Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/GWM0nFpmI3o08CC_HYn49BLnSDU.roa
File: GWM0nFpmI3o08CC_HYn49BLnSDU.roa (raw, json)
Hash identifier: DvqBI9VFXpIATXkqlETJpAy2gj/5N11Anc7wNJQOmxs=
Subject key identifier: 19:63:34:9C:5A:66:23:7A:34:F0:20:BF:1D:89:F8:F4:12:E7:48:35
Certificate issuer: /CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Certificate serial: 018CC492261BD9B220219F5EB581F82C3350
Authority key identifier: 9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/GWM0nFpmI3o08CC_HYn49BLnSDU.roa
Signing time: Mon 01 Jan 2024 10:29:21 +0000
ROA not before: Mon 01 Jan 2024 10:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39862
IP address blocks: 193.34.141.0/24 maxlen: 24
193.34.140.0/24 maxlen: 24
194.50.254.0/24 maxlen: 24
45.132.95.0/24 maxlen: 24
45.132.92.0/24 maxlen: 24
45.132.94.0/24 maxlen: 24
45.132.93.0/24 maxlen: 24
2a0e:69c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:03:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:26:1b:d9:b2:20:21:9f:5e:b5:81:f8:2c:33:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a8053bcd2c4d8a7a2a325e2b7464166a5e48ddd
Validity
Not Before: Jan 1 10:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1963349c5a66237a34f020bf1d89f8f412e74835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c8:a8:a2:99:bf:a9:fd:9a:eb:c4:aa:00:fc:
d1:d0:68:21:27:97:69:4f:bc:23:81:a6:81:06:c7:
1f:fa:2e:4c:f3:0f:c4:f9:b0:b6:3b:84:48:68:89:
d9:c0:f3:6a:90:cb:35:c0:80:35:7d:30:67:e1:35:
4e:b2:a8:d0:68:6b:10:6f:07:14:b6:02:a5:cd:3a:
bf:ff:03:93:49:68:e8:e1:4b:b8:40:af:96:56:78:
a4:81:bd:da:37:cf:8a:4a:57:89:65:0c:9a:bf:21:
96:09:a6:18:7e:98:8c:ed:f3:e9:db:a9:7c:52:14:
bb:99:f8:02:bd:ea:6b:9a:9e:3e:3e:5a:67:ca:ee:
85:5b:47:71:20:4c:a4:b8:36:bb:02:ac:b9:74:01:
87:89:94:93:13:5b:02:2e:1f:fc:ca:eb:d4:29:fc:
9b:15:e0:df:7c:1d:56:f8:ea:d6:63:e2:5a:69:5c:
c5:6f:7a:44:fb:5b:b1:79:dd:34:11:98:04:8f:35:
f0:0a:67:03:89:4e:dd:bc:af:8f:be:2f:c9:e1:53:
0c:32:78:6d:2e:fa:f3:cd:77:b9:8b:71:58:c1:dd:
19:ff:84:8b:94:33:8d:12:ca:a2:d3:4b:7c:16:d0:
f2:52:da:f3:07:00:7d:90:fd:d9:6a:1d:6b:ff:7d:
f2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:63:34:9C:5A:66:23:7A:34:F0:20:BF:1D:89:F8:F4:12:E7:48:35
X509v3 Authority Key Identifier:
keyid:9A:80:53:BC:D2:C4:D8:A7:A2:A3:25:E2:B7:46:41:66:A5:E4:8D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/moBTvNLE2KeioyXit0ZBZqXkjd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/GWM0nFpmI3o08CC_HYn49BLnSDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/d96189-eee1-4e9f-9d60-95e8d8293098/1/moBTvNLE2KeioyXit0ZBZqXkjd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.92.0/22
193.34.140.0/23
194.50.254.0/24
IPv6:
2a0e:69c0::/48
Signature Algorithm: sha256WithRSAEncryption
cc:72:bd:6b:60:1a:8c:00:a3:c3:05:a8:65:e2:59:f9:cc:72:
ef:8d:e9:af:25:16:51:98:ec:4a:dd:a6:54:91:c8:ac:5f:9c:
5e:27:15:92:c4:3c:07:6a:26:2b:b0:5c:41:c3:9b:94:9c:88:
bd:a7:75:48:86:62:41:ca:e4:83:70:15:52:66:1c:49:7c:a4:
59:44:58:99:11:b9:49:0d:b7:17:dd:c3:b4:7d:10:9f:c9:a9:
63:0e:93:d2:0c:c9:ad:b4:64:25:13:d4:84:e1:17:21:8f:dc:
31:bd:65:e4:ed:fe:1c:a2:8e:7c:46:9c:31:e4:30:28:3e:94:
ca:6c:0a:be:6d:10:dc:4d:c4:12:16:5f:91:1b:71:9b:c0:4d:
11:05:2b:12:a3:75:3a:63:17:79:b8:39:a8:15:f1:c8:35:3d:
4a:e4:25:14:bc:f5:3a:13:71:7d:73:ec:d2:11:27:e8:14:63:
6a:e8:ba:38:87:03:05:be:8f:2f:2b:f6:81:8e:b3:e6:c0:8b:
4a:38:02:5f:f7:75:e1:75:c0:c1:85:84:88:c7:79:7e:ac:6f:
a4:51:25:bb:98:11:29:51:e9:1e:d0:ff:c1:66:c8:7e:85:a0:
b6:c5:b7:23:7a:fc:26:4d:67:ff:9c:64:71:e6:fa:d7:c4:a0:
f2:b0:a5:54
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEkiYb2bIgIZ9etYH4LDNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhODA1M2JjZDJjNGQ4YTdhMmEzMjVlMmI3NDY0MTY2YTVl
NDhkZGQwHhcNMjQwMTAxMTAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTYzMzQ5YzVhNjYyMzdhMzRmMDIwYmYxZDg5ZjhmNDEyZTc0ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcioopm/qf2a68SqAPzR0GghJ5dp
T7wjgaaBBscf+i5M8w/E+bC2O4RIaInZwPNqkMs1wIA1fTBn4TVOsqjQaGsQbwcU
tgKlzTq//wOTSWjo4Uu4QK+WVnikgb3aN8+KSleJZQyavyGWCaYYfpiM7fPp26l8
UhS7mfgCveprmp4+Plpnyu6FW0dxIEykuDa7Aqy5dAGHiZSTE1sCLh/8yuvUKfyb
FeDffB1W+OrWY+JaaVzFb3pE+1uxed00EZgEjzXwCmcDiU7dvK+Pvi/J4VMMMnht
LvrzzXe5i3FYwd0Z/4SLlDONEsqi00t8FtDyUtrzBwB9kP3Zah1r/33yswIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBljNJxaZiN6NPAgvx2J+PQS50g1MB8GA1UdIwQY
MBaAFJqAU7zSxNinoqMl4rdGQWal5I3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAt
OTVlOGQ4MjkzMDk4LzEvR1dNMG5GcG1JM28wOENDX0hZbjQ5QkxuU0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kOTYxODktZWVlMS00ZTlmLTlkNjAtOTVlOGQ4MjkzMDk4
LzEvbW9CVHZOTEUyS2Vpb3lYaXQwWkJacVhramQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCLYRcAwQB
wSKMAwQAwjL+MA8EAgACMAkDBwAqDmnAAAAwDQYJKoZIhvcNAQELBQADggEBAMxy
vWtgGowAo8MFqGXiWfnMcu+N6a8lFlGY7ErdplSRyKxfnF4nFZLEPAdqJiuwXEHD
m5SciL2ndUiGYkHK5INwFVJmHEl8pFlEWJkRuUkNtxfdw7R9EJ/JqWMOk9IMya20
ZCUT1IThFyGP3DG9ZeTt/hyijnxGnDHkMCg+lMpsCr5tENxNxBIWX5EbcZvATREF
KxKjdTpjF3m4OagV8cg1PUrkJRS89ToTcX1z7NIRJ+gUY2roujiHAwW+jy8r9oGO
s+bAi0o4Al/3deF1wMGFhIjHeX6sb6RRJbuYESlR6R7Q/8FmyH6FoLbFtyN6/CZN
Z/+cZHHm+tfEoPKwpVQ=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:05:51 2024 by rpki-client on console-fra.rpki-client.org