Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gRwH2kAEt-Mh6fCpqVMLHXfql2Y.roa
File: gRwH2kAEt-Mh6fCpqVMLHXfql2Y.roa (raw, json)
Hash identifier: NQBYIoR6qOGuGBg0pIYvhdlZtWE8A9c4ewxOl94fcwU=
Subject key identifier: 81:1C:07:DA:40:04:B7:E3:21:E9:F0:A9:A9:53:0B:1D:77:EA:97:66
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B6939DD0197E40D8DA56929184AAC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gRwH2kAEt-Mh6fCpqVMLHXfql2Y.roa
Signing time: Tue 02 Jan 2024 12:34:51 +0000
ROA not before: Tue 02 Jan 2024 12:34:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213279
IP address blocks: 2.57.252.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:69:39:dd:01:97:e4:0d:8d:a5:69:29:18:4a:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=811c07da4004b7e321e9f0a9a9530b1d77ea9766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:78:a9:5d:20:93:88:cf:d0:d9:14:90:12:8e:
e1:5f:94:1c:07:01:1a:95:98:cc:6c:36:65:8d:51:
f7:9f:40:9e:ff:9f:b0:0b:9b:3b:24:e3:b5:25:3e:
54:da:52:ee:28:c1:4f:0c:4b:7c:db:69:d3:6b:32:
e8:1f:6f:e8:cc:ff:95:99:c7:8d:72:4c:af:81:f9:
09:59:ff:f7:e8:cb:48:a8:1a:2a:ce:cf:73:b9:87:
66:09:26:eb:78:f4:5a:51:ce:33:80:cb:4c:ef:7e:
a3:af:ae:62:27:fc:5e:16:17:77:d7:01:91:bc:bb:
00:f2:c2:36:58:f9:95:6f:61:0c:0d:58:70:96:69:
ff:4c:fc:31:cb:fd:b1:36:25:88:85:a0:20:3c:00:
6c:37:64:fd:ac:47:24:a8:8f:0e:d5:35:29:43:4a:
f0:c2:0a:e8:86:0a:79:3b:f8:fc:8d:be:87:3e:a4:
85:38:8d:8e:32:54:89:9e:f4:bf:6b:39:58:09:51:
d6:61:61:30:7c:cb:1e:ef:65:63:42:26:ac:cb:19:
38:8d:f5:b7:c1:79:24:16:60:1f:93:80:dd:2f:9c:
27:7c:6e:6f:dd:eb:f4:c1:07:06:8a:12:5d:ee:af:
7a:2b:8c:b7:96:36:b2:f0:ed:75:78:eb:b6:c8:87:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1C:07:DA:40:04:B7:E3:21:E9:F0:A9:A9:53:0B:1D:77:EA:97:66
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/gRwH2kAEt-Mh6fCpqVMLHXfql2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.252.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2c:38:0b:77:94:ed:49:68:e8:59:a6:71:59:18:57:91:aa:
17:0b:ab:85:d7:68:95:ac:74:a3:7a:66:95:4f:5e:1f:95:ca:
9f:93:67:c1:5f:de:7d:74:8c:61:b8:84:0e:25:0b:fc:dc:c1:
2e:01:2a:39:43:db:d5:33:fc:59:e4:40:59:c5:84:10:cc:b7:
d5:67:50:10:bd:89:8b:b2:92:73:3a:30:5d:97:31:dd:5b:28:
d2:cd:d9:2f:68:cc:e9:38:48:fa:6c:57:41:6d:53:c1:56:f6:
aa:28:d5:f3:37:4c:64:c7:67:cf:2c:85:d4:ed:33:65:67:21:
3e:13:ee:e8:a3:eb:6b:e7:12:86:33:b6:2a:6d:50:6c:1d:e5:
ef:a0:6f:e4:ab:3a:fe:23:95:da:fa:57:1f:26:81:fa:e8:e7:
f2:8f:b6:e9:4c:ab:47:5f:4d:46:3d:4f:52:74:fe:fd:db:b2:
dd:a2:36:a9:4c:bc:2d:8d:e7:c6:c1:ec:62:5a:7d:35:a4:7f:
44:e5:75:34:a5:ee:37:88:8b:fd:c1:8b:6c:58:ec:b1:93:0c:
bf:76:54:62:c6:a9:1c:a1:78:e2:b4:d0:3b:a2:0e:a9:09:ca:
7f:c9:6d:78:32:53:58:70:a9:5b:05:48:26:6c:87:b0:21:9c:
6f:ab:58:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK2k53QGX5A2NpWkpGEqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFjMDdkYTQwMDRiN2UzMjFlOWYwYTlhOTUzMGIxZDc3ZWE5NzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33ipXSCTiM/Q2RSQEo7hX5QcBwEa
lZjMbDZljVH3n0Ce/5+wC5s7JOO1JT5U2lLuKMFPDEt822nTazLoH2/ozP+VmceN
ckyvgfkJWf/36MtIqBoqzs9zuYdmCSbrePRaUc4zgMtM736jr65iJ/xeFhd31wGR
vLsA8sI2WPmVb2EMDVhwlmn/TPwxy/2xNiWIhaAgPABsN2T9rEckqI8O1TUpQ0rw
wgrohgp5O/j8jb6HPqSFOI2OMlSJnvS/azlYCVHWYWEwfMse72VjQiasyxk4jfW3
wXkkFmAfk4DdL5wnfG5v3ev0wQcGihJd7q96K4y3ljay8O11eOu2yIeChQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEcB9pABLfjIenwqalTCx136pdmMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZ1J3SDJrQUV0LU1oNmZDcHFWTUxIWGZxbDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjn8MA0G
CSqGSIb3DQEBCwUAA4IBAQBELDgLd5TtSWjoWaZxWRhXkaoXC6uF12iVrHSjemaV
T14flcqfk2fBX959dIxhuIQOJQv83MEuASo5Q9vVM/xZ5EBZxYQQzLfVZ1AQvYmL
spJzOjBdlzHdWyjSzdkvaMzpOEj6bFdBbVPBVvaqKNXzN0xkx2fPLIXU7TNlZyE+
E+7oo+tr5xKGM7YqbVBsHeXvoG/kqzr+I5Xa+lcfJoH66Ofyj7bpTKtHX01GPU9S
dP7927LdojapTLwtjefGwexiWn01pH9E5XU0pe43iIv9wYtsWOyxkwy/dlRixqkc
oXjitNA7og6pCcp/yW14MlNYcKlbBUgmbIewIZxvq1jv
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:35 2024 by rpki-client on console-fra.rpki-client.org