Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/cc_gigPeu50sv85VxRSiAVow7FA.roa
File: cc_gigPeu50sv85VxRSiAVow7FA.roa (raw, json)
Hash identifier: JLxGZ3SqTBYH1J2PUMFkDQJa10pXZr8zJFqN6KGsxz8=
Subject key identifier: 71:CF:E0:8A:03:DE:BB:9D:2C:BF:CE:55:C5:14:A2:01:5A:30:EC:50
Certificate issuer: /CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Certificate serial: 018CC4935FE9FBE2A41B6F37C98881875D01
Authority key identifier: 8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/cc_gigPeu50sv85VxRSiAVow7FA.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205402
IP address blocks: 109.234.224.0/21 maxlen: 24
185.108.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.mft
rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5f:e9:fb:e2:a4:1b:6f:37:c9:88:81:87:5d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc4587335c290ff8f2b374df24abe2333bced5e
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71cfe08a03debb9d2cbfce55c514a2015a30ec50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cc:13:42:5c:00:82:65:c1:b2:91:fb:50:d8:
e1:df:e1:23:26:d0:81:05:67:cd:79:c0:9a:f3:e9:
1e:a4:0c:26:ac:52:21:2c:4b:3e:7f:b6:5e:08:a6:
86:e0:6b:38:0a:06:b0:e9:06:ad:cb:3d:92:2e:53:
61:2b:d2:3e:47:0e:34:89:15:65:54:69:cc:d4:3f:
6a:e7:a2:af:0b:de:7e:1b:4e:f2:64:f8:40:39:0f:
c4:7d:9b:8a:fc:db:b4:8a:e5:17:6c:f0:ae:e0:60:
6e:37:ba:90:45:38:5d:fa:d0:5e:69:bf:9e:4c:c9:
5c:3a:e4:92:cd:c7:15:e0:c2:bd:94:f8:ef:09:33:
b9:d9:df:70:6a:e3:be:e9:2d:ad:1c:e2:76:50:64:
0c:40:cf:fb:b0:83:c4:35:90:95:2f:ac:23:e8:dd:
64:10:f1:24:4f:74:8d:f5:f6:42:5d:6c:88:95:de:
c3:72:38:ac:f3:fb:05:8a:f8:50:3c:83:f7:8f:2b:
fb:ac:7a:c9:39:eb:c0:5d:7a:8d:7e:63:0f:3b:85:
f4:69:52:48:8b:c4:7f:6f:86:68:9b:87:39:a0:85:
01:cb:49:3a:87:d2:2a:94:dc:ec:e4:c0:20:c9:76:
52:95:ab:76:4a:09:8f:b5:32:b6:e7:64:32:c4:bf:
41:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CF:E0:8A:03:DE:BB:9D:2C:BF:CE:55:C5:14:A2:01:5A:30:EC:50
X509v3 Authority Key Identifier:
keyid:8D:C4:58:73:35:C2:90:FF:8F:2B:37:4D:F2:4A:BE:23:33:BC:ED:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jcRYczXCkP-PKzdN8kq-IzO87V4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/cc_gigPeu50sv85VxRSiAVow7FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a48017-59d4-4095-beef-d606d9925ab7/1/jcRYczXCkP-PKzdN8kq-IzO87V4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.224.0/21
185.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
14:08:00:eb:c6:bd:0e:2f:80:db:53:37:88:ba:03:d3:10:35:
5f:92:18:2b:f6:bb:e5:a0:5d:88:c0:d5:a8:04:75:d4:a8:3c:
4b:61:1f:e3:0b:1e:1d:2f:29:f3:79:8f:3c:b2:6d:0e:4d:34:
88:9c:60:08:81:37:2f:35:5d:89:9b:d2:9c:c9:91:0d:07:a8:
8b:bb:76:92:85:f1:ff:9a:32:f8:97:5f:3a:91:82:a4:49:6b:
be:92:64:f5:84:69:14:b0:bc:6b:95:2b:f0:ae:cf:08:14:54:
51:e5:84:55:e5:0f:6d:eb:a0:ad:99:c2:e5:42:c6:a2:72:66:
8f:74:43:59:71:35:20:52:7e:f4:84:ce:ea:3c:2b:fe:27:90:
c2:2f:1e:4a:d3:44:18:81:df:8f:f0:38:25:07:f1:1d:9e:29:
8d:dd:73:68:ac:26:28:39:5f:dc:f1:1b:bc:20:a6:e7:2f:19:
92:01:74:33:f2:1a:05:ef:5d:9f:d7:ed:ff:4b:c0:7b:5c:27:
50:6c:10:c1:cc:56:0c:ed:60:bc:d3:8c:df:5c:c7:00:06:7f:
34:ed:e3:fa:41:ae:4c:71:36:4c:7a:2a:c9:2e:77:fc:69:0f:
50:28:41:39:61:1a:1e:a9:98:e7:6a:17:57:58:bf:f6:a0:d8:
a7:b7:91:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk1/p++KkG283yYiBh10BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzQ1ODczMzVjMjkwZmY4ZjJiMzc0ZGYyNGFiZTIzMzNi
Y2VkNWUwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNmZTA4YTAzZGViYjlkMmNiZmNlNTVjNTE0YTIwMTVhMzBlYzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiswTQlwAgmXBspH7UNjh3+EjJtCB
BWfNecCa8+kepAwmrFIhLEs+f7ZeCKaG4Gs4Cgaw6Qatyz2SLlNhK9I+Rw40iRVl
VGnM1D9q56KvC95+G07yZPhAOQ/EfZuK/Nu0iuUXbPCu4GBuN7qQRThd+tBeab+e
TMlcOuSSzccV4MK9lPjvCTO52d9wauO+6S2tHOJ2UGQMQM/7sIPENZCVL6wj6N1k
EPEkT3SN9fZCXWyIld7Dcjis8/sFivhQPIP3jyv7rHrJOevAXXqNfmMPO4X0aVJI
i8R/b4Zom4c5oIUBy0k6h9IqlNzs5MAgyXZSlat2SgmPtTK252QyxL9BcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHHP4IoD3rudLL/OVcUUogFaMOxQMB8GA1UdIwQY
MBaAFI3EWHM1wpD/jys3TfJKviMzvO1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYt
ZDYwNmQ5OTI1YWI3LzEvY2NfZ2lnUGV1NTBzdjg1VnhSU2lBVm93N0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNDgwMTctNTlkNC00MDk1LWJlZWYtZDYwNmQ5OTI1YWI3
LzEvamNSWWN6WENrUC1QS3pkTjhrcS1Jek84N1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbergAwQC
uWxcMA0GCSqGSIb3DQEBCwUAA4IBAQAUCADrxr0OL4DbUzeIugPTEDVfkhgr9rvl
oF2IwNWoBHXUqDxLYR/jCx4dLynzeY88sm0OTTSInGAIgTcvNV2Jm9KcyZENB6iL
u3aShfH/mjL4l186kYKkSWu+kmT1hGkUsLxrlSvwrs8IFFRR5YRV5Q9t66CtmcLl
QsaicmaPdENZcTUgUn70hM7qPCv+J5DCLx5K00QYgd+P8DglB/EdnimN3XNorCYo
OV/c8Ru8IKbnLxmSAXQz8hoF712f1+3/S8B7XCdQbBDBzFYM7WC804zfXMcABn80
7eP6Qa5McTZMeirJLnf8aQ9QKEE5YRoeqZjnahdXWL/2oNint5GC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:22 2024 by rpki-client on console-ams.rpki-client.org