Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/gnkpdeu0CfnRVbPhLHbJ8bXJz0c.roa
File: gnkpdeu0CfnRVbPhLHbJ8bXJz0c.roa (raw, json)
Hash identifier: 4f9PJj/zS5aQUem6q+7RQpbeapsgxUWqg+7ay3cllrA=
Subject key identifier: 82:79:29:75:EB:B4:09:F9:D1:55:B3:E1:2C:76:C9:F1:B5:C9:CF:47
Certificate issuer: /CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Certificate serial: 018CC94E3FD2340CC2C18B88E5D1312D816E
Authority key identifier: D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/gnkpdeu0CfnRVbPhLHbJ8bXJz0c.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 91.208.0.0/24 maxlen: 24
91.208.16.0/24 maxlen: 24
91.208.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 05:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3f:d2:34:0c:c2:c1:8b:88:e5:d1:31:2d:81:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6dbaa1b52f3a73289ff768acb7baa7f387f955f
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82792975ebb409f9d155b3e12c76c9f1b5c9cf47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9f:06:a6:64:c8:45:b1:5e:03:4a:bc:91:38:
c6:17:5e:20:55:bc:09:75:d4:1c:6c:52:7e:ad:6f:
c7:6d:a8:5a:21:82:e3:2e:06:ab:3c:de:77:92:b6:
d2:1e:51:68:86:e3:3a:4b:0f:8f:5a:77:9d:7b:91:
0b:9b:0f:5f:5e:c8:3f:28:df:56:4a:56:0c:bd:ba:
23:36:d5:aa:87:d2:00:0a:ee:2d:e1:aa:6e:f0:bf:
99:4f:d5:24:03:94:3c:6f:57:9e:37:e6:76:41:15:
c7:47:fe:20:9c:9b:25:27:d5:ee:20:5e:b0:a1:3d:
b8:22:4a:12:ff:a7:7f:41:40:cf:61:73:5c:9c:99:
75:1b:f1:0e:76:77:e5:36:2b:0c:a7:39:a2:96:a0:
8b:3d:29:95:67:2d:96:fe:4d:29:16:96:92:47:d5:
18:f9:54:c2:f3:8e:26:a0:cd:9f:4e:f3:f6:88:76:
d6:e7:23:56:09:ec:f3:ff:38:6d:77:12:6d:10:23:
7d:aa:62:3d:3b:bc:75:fe:d2:cf:6d:1c:ad:6f:59:
b0:55:62:dd:c8:9c:3e:39:ca:b6:ea:89:ce:69:77:
87:30:75:ba:7e:5a:39:45:af:41:18:c1:e7:68:fa:
b6:25:4e:73:50:7b:17:93:12:6d:0f:11:4a:53:a2:
3b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:79:29:75:EB:B4:09:F9:D1:55:B3:E1:2C:76:C9:F1:B5:C9:CF:47
X509v3 Authority Key Identifier:
keyid:D6:DB:AA:1B:52:F3:A7:32:89:FF:76:8A:CB:7B:AA:7F:38:7F:95:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/gnkpdeu0CfnRVbPhLHbJ8bXJz0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b0b6e7-3e23-4426-8c84-fab83d403558/1/1tuqG1LzpzKJ_3aKy3uqfzh_lV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.0.0/24
91.208.16.0/24
91.208.19.0/24
Signature Algorithm: sha256WithRSAEncryption
41:29:d4:90:24:09:83:db:f1:95:1c:a0:65:ef:30:cc:fe:8f:
2a:8d:40:79:13:43:07:70:58:39:ec:87:d1:63:03:b7:2c:e0:
17:1f:c9:41:fa:a9:89:34:4e:99:0e:89:f8:8f:16:a6:b3:a5:
72:ee:ac:fd:c6:97:37:0b:81:c9:57:89:26:e4:9e:b4:f0:1c:
24:2d:59:09:d4:b9:f6:98:24:3f:8e:4b:11:df:47:83:16:0e:
a1:70:db:77:6d:cc:70:88:2d:37:7e:35:e7:15:f3:81:f3:f7:
69:43:72:83:d7:f4:7b:62:92:be:54:06:c7:4c:2f:f7:12:32:
8d:0a:3d:09:da:4a:8e:fc:42:c6:08:95:a1:5c:1d:e0:b7:21:
ef:70:27:66:81:1b:5d:22:3e:ff:33:a3:5d:74:0e:6a:87:8e:
a1:ab:73:8d:39:f6:fc:33:33:70:d1:95:01:fc:d1:28:1e:fb:
5e:72:23:40:5e:24:21:3e:20:87:c8:ec:95:0d:db:54:fe:c3:
81:e3:d6:21:00:fc:e4:1d:05:ef:63:61:49:fd:5a:7d:28:5a:
23:c2:eb:b2:21:8e:c0:67:e8:65:a6:89:1d:d9:3e:c7:ba:34:
34:8a:a9:77:96:26:9a:12:4f:65:3f:3a:d2:0c:08:a7:01:b0:
30:e3:b0:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTj/SNAzCwYuI5dExLYFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZGJhYTFiNTJmM2E3MzI4OWZmNzY4YWNiN2JhYTdmMzg3
Zjk1NWYwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc5Mjk3NWViYjQwOWY5ZDE1NWIzZTEyYzc2YzlmMWI1YzljZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ8GpmTIRbFeA0q8kTjGF14gVbwJ
ddQcbFJ+rW/HbahaIYLjLgarPN53krbSHlFohuM6Sw+PWnede5ELmw9fXsg/KN9W
SlYMvbojNtWqh9IACu4t4apu8L+ZT9UkA5Q8b1eeN+Z2QRXHR/4gnJslJ9XuIF6w
oT24IkoS/6d/QUDPYXNcnJl1G/EOdnflNisMpzmilqCLPSmVZy2W/k0pFpaSR9UY
+VTC844moM2fTvP2iHbW5yNWCezz/zhtdxJtECN9qmI9O7x1/tLPbRytb1mwVWLd
yJw+Ocq26onOaXeHMHW6flo5Ra9BGMHnaPq2JU5zUHsXkxJtDxFKU6I7NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIJ5KXXrtAn50VWz4Sx2yfG1yc9HMB8GA1UdIwQY
MBaAFNbbqhtS86cyif92ist7qn84f5VfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQt
ZmFiODNkNDAzNTU4LzEvZ25rcGRldTBDZm5SVmJQaExIYko4YlhKejBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMGI2ZTctM2UyMy00NDI2LThjODQtZmFiODNkNDAzNTU4
LzEvMXR1cUcxTHpwektKXzNhS3kzdXFmemhfbFY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9AAAwQA
W9AQAwQAW9ATMA0GCSqGSIb3DQEBCwUAA4IBAQBBKdSQJAmD2/GVHKBl7zDM/o8q
jUB5E0MHcFg57IfRYwO3LOAXH8lB+qmJNE6ZDon4jxams6Vy7qz9xpc3C4HJV4km
5J608BwkLVkJ1Ln2mCQ/jksR30eDFg6hcNt3bcxwiC03fjXnFfOB8/dpQ3KD1/R7
YpK+VAbHTC/3EjKNCj0J2kqO/ELGCJWhXB3gtyHvcCdmgRtdIj7/M6NddA5qh46h
q3ONOfb8MzNw0ZUB/NEoHvteciNAXiQhPiCHyOyVDdtU/sOB49YhAPzkHQXvY2FJ
/Vp9KFojwuuyIY7AZ+hlpokd2T7HujQ0iql3liaaEk9lPzrSDAinAbAw47D0
-----END CERTIFICATE-----
Generated at Tue Apr 30 11:53:32 2024 by rpki-client on console-fra.rpki-client.org