Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gc6isohXgZd4mwllmmH_8nmNe3M.roa
File: gc6isohXgZd4mwllmmH_8nmNe3M.roa (raw, json)
Hash identifier: JkV3Y3LvvswbjMC5kTGf7uY2O2XkmI/7r2/qe6dqk8g=
Subject key identifier: 81:CE:A2:B2:88:57:81:97:78:9B:09:65:9A:61:FF:F2:79:8D:7B:73
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F62EEA312FE72E3B0AD875757803C93B0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gc6isohXgZd4mwllmmH_8nmNe3M.roa
Signing time: Fri 10 May 2024 14:35:57 +0000
ROA not before: Fri 10 May 2024 14:35:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48806
IP address blocks: 45.146.186.0/24 maxlen: 24
185.228.225.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:ee:a3:12:fe:72:e3:b0:ad:87:57:57:80:3c:93:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 10 14:35:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81cea2b288578197789b09659a61fff2798d7b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:51:37:02:6c:52:f1:3d:2d:f7:5c:bd:47:6d:
14:25:0a:ef:21:86:28:22:2b:7c:2f:00:5e:9b:21:
30:a4:f9:6a:1b:d7:c8:cc:36:48:f6:83:2e:4a:21:
5a:4b:af:6e:fd:79:52:a5:fd:21:ba:8e:22:c6:84:
43:c9:7f:8c:9b:dd:eb:a8:07:da:23:03:02:be:7c:
b1:e5:e2:52:58:0a:72:a2:13:0c:bf:81:c4:97:41:
cf:b4:ca:87:4e:01:3b:c2:3b:7b:a6:33:cd:55:af:
dd:80:52:53:90:72:41:a6:5d:07:34:19:20:39:76:
fc:ae:f3:bb:8a:97:93:3d:8f:74:2f:93:6b:fb:7c:
d5:6d:86:ca:c0:fc:0a:53:f7:da:3b:35:9c:c0:3c:
f1:db:d4:54:da:2b:a5:00:02:df:91:c2:b5:74:10:
ca:7e:04:da:50:07:93:8b:e0:a5:26:d1:db:56:6d:
5b:14:6e:d9:4e:1c:35:52:7c:9c:ff:bc:37:b3:ed:
ec:8f:97:2d:3b:07:3e:a8:5d:d9:7f:de:cc:a1:e2:
21:dc:5f:77:a1:88:9c:9f:c2:e3:24:8d:54:22:a4:
81:52:86:d2:06:ba:07:fd:e8:b4:31:1e:bf:56:76:
58:3f:d6:2a:30:f6:9c:2e:e8:ce:5f:f9:b5:e4:2e:
a8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CE:A2:B2:88:57:81:97:78:9B:09:65:9A:61:FF:F2:79:8D:7B:73
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/gc6isohXgZd4mwllmmH_8nmNe3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.186.0/24
185.228.225.0/24
185.239.242.0/24
188.212.155.0/24
188.241.182.0/24
Signature Algorithm: sha256WithRSAEncryption
73:6c:63:db:ca:dd:50:8a:0a:33:6d:51:10:07:c7:6f:89:fa:
61:f0:db:fd:5a:81:7e:dd:c5:7f:90:6b:e7:c8:0c:ff:07:48:
43:24:25:cf:b4:fb:26:2c:7b:bc:85:30:b3:dd:85:99:0e:e5:
da:a9:61:31:68:79:3b:6b:88:4b:8e:0c:0f:48:e5:bf:a1:e4:
8e:b9:ea:73:af:59:1b:10:1b:3f:5e:14:51:29:85:78:7d:e1:
70:75:d6:37:14:44:67:48:19:14:5b:6a:f1:b8:36:b5:f2:6b:
49:d7:47:4c:71:4d:3e:4c:7a:b6:1e:96:87:08:72:80:96:eb:
a5:7d:e0:72:b6:5c:0e:51:32:35:74:f3:62:1c:71:5d:af:16:
e6:e0:f5:af:94:20:94:6c:d1:7d:a1:5e:e9:e9:7a:e0:36:1a:
bb:9b:91:cc:dc:9b:a9:e0:68:c9:f0:01:d9:bd:df:02:da:0f:
7e:bf:d3:f9:13:3f:2f:62:e0:0e:d5:83:7e:3a:1c:f4:26:a6:
34:37:46:a7:ad:bc:f3:6b:5f:5b:f6:c8:f3:73:31:f8:e9:5e:
cf:e3:9f:42:b0:f3:2f:ed:92:cc:91:af:c2:8d:49:55:fa:ff:
21:ce:64:3a:45:dc:ed:6f:ef:96:5e:0f:20:18:9d:49:92:65:
55:21:54:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY9i7qMS/nLjsK2HV1eAPJOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNTEwMTQzNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWNlYTJiMjg4NTc4MTk3Nzg5YjA5NjU5YTYxZmZmMjc5OGQ3YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFE3AmxS8T0t91y9R20UJQrvIYYo
Iit8LwBemyEwpPlqG9fIzDZI9oMuSiFaS69u/XlSpf0huo4ixoRDyX+Mm93rqAfa
IwMCvnyx5eJSWApyohMMv4HEl0HPtMqHTgE7wjt7pjPNVa/dgFJTkHJBpl0HNBkg
OXb8rvO7ipeTPY90L5Nr+3zVbYbKwPwKU/faOzWcwDzx29RU2iulAALfkcK1dBDK
fgTaUAeTi+ClJtHbVm1bFG7ZThw1Unyc/7w3s+3sj5ctOwc+qF3Zf97MoeIh3F93
oYicn8LjJI1UIqSBUobSBroH/ei0MR6/VnZYP9YqMPacLujOX/m15C6o0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIHOorKIV4GXeJsJZZph//J5jXtzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZ2M2aXNvaFhnWmQ0bXdsbG1tSF84bm1OZTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZK6AwQA
ueThAwQAue/yAwQAvNSbAwQAvPG2MA0GCSqGSIb3DQEBCwUAA4IBAQBzbGPbyt1Q
igozbVEQB8dvifph8Nv9WoF+3cV/kGvnyAz/B0hDJCXPtPsmLHu8hTCz3YWZDuXa
qWExaHk7a4hLjgwPSOW/oeSOuepzr1kbEBs/XhRRKYV4feFwddY3FERnSBkUW2rx
uDa18mtJ10dMcU0+THq2HpaHCHKAluulfeBytlwOUTI1dPNiHHFdrxbm4PWvlCCU
bNF9oV7p6XrgNhq7m5HM3Jup4GjJ8AHZvd8C2g9+v9P5Ez8vYuAO1YN+Ohz0JqY0
N0anrbzza19b9sjzczH46V7P459CsPMv7ZLMka/CjUlV+v8hzmQ6Rdztb++WXg8g
GJ1JkmVVIVSJ
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:16:35 2024 by rpki-client on console-ams.rpki-client.org