.212.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/5b55b7-44b6-4f64-9b5a-9e0a5a2f61b8/1/DfEMilgFQ_ktGf1fj1ZL7qpIyh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/5b55b7-44b6-4f64-9b5a-9e0a5a2f61b8/1/DfEMilgFQ_ktGf1fj1ZL7qpIyh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DfEMilgFQ_ktGf1fj1ZL7qpIyh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:02:8d:ef:ab:5c:fa:d7:f2:5b:f4:49:a8:fc:28:96:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0df10c8a580543f92d19fd5f8f564beeaa48ca1e
Validity
Not Before: Jun 10 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81aa617b483d4d10260e3046b0aa373bed1f9af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:89:67:8a:49:5a:e4:ed:74:49:08:b2:77:84:
c7:1c:ed:12:0f:4d:b6:a9:a7:8f:ae:62:4b:c4:f5:
63:44:88:0e:81:dd:7a:b1:20:47:71:62:14:9a:35:
8e:f3:da:6e:d8:1d:9d:af:62:c0:0b:dc:e3:6b:29:
67:d2:f0:37:bb:de:c3:95:cb:5c:78:b6:25:7c:70:
97:9f:e5:4d:a5:ae:37:ff:95:43:21:0f:8a:e7:ae:
93:41:25:2f:84:16:13:fa:ec:d1:53:2c:c6:45:5c:
b2:62:fd:d9:45:bf:b0:9d:a5:73:76:ec:39:a6:00:
2a:fb:7e:2d:f6:b2:31:4a:e7:8d:e2:3e:a2:d5:e2:
bf:c2:6d:37:08:53:9b:6b:69:50:61:5f:69:ab:6f:
28:ca:94:31:d8:57:4f:88:ed:f8:ee:5f:56:b9:2c:
d1:c8:06:26:11:79:21:02:e0:6b:b2:29:65:df:89:
7f:25:df:98:ef:92:ba:7a:3e:6d:65:8a:73:34:ad:
47:52:83:75:22:8a:3d:a2:e7:c2:30:96:fd:90:f8:
ff:d9:f3:ab:dc:1b:28:83:6c:17:94:d6:96:14:22:
6b:bf:71:eb:7c:80:0d:37:ae:9a:28:c5:1a:f6:36:
eb:8d:f2:5b:56:28:02:46:db:74:3c:d5:63:55:dd:
4d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AA:61:7B:48:3D:4D:10:26:0E:30:46:B0:AA:37:3B:ED:1F:9A:F2
X509v3 Authority Key Identifier:
keyid:0D:F1:0C:8A:58:05:43:F9:2D:19:FD:5F:8F:56:4B:EE:AA:48:CA:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DfEMilgFQ_ktGf1fj1ZL7qpIyh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/5b55b7-44b6-4f64-9b5a-9e0a5a2f61b8/1/gaphe0g9TRAmDjBGsKo3O-0fmvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/5b55b7-44b6-4f64-9b5a-9e0a5a2f61b8/1/DfEMilgFQ_ktGf1fj1ZL7qpIyh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.212.0/22
Signature Algorithm: sha256WithRSAEncryption
93:70:60:2f:1d:e4:5d:d4:33:93:0f:c3:dd:32:e1:11:f7:1b:
e0:07:2d:0f:d8:ff:24:5c:e9:bd:cc:31:a6:d1:d0:f9:1e:6a:
e1:46:19:d1:75:1e:ac:bb:42:2a:a1:b7:46:89:ab:e1:c4:e9:
b1:c5:6d:c1:ba:4c:96:4c:06:91:65:28:8f:40:78:5c:20:c3:
8e:49:08:ff:86:2a:29:d4:a3:86:dc:e0:db:c5:bb:e6:02:1d:
85:33:bb:85:1d:43:d2:fe:26:c8:45:5a:b6:68:4d:57:91:19:
4c:04:ed:93:a1:37:ea:84:0b:d6:72:73:22:ed:d6:c2:77:3f:
c9:78:5b:d9:89:73:d0:59:2f:63:bb:45:d6:0c:08:75:b4:44:
78:25:40:43:b2:e3:fa:83:ee:db:cb:d9:28:bf:a4:9f:79:76:
7c:2d:9a:27:33:4d:03:ec:cb:5a:60:27:50:de:1d:53:04:6e:
01:5f:8e:fd:7f:5d:65:6a:bf:e7:40:34:50:e7:79:b3:cf:23:
64:41:f9:72:fb:bc:47:ac:7f:86:43:04:ea:06:b6:fd:f2:a8:
7a:a3:f5:b8:72:89:da:f4:9c:3f:5f:b5:53:04:fe:b5:d3:04:
aa:17:db:42:b9:95:9f:fb:33:ed:16:27:be:4d:58:8f:7c:c1:
09:1e:54:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZACje+rXPrX8lv0Saj8KJYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZjEwYzhhNTgwNTQzZjkyZDE5ZmQ1ZjhmNTY0YmVlYWE0
OGNhMWUwHhcNMjQwNjEwMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFhNjE3YjQ4M2Q0ZDEwMjYwZTMwNDZiMGFhMzczYmVkMWY5YWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIlnikla5O10SQiyd4THHO0SD022
qaePrmJLxPVjRIgOgd16sSBHcWIUmjWO89pu2B2dr2LAC9zjayln0vA3u97Dlctc
eLYlfHCXn+VNpa43/5VDIQ+K566TQSUvhBYT+uzRUyzGRVyyYv3ZRb+wnaVzduw5
pgAq+34t9rIxSueN4j6i1eK/wm03CFOba2lQYV9pq28oypQx2FdPiO347l9WuSzR
yAYmEXkhAuBrsill34l/Jd+Y75K6ej5tZYpzNK1HUoN1Ioo9oufCMJb9kPj/2fOr
3Bsog2wXlNaWFCJrv3HrfIANN66aKMUa9jbrjfJbVigCRtt0PNVjVd1NOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGqYXtIPU0QJg4wRrCqNzvtH5ryMB8GA1UdIwQY
MBaAFA3xDIpYBUP5LRn9X49WS+6qSMoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGZFTWlsZ0ZRX2t0R2YxZmoxWkw3cXBJeWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81YjU1YjctNDRiNi00ZjY0LTliNWEt
OWUwYTVhMmY2MWI4LzEvZ2FwaGUwZzlUUkFtRGpCR3NLbzNPLTBmbXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS81YjU1YjctNDRiNi00ZjY0LTliNWEtOWUwYTVhMmY2MWI4
LzEvRGZFTWlsZ0ZRX2t0R2YxZmoxWkw3cXBJeWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9LUMA0G
CSqGSIb3DQEBCwUAA4IBAQCTcGAvHeRd1DOTD8PdMuER9xvgBy0P2P8kXOm9zDGm
0dD5HmrhRhnRdR6su0IqobdGiavhxOmxxW3BukyWTAaRZSiPQHhcIMOOSQj/hiop
1KOG3ODbxbvmAh2FM7uFHUPS/ibIRVq2aE1XkRlMBO2ToTfqhAvWcnMi7dbCdz/J
eFvZiXPQWS9ju0XWDAh1tER4JUBDsuP6g+7by9kov6SfeXZ8LZonM00D7MtaYCdQ
3h1TBG4BX479f11lar/nQDRQ53mzzyNkQfly+7xHrH+GQwTqBrb98qh6o/W4cona
9Jw/X7VTBP610wSqF9tCuZWf+zPtFie+TViPfMEJHlRS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:24 2024 by rpki-client on console-fra.rpki-client.org