Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/GaJhmU8UGU1hG5F75bbahsmhm6I.roa
File: GaJhmU8UGU1hG5F75bbahsmhm6I.roa (raw, json)
Hash identifier: may4cNykx016Ww0HD4UgRFsivFNwwKoB9qB1Ir0JY2g=
Subject key identifier: 19:A2:61:99:4F:14:19:4D:61:1B:91:7B:E5:B6:DA:86:C9:A1:9B:A2
Certificate issuer: /CN=e71d709d8b184c5a50c9431dccaf649bc8684704
Certificate serial: 018CC493455CE077B04AC6F290D56563AC2F
Authority key identifier: E7:1D:70:9D:8B:18:4C:5A:50:C9:43:1D:CC:AF:64:9B:C8:68:47:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5x1wnYsYTFpQyUMdzK9km8hoRwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/GaJhmU8UGU1hG5F75bbahsmhm6I.roa
Signing time: Mon 01 Jan 2024 10:30:34 +0000
ROA not before: Mon 01 Jan 2024 10:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59466
IP address blocks: 185.96.164.0/22 maxlen: 22
85.187.180.0/22 maxlen: 22
85.187.190.0/24 maxlen: 24
85.187.187.0/24 maxlen: 24
85.187.188.0/23 maxlen: 23
45.84.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/5x1wnYsYTFpQyUMdzK9km8hoRwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/5x1wnYsYTFpQyUMdzK9km8hoRwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/5x1wnYsYTFpQyUMdzK9km8hoRwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:45:5c:e0:77:b0:4a:c6:f2:90:d5:65:63:ac:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e71d709d8b184c5a50c9431dccaf649bc8684704
Validity
Not Before: Jan 1 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19a261994f14194d611b917be5b6da86c9a19ba2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:09:93:de:9f:3f:f9:25:79:ef:cd:54:f2:ea:
4b:66:58:9a:dc:86:7a:f8:c4:2d:6a:76:06:e1:36:
27:aa:d6:e4:89:f3:b9:65:5c:4e:d1:7a:9b:e4:6f:
a2:8c:6e:76:dc:9a:07:2f:6e:e5:84:e8:49:b4:42:
71:6f:2c:58:d4:5d:40:bf:5f:4c:ab:58:df:5f:a5:
62:ff:d1:a6:e7:d4:e3:69:29:f3:2e:cb:a4:f2:fb:
7d:13:24:db:9b:e6:0f:d7:62:5b:0f:42:81:56:19:
10:c1:28:d8:cb:a0:34:a5:ed:5d:d3:98:70:ab:3c:
2a:3f:e5:79:6f:51:68:6a:f6:d4:7d:12:e9:af:38:
3e:a6:d4:8e:ee:c8:3f:24:f7:fb:00:c3:91:e0:f4:
fa:e1:ac:79:88:3f:37:b0:79:06:3e:54:67:03:63:
61:2d:f7:cc:78:ae:5d:fa:51:22:51:a0:f4:67:83:
fe:28:70:c6:8a:18:d9:f6:5b:0a:24:e0:3f:4f:6f:
1c:64:65:1f:b5:44:01:ad:4b:03:97:3b:ee:8b:fa:
d0:e7:4a:17:9a:5a:fa:4c:55:37:3d:18:fd:42:84:
f5:a0:73:6d:01:90:76:f0:d0:e8:92:6e:61:38:44:
80:e6:e9:a6:ac:08:23:92:34:fe:0a:2a:b5:f4:74:
34:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A2:61:99:4F:14:19:4D:61:1B:91:7B:E5:B6:DA:86:C9:A1:9B:A2
X509v3 Authority Key Identifier:
keyid:E7:1D:70:9D:8B:18:4C:5A:50:C9:43:1D:CC:AF:64:9B:C8:68:47:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5x1wnYsYTFpQyUMdzK9km8hoRwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/GaJhmU8UGU1hG5F75bbahsmhm6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/5x1wnYsYTFpQyUMdzK9km8hoRwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.172.0/22
85.187.180.0/22
85.187.187.0-85.187.190.255
185.96.164.0/22
Signature Algorithm: sha256WithRSAEncryption
80:dd:7c:02:d8:7a:92:57:f3:d9:c1:2a:e6:df:c1:ef:2e:94:
29:40:86:3b:49:fb:44:cd:eb:7f:51:53:a3:3c:c3:11:26:a3:
b7:3c:e0:00:73:01:26:23:a5:8d:06:56:2a:06:f5:c1:68:9e:
20:1b:22:f6:18:8f:d1:d8:93:1f:51:7e:25:1c:ee:f2:50:f8:
0b:5d:46:cb:b9:75:3b:2c:4d:ab:c7:e3:2c:d5:a0:40:aa:36:
f6:c1:d4:f0:75:15:d2:cd:4d:c5:4f:96:73:99:5d:24:63:9d:
2e:bb:d3:83:11:13:0f:22:6c:a4:c4:f7:a8:2f:51:e9:4d:a6:
0b:8a:07:23:16:0d:fb:f4:a8:78:39:5d:1e:6f:2f:aa:18:37:
2d:87:93:42:58:7f:2a:7e:ac:ac:88:fa:11:84:a3:c1:89:b7:
0c:43:d1:17:dc:b6:74:fe:51:32:b0:76:5d:06:7f:bd:4c:a1:
a0:a4:9c:56:c0:a5:24:9d:5f:53:ea:58:a8:47:e7:6b:6b:df:
fc:c0:a4:34:9d:84:6c:92:e2:bc:b4:79:ac:d6:eb:40:5b:85:
2a:3b:2c:88:28:f6:d1:41:9f:3f:23:f3:85:68:e5:08:dc:7f:
f1:a7:29:df:63:42:7c:31:4e:31:5f:30:9d:c5:74:aa:f1:07:
52:9b:9b:04
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEk0Vc4HewSsbykNVlY6wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MWQ3MDlkOGIxODRjNWE1MGM5NDMxZGNjYWY2NDliYzg2
ODQ3MDQwHhcNMjQwMTAxMTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWEyNjE5OTRmMTQxOTRkNjExYjkxN2JlNWI2ZGE4NmM5YTE5YmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQmT3p8/+SV5781U8upLZlia3IZ6
+MQtanYG4TYnqtbkifO5ZVxO0Xqb5G+ijG523JoHL27lhOhJtEJxbyxY1F1Av19M
q1jfX6Vi/9Gm59TjaSnzLsuk8vt9EyTbm+YP12JbD0KBVhkQwSjYy6A0pe1d05hw
qzwqP+V5b1FoavbUfRLprzg+ptSO7sg/JPf7AMOR4PT64ax5iD83sHkGPlRnA2Nh
LffMeK5d+lEiUaD0Z4P+KHDGihjZ9lsKJOA/T28cZGUftUQBrUsDlzvui/rQ50oX
mlr6TFU3PRj9QoT1oHNtAZB28NDokm5hOESA5ummrAgjkjT+Ciq19HQ0XQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBmiYZlPFBlNYRuRe+W22obJoZuiMB8GA1UdIwQY
MBaAFOcdcJ2LGExaUMlDHcyvZJvIaEcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXgxd25Zc1lURnBReVVNZHpLOWttOGhvUndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80Nzk5ZjYtNzY1Zi00YWQyLThjNDMt
MWM1YjEwMTJkMmMzLzEvR2FKaG1VOFVHVTFoRzVGNzViYmFoc21obTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80Nzk5ZjYtNzY1Zi00YWQyLThjNDMtMWM1YjEwMTJkMmMz
LzEvNXgxd25Zc1lURnBReVVNZHpLOWttOGhvUndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCLVSsAwQC
Vbu0MAwDBABVu7sDBABVu74DBAK5YKQwDQYJKoZIhvcNAQELBQADggEBAIDdfALY
epJX89nBKubfwe8ulClAhjtJ+0TN639RU6M8wxEmo7c84ABzASYjpY0GVioG9cFo
niAbIvYYj9HYkx9RfiUc7vJQ+AtdRsu5dTssTavH4yzVoECqNvbB1PB1FdLNTcVP
lnOZXSRjnS6704MREw8ibKTE96gvUelNpguKByMWDfv0qHg5XR5vL6oYNy2Hk0JY
fyp+rKyI+hGEo8GJtwxD0RfctnT+UTKwdl0Gf71MoaCknFbApSSdX1PqWKhH52tr
3/zApDSdhGyS4ry0eazW60BbhSo7LIgo9tFBnz8j84Vo5Qjcf/GnKd9jQnwxTjFf
MJ3FdKrxB1KbmwQ=
-----END CERTIFICATE-----
Generated at Thu May 16 22:58:57 2024 by rpki-client on console-fra.rpki-client.org