Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GajsEEU4NRTtlg75K9CRi0XblOs.roa
File: GajsEEU4NRTtlg75K9CRi0XblOs.roa (raw, json)
Hash identifier: l/kYcdTS46/Hd4qtfvnfmDD8MeuqOY3amGGtfpx0PD0=
Subject key identifier: 19:A8:EC:10:45:38:35:14:ED:96:0E:F9:2B:D0:91:8B:45:DB:94:EB
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018E9E573558DA82D3151CA2BE75E555F6CB
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GajsEEU4NRTtlg75K9CRi0XblOs.roa
Signing time: Tue 02 Apr 2024 10:24:59 +0000
ROA not before: Tue 02 Apr 2024 10:24:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.22.136.0/22 maxlen: 23
81.22.140.0/22 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:57:35:58:da:82:d3:15:1c:a2:be:75:e5:55:f6:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 2 10:24:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19a8ec1045383514ed960ef92bd0918b45db94eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5e:ee:45:5c:16:8e:02:07:f9:95:1f:74:71:
3a:c2:72:74:12:a4:b7:e5:00:9f:11:25:52:7f:b5:
18:2c:b6:12:14:17:d9:93:97:83:4e:b9:7d:77:af:
70:1a:1e:db:da:df:ae:fa:b8:5e:8b:ca:6d:f7:80:
31:45:84:e3:5e:96:13:b0:77:f2:1c:af:20:cb:37:
0d:07:c6:e6:8c:ba:b2:b5:3e:55:4b:a4:92:5e:a2:
49:0b:66:4d:b0:0b:6b:95:27:1f:fa:eb:2e:03:8d:
ba:25:3e:34:1f:72:4f:5a:f7:9c:8f:82:49:25:30:
9a:f8:3b:f1:b0:50:b2:db:80:e4:5c:68:37:cf:f6:
56:b2:44:00:ae:5c:94:cf:c9:5b:90:aa:3d:4e:02:
c1:2f:61:4c:a7:a1:ec:2b:51:8f:85:d4:a8:af:5c:
71:2d:07:3c:73:11:b8:41:4e:fd:ea:48:6f:79:f7:
6a:ea:f8:19:59:c0:2c:7b:84:9f:9d:32:9c:e8:92:
e1:52:1e:4c:72:21:9c:aa:e4:55:2f:dd:41:36:81:
b6:95:e2:20:b4:96:44:64:0e:ef:e4:08:26:12:6c:
6c:11:85:d4:56:da:83:4d:a3:be:6e:e2:4f:fe:56:
09:c6:89:44:5c:6c:52:a8:e3:12:53:37:83:17:be:
60:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A8:EC:10:45:38:35:14:ED:96:0E:F9:2B:D0:91:8B:45:DB:94:EB
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/GajsEEU4NRTtlg75K9CRi0XblOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.136.0/21
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:30:ea:91:da:f7:a4:04:7c:ad:a1:3c:29:df:31:b3:d0:de:
7e:0e:c5:a8:a4:a3:cc:7e:97:da:42:27:ae:cf:03:5c:57:6d:
50:c7:d2:b0:d3:70:2c:b1:32:1f:f5:80:23:bb:7a:fe:b6:0a:
c5:9c:95:2f:52:e8:ec:f3:e0:ad:44:b4:c5:e5:31:fd:f9:70:
4d:09:32:5c:b8:0a:ba:b4:5b:99:06:87:33:08:12:58:92:2e:
85:cd:a0:80:2e:91:bc:5c:11:4f:4a:bd:0d:80:e9:5d:84:70:
db:d6:fc:d4:69:92:f9:16:5c:56:93:18:d1:5b:f6:55:c8:59:
bf:8b:3f:62:ed:a8:28:ed:f4:fd:6b:84:6a:e3:44:1b:c2:92:
1f:6c:7b:f7:fb:21:6f:e1:57:4f:92:ab:72:f8:d5:8c:cc:86:
8b:7f:73:84:cb:cb:6c:b0:cd:04:31:72:d3:e1:b8:b0:8d:15:
b8:e9:ba:fc:d8:0b:63:ed:5d:2f:fe:7f:cf:96:fe:b9:6b:b5:
b2:a0:a1:22:81:1b:ac:63:de:d2:f1:45:19:ec:5a:88:5e:2e:
c2:2a:cd:7b:35:a5:84:05:0a:d3:63:29:4d:1b:49:aa:9d:1c:
ea:17:9b:56:08:82:69:05:3f:b8:c1:3b:72:86:e2:dd:f6:c3:
a6:ac:ae:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6eVzVY2oLTFRyivnXlVfbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwNDAyMTAyNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE4ZWMxMDQ1MzgzNTE0ZWQ5NjBlZjkyYmQwOTE4YjQ1ZGI5NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg17uRVwWjgIH+ZUfdHE6wnJ0EqS3
5QCfESVSf7UYLLYSFBfZk5eDTrl9d69wGh7b2t+u+rhei8pt94AxRYTjXpYTsHfy
HK8gyzcNB8bmjLqytT5VS6SSXqJJC2ZNsAtrlScf+usuA426JT40H3JPWvecj4JJ
JTCa+DvxsFCy24DkXGg3z/ZWskQArlyUz8lbkKo9TgLBL2FMp6HsK1GPhdSor1xx
LQc8cxG4QU796khvefdq6vgZWcAse4SfnTKc6JLhUh5MciGcquRVL91BNoG2leIg
tJZEZA7v5AgmEmxsEYXUVtqDTaO+buJP/lYJxolEXGxSqOMSUzeDF75gnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBmo7BBFODUU7ZYO+SvQkYtF25TrMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvR2Fqc0VFVTROUlR0bGc3NUs5Q1JpMFhibE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDURaIAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQBfMOqR2vekBHytoTwp3zGz0N5+
DsWopKPMfpfaQieuzwNcV21Qx9Kw03AssTIf9YAju3r+tgrFnJUvUujs8+CtRLTF
5TH9+XBNCTJcuAq6tFuZBoczCBJYki6FzaCALpG8XBFPSr0NgOldhHDb1vzUaZL5
FlxWkxjRW/ZVyFm/iz9i7ago7fT9a4Rq40QbwpIfbHv3+yFv4VdPkqty+NWMzIaL
f3OEy8tssM0EMXLT4biwjRW46br82Atj7V0v/n/Plv65a7WyoKEigRusY97S8UUZ
7FqIXi7CKs17NaWEBQrTYylNG0mqnRzqF5tWCIJpBT+4wTtyhuLd9sOmrK4L
-----END CERTIFICATE-----
Generated at Fri Apr 26 07:18:54 2024 by rpki-client on console-ams.rpki-client.org