Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G4SARiVBhfLbTzoMlrgHgvMUrkY.roa
File: G4SARiVBhfLbTzoMlrgHgvMUrkY.roa (raw, json)
Hash identifier: J+pflT2mM15ubhaz6GEUtduiE5KZYQ+o1IWknevrKus=
Subject key identifier: 1B:84:80:46:25:41:85:F2:DB:4F:3A:0C:96:B8:07:82:F3:14:AE:46
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CD9468BE3C51032D1DDE88360FC6A44BB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G4SARiVBhfLbTzoMlrgHgvMUrkY.roa
Signing time: Fri 05 Jan 2024 10:58:48 +0000
ROA not before: Fri 05 Jan 2024 10:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396362
IP address blocks: 2a13:18c2::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:46:8b:e3:c5:10:32:d1:dd:e8:83:60:fc:6a:44:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 5 10:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b848046254185f2db4f3a0c96b80782f314ae46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:51:c5:50:31:9b:50:04:27:ab:17:27:25:ce:
74:73:d9:74:b2:33:59:9a:1c:a1:9d:ee:d8:dd:7f:
be:95:b5:ac:19:dc:24:4a:e1:8f:ff:c5:64:68:75:
7b:68:ef:15:c5:af:1f:2f:8b:6b:2b:38:44:16:30:
c5:15:cd:49:b6:79:18:56:c1:4a:04:d7:18:a1:72:
b5:bb:a0:ce:8c:dd:93:f7:49:e7:42:92:5d:3c:47:
2f:68:3b:8f:42:f8:8e:67:c6:d1:dd:22:2e:16:0b:
d2:40:d2:73:87:d7:67:a1:76:7c:da:ee:b0:1c:7e:
94:d3:02:b4:d7:9e:72:d9:56:b2:1d:7c:e3:1e:f2:
7b:d7:3d:03:f2:ae:2e:b4:29:29:90:d3:fe:b6:8f:
5c:8f:38:8a:ef:f0:d6:c6:77:82:92:b5:c1:54:b4:
fc:f5:35:e6:f7:c7:f0:5d:34:53:04:85:7e:84:e7:
ff:39:e7:94:c8:e3:ed:36:85:cc:ad:cd:3d:be:74:
b5:65:be:2b:56:6e:af:dd:f8:a0:3c:d1:3b:4b:38:
0b:a9:61:cf:d0:17:c3:06:51:fd:ab:1d:16:01:7a:
74:42:92:1a:93:53:f9:7b:4f:ef:47:39:17:65:ae:
cc:0f:60:77:45:03:d9:44:4e:5e:fd:bc:0e:ea:78:
fd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:84:80:46:25:41:85:F2:DB:4F:3A:0C:96:B8:07:82:F3:14:AE:46
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/G4SARiVBhfLbTzoMlrgHgvMUrkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a13:18c2::/32
Signature Algorithm: sha256WithRSAEncryption
25:17:e4:1d:44:ae:42:a1:aa:bd:e2:b9:ff:48:f4:f3:96:dd:
6f:62:8f:f7:1c:e2:80:20:b1:42:c0:8c:81:22:44:bc:2a:ea:
e7:71:65:6f:c4:dd:dc:9d:ab:15:2d:0c:0f:9a:81:d8:81:70:
2f:05:ff:02:df:be:25:7e:3e:47:7e:23:88:70:28:49:ab:e9:
5e:93:fe:34:71:b7:19:ea:9d:ab:ee:27:03:25:e7:22:7a:76:
79:2b:9c:38:75:c1:c2:39:ed:a8:a7:cd:5f:a4:12:4c:b0:6f:
0a:51:cc:c4:9f:f2:12:35:8f:38:0d:5c:46:52:68:98:f7:fa:
84:03:70:db:c4:9f:62:f6:58:9a:a1:23:76:86:50:5c:03:02:
70:ca:b3:85:01:e4:ed:02:bc:4a:dd:6d:ee:56:b9:63:a2:95:
f3:db:1a:5b:9a:07:d8:4c:a7:b3:ba:af:4b:3a:88:37:7e:9d:
db:b2:af:52:95:7b:d9:04:c6:ab:eb:93:b6:b1:e7:af:22:27:
69:65:a9:3d:36:ae:4a:8f:bd:56:78:4c:af:8d:74:24:60:85:
69:48:bc:e0:b1:7a:aa:7d:ed:1c:c2:7a:ea:20:2e:67:f3:44:
fc:ca:1e:a3:03:3f:87:37:e2:89:25:f4:8a:18:c2:3f:e4:80:
98:15:5a:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzZRovjxRAy0d3og2D8akS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTA1MTA1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg0ODA0NjI1NDE4NWYyZGI0ZjNhMGM5NmI4MDc4MmYzMTRhZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFHFUDGbUAQnqxcnJc50c9l0sjNZ
mhyhne7Y3X++lbWsGdwkSuGP/8VkaHV7aO8Vxa8fL4trKzhEFjDFFc1JtnkYVsFK
BNcYoXK1u6DOjN2T90nnQpJdPEcvaDuPQviOZ8bR3SIuFgvSQNJzh9dnoXZ82u6w
HH6U0wK0155y2VayHXzjHvJ71z0D8q4utCkpkNP+to9cjziK7/DWxneCkrXBVLT8
9TXm98fwXTRTBIV+hOf/OeeUyOPtNoXMrc09vnS1Zb4rVm6v3figPNE7SzgLqWHP
0BfDBlH9qx0WAXp0QpIak1P5e0/vRzkXZa7MD2B3RQPZRE5e/bwO6nj9KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBuEgEYlQYXy2086DJa4B4LzFK5GMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRzRTQVJpVkJoZkxiVHpvTWxyZ0hndk1VcmtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg4aggMH
ACoPHoAAAQMFACoTGMIwDQYJKoZIhvcNAQELBQADggEBACUX5B1ErkKhqr3iuf9I
9POW3W9ij/cc4oAgsULAjIEiRLwq6udxZW/E3dydqxUtDA+agdiBcC8F/wLfviV+
Pkd+I4hwKEmr6V6T/jRxtxnqnavuJwMl5yJ6dnkrnDh1wcI57ainzV+kEkywbwpR
zMSf8hI1jzgNXEZSaJj3+oQDcNvEn2L2WJqhI3aGUFwDAnDKs4UB5O0CvErdbe5W
uWOilfPbGluaB9hMp7O6r0s6iDd+nduyr1KVe9kExqvrk7ax568iJ2llqT02rkqP
vVZ4TK+NdCRghWlIvOCxeqp97RzCeuogLmfzRPzKHqMDP4c34okl9IoYwj/kgJgV
WqI=
-----END CERTIFICATE-----
Generated at Tue Apr 30 20:20:42 2024 by rpki-client on console-fra.rpki-client.org