Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/gfkJkQLR0cynNbBGBXHz9quPKFc.roa
File: gfkJkQLR0cynNbBGBXHz9quPKFc.roa (raw, json)
Hash identifier: hASvhKwt5Ti4v3i8zfWByq/MKG4WMYMLuYDE0SJK1fc=
Subject key identifier: 81:F9:09:91:02:D1:D1:CC:A7:35:B0:46:05:71:F3:F6:AB:8F:28:57
Certificate issuer: /CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Certificate serial: 018CC5DC2BDFEC8AA8C4704FFE74E7415289
Authority key identifier: 6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/gfkJkQLR0cynNbBGBXHz9quPKFc.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47526
IP address blocks: 86.109.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2b:df:ec:8a:a8:c4:70:4f:fe:74:e7:41:52:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc3e6cb2eb02fcc742baf91ab865c9b20d6484b
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81f9099102d1d1cca735b0460571f3f6ab8f2857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:06:09:10:67:35:1f:87:20:4d:42:f4:a4:df:
7a:16:b3:06:c6:8f:61:15:1e:38:95:58:1d:32:6f:
b2:26:9f:a2:94:f5:eb:c9:62:93:55:09:9d:d1:1f:
cc:9b:1c:c8:8c:01:c7:b4:cd:ea:53:ae:d6:5c:73:
52:f7:2c:5c:da:6d:81:63:22:a5:cc:5a:d0:67:55:
21:d4:17:cb:6f:3c:71:dd:e8:07:e2:48:61:39:de:
b6:1d:45:02:2f:dd:d6:01:34:7e:fa:55:c5:6b:0a:
dc:22:80:36:1f:81:f6:cc:de:c2:c5:3e:e8:18:6d:
1f:5f:e7:0e:c9:25:3a:c4:8c:17:2e:9c:e4:9a:d2:
98:ec:d6:88:ab:18:35:a1:8e:96:c2:46:49:dc:c9:
2c:a1:99:f2:8d:e0:df:cf:41:48:5e:d0:c0:43:46:
a0:c6:ee:6f:f9:d5:4e:8e:d7:6a:ea:c5:8f:f4:56:
16:35:fa:be:cd:ed:84:90:7c:62:1e:2c:73:8a:45:
ad:b8:96:5a:c2:e6:0a:c9:14:6f:a2:16:1a:b4:b7:
07:51:d2:b4:d1:79:35:4a:05:40:46:5c:11:50:0d:
ed:d1:90:df:fd:11:4e:07:07:32:32:3d:47:3a:d8:
e9:ba:37:e3:c4:bb:a9:c1:5b:1d:fc:b5:8e:40:79:
d4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F9:09:91:02:D1:D1:CC:A7:35:B0:46:05:71:F3:F6:AB:8F:28:57
X509v3 Authority Key Identifier:
keyid:6B:C3:E6:CB:2E:B0:2F:CC:74:2B:AF:91:AB:86:5C:9B:20:D6:48:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/gfkJkQLR0cynNbBGBXHz9quPKFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f5e440-100f-4933-aabf-11098aa2ebc3/1/a8Pmyy6wL8x0K6-Rq4ZcmyDWSEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:8c:06:bc:e0:33:01:ae:3e:c8:9e:d9:70:b6:8a:ec:55:f1:
19:be:25:3c:d6:25:66:da:b3:08:c5:b5:82:e6:2c:b5:91:d4:
4b:fb:54:86:a7:b2:c9:45:ba:be:e0:76:8c:8e:7a:9c:ae:ad:
93:e6:73:95:b0:dd:d5:4d:a3:82:de:d7:42:56:8e:c5:03:75:
72:58:df:51:6d:e6:85:bd:29:65:b2:14:98:f5:26:68:6d:94:
cc:7f:03:a4:57:73:a4:86:0f:cc:28:30:7b:2e:d2:eb:37:93:
32:72:54:ae:8f:60:85:7c:74:d8:98:ff:21:a1:04:d0:28:8f:
3e:24:65:48:82:b0:b9:58:d4:0f:42:d8:07:3f:00:bc:29:ff:
f7:3e:9e:9b:91:d9:fd:1d:5a:d2:74:fc:5b:c0:3e:3f:b5:77:
5e:35:f0:b5:02:f0:69:a3:8d:08:00:c1:d4:08:0d:ec:f8:00:
81:a1:f5:9c:75:2f:3f:5e:4e:35:8f:6e:c4:68:d8:36:a2:be:
37:94:f6:1d:e6:93:58:13:e4:e6:5a:b4:2e:05:bf:5b:21:47:
c3:9d:6f:be:0a:bd:1d:d3:74:74:a1:6f:3a:b0:c7:29:e3:48:
2e:5f:79:4b:39:69:dc:68:3b:2f:30:36:38:06:f9:19:98:a5:
8a:af:54:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Cvf7IqoxHBP/nTnQVKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzNlNmNiMmViMDJmY2M3NDJiYWY5MWFiODY1YzliMjBk
NjQ4NGIwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWY5MDk5MTAyZDFkMWNjYTczNWIwNDYwNTcxZjNmNmFiOGYyODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAYJEGc1H4cgTUL0pN96FrMGxo9h
FR44lVgdMm+yJp+ilPXryWKTVQmd0R/MmxzIjAHHtM3qU67WXHNS9yxc2m2BYyKl
zFrQZ1Uh1BfLbzxx3egH4khhOd62HUUCL93WATR++lXFawrcIoA2H4H2zN7CxT7o
GG0fX+cOySU6xIwXLpzkmtKY7NaIqxg1oY6WwkZJ3MksoZnyjeDfz0FIXtDAQ0ag
xu5v+dVOjtdq6sWP9FYWNfq+ze2EkHxiHixzikWtuJZawuYKyRRvohYatLcHUdK0
0Xk1SgVARlwRUA3t0ZDf/RFOBwcyMj1HOtjpujfjxLupwVsd/LWOQHnUnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIH5CZEC0dHMpzWwRgVx8/arjyhXMB8GA1UdIwQY
MBaAFGvD5ssusC/MdCuvkauGXJsg1khLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYt
MTEwOThhYTJlYmMzLzEvZ2ZrSmtRTFIwY3luTmJCR0JYSHo5cXVQS0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNWU0NDAtMTAwZi00OTMzLWFhYmYtMTEwOThhYTJlYmMz
LzEvYThQbXl5NndMOHgwSzYtUnE0WmNteURXU0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm3nMA0G
CSqGSIb3DQEBCwUAA4IBAQCKjAa84DMBrj7IntlwtorsVfEZviU81iVm2rMIxbWC
5iy1kdRL+1SGp7LJRbq+4HaMjnqcrq2T5nOVsN3VTaOC3tdCVo7FA3VyWN9RbeaF
vSllshSY9SZobZTMfwOkV3Okhg/MKDB7LtLrN5MyclSuj2CFfHTYmP8hoQTQKI8+
JGVIgrC5WNQPQtgHPwC8Kf/3Pp6bkdn9HVrSdPxbwD4/tXdeNfC1AvBpo40IAMHU
CA3s+ACBofWcdS8/Xk41j27EaNg2or43lPYd5pNYE+TmWrQuBb9bIUfDnW++Cr0d
03R0oW86sMcp40guX3lLOWncaDsvMDY4BvkZmKWKr1Sf
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:28:05 2024 by rpki-client on console-ams.rpki-client.org