Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/CGP1bTScvjGFRvaXpqRv1aCNawY.roa
File: CGP1bTScvjGFRvaXpqRv1aCNawY.roa (raw, json)
Hash identifier: V6e3tnq/2L2XTBWjOkv/AZojPEiqOsnPiwyZ7fdKN84=
Subject key identifier: 08:63:F5:6D:34:9C:BE:31:85:46:F6:97:A6:A4:6F:D5:A0:8D:6B:06
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 01920A2D88351497DFB5B240B0E3D8F6DD0B
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/CGP1bTScvjGFRvaXpqRv1aCNawY.roa
Signing time: Thu 19 Sep 2024 12:06:49 +0000
ROA not before: Thu 19 Sep 2024 12:06:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 84.239.5.0/24 maxlen: 24
84.239.6.0/24 maxlen: 24
84.239.7.0/24 maxlen: 24
84.239.10.0/24 maxlen: 24
84.239.12.0/24 maxlen: 24
84.239.16.0/24 maxlen: 24
84.239.17.0/24 maxlen: 24
84.239.25.0/24 maxlen: 24
84.239.27.0/24 maxlen: 24
84.239.28.0/24 maxlen: 24
84.239.31.0/24 maxlen: 24
84.239.33.0/24 maxlen: 24
84.239.37.0/24 maxlen: 24
84.239.41.0/24 maxlen: 24
84.239.42.0/24 maxlen: 24
84.239.43.0/24 maxlen: 24
84.239.45.0/24 maxlen: 24
84.239.47.0/24 maxlen: 24
84.239.48.0/24 maxlen: 24
84.239.50.0/24 maxlen: 24
84.239.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:2d:88:35:14:97:df:b5:b2:40:b0:e3:d8:f6:dd:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Sep 19 12:06:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0863f56d349cbe318546f697a6a46fd5a08d6b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:3d:43:4c:e5:a4:36:da:a8:8e:0b:45:2a:
d0:c9:60:fd:55:1a:62:c7:b5:c0:1c:3a:df:c4:a5:
34:e2:3e:63:24:5d:19:54:6c:7f:5e:18:75:5b:a7:
1a:3f:41:cf:f0:1e:fa:a0:16:7b:4f:c3:be:fa:6d:
ce:99:43:b8:d2:86:38:6f:70:12:ff:ef:99:8b:75:
45:47:22:06:fa:63:90:f2:4e:96:aa:10:3f:89:61:
d6:f4:84:aa:f9:a5:31:f0:85:67:87:ea:96:06:9f:
bf:70:dc:ae:e7:d4:0c:6d:aa:99:83:03:33:c6:30:
73:f7:74:ee:22:f3:46:64:c8:a2:4c:16:f3:88:b7:
e9:77:74:79:c3:6c:f0:3a:d8:52:71:63:f9:a9:3d:
f3:ff:8d:69:13:fd:b5:83:41:ba:fa:03:d3:3d:73:
8e:13:75:5f:7b:b8:cc:cc:8e:2a:b1:33:9b:e3:7d:
8f:e9:7b:3b:17:9f:fe:16:63:e4:be:48:3d:11:96:
fc:50:2e:73:75:46:0e:f9:76:67:98:1c:f7:6d:59:
58:84:52:f9:15:26:37:73:e2:49:86:de:a3:0c:7b:
f9:0c:03:11:54:2e:89:bc:09:8a:af:52:13:64:22:
37:7c:b7:61:34:17:f3:44:aa:c9:ea:96:76:5f:dd:
d9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:63:F5:6D:34:9C:BE:31:85:46:F6:97:A6:A4:6F:D5:A0:8D:6B:06
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/CGP1bTScvjGFRvaXpqRv1aCNawY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.5.0-84.239.7.255
84.239.10.0/24
84.239.12.0/24
84.239.16.0/23
84.239.25.0/24
84.239.27.0-84.239.28.255
84.239.31.0/24
84.239.33.0/24
84.239.37.0/24
84.239.41.0-84.239.43.255
84.239.45.0/24
84.239.47.0-84.239.48.255
84.239.50.0/24
84.239.52.0/24
Signature Algorithm: sha256WithRSAEncryption
00:52:03:c5:33:df:e9:1a:57:a4:a3:ab:b9:6d:f4:53:3a:a4:
63:75:7b:c0:e7:57:54:45:4a:a0:31:71:7f:ca:57:db:ae:49:
51:9a:c2:19:32:2e:14:50:16:ad:aa:1d:3e:1a:37:84:1c:fb:
8a:9e:23:1e:56:50:82:3f:51:e6:e7:01:61:50:5c:17:35:22:
89:a5:5b:11:9e:14:64:e6:83:b7:fb:94:28:41:6f:22:12:b4:
30:57:86:ca:12:4b:0d:c6:18:36:70:ee:90:bf:13:ea:00:ef:
7f:59:25:77:6e:21:2c:01:f1:64:ce:cc:39:ea:4d:01:0d:bf:
58:f3:1c:ad:c5:19:84:1a:c6:ce:d1:70:54:0d:ed:fe:e5:12:
42:ef:b2:81:93:90:cb:a3:ef:9d:d1:a4:6a:e8:bf:eb:53:f8:
3f:c6:c0:9a:ee:fc:e9:fe:76:fe:dd:c7:58:f6:7b:35:99:c4:
27:66:c9:0b:19:ac:18:17:5f:04:3a:0a:ed:35:be:d8:e4:ab:
3b:1a:84:78:7b:12:91:f5:87:e9:a6:02:34:06:4e:4f:a8:03:
05:f1:58:7b:08:53:42:1c:a8:92:34:8d:a1:8f:38:7e:ff:9d:
22:92:d5:e0:9f:3f:76:4f:12:92:f1:da:1e:48:77:3d:43:01:
ff:8b:8f:87
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZIKLYg1FJfftbJAsOPY9t0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwOTE5MTIwNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODYzZjU2ZDM0OWNiZTMxODU0NmY2OTdhNmE0NmZkNWEwOGQ2YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6c9Q0zlpDbaqI4LRSrQyWD9VRpi
x7XAHDrfxKU04j5jJF0ZVGx/Xhh1W6caP0HP8B76oBZ7T8O++m3OmUO40oY4b3AS
/++Zi3VFRyIG+mOQ8k6WqhA/iWHW9ISq+aUx8IVnh+qWBp+/cNyu59QMbaqZgwMz
xjBz93TuIvNGZMiiTBbziLfpd3R5w2zwOthScWP5qT3z/41pE/21g0G6+gPTPXOO
E3Vfe7jMzI4qsTOb432P6Xs7F5/+FmPkvkg9EZb8UC5zdUYO+XZnmBz3bVlYhFL5
FSY3c+JJht6jDHv5DAMRVC6JvAmKr1ITZCI3fLdhNBfzRKrJ6pZ2X93ZMQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAhj9W00nL4xhUb2l6akb9WgjWsGMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvQ0dQMWJUU2N2akdGUnZhWHBxUnYxYUNOYXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQAVO8F
AwQDVO8AAwQAVO8KAwQAVO8MAwQBVO8QAwQAVO8ZMAwDBABU7xsDBABU7xwDBABU
7x8DBABU7yEDBABU7yUwDAMEAFTvKQMEAlTvKAMEAFTvLTAMAwQAVO8vAwQAVO8w
AwQAVO8yAwQAVO80MA0GCSqGSIb3DQEBCwUAA4IBAQAAUgPFM9/pGleko6u5bfRT
OqRjdXvA51dURUqgMXF/ylfbrklRmsIZMi4UUBatqh0+GjeEHPuKniMeVlCCP1Hm
5wFhUFwXNSKJpVsRnhRk5oO3+5QoQW8iErQwV4bKEksNxhg2cO6QvxPqAO9/WSV3
biEsAfFkzsw56k0BDb9Y8xytxRmEGsbO0XBUDe3+5RJC77KBk5DLo++d0aRq6L/r
U/g/xsCa7vzp/nb+3cdY9ns1mcQnZskLGawYF18EOgrtNb7Y5Ks7GoR4exKR9Yfp
pgI0Bk5PqAMF8Vh7CFNCHKiSNI2hjzh+/50iktXgnz92TxKS8doeSHc9QwH/i4+H
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:57:58 2024 by rpki-client on console-ams.rpki-client.org