Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/gi7z4kQnEDT4E-sqhpN3x_zqzsg.roa
File: gi7z4kQnEDT4E-sqhpN3x_zqzsg.roa (raw, json)
Hash identifier: nhDpJKNF8O/htW/AIfy9n4YRcA1Nc7wNh9fFOk6c1wQ=
Subject key identifier: 82:2E:F3:E2:44:27:10:34:F8:13:EB:2A:86:93:77:C7:FC:EA:CE:C8
Certificate issuer: /CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Certificate serial: 018CC64B68E0EBFAB5C55542BEE60CAF8663
Authority key identifier: 33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/gi7z4kQnEDT4E-sqhpN3x_zqzsg.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5392
IP address blocks: 195.36.0.0/18 maxlen: 18
2a00:1988::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/M7GzE5YIPOntUeRiiY4pTtghWuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/M7GzE5YIPOntUeRiiY4pTtghWuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:68:e0:eb:fa:b5:c5:55:42:be:e6:0c:af:86:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822ef3e244271034f813eb2a869377c7fceacec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3b:d4:c8:4a:fa:df:c5:6b:9a:c0:ee:c7:c9:
49:2b:6c:62:9c:f1:85:a2:a6:b9:88:c2:9c:ae:b8:
a4:44:c9:b7:55:e2:f9:4e:62:37:ec:96:8f:43:55:
df:26:eb:c8:a0:b8:1f:b8:76:38:29:48:57:62:46:
4f:44:1c:1a:c9:45:17:e4:d9:80:e6:5d:50:df:32:
66:9a:7d:64:25:53:7c:f0:66:8c:15:d4:90:07:ee:
91:dc:35:87:32:69:58:c0:e4:4c:5c:20:27:b5:85:
e5:7f:c2:6e:88:17:3d:c6:e4:11:a1:79:34:56:f9:
35:48:72:14:6a:4f:94:ed:4d:a7:88:26:4d:0c:48:
55:30:17:83:9a:65:ae:fc:67:0e:c3:c6:d2:f6:97:
69:d9:06:14:04:3d:f3:42:cf:46:12:cf:95:a1:7d:
14:52:2b:ea:94:4f:4b:c7:1a:f1:93:b7:e2:c2:c9:
32:fe:0d:9c:85:87:fa:b9:d4:80:22:aa:ed:e0:a2:
99:20:4c:7f:a5:36:5e:c5:c9:12:17:79:f3:48:75:
ee:14:33:10:a5:67:7c:c2:79:a2:97:9e:2d:fe:d4:
4a:85:b7:c3:98:5c:4f:1f:76:52:eb:50:57:c6:0e:
aa:4d:22:0c:3a:5c:a9:00:33:d0:1b:03:10:a4:6a:
8e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2E:F3:E2:44:27:10:34:F8:13:EB:2A:86:93:77:C7:FC:EA:CE:C8
X509v3 Authority Key Identifier:
keyid:33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/gi7z4kQnEDT4E-sqhpN3x_zqzsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/M7GzE5YIPOntUeRiiY4pTtghWuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.36.0.0/18
IPv6:
2a00:1988::/32
Signature Algorithm: sha256WithRSAEncryption
2f:cb:28:dc:53:da:34:74:b2:b2:70:87:2c:e6:fa:50:bb:a7:
56:e0:6f:28:bf:24:48:43:69:08:cf:42:79:aa:a7:b2:df:95:
2c:b0:bc:58:7a:65:3f:34:e7:39:3a:b0:35:3b:a7:23:c2:9d:
76:d8:73:81:51:a5:54:91:42:41:1c:88:dd:25:66:23:f9:3e:
7f:fa:cc:aa:4a:13:ad:bc:a6:56:2b:25:72:10:84:a7:23:31:
b0:d6:7e:90:ac:5e:bd:4d:bf:1a:0a:a2:2d:ba:31:d4:83:6a:
ed:da:c9:6c:2c:85:56:77:dd:8e:18:c2:d6:12:64:a1:5d:0c:
b2:c5:0b:8c:be:5d:de:66:9c:4d:5d:16:6a:d4:1c:e7:6d:ca:
6e:d3:f2:9a:7c:ce:c7:38:e8:04:98:59:91:ca:55:a7:71:73:
fa:24:28:97:16:62:f8:26:77:c4:95:30:07:ea:cb:cd:4f:ff:
25:89:6a:27:ca:09:ad:74:29:11:8f:0c:65:d8:bd:d7:82:c8:
54:83:42:1e:f3:80:06:96:74:e2:26:cf:9d:15:92:d6:60:b2:
2a:28:3f:8c:57:46:ec:7a:5f:4c:eb:72:9b:c9:aa:86:86:2b:
8d:be:2c:8b:34:81:b8:22:8b:f9:03:54:df:4d:37:db:ac:02:
54:1b:38:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS2jg6/q1xVVCvuYMr4ZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjFiMzEzOTYwODNjZTllZDUxZTQ2Mjg5OGUyOTRlZDgy
MTVhZTcwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJlZjNlMjQ0MjcxMDM0ZjgxM2ViMmE4NjkzNzdjN2ZjZWFjZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTvUyEr638VrmsDux8lJK2xinPGF
oqa5iMKcrrikRMm3VeL5TmI37JaPQ1XfJuvIoLgfuHY4KUhXYkZPRBwayUUX5NmA
5l1Q3zJmmn1kJVN88GaMFdSQB+6R3DWHMmlYwORMXCAntYXlf8JuiBc9xuQRoXk0
Vvk1SHIUak+U7U2niCZNDEhVMBeDmmWu/GcOw8bS9pdp2QYUBD3zQs9GEs+VoX0U
UivqlE9Lxxrxk7fiwsky/g2chYf6udSAIqrt4KKZIEx/pTZexckSF3nzSHXuFDMQ
pWd8wnmil54t/tRKhbfDmFxPH3ZS61BXxg6qTSIMOlypADPQGwMQpGqOcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIIu8+JEJxA0+BPrKoaTd8f86s7IMB8GA1UdIwQY
MBaAFDOxsxOWCDzp7VHkYomOKU7YIVrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAt
MzNlNjFiZDkxMmVhLzEvZ2k3ejRrUW5FRFQ0RS1zcWhwTjN4X3pxenNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAtMzNlNjFiZDkxMmVh
LzEvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGwyQAMA0E
AgACMAcDBQAqABmIMA0GCSqGSIb3DQEBCwUAA4IBAQAvyyjcU9o0dLKycIcs5vpQ
u6dW4G8ovyRIQ2kIz0J5qqey35UssLxYemU/NOc5OrA1O6cjwp122HOBUaVUkUJB
HIjdJWYj+T5/+syqShOtvKZWKyVyEISnIzGw1n6QrF69Tb8aCqItujHUg2rt2sls
LIVWd92OGMLWEmShXQyyxQuMvl3eZpxNXRZq1Bznbcpu0/KafM7HOOgEmFmRylWn
cXP6JCiXFmL4JnfElTAH6svNT/8liWonygmtdCkRjwxl2L3XgshUg0Ie84AGlnTi
Js+dFZLWYLIqKD+MV0bsel9M63KbyaqGhiuNviyLNIG4Iov5A1TfTTfbrAJUGziX
-----END CERTIFICATE-----
Generated at Tue Nov 26 14:55:03 2024 by rpki-client on console-ams.rpki-client.org