Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/gnKhCSuNZaUmrcG1uGpQzxhx2KQ.roa
File: gnKhCSuNZaUmrcG1uGpQzxhx2KQ.roa (raw, json)
Hash identifier: iqfN3Q1Un8yeLGIYksVZAh6qUny2xDzK9f7K6RbKoKw=
Subject key identifier: 82:72:A1:09:2B:8D:65:A5:26:AD:C1:B5:B8:6A:50:CF:18:71:D8:A4
Certificate issuer: /CN=351353429e72eb286cc18ecbeb8fa71a31c08190
Certificate serial: 018CC8013A9018B1E8A43A073DDAA3C62FCD
Authority key identifier: 35:13:53:42:9E:72:EB:28:6C:C1:8E:CB:EB:8F:A7:1A:31:C0:81:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/gnKhCSuNZaUmrcG1uGpQzxhx2KQ.roa
Signing time: Tue 02 Jan 2024 02:29:32 +0000
ROA not before: Tue 02 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62284
IP address blocks: 185.110.28.0/24 maxlen: 24
185.110.28.0/22 maxlen: 22
185.110.29.0/24 maxlen: 24
185.110.30.0/24 maxlen: 24
185.110.31.0/24 maxlen: 24
2a13:e180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/NRNTQp5y6yhswY7L64-nGjHAgZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/NRNTQp5y6yhswY7L64-nGjHAgZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3a:90:18:b1:e8:a4:3a:07:3d:da:a3:c6:2f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351353429e72eb286cc18ecbeb8fa71a31c08190
Validity
Not Before: Jan 2 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8272a1092b8d65a526adc1b5b86a50cf1871d8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7a:39:78:5e:c2:06:27:03:7a:e0:4e:13:e0:
44:7e:ac:48:69:bb:93:fc:91:10:2b:ba:76:92:e0:
67:ac:c0:25:b1:4a:40:4d:fe:32:b9:26:76:03:85:
4c:0d:3d:89:c4:f3:48:3f:18:8e:22:3c:5c:3e:d3:
7a:c7:7b:9d:28:22:32:0a:cc:69:e2:80:e9:d6:ac:
51:f7:f1:8c:49:33:97:a1:27:8b:a9:85:47:f7:70:
f7:00:21:f5:3d:ef:89:58:a7:e1:32:0c:2e:95:4d:
91:f5:2d:09:bb:46:ab:f1:47:e2:0c:c5:63:97:b4:
4c:7f:f1:5f:14:35:f3:84:04:7c:11:93:14:ac:d5:
5c:57:9b:2a:c5:82:4f:da:c7:0f:3a:27:c3:c2:15:
a3:38:4a:de:d4:32:09:98:7d:99:ea:e3:a7:02:ae:
3a:6d:94:dd:ab:ba:8b:72:c1:6f:2a:45:1e:09:24:
dc:b7:18:7e:3d:69:4f:6f:bd:fc:78:f5:50:fc:8f:
8e:10:48:37:cb:e0:a4:77:b7:ae:f0:e8:2d:15:8b:
22:00:7a:62:dc:74:23:e7:f1:2f:d0:ba:41:1b:b4:
a2:12:aa:bb:a0:c6:aa:ef:19:58:6e:a1:ab:2f:1a:
77:b7:37:2a:8b:1c:42:2c:b1:73:06:29:ad:23:a0:
b0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:72:A1:09:2B:8D:65:A5:26:AD:C1:B5:B8:6A:50:CF:18:71:D8:A4
X509v3 Authority Key Identifier:
keyid:35:13:53:42:9E:72:EB:28:6C:C1:8E:CB:EB:8F:A7:1A:31:C0:81:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/gnKhCSuNZaUmrcG1uGpQzxhx2KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/NRNTQp5y6yhswY7L64-nGjHAgZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.28.0/22
IPv6:
2a13:e180::/29
Signature Algorithm: sha256WithRSAEncryption
17:af:c7:9e:41:17:53:51:a8:6d:f7:48:19:8f:59:8c:90:32:
24:5c:00:81:62:7a:5e:c2:cf:a8:02:b3:f2:5f:1e:8d:3b:fe:
96:7c:1c:a9:78:c2:fd:1a:94:71:da:be:22:0d:3f:fb:89:f9:
73:ca:63:a3:5c:83:c1:e4:70:26:8d:0c:3c:8a:06:b4:2e:02:
e8:b2:70:c3:dd:4e:bc:81:7a:fb:f5:8e:43:a5:eb:27:6e:2f:
87:8a:41:84:f9:7d:57:51:c7:f1:f7:94:1e:24:aa:40:6d:53:
15:08:b1:89:cc:bd:df:3a:24:1b:23:cb:4a:22:75:5a:00:0f:
ae:eb:d6:e6:8a:92:9c:50:94:ba:7f:dc:aa:ad:c1:21:5f:50:
5a:57:54:fc:2b:d6:3d:85:ab:7c:37:c5:df:5f:2d:e1:27:36:
0f:48:47:d1:2f:b0:2e:e4:49:11:66:6e:1f:78:60:a0:88:13:
59:fb:5a:da:4b:fc:b5:ba:ef:03:31:fb:dc:55:b4:44:4b:25:
2b:74:0e:ea:2a:fb:2e:c1:93:c8:f3:9c:eb:0a:03:63:3b:fa:
90:e7:b3:94:c8:4d:d5:63:54:d7:4e:45:ff:d8:6e:42:32:1f:
4b:0b:0f:4c:00:00:69:f4:12:50:53:db:32:18:45:90:af:af:
49:e7:82:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIATqQGLHopDoHPdqjxi/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTM1MzQyOWU3MmViMjg2Y2MxOGVjYmViOGZhNzFhMzFj
MDgxOTAwHhcNMjQwMTAyMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjcyYTEwOTJiOGQ2NWE1MjZhZGMxYjViODZhNTBjZjE4NzFkOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHo5eF7CBicDeuBOE+BEfqxIabuT
/JEQK7p2kuBnrMAlsUpATf4yuSZ2A4VMDT2JxPNIPxiOIjxcPtN6x3udKCIyCsxp
4oDp1qxR9/GMSTOXoSeLqYVH93D3ACH1Pe+JWKfhMgwulU2R9S0Ju0ar8UfiDMVj
l7RMf/FfFDXzhAR8EZMUrNVcV5sqxYJP2scPOifDwhWjOEre1DIJmH2Z6uOnAq46
bZTdq7qLcsFvKkUeCSTctxh+PWlPb738ePVQ/I+OEEg3y+Ckd7eu8OgtFYsiAHpi
3HQj5/Ev0LpBG7SiEqq7oMaq7xlYbqGrLxp3tzcqixxCLLFzBimtI6CwnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIJyoQkrjWWlJq3BtbhqUM8YcdikMB8GA1UdIwQY
MBaAFDUTU0KecusobMGOy+uPpxoxwIGQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJOVFFwNXk2eWhzd1k3TDY0LW5HakhBZ1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTIzMDItODVjNS00ZWJjLTk2NDEt
MzkzNjk2ODlmMjdlLzEvZ25LaENTdU5aYVVtcmNHMXVHcFF6eGh4MktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTIzMDItODVjNS00ZWJjLTk2NDEtMzkzNjk2ODlmMjdl
LzEvTlJOVFFwNXk2eWhzd1k3TDY0LW5HakhBZ1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW4cMA0E
AgACMAcDBQMqE+GAMA0GCSqGSIb3DQEBCwUAA4IBAQAXr8eeQRdTUaht90gZj1mM
kDIkXACBYnpews+oArPyXx6NO/6WfBypeML9GpRx2r4iDT/7iflzymOjXIPB5HAm
jQw8iga0LgLosnDD3U68gXr79Y5Dpesnbi+HikGE+X1XUcfx95QeJKpAbVMVCLGJ
zL3fOiQbI8tKInVaAA+u69bmipKcUJS6f9yqrcEhX1BaV1T8K9Y9hat8N8XfXy3h
JzYPSEfRL7Au5EkRZm4feGCgiBNZ+1raS/y1uu8DMfvcVbRESyUrdA7qKvsuwZPI
85zrCgNjO/qQ57OUyE3VY1TXTkX/2G5CMh9LCw9MAABp9BJQU9syGEWQr69J54Lk
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:01:28 2024 by rpki-client on console-ams.rpki-client.org