Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/gBtmVAWo3nCgvharkUTFNwsUS4w.roa
File: gBtmVAWo3nCgvharkUTFNwsUS4w.roa (raw, json)
Hash identifier: afEHB2bkyM8S/QYZHfvf7IdnBt6L0h6+2jRiVqz4IJs=
Subject key identifier: 80:1B:66:54:05:A8:DE:70:A0:BE:16:AB:91:44:C5:37:0B:14:4B:8C
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 019016AADBD3712A59C9C1767FC3B6ADEFEF
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/gBtmVAWo3nCgvharkUTFNwsUS4w.roa
Signing time: Fri 14 Jun 2024 12:13:34 +0000
ROA not before: Fri 14 Jun 2024 12:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60751
IP address blocks: 185.24.233.0/24 maxlen: 24
185.24.234.0/23 maxlen: 23
185.24.234.0/24 maxlen: 24
185.24.235.0/24 maxlen: 24
185.104.216.0/22 maxlen: 24
2a04:2e00::/32 maxlen: 36
2a04:2e03::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:aa:db:d3:71:2a:59:c9:c1:76:7f:c3:b6:ad:ef:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Jun 14 12:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=801b665405a8de70a0be16ab9144c5370b144b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:20:cb:0b:8b:04:ce:c5:6e:b4:62:31:af:90:
9a:ac:9a:9e:51:5d:91:70:95:5e:d9:43:c0:ce:45:
82:1d:e0:5b:3b:43:74:ce:22:87:86:24:e4:b3:eb:
d1:3c:7e:dd:0b:d7:3f:16:3b:61:30:1f:2d:c4:d0:
d3:79:3f:fa:b3:1e:d9:a2:dd:1a:89:98:45:4c:2d:
8c:83:f3:7c:69:df:4e:4a:76:fe:86:75:5c:d4:1c:
76:86:4e:19:20:e8:4f:b9:5b:8f:2c:15:fc:c8:7f:
49:ea:3f:9e:63:20:d5:0c:67:cc:2c:9b:16:77:6d:
8d:81:ba:91:fc:42:94:00:cd:b1:de:d4:ac:38:7f:
f2:ff:7e:7c:f4:9c:ec:71:6f:36:bd:44:fe:11:39:
c0:3b:f8:ea:0b:bd:fc:e0:e5:93:db:04:45:79:6a:
71:7a:0c:62:04:0d:1b:88:de:c9:9a:81:9e:57:27:
17:e9:6c:05:f8:4f:2d:01:01:67:59:c7:68:1f:5d:
93:ff:79:95:69:04:11:fb:2a:02:0a:ea:57:8f:4a:
f8:6b:74:1c:60:50:53:03:d6:af:89:8c:1a:95:63:
26:ee:de:d5:28:9e:92:b7:49:8d:47:52:29:bf:25:
cd:3a:50:e9:1c:57:9b:2c:e3:f2:e3:89:38:14:5d:
07:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1B:66:54:05:A8:DE:70:A0:BE:16:AB:91:44:C5:37:0B:14:4B:8C
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/gBtmVAWo3nCgvharkUTFNwsUS4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.233.0-185.24.235.255
185.104.216.0/22
IPv6:
2a04:2e00::/32
2a04:2e03::/32
Signature Algorithm: sha256WithRSAEncryption
6f:88:56:ad:62:47:d3:87:4f:8d:86:1b:e7:ec:05:09:db:9a:
5b:a5:3e:32:4c:bf:1a:3c:f5:5b:82:14:ca:fb:83:59:89:57:
70:29:13:3e:96:f5:04:da:f0:4e:49:15:b3:df:c4:11:04:33:
9c:a7:78:22:14:01:d7:85:e6:d4:55:27:99:f9:26:bc:9a:d1:
ba:57:51:60:07:ce:20:c7:21:ea:36:17:f4:00:9b:d4:7b:54:
86:28:55:30:ba:21:f9:9e:f8:74:2c:0e:93:cf:c0:5c:42:55:
ee:67:2f:ce:c8:05:55:f9:29:16:84:58:b4:d2:4f:2b:50:4c:
e3:95:9f:1b:ed:63:bf:90:30:87:94:28:d9:3d:04:0a:50:1b:
7c:48:02:f7:d6:0d:e8:66:bc:db:19:33:9d:a7:19:22:76:2b:
79:11:08:fa:3e:51:5f:8d:bf:2b:d8:b3:2d:4e:13:57:cf:d3:
23:bd:9e:3d:3d:91:a0:46:9e:25:c1:53:45:ac:b0:d6:31:92:
ef:d0:48:97:af:11:a9:0a:9d:66:49:d6:09:78:3f:ae:79:57:
5d:78:ac:c6:c3:76:80:f8:cb:63:55:c6:8c:1a:b4:41:85:74:
c5:1d:21:fd:a5:90:de:54:b5:b5:91:80:cf:d6:29:5f:24:de:
ed:70:7f:c5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZAWqtvTcSpZycF2f8O2re/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjQwNjE0MTIxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDFiNjY1NDA1YThkZTcwYTBiZTE2YWI5MTQ0YzUzNzBiMTQ0YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iDLC4sEzsVutGIxr5CarJqeUV2R
cJVe2UPAzkWCHeBbO0N0ziKHhiTks+vRPH7dC9c/FjthMB8txNDTeT/6sx7Zot0a
iZhFTC2Mg/N8ad9OSnb+hnVc1Bx2hk4ZIOhPuVuPLBX8yH9J6j+eYyDVDGfMLJsW
d22NgbqR/EKUAM2x3tSsOH/y/3589JzscW82vUT+ETnAO/jqC7384OWT2wRFeWpx
egxiBA0biN7JmoGeVycX6WwF+E8tAQFnWcdoH12T/3mVaQQR+yoCCupXj0r4a3Qc
YFBTA9aviYwalWMm7t7VKJ6St0mNR1IpvyXNOlDpHFebLOPy44k4FF0H1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIAbZlQFqN5woL4Wq5FExTcLFEuMMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvZ0J0bVZBV28zbkNndmhhcmtVVEZOd3NVUzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAC5GOkD
BAK5GOgDBAK5aNgwFAQCAAIwDgMFACoELgADBQAqBC4DMA0GCSqGSIb3DQEBCwUA
A4IBAQBviFatYkfTh0+Nhhvn7AUJ25pbpT4yTL8aPPVbghTK+4NZiVdwKRM+lvUE
2vBOSRWz38QRBDOcp3giFAHXhebUVSeZ+Sa8mtG6V1FgB84gxyHqNhf0AJvUe1SG
KFUwuiH5nvh0LA6Tz8BcQlXuZy/OyAVV+SkWhFi00k8rUEzjlZ8b7WO/kDCHlCjZ
PQQKUBt8SAL31g3oZrzbGTOdpxkidit5EQj6PlFfjb8r2LMtThNXz9MjvZ49PZGg
Rp4lwVNFrLDWMZLv0EiXrxGpCp1mSdYJeD+ueVddeKzGw3aA+MtjVcaMGrRBhXTF
HSH9pZDeVLW1kYDP1ilfJN7tcH/F
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:12 2024 by rpki-client on console-fra.rpki-client.org