Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/gdXpdvEUcuDJqJKHVPoJ7ZcSKg4.roa
File: gdXpdvEUcuDJqJKHVPoJ7ZcSKg4.roa (raw, json)
Hash identifier: 7/sv4/tvbjwOgaSFBGDjtMlWShEwPtxWendJmB37GNo=
Subject key identifier: 81:D5:E9:76:F1:14:72:E0:C9:A8:92:87:54:FA:09:ED:97:12:2A:0E
Certificate issuer: /CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Certificate serial: 018CC5DCCE9A42BDA718EE0182DB22B46447
Authority key identifier: A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/gdXpdvEUcuDJqJKHVPoJ7ZcSKg4.roa
Signing time: Mon 01 Jan 2024 16:30:31 +0000
ROA not before: Mon 01 Jan 2024 16:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.200.209.0/24 maxlen: 24
185.200.211.0/24 maxlen: 24
185.200.208.0/24 maxlen: 24
185.200.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ce:9a:42:bd:a7:18:ee:01:82:db:22:b4:64:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Validity
Not Before: Jan 1 16:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81d5e976f11472e0c9a8928754fa09ed97122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:67:a0:99:fb:f1:65:f4:b9:c1:1c:0b:dd:57:
c6:d0:0b:1b:03:20:92:5a:06:bc:67:9a:3a:c5:4f:
c5:02:06:84:15:b0:be:c2:be:b2:b8:86:03:6c:c4:
cc:24:ca:a1:ca:e2:b2:40:8f:61:ca:40:8f:e3:bc:
21:e3:0c:b5:f2:1c:78:b4:e3:2f:fe:3c:3e:8e:f2:
ad:61:aa:b4:70:7a:35:14:a7:f5:3b:93:09:8f:66:
a6:1e:14:05:84:fe:95:8f:57:f4:be:c6:eb:35:51:
65:57:fa:83:eb:ad:24:ab:62:73:7e:3a:4e:1a:e7:
29:dc:94:f7:35:94:94:1b:ed:11:98:14:72:fa:c5:
50:85:4d:f6:0f:94:14:7c:4a:6b:6a:f4:35:f1:b4:
1a:a5:fe:2f:fc:d7:b6:e1:f8:87:86:f8:ce:c0:85:
c1:6b:08:90:0f:88:fb:a6:34:35:4d:0f:9c:e6:25:
41:dd:63:5d:fb:52:8c:02:2b:b7:ac:3b:e6:1c:1d:
a2:e2:84:aa:10:eb:dc:f9:59:70:19:92:0d:bc:f7:
4a:21:18:c2:9b:77:28:8d:87:94:f9:e1:6a:a4:f8:
b2:b2:cb:05:91:34:3b:8d:a4:ee:2c:fb:30:0e:58:
46:ec:19:7e:06:bc:2e:76:53:e0:2f:78:d1:85:ef:
72:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D5:E9:76:F1:14:72:E0:C9:A8:92:87:54:FA:09:ED:97:12:2A:0E
X509v3 Authority Key Identifier:
keyid:A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/gdXpdvEUcuDJqJKHVPoJ7ZcSKg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.208.0/22
Signature Algorithm: sha256WithRSAEncryption
75:03:22:a7:39:de:2b:76:b2:68:55:54:fb:28:5b:b2:44:13:
c3:76:fa:94:2c:5e:2b:0a:42:af:9e:df:5c:eb:d2:ac:04:9e:
8d:8d:12:c6:bd:84:60:55:60:9a:8e:29:c9:9c:a5:9c:92:2d:
f6:4d:a4:9f:52:70:e8:fc:5f:e1:86:65:32:de:6b:84:85:ae:
3d:fe:32:fd:f5:0f:ac:34:23:79:f1:8d:78:c0:98:de:9f:a2:
1f:db:77:fe:76:85:90:08:87:42:22:a9:5d:71:5a:01:10:f6:
e0:f8:ab:8a:ea:68:70:48:48:b2:e8:b7:cb:44:83:c1:f3:ce:
5b:97:08:c5:ba:44:3f:4e:89:06:eb:dd:e1:f6:01:d0:f0:ad:
1b:71:d8:8f:3c:be:a8:70:7f:53:dc:68:85:24:45:22:1c:f3:
9d:f3:7c:e8:28:f5:2d:43:74:87:f6:c5:77:ed:61:79:c1:43:
3b:27:62:19:36:be:72:41:1d:0c:ca:08:89:c8:a5:18:4e:cf:
16:45:27:4f:2f:d5:f4:26:a9:07:8c:35:35:6b:ab:6f:f4:c4:
61:17:7a:22:e0:62:0b:61:84:48:2b:d7:2d:80:34:50:c2:5f:
48:23:fc:4f:16:b5:e7:75:f6:a7:bc:6d:2f:4f:89:d3:84:b5:
ea:4a:59:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3M6aQr2nGO4BgtsitGRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGJkNWQxZjg2ZGQ5ZGQ2NjYwNmExNGQzMWQ2NGNiMGVh
YWM4M2IwHhcNMjQwMTAxMTYzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQ1ZTk3NmYxMTQ3MmUwYzlhODkyODc1NGZhMDllZDk3MTIyYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmegmfvxZfS5wRwL3VfG0AsbAyCS
Wga8Z5o6xU/FAgaEFbC+wr6yuIYDbMTMJMqhyuKyQI9hykCP47wh4wy18hx4tOMv
/jw+jvKtYaq0cHo1FKf1O5MJj2amHhQFhP6Vj1f0vsbrNVFlV/qD660kq2JzfjpO
Gucp3JT3NZSUG+0RmBRy+sVQhU32D5QUfEpravQ18bQapf4v/Ne24fiHhvjOwIXB
awiQD4j7pjQ1TQ+c5iVB3WNd+1KMAiu3rDvmHB2i4oSqEOvc+VlwGZINvPdKIRjC
m3cojYeU+eFqpPiysssFkTQ7jaTuLPswDlhG7Bl+BrwudlPgL3jRhe9y3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHV6XbxFHLgyaiSh1T6Ce2XEioOMB8GA1UdIwQY
MBaAFKDb1dH4bdndZmBqFNMdZMsOqsg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAt
MTM1YzkxZWMxOTllLzEvZ2RYcGR2RVVjdURKcUpLSFZQb0o3WmNTS2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAtMTM1YzkxZWMxOTll
LzEvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucjQMA0G
CSqGSIb3DQEBCwUAA4IBAQB1AyKnOd4rdrJoVVT7KFuyRBPDdvqULF4rCkKvnt9c
69KsBJ6NjRLGvYRgVWCajinJnKWcki32TaSfUnDo/F/hhmUy3muEha49/jL99Q+s
NCN58Y14wJjen6If23f+doWQCIdCIqldcVoBEPbg+KuK6mhwSEiy6LfLRIPB885b
lwjFukQ/TokG693h9gHQ8K0bcdiPPL6ocH9T3GiFJEUiHPOd83zoKPUtQ3SH9sV3
7WF5wUM7J2IZNr5yQR0MygiJyKUYTs8WRSdPL9X0JqkHjDU1a6tv9MRhF3oi4GIL
YYRIK9ctgDRQwl9II/xPFrXndfanvG0vT4nThLXqSlnW
-----END CERTIFICATE-----
Generated at Thu May 2 23:23:42 2024 by rpki-client on console-ams.rpki-client.org