Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/loD0F1jcPWbpDP43o_lkBrOd7Rs.roa
File: loD0F1jcPWbpDP43o_lkBrOd7Rs.roa (raw, json)
Hash identifier: DUoOSwYo5m/Vr5HrhIh4DIBX9AmFyMx+tmCyxn1jd8c=
Subject key identifier: 96:80:F4:17:58:DC:3D:66:E9:0C:FE:37:A3:F9:64:06:B3:9D:ED:1B
Certificate issuer: /CN=90620638ca1d835650e08ddcf363f10789b53057
Certificate serial: 018CC3B69D7DA3CFB042E6DFB28405164811
Authority key identifier: 90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/loD0F1jcPWbpDP43o_lkBrOd7Rs.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397918
IP address blocks: 206.195.48.0/24 maxlen: 24
2a04:5781:3001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9d:7d:a3:cf:b0:42:e6:df:b2:84:05:16:48:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90620638ca1d835650e08ddcf363f10789b53057
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9680f41758dc3d66e90cfe37a3f96406b39ded1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:18:8d:cd:6b:46:e1:e3:4d:38:0b:3b:3a:52:
5a:70:c3:ce:07:89:b4:f6:26:0f:2d:a6:40:4a:2b:
78:c4:51:cd:e1:83:5a:fa:3c:90:85:1a:49:47:7c:
d3:58:fc:6c:11:59:11:7d:62:3f:fe:63:d0:3a:ab:
9a:1c:0d:4a:2a:7b:05:94:71:29:cd:e1:a3:9e:01:
b2:e1:54:5c:5f:a1:e0:e0:e7:2c:50:8c:e1:d4:21:
35:ba:19:c4:30:4a:1a:53:fd:65:06:54:d0:62:0a:
34:40:57:00:a9:10:15:f3:3e:77:fe:fa:fa:f1:80:
60:71:9f:e3:9b:b3:2d:fe:9f:1e:5a:95:d4:a8:0d:
3c:d4:0a:4d:8e:21:7d:65:3c:71:91:a4:9e:86:6e:
7e:0d:66:72:fc:3b:05:0b:7a:c4:38:2e:e5:ae:08:
f2:80:10:84:df:f6:ae:06:5e:42:fc:0e:a0:46:54:
41:2d:ba:28:d8:ec:a5:ac:4b:61:24:c3:be:7e:43:
5e:f5:40:75:65:0f:4d:d7:db:6d:2e:75:27:9f:00:
8b:65:40:77:cb:a4:5a:a8:6f:9a:17:a5:2d:35:b1:
1c:40:8b:06:46:a9:38:f2:8c:af:82:e6:b5:ed:f5:
a8:7b:f1:1c:c7:c6:68:b2:06:b2:f0:f0:80:38:94:
d1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:80:F4:17:58:DC:3D:66:E9:0C:FE:37:A3:F9:64:06:B3:9D:ED:1B
X509v3 Authority Key Identifier:
keyid:90:62:06:38:CA:1D:83:56:50:E0:8D:DC:F3:63:F1:07:89:B5:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGIGOModg1ZQ4I3c82PxB4m1MFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/loD0F1jcPWbpDP43o_lkBrOd7Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/41af2d-f3de-45d5-941c-c43ac429e53f/1/kGIGOModg1ZQ4I3c82PxB4m1MFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.195.48.0/24
IPv6:
2a04:5781:3001::/48
Signature Algorithm: sha256WithRSAEncryption
47:a9:07:f4:14:74:3b:b5:05:cf:4e:d2:1a:aa:50:83:f7:6c:
ca:5a:43:1b:05:e1:4d:14:71:97:ca:41:a3:54:87:61:a1:f8:
6c:2d:49:9f:42:26:e2:4f:4a:dc:87:37:79:01:e9:c5:41:0d:
3a:1b:e9:6f:22:6d:f7:47:1f:7a:be:37:fc:c8:1e:a0:85:d2:
17:27:cf:34:38:16:9b:b8:ef:bc:e7:42:79:aa:60:97:19:96:
4d:d9:88:f9:47:20:f1:df:2d:22:40:c2:6b:dc:85:3c:58:cd:
e1:5d:9a:be:c9:d2:57:3c:ec:2c:58:93:4d:22:6a:9f:b7:1a:
a8:61:36:1a:be:22:74:6d:c8:9e:d0:dd:9f:3b:d6:ee:00:55:
6f:3f:f4:38:2b:cd:6d:cc:92:f8:66:6c:ca:35:52:fa:3e:c4:
3f:bc:58:38:a0:0e:44:b6:7d:43:46:36:b4:be:bc:cd:28:ac:
ac:f4:25:1f:fb:5f:89:94:4f:cd:bc:12:be:e6:36:fd:a8:08:
fb:1c:9c:11:2d:bf:74:50:ac:69:3d:a3:f7:a7:b2:4a:61:28:
26:0d:4b:89:13:8d:2f:f4:8d:97:1e:ed:7a:df:f0:85:d9:1b:
4f:0d:10:d9:5e:a3:42:ba:a8:bd:8f:e5:1b:81:92:50:f9:99:
37:ce:06:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtp19o8+wQubfsoQFFkgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjIwNjM4Y2ExZDgzNTY1MGUwOGRkY2YzNjNmMTA3ODli
NTMwNTcwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjgwZjQxNzU4ZGMzZDY2ZTkwY2ZlMzdhM2Y5NjQwNmIzOWRlZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hiNzWtG4eNNOAs7OlJacMPOB4m0
9iYPLaZASit4xFHN4YNa+jyQhRpJR3zTWPxsEVkRfWI//mPQOquaHA1KKnsFlHEp
zeGjngGy4VRcX6Hg4OcsUIzh1CE1uhnEMEoaU/1lBlTQYgo0QFcAqRAV8z53/vr6
8YBgcZ/jm7Mt/p8eWpXUqA081ApNjiF9ZTxxkaSehm5+DWZy/DsFC3rEOC7lrgjy
gBCE3/auBl5C/A6gRlRBLboo2OylrEthJMO+fkNe9UB1ZQ9N19ttLnUnnwCLZUB3
y6RaqG+aF6UtNbEcQIsGRqk48oyvgua17fWoe/Ecx8Zosgay8PCAOJTRfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJaA9BdY3D1m6Qz+N6P5ZAazne0bMB8GA1UdIwQY
MBaAFJBiBjjKHYNWUOCN3PNj8QeJtTBXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMt
YzQzYWM0MjllNTNmLzEvbG9EMEYxamNQV2JwRFA0M29fbGtCck9kN1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80MWFmMmQtZjNkZS00NWQ1LTk0MWMtYzQzYWM0MjllNTNm
LzEva0dJR09Nb2RnMVpRNEkzYzgyUHhCNG0xTUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAzsMwMA8E
AgACMAkDBwAqBFeBMAEwDQYJKoZIhvcNAQELBQADggEBAEepB/QUdDu1Bc9O0hqq
UIP3bMpaQxsF4U0UcZfKQaNUh2Gh+GwtSZ9CJuJPStyHN3kB6cVBDTob6W8ibfdH
H3q+N/zIHqCF0hcnzzQ4Fpu477znQnmqYJcZlk3ZiPlHIPHfLSJAwmvchTxYzeFd
mr7J0lc87CxYk00iap+3GqhhNhq+InRtyJ7Q3Z871u4AVW8/9DgrzW3MkvhmbMo1
Uvo+xD+8WDigDkS2fUNGNrS+vM0orKz0JR/7X4mUT828Er7mNv2oCPscnBEtv3RQ
rGk9o/enskphKCYNS4kTjS/0jZce7Xrf8IXZG08NENleo0K6qL2P5RuBklD5mTfO
Bmc=
-----END CERTIFICATE-----
Generated at Mon May 6 22:03:35 2024 by rpki-client on console-fra.rpki-client.org