Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/g_pk-v0idOX1YT9MscDBCa89SXo.roa
File: g_pk-v0idOX1YT9MscDBCa89SXo.roa (raw, json)
Hash identifier: Qrg7DShNGiK1h4tsAT4RUMlk//4wZIGYFtXXezBoR6A=
Subject key identifier: 83:FA:64:FA:FD:22:74:E5:F5:61:3F:4C:B1:C0:C1:09:AF:3D:49:7A
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 018CC26D01579B11B15EC91B80CE7F1FDB48
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/g_pk-v0idOX1YT9MscDBCa89SXo.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58224
IP address blocks: 109.95.66.0/24 maxlen: 24
109.95.65.0/24 maxlen: 24
109.95.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:01:57:9b:11:b1:5e:c9:1b:80:ce:7f:1f:db:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83fa64fafd2274e5f5613f4cb1c0c109af3d497a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:aa:d2:15:8d:da:37:90:c2:a3:a6:f4:0b:
c1:a9:02:42:56:6e:df:66:74:ab:3c:8e:fe:8b:81:
f3:ac:8d:48:3d:90:b5:87:96:64:e6:ec:84:4d:1d:
71:ad:00:1f:12:8c:70:ee:c1:92:85:0a:08:6d:94:
6b:8b:59:6c:3f:74:63:19:4b:ed:89:47:53:fe:a7:
eb:71:bc:bc:a7:ac:b2:93:ee:05:0d:27:23:9e:da:
44:a9:28:8e:e5:07:e1:09:7b:56:31:55:7c:8e:33:
10:d9:0d:89:4e:22:9c:16:2e:b4:f7:6f:b6:1b:78:
70:e0:3d:c4:69:f9:be:0b:eb:64:e4:92:e4:70:d6:
fd:23:d7:f1:c7:33:db:f2:b4:c0:60:47:ba:93:1e:
e9:65:72:38:07:93:48:fb:e3:fe:2f:4b:ba:5a:7e:
da:df:18:bf:f3:13:19:e8:f3:d3:d2:ca:94:1d:a4:
0b:5a:e2:6d:7e:76:fe:70:73:0c:42:95:e0:d8:a7:
00:60:47:1f:6e:85:77:92:8b:29:4d:af:76:c9:20:
c1:a8:d2:2c:69:36:86:2d:46:f4:13:69:fb:f4:f3:
cb:e5:c2:6e:7d:2d:23:6b:98:1e:56:cc:e7:89:0f:
e2:ad:94:22:29:ac:80:14:ae:6a:1b:40:e2:c4:86:
4e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FA:64:FA:FD:22:74:E5:F5:61:3F:4C:B1:C0:C1:09:AF:3D:49:7A
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/g_pk-v0idOX1YT9MscDBCa89SXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.65.0-109.95.66.255
109.95.68.0/24
Signature Algorithm: sha256WithRSAEncryption
54:1c:e5:0f:fa:ed:30:b5:3c:ae:de:4b:10:c4:89:cd:02:b7:
c3:16:9f:45:59:85:10:0b:c6:4a:6a:70:4c:42:44:de:6a:16:
3f:e1:dd:2f:29:15:b2:69:b4:e3:28:20:07:22:a5:ab:86:9d:
14:5d:fa:a1:c1:c6:eb:da:e5:01:62:6c:5d:93:d0:3f:5c:1a:
56:9a:1b:bd:1d:76:67:c4:db:ed:2e:91:21:c2:1c:bf:f5:d2:
0f:f0:26:6c:5e:16:4f:cd:25:05:b8:21:0e:03:b0:89:ea:f3:
4e:d5:38:65:94:44:80:c6:f9:c0:bc:d6:41:5d:de:cd:e6:34:
81:e2:02:67:b3:7e:c9:d1:a1:b6:5d:98:6d:49:51:8d:e0:dc:
b6:11:1a:1b:41:47:ce:cc:22:b6:56:ee:b2:1e:bc:69:68:9a:
49:15:9a:78:3c:54:48:f8:45:3a:74:ab:2d:0a:98:16:d3:8b:
c0:73:76:75:43:08:4c:6f:84:ff:41:2d:a4:8f:e3:5a:65:db:
3a:e0:b2:91:38:97:bd:7a:fa:0f:f1:0d:2c:d5:9e:b2:f0:72:
59:74:00:fb:2c:08:aa:77:0a:e1:a9:a8:a5:7f:a6:33:d3:21:
13:d8:f6:11:fd:74:c0:86:38:1e:eb:1b:6d:8a:a6:5d:3b:af:
88:9b:58:6b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzCbQFXmxGxXskbgM5/H9tIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2ZhNjRmYWZkMjI3NGU1ZjU2MTNmNGNiMWMwYzEwOWFmM2Q0OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8uq0hWN2jeQwqOm9AvBqQJCVm7f
ZnSrPI7+i4HzrI1IPZC1h5Zk5uyETR1xrQAfEoxw7sGShQoIbZRri1lsP3RjGUvt
iUdT/qfrcby8p6yyk+4FDScjntpEqSiO5QfhCXtWMVV8jjMQ2Q2JTiKcFi6092+2
G3hw4D3Eafm+C+tk5JLkcNb9I9fxxzPb8rTAYEe6kx7pZXI4B5NI++P+L0u6Wn7a
3xi/8xMZ6PPT0sqUHaQLWuJtfnb+cHMMQpXg2KcAYEcfboV3kospTa92ySDBqNIs
aTaGLUb0E2n79PPL5cJufS0ja5geVszniQ/irZQiKayAFK5qG0DixIZO+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIP6ZPr9InTl9WE/TLHAwQmvPUl6MB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvZ19way12MGlkT1gxWVQ5TXNjREJDYTg5U1hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABtX0ED
BABtX0IDBABtX0QwDQYJKoZIhvcNAQELBQADggEBAFQc5Q/67TC1PK7eSxDEic0C
t8MWn0VZhRALxkpqcExCRN5qFj/h3S8pFbJptOMoIAcipauGnRRd+qHBxuva5QFi
bF2T0D9cGlaaG70ddmfE2+0ukSHCHL/10g/wJmxeFk/NJQW4IQ4DsInq807VOGWU
RIDG+cC81kFd3s3mNIHiAmezfsnRobZdmG1JUY3g3LYRGhtBR87MIrZW7rIevGlo
mkkVmng8VEj4RTp0qy0KmBbTi8BzdnVDCExvhP9BLaSP41pl2zrgspE4l716+g/x
DSzVnrLwcll0APssCKp3CuGpqKV/pjPTIRPY9hH9dMCGOB7rG22Kpl07r4ibWGs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:28 2024 by rpki-client on console-ams.rpki-client.org