Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/gjO2VFNvYrI6HCGYMhnkI-xD7YE.roa
File: gjO2VFNvYrI6HCGYMhnkI-xD7YE.roa (raw, json)
Hash identifier: ZM+EzBGJF44SDdS4pI4QInPJhbDzY5vcuEER1aEku6g=
Subject key identifier: 82:33:B6:54:53:6F:62:B2:3A:1C:21:98:32:19:E4:23:EC:43:ED:81
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 01922F01A069C2323C822392C139DA811922
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/gjO2VFNvYrI6HCGYMhnkI-xD7YE.roa
Signing time: Thu 26 Sep 2024 15:44:48 +0000
ROA not before: Thu 26 Sep 2024 15:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201769
IP address blocks: 78.93.50.0/24 maxlen: 24
185.114.68.0/24 maxlen: 24
212.93.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2f:01:a0:69:c2:32:3c:82:23:92:c1:39:da:81:19:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Sep 26 15:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8233b654536f62b23a1c21983219e423ec43ed81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2b:76:86:2c:78:c4:7f:db:6d:67:59:b5:aa:
e5:aa:ca:2c:e0:5b:f1:7e:23:97:19:b1:4d:79:01:
75:c4:a4:5a:c8:ca:0a:5c:fd:81:d5:d2:49:d9:41:
c3:82:81:3a:95:8e:a0:17:08:9c:1a:fc:98:ca:83:
20:46:db:27:b5:88:2c:36:a6:9c:92:9f:34:48:98:
42:69:f3:a1:62:bc:33:b9:4b:16:22:17:85:be:7a:
13:aa:e0:2a:0f:38:78:19:77:8e:01:fa:db:8a:f1:
d5:c3:c0:48:9a:2a:1e:03:7a:6a:35:ac:80:ca:85:
2a:4d:40:e7:08:46:d6:61:f3:5a:9f:9d:94:d2:ae:
73:40:46:cc:7d:26:bf:d9:8f:40:89:33:29:18:41:
59:6c:8d:c9:9e:aa:5d:1d:82:a4:92:36:f7:65:ef:
d0:df:03:2d:29:bc:ab:2b:11:47:61:3a:a3:e1:7b:
ed:61:e2:a4:9a:c4:67:8f:36:79:16:11:bc:23:54:
a2:f1:26:bb:87:c9:9b:c0:23:e3:9a:5b:8c:2b:59:
0d:32:30:a2:6a:61:16:ef:e6:2a:c5:d8:ec:09:d5:
af:93:78:39:56:85:5a:2f:be:7b:d7:0a:1f:81:ac:
12:04:85:8f:32:ef:e7:49:f1:c2:72:c1:c2:be:b6:
ca:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:33:B6:54:53:6F:62:B2:3A:1C:21:98:32:19:E4:23:EC:43:ED:81
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/gjO2VFNvYrI6HCGYMhnkI-xD7YE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.93.50.0/24
185.114.68.0/24
212.93.196.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:a4:48:d9:f8:ad:88:0c:e7:6b:24:52:7d:86:08:d4:68:cc:
66:5c:6c:79:b7:4c:91:de:1d:86:50:3b:7b:43:5a:33:21:07:
09:da:11:ed:3e:d8:87:1b:02:f9:cb:53:df:d7:06:2e:d5:d3:
4e:69:e2:b1:69:76:6b:26:aa:6a:50:90:4c:4d:f7:24:3b:03:
93:1a:b2:d7:08:ec:36:83:83:92:d3:f1:fc:19:9d:1a:6b:54:
71:6e:3e:80:f2:bd:2e:44:6f:f8:ec:20:fb:e5:2e:28:91:21:
28:6d:94:2c:bb:c8:22:d4:e6:2a:66:0a:1f:f2:56:4d:05:fd:
fc:62:5a:2d:c8:ce:87:4a:ff:01:ca:f7:74:7d:4a:5d:c4:27:
94:24:d1:21:de:98:36:b4:06:8c:6b:f6:d9:a8:37:3a:35:37:
7b:b8:1f:67:b9:fd:35:16:bc:92:d1:21:12:87:05:c2:33:5e:
0b:6b:28:86:fd:ff:1b:3a:71:af:5a:17:69:99:46:93:fb:fa:
a8:a5:74:88:0e:b9:d4:c8:34:ac:9d:6c:9e:8f:a5:b8:5a:8c:
1f:e9:25:27:38:e1:2f:6e:a7:f8:a1:4b:29:13:29:02:db:b6:
b3:9d:0c:4a:01:06:4f:30:bf:46:32:1c:d5:1a:b2:c1:d3:ef:
40:67:9c:8e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIvAaBpwjI8giOSwTnagRkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjQwOTI2MTU0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjMzYjY1NDUzNmY2MmIyM2ExYzIxOTgzMjE5ZTQyM2VjNDNlZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6St2hix4xH/bbWdZtarlqsos4Fvx
fiOXGbFNeQF1xKRayMoKXP2B1dJJ2UHDgoE6lY6gFwicGvyYyoMgRtsntYgsNqac
kp80SJhCafOhYrwzuUsWIheFvnoTquAqDzh4GXeOAfrbivHVw8BImioeA3pqNayA
yoUqTUDnCEbWYfNan52U0q5zQEbMfSa/2Y9AiTMpGEFZbI3JnqpdHYKkkjb3Ze/Q
3wMtKbyrKxFHYTqj4XvtYeKkmsRnjzZ5FhG8I1Si8Sa7h8mbwCPjmluMK1kNMjCi
amEW7+YqxdjsCdWvk3g5VoVaL7571wofgawSBIWPMu/nSfHCcsHCvrbK4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIIztlRTb2KyOhwhmDIZ5CPsQ+2BMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvZ2pPMlZGTnZZckk2SENHWU1obmtJLXhEN1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATl0yAwQA
uXJEAwQA1F3EMA0GCSqGSIb3DQEBCwUAA4IBAQC1pEjZ+K2IDOdrJFJ9hgjUaMxm
XGx5t0yR3h2GUDt7Q1ozIQcJ2hHtPtiHGwL5y1Pf1wYu1dNOaeKxaXZrJqpqUJBM
TfckOwOTGrLXCOw2g4OS0/H8GZ0aa1Rxbj6A8r0uRG/47CD75S4okSEobZQsu8gi
1OYqZgof8lZNBf38YlotyM6HSv8Byvd0fUpdxCeUJNEh3pg2tAaMa/bZqDc6NTd7
uB9nuf01FryS0SEShwXCM14LayiG/f8bOnGvWhdpmUaT+/qopXSIDrnUyDSsnWye
j6W4Wowf6SUnOOEvbqf4oUspEykC27aznQxKAQZPML9GMhzVGrLB0+9AZ5yO
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:47:46 2024 by rpki-client on console-ams.rpki-client.org