Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/sG9QCECmwbS225jEPdJrJGg8JOg.roa
File: sG9QCECmwbS225jEPdJrJGg8JOg.roa (raw, json)
Hash identifier: fD8TdLRAW/bvC9eCvEbAkpeRHJhgic19Gq713W+jkXs=
Subject key identifier: B0:6F:50:08:40:A6:C1:B4:B6:DB:98:C4:3D:D2:6B:24:68:3C:24:E8
Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702
Certificate serial: 018CC3B6711A825901EFFFC462AF761E4CD2
Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/sG9QCECmwbS225jEPdJrJGg8JOg.roa
Signing time: Mon 01 Jan 2024 06:29:22 +0000
ROA not before: Mon 01 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51402
IP address blocks: 185.196.224.0/22 maxlen: 22
185.128.120.0/22 maxlen: 22
185.221.136.0/22 maxlen: 22
91.221.250.0/23 maxlen: 23
178.239.64.0/20 maxlen: 20
2a02:2760::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:71:1a:82:59:01:ef:ff:c4:62:af:76:1e:4c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702
Validity
Not Before: Jan 1 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b06f500840a6c1b4b6db98c43dd26b24683c24e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:27:df:1d:59:49:3a:6b:e9:fa:36:ee:0f:a0:
d4:3c:85:7e:98:1f:bf:48:d2:2f:db:c0:da:f5:a4:
29:14:a7:91:aa:0c:25:78:2f:a5:84:8f:e8:64:dc:
c0:5a:ae:c5:e6:2a:88:69:fd:65:14:87:97:eb:13:
9b:90:3e:19:c0:89:b8:84:f7:84:8d:8b:75:11:b7:
58:73:22:10:07:90:4d:d2:9d:07:3e:d8:1b:c1:6c:
43:fd:4d:a4:be:4d:07:13:c6:83:c2:e5:a3:c7:c5:
56:7e:e4:58:13:61:2b:79:4e:c8:52:e7:bc:d7:2b:
52:a1:7d:77:b9:2a:d7:1e:b8:07:76:7a:52:d4:89:
bb:10:41:93:c9:31:71:b6:62:e6:94:ce:85:a7:64:
e1:2e:fe:22:fe:c9:ac:4a:69:fb:5a:85:53:0d:3c:
6c:cb:4c:f4:ce:ea:f6:76:d8:69:85:ee:e5:e8:ed:
97:5d:d4:b2:e9:2c:a2:4c:3f:7c:b5:ca:ef:50:59:
fd:96:cf:d5:4f:47:8e:9b:fa:8b:5d:e6:1e:1f:5f:
88:a4:8e:4d:00:4d:de:c0:65:d5:7b:32:25:2b:e9:
cb:1b:3e:aa:6d:ba:dc:7e:9c:79:97:d3:e2:d9:3e:
82:f5:0e:d8:32:05:c4:33:b8:3b:9a:d1:33:a1:81:
ab:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:6F:50:08:40:A6:C1:B4:B6:DB:98:C4:3D:D2:6B:24:68:3C:24:E8
X509v3 Authority Key Identifier:
keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/sG9QCECmwbS225jEPdJrJGg8JOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.250.0/23
178.239.64.0/20
185.128.120.0/22
185.196.224.0/22
185.221.136.0/22
IPv6:
2a02:2760::/32
Signature Algorithm: sha256WithRSAEncryption
03:12:30:05:d1:5b:58:c8:6c:4a:2a:3d:ed:ef:52:4f:f4:d2:
a4:7a:07:3d:79:f6:c5:8c:e9:01:6c:e8:43:e1:f5:77:87:06:
f7:8b:8a:ef:61:28:8e:fc:30:0b:0d:cc:69:b1:8b:ce:b4:e9:
2e:76:58:92:f1:f7:9a:fd:2f:51:c3:df:7a:91:07:23:14:34:
c7:0f:d7:83:33:d5:7d:88:1e:f3:ae:66:1e:88:25:e3:95:77:
7e:7b:7a:af:4d:b4:43:a6:99:21:c4:d7:00:3b:28:36:3b:38:
43:6c:c7:e0:94:78:c5:ce:da:24:a1:4f:97:2a:48:46:1b:19:
00:36:7a:d4:a3:94:1b:83:d0:84:62:61:b3:71:ce:19:47:7d:
1d:4f:51:65:88:78:f7:50:e7:21:09:48:ab:cb:c5:9a:0e:5b:
11:e2:7c:0e:c6:3d:c5:2f:68:7e:54:b6:87:71:e3:82:6d:95:
87:e8:db:13:15:fc:8a:de:b1:b0:08:15:ae:bd:ca:34:e1:87:
1f:e2:61:10:b0:2c:5b:ac:0a:45:a0:fa:01:4b:76:b6:c9:32:
18:4e:f6:cb:78:16:85:11:57:3f:6b:fc:71:b6:e0:81:9d:df:
66:32:b4:5a:3b:d7:77:c1:72:ef:05:36:0c:2d:fb:4a:a4:d6:
55:0f:6f:74
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDtnEaglkB7//EYq92HkzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOGRmOTk4MjRjZTY3YjBjYjVmODdmYzQ2NTk5ZTEzYWRl
YTU3MDIwHhcNMjQwMTAxMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDZmNTAwODQwYTZjMWI0YjZkYjk4YzQzZGQyNmIyNDY4M2MyNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCffHVlJOmvp+jbuD6DUPIV+mB+/
SNIv28Da9aQpFKeRqgwleC+lhI/oZNzAWq7F5iqIaf1lFIeX6xObkD4ZwIm4hPeE
jYt1EbdYcyIQB5BN0p0HPtgbwWxD/U2kvk0HE8aDwuWjx8VWfuRYE2EreU7IUue8
1ytSoX13uSrXHrgHdnpS1Im7EEGTyTFxtmLmlM6Fp2ThLv4i/smsSmn7WoVTDTxs
y0z0zur2dthphe7l6O2XXdSy6SyiTD98tcrvUFn9ls/VT0eOm/qLXeYeH1+IpI5N
AE3ewGXVezIlK+nLGz6qbbrcfpx5l9Pi2T6C9Q7YMgXEM7g7mtEzoYGrcQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLBvUAhApsG0ttuYxD3SayRoPCToMB8GA1UdIwQY
MBaAFEKN+Zgkzmewy1+H/EZZnhOt6lcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEt
ZjIyNzQ5NjVjMDk1LzEvc0c5UUNFQ213YlMyMjVqRVBkSnJKR2c4Sk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEtZjIyNzQ5NjVjMDk1
LzEvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBW936AwQE
su9AAwQCuYB4AwQCucTgAwQCud2IMA0EAgACMAcDBQAqAidgMA0GCSqGSIb3DQEB
CwUAA4IBAQADEjAF0VtYyGxKKj3t71JP9NKkegc9efbFjOkBbOhD4fV3hwb3i4rv
YSiO/DALDcxpsYvOtOkudliS8fea/S9Rw996kQcjFDTHD9eDM9V9iB7zrmYeiCXj
lXd+e3qvTbRDppkhxNcAOyg2OzhDbMfglHjFztokoU+XKkhGGxkANnrUo5Qbg9CE
YmGzcc4ZR30dT1FliHj3UOchCUiry8WaDlsR4nwOxj3FL2h+VLaHceOCbZWH6NsT
FfyK3rGwCBWuvco04Ycf4mEQsCxbrApFoPoBS3a2yTIYTvbLeBaFEVc/a/xxtuCB
nd9mMrRaO9d3wXLvBTYMLftKpNZVD290
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:40:47 2024 by rpki-client on console-ams.rpki-client.org