Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/gXJmOKiZS_BtQ0eNoyv9uDSPn5U.roa
File: gXJmOKiZS_BtQ0eNoyv9uDSPn5U.roa (raw, json)
Hash identifier: Ns7ZHLEAAzyZ/QJtcV2UJmIfF6r5aptWSSyxBel/684=
Subject key identifier: 81:72:66:38:A8:99:4B:F0:6D:43:47:8D:A3:2B:FD:B8:34:8F:9F:95
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D4DFE4053263C4F85D3B9CA409972
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/gXJmOKiZS_BtQ0eNoyv9uDSPn5U.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9127
IP address blocks: 82.146.4.0/23 maxlen: 24
212.72.192.0/24 maxlen: 24
212.72.192.0/22 maxlen: 24
84.238.164.0/24 maxlen: 24
84.238.166.0/24 maxlen: 24
82.146.8.0/23 maxlen: 24
212.72.196.0/23 maxlen: 24
82.146.10.0/24 maxlen: 24
212.72.204.0/24 maxlen: 24
212.72.200.0/23 maxlen: 24
82.146.14.0/24 maxlen: 24
212.72.204.0/23 maxlen: 24
212.72.213.0/24 maxlen: 24
212.72.207.0/24 maxlen: 24
212.72.208.0/22 maxlen: 24
213.130.94.0/24 maxlen: 24
212.72.215.0/24 maxlen: 24
82.146.30.0/24 maxlen: 24
212.72.216.0/22 maxlen: 24
212.72.220.0/24 maxlen: 24
212.72.222.0/23 maxlen: 24
213.130.70.0/23 maxlen: 24
213.130.72.0/23 maxlen: 24
213.130.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4d:fe:40:53:26:3c:4f:85:d3:b9:ca:40:99:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81726638a8994bf06d43478da32bfdb8348f9f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:81:50:9f:d1:08:35:48:02:06:6b:ab:62:
aa:dd:7d:8b:d8:4c:13:88:1d:ce:6a:ca:60:67:d9:
3a:c4:68:19:d3:11:b4:6a:e8:e7:53:ab:dd:53:92:
cc:3f:94:05:83:b7:dc:12:95:d5:4b:26:d8:43:f1:
51:55:7a:08:e2:80:18:ef:46:12:b8:d4:e8:b7:a8:
8b:b5:45:77:1b:fa:a4:96:0a:36:29:28:dc:64:16:
84:c8:83:7e:2c:d3:72:83:8f:b2:9d:d9:5e:0f:4c:
15:ff:4f:e6:a5:41:e0:2a:0f:28:ab:cc:c9:46:54:
de:07:02:18:03:3b:ac:73:e0:c5:71:23:68:37:b0:
77:bc:7c:8f:15:a2:e8:01:fc:ed:b1:cb:9e:4c:59:
ee:a0:76:0f:72:ce:df:04:8c:f4:a0:b7:df:4f:44:
ce:7f:08:bc:0b:de:9d:0b:f2:25:bb:40:4a:99:d4:
a9:c9:45:40:e7:09:f8:75:ca:9f:0f:71:2c:19:8c:
84:0e:a3:92:47:7a:49:df:31:da:5d:ef:c9:7c:70:
d3:cb:c1:3d:66:cc:52:e7:3e:e5:08:db:67:28:0e:
41:47:d9:d7:95:05:33:14:db:a1:0c:05:29:60:64:
8d:08:bf:8e:50:b0:e8:25:99:a5:4a:b3:e7:4a:b1:
e8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:72:66:38:A8:99:4B:F0:6D:43:47:8D:A3:2B:FD:B8:34:8F:9F:95
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/gXJmOKiZS_BtQ0eNoyv9uDSPn5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.4.0/23
82.146.8.0-82.146.10.255
82.146.14.0/24
82.146.30.0/24
84.238.164.0/24
84.238.166.0/24
212.72.192.0-212.72.197.255
212.72.200.0/23
212.72.204.0/23
212.72.207.0-212.72.211.255
212.72.213.0/24
212.72.215.0-212.72.220.255
212.72.222.0/23
213.130.70.0-213.130.73.255
213.130.75.0/24
213.130.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:43:0b:66:37:73:5d:1f:6a:63:7b:3e:5b:d7:03:37:2e:f8:
a3:09:e4:9e:96:dc:98:fd:d1:42:95:2a:6d:a0:44:a5:14:1d:
e6:c5:f0:29:e4:f2:49:79:d1:71:f9:96:f3:34:6a:01:9e:2b:
60:ba:c5:97:4d:2a:94:3f:e0:b3:01:f5:26:a0:49:32:db:8e:
65:c4:8b:e3:a8:35:c8:4a:4e:f4:56:5c:6e:bc:3f:68:91:9a:
2e:88:bc:d3:80:c2:21:15:82:99:0e:32:77:1b:e2:b4:f6:ca:
50:20:bf:1d:16:4e:aa:38:bf:f0:11:5d:3d:ec:32:2c:55:16:
dc:38:9a:3b:63:2e:be:c7:da:03:c6:14:de:fa:6b:3a:6a:53:
d9:d5:1f:a3:56:0f:6e:71:57:dd:67:25:f3:f3:51:57:c2:22:
87:40:2f:87:c9:5d:e2:0e:04:64:08:29:94:bd:b0:44:df:2f:
ba:39:77:10:44:12:f2:49:b9:c7:c8:d6:f2:fd:91:3c:aa:a3:
c0:c7:ec:e9:4c:ee:01:b2:9e:08:c6:70:cf:c0:3e:8d:ae:d4:
f4:14:d4:da:b4:34:02:01:e5:7a:36:c8:95:1b:8b:dc:cb:98:
c7:f1:f0:88:75:5a:f6:0d:0b:11:1d:eb:e1:1f:53:16:90:f5:
f1:4d:46:47
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYzCbU3+QFMmPE+F07nKQJlyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTcyNjYzOGE4OTk0YmYwNmQ0MzQ3OGRhMzJiZmRiODM0OGY5Zjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8qBUJ/RCDVIAgZrq2Kq3X2L2EwT
iB3OaspgZ9k6xGgZ0xG0aujnU6vdU5LMP5QFg7fcEpXVSybYQ/FRVXoI4oAY70YS
uNTot6iLtUV3G/qklgo2KSjcZBaEyIN+LNNyg4+yndleD0wV/0/mpUHgKg8oq8zJ
RlTeBwIYAzusc+DFcSNoN7B3vHyPFaLoAfztscueTFnuoHYPcs7fBIz0oLffT0TO
fwi8C96dC/Ilu0BKmdSpyUVA5wn4dcqfD3EsGYyEDqOSR3pJ3zHaXe/JfHDTy8E9
ZsxS5z7lCNtnKA5BR9nXlQUzFNuhDAUpYGSNCL+OULDoJZmlSrPnSrHouwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFIFyZjiomUvwbUNHjaMr/bg0j5+VMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvZ1hKbU9LaVpTX0J0UTBlTm95djl1RFNQbjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAFS
kgQwDAMEA1KSCAMEAFKSCgMEAFKSDgMEAFKSHgMEAFTupAMEAFTupjAMAwQG1EjA
AwQB1EjEAwQB1EjIAwQB1EjMMAwDBADUSM8DBALUSNADBADUSNUwDAMEANRI1wME
ANRI3AMEAdRI3jAMAwQB1YJGAwQB1YJIAwQA1YJLAwQA1YJeMA0GCSqGSIb3DQEB
CwUAA4IBAQAKQwtmN3NdH2pjez5b1wM3LvijCeSeltyY/dFClSptoESlFB3mxfAp
5PJJedFx+ZbzNGoBnitgusWXTSqUP+CzAfUmoEky245lxIvjqDXISk70VlxuvD9o
kZouiLzTgMIhFYKZDjJ3G+K09spQIL8dFk6qOL/wEV097DIsVRbcOJo7Yy6+x9oD
xhTe+ms6alPZ1R+jVg9ucVfdZyXz81FXwiKHQC+HyV3iDgRkCCmUvbBE3y+6OXcQ
RBLySbnHyNby/ZE8qqPAx+zpTO4Bsp4IxnDPwD6NrtT0FNTatDQCAeV6NsiVG4vc
y5jH8fCIdVr2DQsRHevhH1MWkPXxTUZH
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:11:17 2024 by rpki-client on console-ams.rpki-client.org