Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/GsG6DeYoZXA4jM_DGYJqzcqVH8I.roa
File: GsG6DeYoZXA4jM_DGYJqzcqVH8I.roa (raw, json)
Hash identifier: EaE6jecNsmTw30wJhHsSoTc4G/jbx8tQRxPazwvDcpo=
Subject key identifier: 1A:C1:BA:0D:E6:28:65:70:38:8C:CF:C3:19:82:6A:CD:CA:95:1F:C2
Certificate issuer: /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial: 018CC56E8A3964738D2336F9133D8B1A6E27
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/GsG6DeYoZXA4jM_DGYJqzcqVH8I.roa
Signing time: Mon 01 Jan 2024 14:30:05 +0000
ROA not before: Mon 01 Jan 2024 14:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 94.143.105.0/24 maxlen: 24
94.143.108.0/24 maxlen: 24
185.236.125.0/24 maxlen: 24
185.236.124.0/24 maxlen: 24
94.143.107.0/24 maxlen: 24
94.143.106.0/24 maxlen: 24
185.236.126.0/24 maxlen: 24
185.236.127.0/24 maxlen: 24
212.1.219.0/24 maxlen: 24
212.1.218.0/24 maxlen: 24
212.1.222.0/24 maxlen: 24
212.1.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:8a:39:64:73:8d:23:36:f9:13:3d:8b:1a:6e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Validity
Not Before: Jan 1 14:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ac1ba0de6286570388ccfc319826acdca951fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f6:d3:07:1d:12:03:27:17:1e:99:42:e9:7c:
48:08:42:99:c4:ec:d2:a5:dc:32:7a:70:39:de:7b:
cf:df:c7:70:48:22:3b:87:ec:f4:51:c9:00:9e:9d:
75:4a:29:3a:de:a9:1e:36:1c:ec:c2:35:83:c6:c7:
b6:d4:6d:08:45:e9:0a:8d:4c:66:52:76:e3:61:01:
54:b8:20:63:e8:49:bb:28:0b:19:1a:ef:0c:e7:9d:
ce:b6:b0:a1:9c:57:29:e9:3d:8d:8a:0d:75:ed:41:
f2:38:de:65:81:df:d6:a3:b7:93:a9:44:2b:99:7c:
10:ba:70:26:b3:20:8b:19:a0:65:0a:60:3c:b6:d4:
f6:84:d2:d0:b9:e4:e4:40:3f:b3:4e:d4:cd:ce:49:
aa:fa:61:7c:80:90:6f:13:92:58:ca:ae:53:a6:c4:
2c:ea:8b:7c:c1:61:77:76:3d:10:26:a8:8b:40:c5:
17:1c:d3:d3:e0:8b:7e:4a:80:90:0c:be:49:91:c1:
cd:10:04:a5:dd:55:fa:af:de:a7:4e:b5:fe:cf:de:
bd:93:14:a6:30:95:60:ac:98:45:42:e7:17:e0:4b:
2d:d8:4b:eb:48:ce:58:fa:bb:10:81:e1:5b:81:3a:
28:95:e0:25:c4:93:08:d4:c0:ed:d3:f7:3f:02:61:
cb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C1:BA:0D:E6:28:65:70:38:8C:CF:C3:19:82:6A:CD:CA:95:1F:C2
X509v3 Authority Key Identifier:
keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/GsG6DeYoZXA4jM_DGYJqzcqVH8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.105.0-94.143.108.255
185.236.124.0/22
212.1.218.0/23
212.1.222.0/23
Signature Algorithm: sha256WithRSAEncryption
77:8d:e0:5e:57:fb:5a:36:fc:57:b1:12:7e:c6:31:62:8c:42:
6a:6e:f0:71:cd:4a:15:f8:c2:b1:a6:00:0c:b2:07:4a:3e:7f:
14:d3:ea:b0:57:84:89:e9:47:69:0d:48:05:ff:2d:84:81:e6:
df:77:c8:58:16:04:e4:92:4a:5b:49:b6:2a:a4:5c:24:63:34:
b5:99:cd:67:2d:87:b7:99:44:94:f9:e8:c8:ac:07:20:d4:d3:
8d:40:40:07:db:35:5d:86:24:34:8c:9f:87:c2:36:8d:c6:9c:
a3:2b:df:e1:d3:74:ed:8e:c7:ce:e6:03:55:85:e2:a8:4d:37:
93:a2:b6:c7:f8:c1:5f:8e:d7:19:05:52:4f:db:fa:2b:25:ae:
bf:25:22:b1:f9:b0:b2:75:48:93:b8:41:39:62:08:8b:4c:6a:
20:c8:b0:29:30:89:cb:36:64:ce:6d:6a:83:2a:b2:13:5f:43:
5c:1b:4c:8d:a5:bd:a0:98:58:5b:91:c8:d8:8c:26:3f:84:66:
e9:59:b4:35:37:89:c4:5a:1e:0b:c9:6b:f1:b5:86:55:4c:42:
86:bc:e4:b6:6a:ed:c1:bb:62:4e:55:2a:46:b5:13:50:4b:af:
04:47:b8:1d:c0:87:db:92:ba:f6:f5:3b:ae:b5:f9:95:19:5a:
85:e8:e5:de
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFboo5ZHONIzb5Ez2LGm4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDc4YzVhYTIyNmEyNzhlOGIxOTA2ZjM3MWM2MGNmYzdk
ODdlOGUwHhcNMjQwMTAxMTQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWMxYmEwZGU2Mjg2NTcwMzg4Y2NmYzMxOTgyNmFjZGNhOTUxZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fbTBx0SAycXHplC6XxICEKZxOzS
pdwyenA53nvP38dwSCI7h+z0UckAnp11Sik63qkeNhzswjWDxse21G0IRekKjUxm
UnbjYQFUuCBj6Em7KAsZGu8M553OtrChnFcp6T2Nig117UHyON5lgd/Wo7eTqUQr
mXwQunAmsyCLGaBlCmA8ttT2hNLQueTkQD+zTtTNzkmq+mF8gJBvE5JYyq5TpsQs
6ot8wWF3dj0QJqiLQMUXHNPT4It+SoCQDL5JkcHNEASl3VX6r96nTrX+z969kxSm
MJVgrJhFQucX4Est2EvrSM5Y+rsQgeFbgTooleAlxJMI1MDt0/c/AmHLrwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBrBug3mKGVwOIzPwxmCas3KlR/CMB8GA1UdIwQY
MBaAFHpHjFqiJqJ46LGQbzccYM/H2H6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAt
ZDc2ZWM5Y2MwZDI4LzEvR3NHNkRlWW9aWEE0ak1fREdZSnF6Y3FWSDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAtZDc2ZWM5Y2MwZDI4
LzEvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABej2kD
BABej2wDBAK57HwDBAHUAdoDBAHUAd4wDQYJKoZIhvcNAQELBQADggEBAHeN4F5X
+1o2/FexEn7GMWKMQmpu8HHNShX4wrGmAAyyB0o+fxTT6rBXhInpR2kNSAX/LYSB
5t93yFgWBOSSSltJtiqkXCRjNLWZzWcth7eZRJT56MisByDU041AQAfbNV2GJDSM
n4fCNo3GnKMr3+HTdO2Ox87mA1WF4qhNN5Oitsf4wV+O1xkFUk/b+islrr8lIrH5
sLJ1SJO4QTliCItMaiDIsCkwics2ZM5taoMqshNfQ1wbTI2lvaCYWFuRyNiMJj+E
ZulZtDU3icRaHgvJa/G1hlVMQoa85LZq7cG7Yk5VKka1E1BLrwRHuB3Ah9uSuvb1
O661+ZUZWoXo5d4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:26:15 2024 by rpki-client on console-fra.rpki-client.org