Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/gvqxPPwx4AOOnIDp-PMQMS3YxWE.roa
File: gvqxPPwx4AOOnIDp-PMQMS3YxWE.roa (raw, json)
Hash identifier: B83XaZDlCehGsOqdmZqhTRFrWW+db/nAFhgCwjuaWa8=
Subject key identifier: 82:FA:B1:3C:FC:31:E0:03:8E:9C:80:E9:F8:F3:10:31:2D:D8:C5:61
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018FF2BB8AB6B2A9CEBBFC2186011755140B
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/gvqxPPwx4AOOnIDp-PMQMS3YxWE.roa
Signing time: Fri 07 Jun 2024 12:45:28 +0000
ROA not before: Fri 07 Jun 2024 12:45:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 185.82.216.0/22 maxlen: 22
195.123.224.0/21 maxlen: 21
217.12.202.0/23 maxlen: 23
2a02:27aa::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:bb:8a:b6:b2:a9:ce:bb:fc:21:86:01:17:55:14:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jun 7 12:45:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82fab13cfc31e0038e9c80e9f8f310312dd8c561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:2b:9d:51:65:d4:a7:7a:07:b9:a1:e3:2c:1a:
f3:eb:2b:e1:32:61:e0:b2:93:5f:b3:c2:b0:bd:9f:
68:bc:f3:40:47:56:a0:52:e8:fa:90:ce:d8:33:df:
fc:d4:ef:9b:4c:ea:10:95:0f:f5:2b:d3:b2:f1:f0:
df:10:ef:bf:a2:a9:fe:20:72:be:4c:87:43:f2:c8:
b0:3a:cf:cd:31:53:ba:f9:0f:ec:dd:7b:8c:92:ce:
7e:86:40:b3:64:c7:25:57:ed:2c:c5:74:b1:2e:2b:
d2:03:20:b7:02:f5:a2:1c:d8:a8:00:2c:b1:71:30:
1c:a6:2d:9a:66:4f:ec:11:39:6f:17:61:3c:80:f5:
03:d1:78:92:c0:95:7c:07:f6:c0:ee:96:2f:72:08:
47:ad:55:0e:69:79:55:b7:16:92:be:8b:b9:c5:3f:
19:42:ec:71:13:23:66:d1:da:d5:02:77:17:50:69:
ff:07:1c:53:a0:29:62:19:3c:ef:3a:50:76:ce:58:
ce:d1:37:5b:e3:69:cc:b4:84:f2:68:d5:74:56:c9:
e8:b3:e3:bb:3e:e2:d8:71:5f:41:01:7b:9e:c9:78:
83:87:6e:ad:c3:3f:7c:29:17:3d:b2:e6:c7:bf:9f:
c2:0e:7c:e6:7c:83:30:d6:66:03:a7:29:79:8e:67:
fa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FA:B1:3C:FC:31:E0:03:8E:9C:80:E9:F8:F3:10:31:2D:D8:C5:61
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/gvqxPPwx4AOOnIDp-PMQMS3YxWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.216.0/22
195.123.224.0/21
217.12.202.0/23
IPv6:
2a02:27aa::/32
Signature Algorithm: sha256WithRSAEncryption
53:5a:5a:59:b8:83:f0:ac:0e:b9:df:2f:f6:1a:d4:87:a8:00:
9f:78:68:f4:6c:42:4c:86:f2:52:83:23:bf:90:a1:fd:4d:f3:
f5:50:d2:52:06:0f:2c:0d:ac:e8:67:eb:18:03:bb:a5:91:dd:
87:0a:c0:4d:9e:be:64:8d:48:1c:fc:15:bf:3b:8b:d5:53:7c:
66:cc:b2:c6:18:71:94:d6:63:f0:e6:b9:43:f1:b2:8a:0a:58:
dc:02:74:c2:f9:56:55:81:54:8e:de:7e:1f:7b:f1:43:fe:77:
8d:10:bd:72:f9:60:df:ef:f0:40:33:05:3e:d3:9c:61:20:81:
7e:c0:f7:e2:3e:b2:e1:28:d3:91:5d:6b:50:0c:1a:b0:cb:c6:
b2:9d:f8:a0:22:35:f8:24:c9:d5:b0:bd:09:90:ec:5b:1d:9c:
8d:3c:a3:fc:32:c9:e9:7d:20:20:44:02:c2:17:b0:24:52:a8:
f1:34:41:85:2b:f1:bb:36:23:71:43:26:51:6f:d7:58:ac:58:
7e:0a:d3:4e:8f:2e:6f:69:d5:75:f2:d1:b7:5d:fb:64:f5:3c:
21:b6:31:1e:ff:49:e9:ad:14:3c:5c:77:3b:ec:c2:69:bc:90:
ff:30:98:53:fc:36:72:fd:ad:ca:2c:cf:f9:9e:ac:b8:45:a7:
10:45:08:8d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY/yu4q2sqnOu/whhgEXVRQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwNjA3MTI0NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmZhYjEzY2ZjMzFlMDAzOGU5YzgwZTlmOGYzMTAzMTJkZDhjNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4iudUWXUp3oHuaHjLBrz6yvhMmHg
spNfs8KwvZ9ovPNAR1agUuj6kM7YM9/81O+bTOoQlQ/1K9Oy8fDfEO+/oqn+IHK+
TIdD8siwOs/NMVO6+Q/s3XuMks5+hkCzZMclV+0sxXSxLivSAyC3AvWiHNioACyx
cTAcpi2aZk/sETlvF2E8gPUD0XiSwJV8B/bA7pYvcghHrVUOaXlVtxaSvou5xT8Z
QuxxEyNm0drVAncXUGn/BxxToCliGTzvOlB2zljO0Tdb42nMtITyaNV0Vsnos+O7
PuLYcV9BAXueyXiDh26twz98KRc9subHv5/CDnzmfIMw1mYDpyl5jmf6iQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIL6sTz8MeADjpyA6fjzEDEt2MVhMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvZ3ZxeFBQd3g0QU9PbklEcC1QTVFNUzNZeFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVLYAwQD
w3vgAwQB2QzKMA0EAgACMAcDBQAqAieqMA0GCSqGSIb3DQEBCwUAA4IBAQBTWlpZ
uIPwrA653y/2GtSHqACfeGj0bEJMhvJSgyO/kKH9TfP1UNJSBg8sDazoZ+sYA7ul
kd2HCsBNnr5kjUgc/BW/O4vVU3xmzLLGGHGU1mPw5rlD8bKKCljcAnTC+VZVgVSO
3n4fe/FD/neNEL1y+WDf7/BAMwU+05xhIIF+wPfiPrLhKNORXWtQDBqwy8aynfig
IjX4JMnVsL0JkOxbHZyNPKP8MsnpfSAgRALCF7AkUqjxNEGFK/G7NiNxQyZRb9dY
rFh+CtNOjy5vadV18tG3Xftk9TwhtjEe/0nprRQ8XHc77MJpvJD/MJhT/DZy/a3K
LM/5nqy4RacQRQiN
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:01:01 2024 by rpki-client on console-fra.rpki-client.org