Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/GqPKIDEsULX48rDiohiJlTWrKro.roa
File: GqPKIDEsULX48rDiohiJlTWrKro.roa (raw, json)
Hash identifier: AADRuuapgj5skhavM8gNUXPvC7IACHxRCUt97wQEieg=
Subject key identifier: 1A:A3:CA:20:31:2C:50:B5:F8:F2:B0:E2:A2:18:89:95:35:AB:2A:BA
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 0191B23A7BAEFC36FF42315F0B902126EF43
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/GqPKIDEsULX48rDiohiJlTWrKro.roa
Signing time: Mon 02 Sep 2024 10:14:22 +0000
ROA not before: Mon 02 Sep 2024 10:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211995
IP address blocks: 46.22.225.0/24 maxlen: 24
46.22.226.0/24 maxlen: 24
46.22.227.0/24 maxlen: 24
46.22.228.0/24 maxlen: 24
46.22.229.0/24 maxlen: 24
46.22.230.0/24 maxlen: 24
46.22.231.0/24 maxlen: 24
46.22.232.0/24 maxlen: 24
46.22.233.0/24 maxlen: 24
46.22.234.0/24 maxlen: 24
46.22.235.0/24 maxlen: 24
46.22.236.0/24 maxlen: 24
46.22.237.0/24 maxlen: 24
46.22.238.0/24 maxlen: 24
46.22.239.0/24 maxlen: 24
46.28.237.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
109.237.112.0/20 maxlen: 20
109.237.112.0/24 maxlen: 24
109.237.113.0/24 maxlen: 24
109.237.114.0/24 maxlen: 24
185.55.36.0/22 maxlen: 22
185.55.36.0/24 maxlen: 24
185.55.37.0/24 maxlen: 24
185.55.38.0/24 maxlen: 24
185.55.39.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
194.164.222.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.mft
rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:3a:7b:ae:fc:36:ff:42:31:5f:0b:90:21:26:ef:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Sep 2 10:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1aa3ca20312c50b5f8f2b0e2a218899535ab2aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:ed:29:80:9c:98:6d:bf:ea:2b:8b:fb:3f:
1b:f6:eb:c6:3e:3b:3f:e5:14:cb:78:9d:1a:fb:67:
dd:8b:13:30:30:bb:e0:dc:fb:48:ac:d6:a6:47:1e:
ec:9b:af:74:ed:3e:54:2d:cf:2a:1d:de:72:db:2a:
b4:aa:8f:46:c7:9a:b7:ae:b5:1a:2e:74:c3:aa:50:
19:3b:35:7c:74:8b:47:0f:5c:2b:eb:88:e8:13:db:
b5:c0:8a:60:f8:99:f9:f5:e0:f0:d5:82:50:b2:65:
d5:b3:6c:87:af:29:ff:a1:9e:5c:be:9a:ba:a2:e9:
6c:ae:ff:a3:e7:9a:e5:33:2e:26:9b:46:69:02:44:
ef:ea:67:3c:40:23:02:72:d6:d6:0b:6a:e6:87:c7:
0f:3c:6e:f8:3e:9b:e1:22:34:3d:36:1c:64:3a:c8:
79:38:21:ad:7d:15:25:70:ad:71:94:5c:1f:71:60:
7b:7c:50:78:1a:3c:70:c5:5f:28:b2:e2:f6:4f:97:
be:f9:f4:51:74:64:b8:5d:e0:0f:e1:47:73:7c:c2:
32:87:ec:3b:28:e0:00:bb:be:61:5b:8f:ac:57:b7:
2d:8b:2a:b8:18:a9:20:75:9a:2e:b2:5c:a4:3c:ac:
22:19:ac:17:82:90:39:54:d5:f8:b7:37:fc:ac:4f:
2b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A3:CA:20:31:2C:50:B5:F8:F2:B0:E2:A2:18:89:95:35:AB:2A:BA
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/GqPKIDEsULX48rDiohiJlTWrKro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.225.0-46.22.239.255
46.28.237.0/24
93.114.130.0/24
109.237.112.0/20
185.55.36.0/22
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
194.164.222.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
d8:99:d6:88:c4:4b:11:d9:24:c6:2e:e4:c6:20:48:b0:d0:41:
e9:a9:1c:37:ba:01:0a:b5:83:96:20:9f:aa:d2:af:87:70:b1:
b3:a6:b0:a3:53:6a:d2:dd:9c:bf:53:b1:51:c5:f7:f6:d7:53:
7f:17:ba:21:30:f5:09:94:81:2c:fc:69:99:93:c5:1e:38:04:
62:6a:d1:9c:c3:65:e3:f5:f9:5f:c0:84:2e:fc:aa:46:9b:7e:
ea:dc:b3:90:e5:2c:61:aa:af:60:3d:69:42:5c:da:79:5b:d7:
e5:d7:eb:4d:75:4f:f7:60:00:57:8d:40:32:60:37:d9:fb:7b:
6a:f7:e1:ea:6f:a6:91:0f:59:9d:69:d1:1c:07:30:d4:50:6b:
14:5e:c1:53:9a:6c:81:fd:28:dd:c8:34:11:de:ce:c9:cd:53:
99:eb:c2:29:a4:0c:c1:69:2e:c8:da:8b:86:a1:61:f8:88:32:
ac:b0:53:4b:5b:63:a4:b3:b7:d7:c9:83:56:46:0c:22:b6:bc:
0a:2a:00:f3:1d:86:a0:89:b5:c7:ca:b9:d3:d7:1c:a4:f4:8c:
b6:2c:47:53:8a:f6:19:54:0c:9c:38:eb:d9:93:fc:ce:cb:98:
90:1f:ce:dd:50:16:57:08:cb:0c:a9:76:76:d0:e0:be:79:52:
be:e8:fc:a4
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZGyOnuu/Db/QjFfC5AhJu9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjQwOTAyMTAxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWEzY2EyMDMxMmM1MGI1ZjhmMmIwZTJhMjE4ODk5NTM1YWIyYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpjtKYCcmG2/6iuL+z8b9uvGPjs/
5RTLeJ0a+2fdixMwMLvg3PtIrNamRx7sm6907T5ULc8qHd5y2yq0qo9Gx5q3rrUa
LnTDqlAZOzV8dItHD1wr64joE9u1wIpg+Jn59eDw1YJQsmXVs2yHryn/oZ5cvpq6
oulsrv+j55rlMy4mm0ZpAkTv6mc8QCMCctbWC2rmh8cPPG74PpvhIjQ9NhxkOsh5
OCGtfRUlcK1xlFwfcWB7fFB4GjxwxV8osuL2T5e++fRRdGS4XeAP4UdzfMIyh+w7
KOAAu75hW4+sV7ctiyq4GKkgdZouslykPKwiGawXgpA5VNX4tzf8rE8rXQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFBqjyiAxLFC1+PKw4qIYiZU1qyq6MB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvR3FQS0lERXNVTFg0OHJEaW9oaUpsVFdyS3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEMAwDBAAuFuED
BAQuFuADBAAuHO0DBABdcoIDBARt7XADBAK5NyQDBAC5TQMDBAC5iM8DBAC56SMD
BADCpN4DBADVjp4wDQQCAAIwBwMFAyoQ2IAwDQYJKoZIhvcNAQELBQADggEBANiZ
1ojESxHZJMYu5MYgSLDQQempHDe6AQq1g5Ygn6rSr4dwsbOmsKNTatLdnL9TsVHF
9/bXU38XuiEw9QmUgSz8aZmTxR44BGJq0ZzDZeP1+V/AhC78qkabfurcs5DlLGGq
r2A9aUJc2nlb1+XX6011T/dgAFeNQDJgN9n7e2r34epvppEPWZ1p0RwHMNRQaxRe
wVOabIH9KN3INBHezsnNU5nrwimkDMFpLsjai4ahYfiIMqywU0tbY6Szt9fJg1ZG
DCK2vAoqAPMdhqCJtcfKudPXHKT0jLYsR1OK9hlUDJw469mT/M7LmJAfzt1QFlcI
ywypdnbQ4L55Ur7o/KQ=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:04:42 2024 by rpki-client on console-fra.rpki-client.org