Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/GqvVrTS1D1gVg90jZTPehWtQLRQ.roa
File: GqvVrTS1D1gVg90jZTPehWtQLRQ.roa (raw, json)
Hash identifier: LxVTM1klAU4F47R5N8ESdhoMkw/tOTpHAKU8mCez65o=
Subject key identifier: 1A:AB:D5:AD:34:B5:0F:58:15:83:DD:23:65:33:DE:85:6B:50:2D:14
Certificate issuer: /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial: 018CC5DC4939A729C05A776BE12DF3E9CB1D
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/GqvVrTS1D1gVg90jZTPehWtQLRQ.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25117
IP address blocks: 2a04:cec0:1380::/41 maxlen: 48
2a04:cec0:1300::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:49:39:a7:29:c0:5a:77:6b:e1:2d:f3:e9:cb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1aabd5ad34b50f581583dd236533de856b502d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2c:24:aa:dd:01:7a:81:15:d0:da:65:73:d8:
1c:77:04:c2:2d:fb:7d:a5:9e:01:5c:8e:20:ad:ad:
c5:74:1d:83:82:65:56:17:e6:84:29:f8:68:ff:5a:
96:78:21:d8:0e:40:bc:d3:0d:81:9d:13:5e:2f:51:
4f:4e:64:2c:f1:c0:83:ab:2e:7d:40:c4:6f:a8:55:
a8:f3:95:f9:7d:15:b3:77:2b:64:b5:61:e0:11:ef:
ab:ef:83:2e:40:4d:e2:a6:cb:77:88:b4:94:44:d1:
23:ce:95:ea:13:4c:be:e0:65:cc:eb:e6:55:1a:34:
fd:c3:20:dc:77:2e:77:f4:a7:e2:82:06:48:37:fc:
48:94:f2:b5:07:44:05:65:21:60:2a:82:ef:06:54:
d8:b2:07:5b:77:91:fb:f2:ef:19:94:b2:83:e9:06:
f9:ac:7b:e8:64:49:87:c8:5e:c0:08:9a:ed:e5:17:
b9:d5:b1:e9:5d:9e:b7:54:9f:d8:d0:f4:09:84:66:
da:c3:69:3f:5a:cc:1d:93:63:61:57:78:d5:e4:5e:
f2:7c:8b:4b:ee:61:27:37:b2:07:03:b2:5b:f9:44:
c9:a6:e2:fb:0b:de:94:0c:8d:3c:2c:65:db:52:7f:
f6:18:3b:ec:29:91:5d:9e:34:64:cd:5e:81:b2:b9:
a5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AB:D5:AD:34:B5:0F:58:15:83:DD:23:65:33:DE:85:6B:50:2D:14
X509v3 Authority Key Identifier:
keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/GqvVrTS1D1gVg90jZTPehWtQLRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:cec0:1300::/40
Signature Algorithm: sha256WithRSAEncryption
cd:c1:ed:f1:62:d0:49:bb:dd:56:82:50:79:b5:3a:5f:40:32:
9d:c8:20:40:bd:c7:3f:a2:af:3f:f3:3f:3c:a4:70:63:18:48:
f4:45:dc:1e:af:66:c8:e0:79:9b:a4:a2:71:5c:81:f0:b6:ac:
44:4a:cd:55:ee:92:d3:75:30:71:e6:14:fa:d4:9b:7a:d5:b6:
4a:9d:8e:eb:a2:83:9e:0f:2f:bf:2a:8a:76:a0:c4:f3:35:ae:
6b:6e:85:e5:ee:06:04:17:d0:b3:56:cf:66:ba:49:9c:bc:43:
d5:ad:0e:0b:ee:4d:b1:51:57:14:60:4c:5e:51:b8:3b:30:7a:
d0:e6:a3:76:7d:d1:47:3e:2c:a7:07:83:49:c0:36:2c:e2:7e:
b3:d8:c7:cb:98:95:b1:60:0b:19:ea:8e:98:59:1a:66:2c:df:
92:d3:42:35:42:7d:1a:36:7e:fe:3b:8a:38:9b:fc:6d:ec:fc:
b4:90:54:d3:ee:fb:e5:3c:2e:ae:60:0a:18:54:77:19:00:90:
36:8a:b7:79:0e:1d:2e:20:70:23:17:6d:27:91:cf:78:c2:62:
d6:3c:c3:c3:76:0c:b4:8a:a6:4e:37:61:d8:de:95:3e:ee:85:
8e:85:b6:13:e0:55:20:9d:cd:61:cc:1e:19:98:6a:bb:a3:9f:
04:09:4c:0c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3Ek5pynAWndr4S3z6csdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWFiZDVhZDM0YjUwZjU4MTU4M2RkMjM2NTMzZGU4NTZiNTAyZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSwkqt0BeoEV0Nplc9gcdwTCLft9
pZ4BXI4gra3FdB2DgmVWF+aEKfho/1qWeCHYDkC80w2BnRNeL1FPTmQs8cCDqy59
QMRvqFWo85X5fRWzdytktWHgEe+r74MuQE3ipst3iLSURNEjzpXqE0y+4GXM6+ZV
GjT9wyDcdy539KfiggZIN/xIlPK1B0QFZSFgKoLvBlTYsgdbd5H78u8ZlLKD6Qb5
rHvoZEmHyF7ACJrt5Re51bHpXZ63VJ/Y0PQJhGbaw2k/Wswdk2NhV3jV5F7yfItL
7mEnN7IHA7Jb+UTJpuL7C96UDI08LGXbUn/2GDvsKZFdnjRkzV6BsrmldwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBqr1a00tQ9YFYPdI2Uz3oVrUC0UMB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvR3F2VnJUUzFEMWdWZzkwalpUUGVoV3RRTFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgTOwBMw
DQYJKoZIhvcNAQELBQADggEBAM3B7fFi0Em73VaCUHm1Ol9AMp3IIEC9xz+irz/z
PzykcGMYSPRF3B6vZsjgeZukonFcgfC2rERKzVXuktN1MHHmFPrUm3rVtkqdjuui
g54PL78qinagxPM1rmtuheXuBgQX0LNWz2a6SZy8Q9WtDgvuTbFRVxRgTF5RuDsw
etDmo3Z90Uc+LKcHg0nANizifrPYx8uYlbFgCxnqjphZGmYs35LTQjVCfRo2fv47
ijib/G3s/LSQVNPu++U8Lq5gChhUdxkAkDaKt3kOHS4gcCMXbSeRz3jCYtY8w8N2
DLSKpk43YdjelT7uhY6FthPgVSCdzWHMHhmYarujnwQJTAw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:04 2024 by rpki-client on console-ams.rpki-client.org