Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GjhEohtO5XPQtRpQkyp7cgAS94U.roa
File: GjhEohtO5XPQtRpQkyp7cgAS94U.roa (raw, json)
Hash identifier: vI3DVznVn8D0ixmt7aE6PN4wsuD3XWbVNwdCsXHvzvU=
Subject key identifier: 1A:38:44:A2:1B:4E:E5:73:D0:B5:1A:50:93:2A:7B:72:00:12:F7:85
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0190B82FBC888F7B8CF9D16A2C8A8A34C81B
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GjhEohtO5XPQtRpQkyp7cgAS94U.roa
Signing time: Mon 15 Jul 2024 20:57:34 +0000
ROA not before: Mon 15 Jul 2024 20:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.65.0/24 maxlen: 24
147.45.66.0/24 maxlen: 24
147.45.67.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.165.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b8:2f:bc:88:8f:7b:8c:f9:d1:6a:2c:8a:8a:34:c8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 15 20:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a3844a21b4ee573d0b51a50932a7b720012f785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:de:51:a3:0f:c9:73:5a:36:0c:40:67:e5:5c:
37:14:65:f2:7b:0d:20:6b:ee:17:0c:4e:00:6e:22:
9d:7d:72:7f:4c:7d:c5:e1:c5:0a:54:9b:64:fa:ab:
6f:b7:4b:69:58:4e:2a:89:0e:bc:62:b1:8c:60:38:
ef:94:a8:d6:40:83:41:0e:76:66:46:08:d4:1a:5a:
44:36:7a:4a:1e:79:5b:bb:01:f1:ce:f3:e4:92:db:
a6:2e:55:b1:38:4e:9b:7d:e0:a2:0e:8d:d4:ae:bb:
3c:4a:75:5d:3d:68:98:82:a7:64:1c:f4:2d:55:45:
97:aa:b3:6a:6d:62:86:d3:32:23:a8:b9:12:ab:46:
ef:43:1f:98:ae:3f:cb:31:17:4e:c2:d1:e9:94:c7:
b2:9f:ec:22:a2:03:c0:9d:1c:1d:49:2f:4b:1e:5d:
a8:11:1b:97:62:98:3a:65:26:22:07:0e:7d:32:84:
66:31:58:86:01:74:17:5a:74:95:d7:c0:0a:c5:af:
e3:e8:d2:30:39:3b:cc:75:ff:2a:02:a3:b5:02:f3:
61:1c:bf:fc:1a:83:c7:c6:a4:dd:88:2b:14:cc:d8:
cc:04:cf:41:b8:fc:25:22:1d:a0:fd:4f:9c:68:e3:
e2:6c:de:37:59:10:17:76:85:22:ef:02:b1:14:66:
48:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:38:44:A2:1B:4E:E5:73:D0:B5:1A:50:93:2A:7B:72:00:12:F7:85
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GjhEohtO5XPQtRpQkyp7cgAS94U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.65.0-147.45.67.255
147.45.193.0/24
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.85.0/24
193.233.164.0/23
193.233.171.0/24
193.233.175.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:de:14:a4:82:e9:f0:8b:65:ce:5f:ef:6c:67:2e:f2:1a:b7:
0c:5d:a2:45:89:61:b2:19:68:e3:e7:94:e3:05:2e:e6:f0:74:
22:6e:f4:57:25:c8:aa:de:49:2e:f3:c0:22:61:77:fd:58:e8:
d5:0d:60:6f:20:0c:3d:b3:46:85:fe:85:65:39:76:78:92:9e:
d3:10:7b:3e:be:52:7f:72:dd:9c:4b:b0:c6:5a:dd:1f:2b:59:
57:98:a1:05:bc:b6:1c:b1:12:f6:c5:35:1b:e2:1d:84:02:8a:
e4:f1:50:4c:3d:74:78:08:13:15:e6:25:3c:20:b7:cc:7e:ea:
b4:0b:26:ea:c5:ef:09:62:66:8f:fe:e3:15:c0:63:53:d1:ea:
41:0d:ff:35:54:15:b9:b6:34:45:93:5b:b9:84:80:5d:8a:6f:
2c:35:fa:67:63:07:52:6a:e9:98:64:aa:0e:b4:9e:92:a3:89:
00:fd:cd:ee:64:48:c4:0c:b6:72:04:0a:f3:ba:4d:44:af:fd:
5b:e2:55:8a:5a:10:82:be:aa:5b:29:d8:ff:85:03:7c:63:fd:
02:0b:b7:be:31:95:2b:1f:12:4d:f8:dd:29:52:b6:75:72:e0:
23:e0:37:db:a4:98:c2:cc:1a:a1:c7:d1:5f:9f:89:76:0a:b9:
d6:86:1e:d5
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZC4L7yIj3uM+dFqLIqKNMgbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNzE1MjA1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTM4NDRhMjFiNGVlNTczZDBiNTFhNTA5MzJhN2I3MjAwMTJmNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0d5Row/Jc1o2DEBn5Vw3FGXyew0g
a+4XDE4AbiKdfXJ/TH3F4cUKVJtk+qtvt0tpWE4qiQ68YrGMYDjvlKjWQINBDnZm
RgjUGlpENnpKHnlbuwHxzvPkktumLlWxOE6bfeCiDo3Urrs8SnVdPWiYgqdkHPQt
VUWXqrNqbWKG0zIjqLkSq0bvQx+Yrj/LMRdOwtHplMeyn+wiogPAnRwdSS9LHl2o
ERuXYpg6ZSYiBw59MoRmMViGAXQXWnSV18AKxa/j6NIwOTvMdf8qAqO1AvNhHL/8
GoPHxqTdiCsUzNjMBM9BuPwlIh2g/U+caOPibN43WRAXdoUi7wKxFGZIPQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBo4RKIbTuVz0LUaUJMqe3IAEveFMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvR2poRW9odE81WFBRdFJwUWt5cDdjZ0FTOTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACTLUED
BAKTLUADBACTLcEDBAK5Z2QDBAHB6UoDBADB6VADBADB6VUDBAHB6aQDBADB6asD
BADB6a8DBAHB6fwwDQYJKoZIhvcNAQELBQADggEBACreFKSC6fCLZc5f72xnLvIa
twxdokWJYbIZaOPnlOMFLubwdCJu9FclyKreSS7zwCJhd/1Y6NUNYG8gDD2zRoX+
hWU5dniSntMQez6+Un9y3ZxLsMZa3R8rWVeYoQW8thyxEvbFNRviHYQCiuTxUEw9
dHgIExXmJTwgt8x+6rQLJurF7wliZo/+4xXAY1PR6kEN/zVUFbm2NEWTW7mEgF2K
byw1+mdjB1Jq6Zhkqg60npKjiQD9ze5kSMQMtnIECvO6TUSv/VviVYpaEIK+qlsp
2P+FA3xj/QILt74xlSsfEk343SlStnVy4CPgN9ukmMLMGqHH0V+fiXYKudaGHtU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:08 2024 by rpki-client on console-ams.rpki-client.org