Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/gmmpAmCZoDifwD5XoFsMFIKQx0c.roa
File: gmmpAmCZoDifwD5XoFsMFIKQx0c.roa (raw, json)
Hash identifier: S+C7z4tevx1qS63HsnnspPN0OHZuKq1M8MP74xgomD8=
Subject key identifier: 82:69:A9:02:60:99:A0:38:9F:C0:3E:57:A0:5B:0C:14:82:90:C7:47
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 019256A92895DF261F6CEBAEAC3C87972DB1
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/gmmpAmCZoDifwD5XoFsMFIKQx0c.roa
Signing time: Fri 04 Oct 2024 08:32:59 +0000
ROA not before: Fri 04 Oct 2024 08:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31216
IP address blocks: 31.217.128.0/19 maxlen: 24
46.18.168.0/21 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
89.30.68.0/22 maxlen: 24
91.196.184.0/22 maxlen: 24
185.55.16.0/22 maxlen: 24
185.143.244.0/22 maxlen: 22
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:a9:28:95:df:26:1f:6c:eb:ae:ac:3c:87:97:2d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Oct 4 08:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8269a9026099a0389fc03e57a05b0c148290c747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:d4:b9:7b:71:90:87:ac:d3:3a:58:b2:97:
b5:86:c4:fc:a1:d8:a0:68:9d:14:58:50:f9:2d:15:
b1:71:64:67:c2:26:bc:1a:bf:44:e7:ee:16:ad:32:
b0:fb:ad:96:f5:f9:7a:7d:9a:db:5b:73:30:96:94:
66:5b:6c:b3:6a:2d:65:07:68:a4:d2:ca:42:4a:90:
05:32:63:2b:81:82:fb:ad:9e:1b:74:05:d2:0e:d2:
29:85:08:01:5d:04:2e:a1:77:5a:2e:9a:5a:26:ad:
fa:28:d0:27:6c:7b:39:af:0d:09:ce:eb:3f:29:13:
86:ec:c4:44:f3:3a:54:ab:1c:d8:3e:dc:0b:34:5e:
33:18:d1:62:38:50:1b:c8:38:e4:75:a5:35:51:57:
fb:cc:02:d7:d6:3b:d4:fd:55:6a:db:b5:fa:9c:45:
15:b3:2e:13:5a:fa:f7:97:e5:42:f9:93:0b:7d:0c:
7e:c2:98:7e:d7:d8:2c:a8:83:1c:52:b8:5f:53:3e:
3d:ac:12:ff:78:26:c4:b2:59:d3:08:63:6c:74:05:
8e:93:55:31:6f:8a:0e:92:fc:15:1b:3e:7e:5b:b3:
5d:0b:98:8b:a0:5b:8f:9c:7a:45:b0:33:15:56:98:
ad:73:11:4d:87:6c:38:7b:8e:b9:ca:91:d6:a3:a1:
dc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:69:A9:02:60:99:A0:38:9F:C0:3E:57:A0:5B:0C:14:82:90:C7:47
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/gmmpAmCZoDifwD5XoFsMFIKQx0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.128.0/19
46.18.168.0/21
83.243.16.0/21
89.30.0.0/17
91.196.184.0/22
185.55.16.0/22
185.143.244.0/22
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
3b:f4:f1:66:4a:e2:3f:77:e3:e2:1c:d4:c5:30:77:07:c5:00:
a6:7c:54:20:98:1f:a1:71:36:4e:eb:a1:55:a4:be:b1:2a:94:
f8:60:7a:dc:ec:fd:5b:4c:67:25:c6:c0:5c:b3:9b:22:b6:ae:
3d:10:2e:9f:06:9e:b3:96:63:9c:b9:dd:0d:d1:88:e8:45:8b:
92:39:f7:a3:43:f2:06:99:73:61:91:a4:0c:b9:0d:96:1b:76:
68:19:c2:c8:d0:31:6b:3c:a3:82:82:47:68:e3:ac:45:7d:52:
66:eb:13:7d:c6:1a:0b:97:eb:bc:63:5d:5e:bb:2a:33:49:45:
d8:da:7c:04:be:0a:ee:4b:6e:0e:a9:74:a8:26:bb:63:14:3a:
72:d6:67:b1:c1:08:5c:62:4a:0a:6c:3f:e5:5a:75:80:d7:6b:
2a:9d:87:51:6b:d1:3d:d0:30:85:c8:d0:4f:b7:4a:1c:43:52:
b5:be:8d:21:03:48:d7:5b:21:90:8c:be:4e:54:97:48:db:04:
2a:73:99:3b:58:4b:49:a4:e4:21:ac:92:d9:0d:e1:e6:04:d6:
67:6f:06:96:55:19:8a:31:c1:69:ba:8a:0c:92:29:27:96:d0:
28:aa:5b:50:6d:14:9b:97:8a:40:ee:4e:66:df:f9:6b:35:6c:
20:4d:28:72
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZJWqSiV3yYfbOuurDyHly2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjQxMDA0MDgzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjY5YTkwMjYwOTlhMDM4OWZjMDNlNTdhMDViMGMxNDgyOTBjNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyETUuXtxkIes0zpYspe1hsT8odig
aJ0UWFD5LRWxcWRnwia8Gr9E5+4WrTKw+62W9fl6fZrbW3MwlpRmW2yzai1lB2ik
0spCSpAFMmMrgYL7rZ4bdAXSDtIphQgBXQQuoXdaLppaJq36KNAnbHs5rw0Jzus/
KROG7MRE8zpUqxzYPtwLNF4zGNFiOFAbyDjkdaU1UVf7zALX1jvU/VVq27X6nEUV
sy4TWvr3l+VC+ZMLfQx+wph+19gsqIMcUrhfUz49rBL/eCbEslnTCGNsdAWOk1Ux
b4oOkvwVGz5+W7NdC5iLoFuPnHpFsDMVVpitcxFNh2w4e465ypHWo6HciQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFIJpqQJgmaA4n8A+V6BbDBSCkMdHMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvZ21tcEFtQ1pvRGlmd0Q1WG9Gc01GSUtReDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFH9mAAwQD
LhKoAwQDU/MQAwQHWR4AAwQCW8S4AwQCuTcQAwQCuY/0AwQAwn7ZMA0EAgACMAcD
BQAqAYIAMA0GCSqGSIb3DQEBCwUAA4IBAQA79PFmSuI/d+PiHNTFMHcHxQCmfFQg
mB+hcTZO66FVpL6xKpT4YHrc7P1bTGclxsBcs5sitq49EC6fBp6zlmOcud0N0Yjo
RYuSOfejQ/IGmXNhkaQMuQ2WG3ZoGcLI0DFrPKOCgkdo46xFfVJm6xN9xhoLl+u8
Y11euyozSUXY2nwEvgruS24OqXSoJrtjFDpy1mexwQhcYkoKbD/lWnWA12sqnYdR
a9E90DCFyNBPt0ocQ1K1vo0hA0jXWyGQjL5OVJdI2wQqc5k7WEtJpOQhrJLZDeHm
BNZnbwaWVRmKMcFpuooMkiknltAoqltQbRSbl4pA7k5m3/lrNWwgTShy
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:59:02 2024 by rpki-client on console-ams.rpki-client.org