Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/Ge5blTQF-ymuD8krUrsyS3HGb74.roa
File: Ge5blTQF-ymuD8krUrsyS3HGb74.roa (raw, json)
Hash identifier: xRAWp1ydjGVB3kFWy9sN2YH8sarrdDg97QQoTnv6uZo=
Subject key identifier: 19:EE:5B:95:34:05:FB:29:AE:0F:C9:2B:52:BB:32:4B:71:C6:6F:BE
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018F158D9DAE395BC35B33AB50379F843BB9
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/Ge5blTQF-ymuD8krUrsyS3HGb74.roa
Signing time: Thu 25 Apr 2024 13:59:13 +0000
ROA not before: Thu 25 Apr 2024 13:59:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64236
IP address blocks: 45.81.150.0/24 maxlen: 24
45.92.29.0/24 maxlen: 24
85.209.84.0/23 maxlen: 23
85.209.87.0/24 maxlen: 24
185.191.228.0/23 maxlen: 23
185.191.231.0/24 maxlen: 24
185.199.224.0/23 maxlen: 23
185.199.226.0/24 maxlen: 24
185.202.172.0/23 maxlen: 23
185.215.148.0/24 maxlen: 24
185.215.150.0/23 maxlen: 23
185.215.150.0/24 maxlen: 24
185.218.235.0/24 maxlen: 24
185.235.14.0/23 maxlen: 23
193.39.185.0/24 maxlen: 24
193.39.186.0/24 maxlen: 24
212.162.148.0/22 maxlen: 22
2a0b:aac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:8d:9d:ae:39:5b:c3:5b:33:ab:50:37:9f:84:3b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Apr 25 13:59:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19ee5b953405fb29ae0fc92b52bb324b71c66fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:bb:b2:ce:49:0b:95:c5:6b:04:b5:de:af:d9:
75:97:88:92:b6:a0:9c:cb:3d:a0:3e:84:0f:bf:29:
24:9e:ec:9e:d2:8e:9a:bc:0d:1d:fa:5a:1c:9b:7f:
f3:0b:c9:fd:e3:50:34:1a:37:7a:b3:e4:94:d8:36:
82:1f:f3:36:fa:04:34:3f:a9:1d:f2:e4:84:f9:dd:
4b:ab:bf:1c:39:b9:63:3d:21:e0:32:5f:64:2a:ae:
35:ee:fe:37:b2:a5:67:d4:58:92:24:dc:4d:4f:22:
7c:2a:e7:78:4c:bf:f8:bd:0d:1c:18:26:ee:47:fa:
be:21:57:a5:69:fa:fe:c7:25:32:6a:40:46:65:1f:
ab:d0:34:bc:51:06:87:b6:f2:5b:13:93:ed:26:88:
d0:28:86:17:9a:50:62:0b:03:16:f2:17:02:95:68:
82:6b:58:f4:cc:83:62:c7:08:8e:7d:c0:8a:9f:3b:
2d:95:e3:ec:92:f1:7a:fc:e9:d5:08:d3:c1:49:04:
87:93:c7:bf:79:17:77:74:16:5b:de:54:62:ef:c8:
96:b6:80:6d:e3:c4:f8:3a:04:aa:0d:d9:e9:56:4d:
27:86:a5:82:f0:63:05:70:a6:ba:0b:11:a2:c6:74:
a3:f3:67:ad:67:1c:2d:d4:8a:f4:fc:79:c5:6f:4b:
d1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EE:5B:95:34:05:FB:29:AE:0F:C9:2B:52:BB:32:4B:71:C6:6F:BE
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/Ge5blTQF-ymuD8krUrsyS3HGb74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.150.0/24
45.92.29.0/24
85.209.84.0/23
85.209.87.0/24
185.191.228.0/23
185.191.231.0/24
185.199.224.0-185.199.226.255
185.202.172.0/23
185.215.148.0/24
185.215.150.0/23
185.218.235.0/24
185.235.14.0/23
193.39.185.0-193.39.186.255
212.162.148.0/22
IPv6:
2a0b:aac0::/29
Signature Algorithm: sha256WithRSAEncryption
07:34:29:57:d4:68:b3:d1:2c:7b:96:b6:f3:b3:78:8f:d2:c9:
33:2c:3e:e8:04:40:15:c7:9c:45:ac:8b:19:80:a1:4d:c6:bf:
1d:26:f9:19:00:8e:78:e2:9f:03:bd:5f:25:70:ea:4a:d7:96:
93:d5:cc:f1:c8:41:c3:ad:fa:5d:b6:6e:16:37:2a:a5:2e:32:
c8:f6:99:96:2a:dc:0c:27:4a:f0:7a:a2:52:35:ee:2e:13:e7:
8d:66:b3:88:e3:cc:fd:60:75:ec:7d:84:9b:e6:b3:24:10:b6:
5e:1a:3c:5f:55:78:44:ab:ca:0b:ef:e6:50:b3:65:96:97:04:
5a:aa:a2:79:69:cb:8a:ee:f4:c0:be:f0:fd:3d:5d:6f:b8:7e:
25:b9:82:2e:07:d2:6a:fe:56:2c:d8:1b:d8:9b:b2:86:85:3a:
37:97:01:e2:d1:f2:b3:db:ae:03:db:96:52:0a:ca:b4:34:fd:
ee:0e:23:fa:c6:3e:cc:06:d5:30:26:0f:d9:c6:db:f4:49:f2:
78:cc:b5:6b:60:a9:49:1b:75:79:f9:4b:99:94:18:48:bc:92:
ad:20:34:8d:44:95:90:37:7c:4c:a2:c6:eb:f6:de:57:b6:6f:
7c:50:49:7e:9d:c4:27:33:75:e3:d9:ae:c0:76:c3:44:ee:16:
74:3f:cf:31
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAY8VjZ2uOVvDWzOrUDefhDu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwNDI1MTM1OTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWVlNWI5NTM0MDVmYjI5YWUwZmM5MmI1MmJiMzI0YjcxYzY2ZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobuyzkkLlcVrBLXer9l1l4iStqCc
yz2gPoQPvykknuye0o6avA0d+locm3/zC8n941A0Gjd6s+SU2DaCH/M2+gQ0P6kd
8uSE+d1Lq78cObljPSHgMl9kKq417v43sqVn1FiSJNxNTyJ8Kud4TL/4vQ0cGCbu
R/q+IVelafr+xyUyakBGZR+r0DS8UQaHtvJbE5PtJojQKIYXmlBiCwMW8hcClWiC
a1j0zINixwiOfcCKnzstlePskvF6/OnVCNPBSQSHk8e/eRd3dBZb3lRi78iWtoBt
48T4OgSqDdnpVk0nhqWC8GMFcKa6CxGixnSj82etZxwt1Ir0/HnFb0vRgQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFBnuW5U0Bfsprg/JK1K7Mktxxm++MB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvR2U1YmxUUUYteW11RDhrclVyc3lTM0hHYjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZAMEAC1RlgME
AC1cHQMEAVXRVAMEAFXRVwMEAbm/5AMEALm/5zAMAwQFucfgAwQAucfiAwQBucqs
AwQAudeUAwQBudeWAwQAudrrAwQBuesOMAwDBADBJ7kDBADBJ7oDBALUopQwDQQC
AAIwBwMFAyoLqsAwDQYJKoZIhvcNAQELBQADggEBAAc0KVfUaLPRLHuWtvOzeI/S
yTMsPugEQBXHnEWsixmAoU3Gvx0m+RkAjnjinwO9XyVw6krXlpPVzPHIQcOt+l22
bhY3KqUuMsj2mZYq3AwnSvB6olI17i4T541ms4jjzP1gdex9hJvmsyQQtl4aPF9V
eESrygvv5lCzZZaXBFqqonlpy4ru9MC+8P09XW+4fiW5gi4H0mr+VizYG9ibsoaF
OjeXAeLR8rPbrgPbllIKyrQ0/e4OI/rGPswG1TAmD9nG2/RJ8njMtWtgqUkbdXn5
S5mUGEi8kq0gNI1ElZA3fEyixuv23le2b3xQSX6dxCczdePZrsB2w0TuFnQ/zzE=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:46:16 2024 by rpki-client on console-ams.rpki-client.org