Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gtI90OIkgnnRQt42jf2Jc7L1iW4.roa
File: gtI90OIkgnnRQt42jf2Jc7L1iW4.roa (raw, json)
Hash identifier: ARgGo/+i0SObjWCuhOSeBI0LVHmqZlLVPX3ITAC0kvU=
Subject key identifier: 82:D2:3D:D0:E2:24:82:79:D1:42:DE:36:8D:FD:89:73:B2:F5:89:6E
Certificate issuer: /CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Certificate serial: 018EB26DA5BCBAB95EB12000170D5BAD4E13
Authority key identifier: C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gtI90OIkgnnRQt42jf2Jc7L1iW4.roa
Signing time: Sat 06 Apr 2024 08:01:54 +0000
ROA not before: Sat 06 Apr 2024 08:01:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59655
IP address blocks: 176.97.156.0/23 maxlen: 23
176.97.156.0/24 maxlen: 24
176.97.157.0/24 maxlen: 24
178.255.200.0/22 maxlen: 22
178.255.201.0/24 maxlen: 24
178.255.202.0/23 maxlen: 23
178.255.202.0/24 maxlen: 24
178.255.203.0/24 maxlen: 24
178.255.204.0/23 maxlen: 23
178.255.204.0/24 maxlen: 24
178.255.205.0/24 maxlen: 24
178.255.206.0/23 maxlen: 23
185.199.12.0/24 maxlen: 24
185.199.13.0/24 maxlen: 24
185.199.14.0/24 maxlen: 24
185.199.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b2:6d:a5:bc:ba:b9:5e:b1:20:00:17:0d:5b:ad:4e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c224b69ed4a23b7b3e0674a3f994601d73b7baff
Validity
Not Before: Apr 6 08:01:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82d23dd0e2248279d142de368dfd8973b2f5896e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:47:c1:85:47:77:bb:c1:63:c7:80:99:5a:69:
ab:6b:ae:19:dd:1f:fb:0f:7b:5f:83:b9:fb:f4:a8:
f0:d2:43:cd:a0:2b:5b:6b:53:f1:10:e1:46:c1:75:
fd:3a:c2:f2:2e:af:d2:81:56:c1:6f:a0:0d:8f:04:
89:42:93:f9:65:5e:92:5b:20:fe:ad:79:0c:17:47:
fd:9e:31:69:52:e3:4b:09:fd:9e:0a:7a:a0:99:ef:
3c:e7:31:6b:37:cb:d5:34:c0:fd:e6:1a:8e:93:2a:
53:76:da:a7:e7:0e:bd:d3:35:dd:fe:09:30:0c:66:
d6:66:4e:a0:2a:0a:78:e9:25:0f:a4:b0:ff:90:cc:
2c:27:c0:f9:f2:f2:ad:d0:f9:57:95:b4:c4:79:2c:
b6:ac:17:e3:2c:ba:3d:e7:38:02:23:6a:d4:a3:08:
f3:23:4c:78:e6:73:08:5f:3c:9a:7a:83:47:f3:fb:
ff:91:f4:9f:71:a6:4d:58:bd:7a:16:01:ea:22:09:
c9:03:75:30:26:64:67:f0:90:59:b8:0b:ff:8e:a6:
7a:2e:66:a8:3c:b7:53:82:48:ec:67:6e:45:ae:f1:
55:d3:bf:68:e1:4c:e6:06:1b:99:58:19:eb:2a:86:
cc:8e:de:d5:08:d6:38:3d:4f:b1:d9:1f:3e:33:56:
60:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D2:3D:D0:E2:24:82:79:D1:42:DE:36:8D:FD:89:73:B2:F5:89:6E
X509v3 Authority Key Identifier:
keyid:C2:24:B6:9E:D4:A2:3B:7B:3E:06:74:A3:F9:94:60:1D:73:B7:BA:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/gtI90OIkgnnRQt42jf2Jc7L1iW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/0af199-fe47-4f5b-9c68-15b944577c86/1/wiS2ntSiO3s-BnSj-ZRgHXO3uv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.156.0/23
178.255.200.0/21
185.199.12.0/22
Signature Algorithm: sha256WithRSAEncryption
43:78:cd:f8:c0:03:ee:a2:64:0c:10:5a:68:17:9e:79:fb:4b:
56:da:99:ce:0a:f1:1c:27:fc:5e:13:b1:61:d6:99:ce:83:4d:
af:2a:73:73:97:27:97:26:f0:5a:03:40:59:5d:85:18:77:8c:
4c:94:c6:cf:df:3b:a8:ba:4a:01:c3:a9:c1:60:e4:84:8b:86:
7b:f2:05:6f:c3:49:a1:d6:af:8e:ae:99:e0:f3:e0:26:13:d2:
a1:76:84:a6:cc:8e:ea:c6:8b:ec:93:78:bb:7b:0e:2c:e9:ac:
62:7f:a6:3b:05:40:4d:da:ed:d2:f1:98:db:a3:06:5d:dc:f0:
00:be:1c:a2:75:b2:6b:93:9f:b9:19:85:04:aa:79:8c:0e:12:
07:bf:76:a9:1b:e4:0e:f2:c1:4d:4a:e9:9a:3f:cf:27:ac:ff:
6f:2b:c5:8b:6c:21:dd:24:58:15:3a:35:29:eb:bf:a5:21:9a:
d4:e3:35:72:d9:02:e9:97:17:93:62:1f:0b:39:dc:1e:4b:60:
81:05:da:81:f0:d9:00:9a:8a:51:ef:2a:c6:77:a3:51:10:47:
e6:c0:dd:53:2c:cf:92:b2:4f:db:c0:34:16:16:dd:71:a7:fb:
3d:d2:66:cd:79:92:71:40:43:90:86:eb:55:77:69:df:46:ce:
66:60:55:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6ybaW8urlesSAAFw1brU4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjRiNjllZDRhMjNiN2IzZTA2NzRhM2Y5OTQ2MDFkNzNi
N2JhZmYwHhcNMjQwNDA2MDgwMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQyM2RkMGUyMjQ4Mjc5ZDE0MmRlMzY4ZGZkODk3M2IyZjU4OTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkfBhUd3u8Fjx4CZWmmra64Z3R/7
D3tfg7n79Kjw0kPNoCtba1PxEOFGwXX9OsLyLq/SgVbBb6ANjwSJQpP5ZV6SWyD+
rXkMF0f9njFpUuNLCf2eCnqgme885zFrN8vVNMD95hqOkypTdtqn5w690zXd/gkw
DGbWZk6gKgp46SUPpLD/kMwsJ8D58vKt0PlXlbTEeSy2rBfjLLo95zgCI2rUowjz
I0x45nMIXzyaeoNH8/v/kfSfcaZNWL16FgHqIgnJA3UwJmRn8JBZuAv/jqZ6Lmao
PLdTgkjsZ25FrvFV079o4UzmBhuZWBnrKobMjt7VCNY4PU+x2R8+M1ZgowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILSPdDiJIJ50ULeNo39iXOy9YluMB8GA1UdIwQY
MBaAFMIktp7Uojt7PgZ0o/mUYB1zt7r/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgt
MTViOTQ0NTc3Yzg2LzEvZ3RJOTBPSWtnbm5SUXQ0MmpmMkpjN0wxaVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wYWYxOTktZmU0Ny00ZjViLTljNjgtMTViOTQ0NTc3Yzg2
LzEvd2lTMm50U2lPM3MtQm5Tai1aUmdIWE8zdXY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBsGGcAwQD
sv/IAwQCuccMMA0GCSqGSIb3DQEBCwUAA4IBAQBDeM34wAPuomQMEFpoF555+0tW
2pnOCvEcJ/xeE7Fh1pnOg02vKnNzlyeXJvBaA0BZXYUYd4xMlMbP3zuoukoBw6nB
YOSEi4Z78gVvw0mh1q+Orpng8+AmE9KhdoSmzI7qxovsk3i7ew4s6axif6Y7BUBN
2u3S8ZjbowZd3PAAvhyidbJrk5+5GYUEqnmMDhIHv3apG+QO8sFNSumaP88nrP9v
K8WLbCHdJFgVOjUp67+lIZrU4zVy2QLplxeTYh8LOdweS2CBBdqB8NkAmopR7yrG
d6NREEfmwN1TLM+Ssk/bwDQWFt1xp/s90mbNeZJxQEOQhutVd2nfRs5mYFVX
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:58 2024 by rpki-client on console-ams.rpki-client.org