Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/GBz9poJaUl6sA6slUOyjJkejSrU.roa
File: GBz9poJaUl6sA6slUOyjJkejSrU.roa (raw, json)
Hash identifier: 4hbHpGMo343xFwFqsDnpYednGVmLqZcMPmHGsOmF1bM=
Subject key identifier: 18:1C:FD:A6:82:5A:52:5E:AC:03:AB:25:50:EC:A3:26:47:A3:4A:B5
Certificate issuer: /CN=e964d2705a9b26fd482a9c10e926eae7bda41e9b
Certificate serial: 018CCA996BE8D165517C0C7D848CF73420F3
Authority key identifier: E9:64:D2:70:5A:9B:26:FD:48:2A:9C:10:E9:26:EA:E7:BD:A4:1E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6WTScFqbJv1IKpwQ6Sbq572kHps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/GBz9poJaUl6sA6slUOyjJkejSrU.roa
Signing time: Tue 02 Jan 2024 14:35:01 +0000
ROA not before: Tue 02 Jan 2024 14:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200976
IP address blocks: 185.198.112.0/24 maxlen: 24
185.198.114.0/24 maxlen: 24
185.198.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/6WTScFqbJv1IKpwQ6Sbq572kHps.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/6WTScFqbJv1IKpwQ6Sbq572kHps.mft
rsync://rpki.ripe.net/repository/DEFAULT/6WTScFqbJv1IKpwQ6Sbq572kHps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:6b:e8:d1:65:51:7c:0c:7d:84:8c:f7:34:20:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e964d2705a9b26fd482a9c10e926eae7bda41e9b
Validity
Not Before: Jan 2 14:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=181cfda6825a525eac03ab2550eca32647a34ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:17:bb:fd:65:90:5f:e1:f9:f0:7b:e7:94:f6:
70:51:da:23:1c:91:f0:65:10:0e:0a:7d:06:a2:fd:
b0:a5:64:8e:5c:c6:89:a9:b8:ec:6d:b8:01:b8:67:
b0:69:c2:b1:2e:2a:8e:f4:0a:f6:16:7c:6c:3c:38:
ce:e5:3e:51:9e:7d:66:90:60:c5:c9:be:37:71:0e:
f7:b5:06:bd:28:9e:7b:5d:50:d0:8c:5b:19:ae:ba:
f5:17:b9:97:13:4e:46:ae:c4:60:65:12:d3:5f:a4:
7e:25:9a:db:4f:6e:86:f3:0b:c8:81:fc:47:3a:65:
91:59:11:e4:6e:28:70:e6:f4:29:76:87:3e:21:bf:
c4:76:53:e3:3d:74:b3:69:e5:0a:4c:f7:4c:4e:0f:
be:97:ad:d8:94:52:94:19:9c:a8:1c:d1:d7:c4:9f:
c5:2b:3b:d6:d4:9b:e5:68:bb:14:be:97:7f:7b:13:
3d:e4:6b:d6:94:5b:b6:57:56:e2:ef:51:0a:0e:a3:
b3:ba:15:af:12:b7:b4:00:35:a2:4d:52:f2:d8:96:
5b:a0:09:c4:18:3e:34:7e:2e:1c:98:2c:3b:f1:12:
69:86:7d:b9:f7:65:0b:4a:99:67:0e:11:05:c8:81:
7e:d6:39:06:53:df:69:eb:a5:45:d9:ce:4a:93:14:
de:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1C:FD:A6:82:5A:52:5E:AC:03:AB:25:50:EC:A3:26:47:A3:4A:B5
X509v3 Authority Key Identifier:
keyid:E9:64:D2:70:5A:9B:26:FD:48:2A:9C:10:E9:26:EA:E7:BD:A4:1E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6WTScFqbJv1IKpwQ6Sbq572kHps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/GBz9poJaUl6sA6slUOyjJkejSrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a6636d-cc53-4cee-84cc-f4e361e4da2d/1/6WTScFqbJv1IKpwQ6Sbq572kHps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.112.0-185.198.114.255
Signature Algorithm: sha256WithRSAEncryption
7c:2b:56:bd:6f:20:e5:00:b5:1e:5c:14:c9:af:a5:f6:e4:32:
41:30:bb:60:e3:3e:b7:d8:c0:b6:6d:11:dc:38:ee:9b:69:7b:
1f:14:6e:d8:c4:35:c1:53:32:f4:9c:91:18:93:ac:5a:75:ab:
e1:46:c4:7d:7a:e0:90:c0:0c:03:67:0f:b7:7c:49:1c:7f:1b:
e9:7b:02:19:c3:ac:8c:a8:a6:3e:33:e7:1c:fb:b3:d9:f8:46:
2c:68:bc:ad:d3:5f:39:fe:7f:4e:08:56:11:9e:f9:6a:22:e9:
e5:95:2b:af:8f:99:24:4c:c9:5f:50:71:44:99:51:11:74:b3:
72:1d:2e:01:2a:50:0b:82:19:80:fd:4b:29:6e:16:51:e9:db:
b4:f3:f9:a5:f4:29:d4:df:2f:ff:1f:27:c5:b9:81:58:e2:d7:
52:9d:69:49:89:a2:d4:06:18:a2:5e:6d:05:10:be:f7:f6:f1:
1f:4b:4c:4c:8c:8e:c6:3d:2c:44:0f:0d:b2:1f:9e:5f:56:3f:
6d:7f:eb:ee:35:d8:e4:69:8f:1a:6a:34:14:25:ad:ce:ef:eb:
00:a2:79:ba:a9:73:23:48:6a:b6:ea:46:06:7e:bf:b6:64:0b:
fa:eb:e8:ba:b6:bc:9d:52:8a:63:97:11:23:3e:44:2a:ba:e4:
b5:71:b1:99
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKmWvo0WVRfAx9hIz3NCDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NjRkMjcwNWE5YjI2ZmQ0ODJhOWMxMGU5MjZlYWU3YmRh
NDFlOWIwHhcNMjQwMTAyMTQzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODFjZmRhNjgyNWE1MjVlYWMwM2FiMjU1MGVjYTMyNjQ3YTM0YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Be7/WWQX+H58HvnlPZwUdojHJHw
ZRAOCn0Gov2wpWSOXMaJqbjsbbgBuGewacKxLiqO9Ar2FnxsPDjO5T5Rnn1mkGDF
yb43cQ73tQa9KJ57XVDQjFsZrrr1F7mXE05GrsRgZRLTX6R+JZrbT26G8wvIgfxH
OmWRWRHkbihw5vQpdoc+Ib/EdlPjPXSzaeUKTPdMTg++l63YlFKUGZyoHNHXxJ/F
KzvW1JvlaLsUvpd/exM95GvWlFu2V1bi71EKDqOzuhWvEre0ADWiTVLy2JZboAnE
GD40fi4cmCw78RJphn2592ULSplnDhEFyIF+1jkGU99p66VF2c5KkxTeYQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBgc/aaCWlJerAOrJVDsoyZHo0q1MB8GA1UdIwQY
MBaAFOlk0nBamyb9SCqcEOkm6ue9pB6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNldUU2NGcWJKdjFJS3B3UTZTYnE1NzJrSHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hNjYzNmQtY2M1My00Y2VlLTg0Y2Mt
ZjRlMzYxZTRkYTJkLzEvR0J6OXBvSmFVbDZzQTZzbFVPeWpKa2VqU3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9hNjYzNmQtY2M1My00Y2VlLTg0Y2MtZjRlMzYxZTRkYTJk
LzEvNldUU2NGcWJKdjFJS3B3UTZTYnE1NzJrSHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5xnAD
BAC5xnIwDQYJKoZIhvcNAQELBQADggEBAHwrVr1vIOUAtR5cFMmvpfbkMkEwu2Dj
PrfYwLZtEdw47ptpex8UbtjENcFTMvSckRiTrFp1q+FGxH164JDADANnD7d8SRx/
G+l7AhnDrIyopj4z5xz7s9n4RixovK3TXzn+f04IVhGe+Woi6eWVK6+PmSRMyV9Q
cUSZURF0s3IdLgEqUAuCGYD9SyluFlHp27Tz+aX0KdTfL/8fJ8W5gVji11KdaUmJ
otQGGKJebQUQvvf28R9LTEyMjsY9LEQPDbIfnl9WP21/6+412ORpjxpqNBQlrc7v
6wCiebqpcyNIarbqRgZ+v7ZkC/rr6Lq2vJ1SimOXESM+RCq65LVxsZk=
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:53:37 2024 by rpki-client on console-ams.rpki-client.org