Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/GbDz948rsZKnik_LlTJ0TAGVAq8.roa
File: GbDz948rsZKnik_LlTJ0TAGVAq8.roa (raw, json)
Hash identifier: uTa0079vvE19h6j8ArDFfaKLsOJfxl03kVqhNr6DTis=
Subject key identifier: 19:B0:F3:F7:8F:2B:B1:92:A7:8A:4F:CB:95:32:74:4C:01:95:02:AF
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC794201B7F444F0A7F0B9789E793913B
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/GbDz948rsZKnik_LlTJ0TAGVAq8.roa
Signing time: Tue 02 Jan 2024 00:30:22 +0000
ROA not before: Tue 02 Jan 2024 00:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5522
IP address blocks: 85.206.40.0/22 maxlen: 24
2a00:1eb8:e006::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:20:1b:7f:44:4f:0a:7f:0b:97:89:e7:93:91:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19b0f3f78f2bb192a78a4fcb9532744c019502af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0d:e9:99:57:4f:5d:cf:3f:b1:24:ae:ec:89:
43:1e:5a:96:e6:98:d9:af:70:c9:49:62:51:be:19:
d4:03:a3:7b:99:bb:f9:3e:50:45:b9:75:94:6e:3c:
2c:91:1f:59:f3:bf:73:dd:77:ce:6d:a3:3d:7d:2b:
0c:4a:92:11:23:8f:c2:eb:c6:62:0a:82:3f:a0:71:
43:4c:9a:6f:23:e8:bc:2e:a9:d0:c5:09:af:a2:8f:
17:96:29:73:ce:87:b6:0d:f0:fe:8f:38:3d:a3:f1:
97:1b:f6:83:da:42:fe:59:e9:21:a8:04:92:88:44:
60:c3:49:b5:99:88:2f:e4:e7:bf:8b:5b:61:a4:8c:
82:4f:f3:82:a4:8c:4d:42:61:18:fb:1e:6b:d9:d6:
c9:37:e6:2f:40:90:64:9a:1d:d7:ed:16:1a:fe:1c:
06:4d:84:31:39:c1:05:74:00:f4:e9:4e:6a:0d:4d:
66:ff:76:85:49:71:94:3d:5c:62:dc:dc:22:1d:f1:
9c:7d:4f:f3:a7:f0:8d:5e:b0:f5:15:70:38:c9:ed:
95:0a:17:6e:00:b3:02:70:98:97:43:98:16:7b:4f:
60:5e:84:77:3f:b6:9a:f6:b1:91:ed:e9:fc:1e:13:
94:8f:70:d9:9d:75:0d:5d:eb:d3:14:0c:6b:d9:7a:
de:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B0:F3:F7:8F:2B:B1:92:A7:8A:4F:CB:95:32:74:4C:01:95:02:AF
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/GbDz948rsZKnik_LlTJ0TAGVAq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.40.0/22
IPv6:
2a00:1eb8:e006::/48
Signature Algorithm: sha256WithRSAEncryption
44:fd:54:38:8c:df:b5:a0:98:7f:bf:1b:b3:27:bd:6e:42:bc:
b2:7f:c8:83:dd:fb:c5:f2:62:79:b3:a2:8c:c3:ab:6c:14:31:
2c:d8:2e:ba:2c:8b:97:e1:21:1a:35:a4:33:21:12:0c:76:ee:
a7:9d:bd:2d:ff:09:ce:e3:5a:68:5b:24:27:10:bb:39:83:d7:
dd:d9:75:61:60:98:79:2e:b6:c3:7f:cd:e7:9e:90:9b:8c:44:
20:f8:98:d2:6f:3c:1c:47:f6:d9:4c:19:0b:ca:7c:7c:c0:1f:
63:04:b4:dd:bf:a8:f5:ca:e3:68:22:9a:89:3b:86:57:c1:46:
05:11:40:bc:17:32:f0:2b:30:2e:2a:e1:80:b5:41:3e:70:aa:
6d:7d:db:8b:23:a0:bb:0f:5d:c9:56:2e:fa:2a:ee:8c:80:da:
b3:40:d3:05:7e:9e:22:af:bc:00:de:d4:08:9b:cd:65:16:61:
30:1a:b2:5a:9f:e5:bc:2b:51:1b:3b:36:30:bf:c3:30:a0:a1:
08:9b:85:bd:3b:78:66:e7:cb:59:3d:54:a6:88:53:c8:d1:27:
ac:13:0a:a1:4b:12:b7:af:b8:ff:cf:fa:3a:14:2b:36:c8:19:
e4:36:d6:47:bc:b5:ad:cc:0e:39:f9:25:ec:15:5e:40:63:8e:
d0:63:d6:18
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzHlCAbf0RPCn8Ll4nnk5E7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWIwZjNmNzhmMmJiMTkyYTc4YTRmY2I5NTMyNzQ0YzAxOTUwMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ3pmVdPXc8/sSSu7IlDHlqW5pjZ
r3DJSWJRvhnUA6N7mbv5PlBFuXWUbjwskR9Z879z3XfObaM9fSsMSpIRI4/C68Zi
CoI/oHFDTJpvI+i8LqnQxQmvoo8Xlilzzoe2DfD+jzg9o/GXG/aD2kL+WekhqASS
iERgw0m1mYgv5Oe/i1thpIyCT/OCpIxNQmEY+x5r2dbJN+YvQJBkmh3X7RYa/hwG
TYQxOcEFdAD06U5qDU1m/3aFSXGUPVxi3NwiHfGcfU/zp/CNXrD1FXA4ye2VChdu
ALMCcJiXQ5gWe09gXoR3P7aa9rGR7en8HhOUj3DZnXUNXevTFAxr2XretwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFBmw8/ePK7GSp4pPy5UydEwBlQKvMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL0diRHo5NDhyc1pLbmlrX0xsVEowVEFHVkFxOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAJVzigw
DwQCAAIwCQMHACoAHrjgBjANBgkqhkiG9w0BAQsFAAOCAQEARP1UOIzftaCYf78b
sye9bkK8sn/Ig937xfJiebOijMOrbBQxLNguuiyLl+EhGjWkMyESDHbup529Lf8J
zuNaaFskJxC7OYPX3dl1YWCYeS62w3/N556Qm4xEIPiY0m88HEf22UwZC8p8fMAf
YwS03b+o9crjaCKaiTuGV8FGBRFAvBcy8CswLirhgLVBPnCqbX3biyOguw9dyVYu
+irujIDas0DTBX6eIq+8AN7UCJvNZRZhMBqyWp/lvCtRGzs2ML/DMKChCJuFvTt4
ZufLWT1UpohTyNEnrBMKoUsSt6+4/8/6OhQrNsgZ5DbWR7y1rcwOOfkl7BVeQGOO
0GPWGA==
-----END CERTIFICATE-----
Generated at Mon Jun 3 16:18:03 2024 by rpki-client on console-fra.rpki-client.org