Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/GSwT5zT5bvwMj_-xAxrfstapxdo.roa
File: GSwT5zT5bvwMj_-xAxrfstapxdo.roa (raw, json)
Hash identifier: LEyEiAVzllrSp6NUFOD/aw2smssJ7idccBL7YhHn3zQ=
Subject key identifier: 19:2C:13:E7:34:F9:6E:FC:0C:8F:FF:B1:03:1A:DF:B2:D6:A9:C5:DA
Certificate issuer: /CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Certificate serial: 018CC2DADAC3E7225DA476853E0CDFF18887
Authority key identifier: 91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/GSwT5zT5bvwMj_-xAxrfstapxdo.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50244
IP address blocks: 89.41.25.0/24 maxlen: 24
188.212.129.0/24 maxlen: 24
89.47.244.0/23 maxlen: 24
94.177.80.0/21 maxlen: 24
89.36.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:da:c3:e7:22:5d:a4:76:85:3e:0c:df:f1:88:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=192c13e734f96efc0c8fffb1031adfb2d6a9c5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:0c:54:fc:11:6a:4b:97:15:6e:fa:6f:4b:
d1:c1:a3:a8:bc:d1:62:cd:12:ef:bf:a0:4d:2d:a9:
a8:ee:16:a1:4e:b3:72:8a:e9:97:61:38:75:9f:32:
d0:a4:f9:e0:61:50:e2:16:5f:e3:92:f2:e5:64:88:
85:f2:3e:0e:0b:62:65:c5:58:12:a0:ef:04:fc:a7:
a3:b0:4a:14:8f:3b:56:19:65:03:a7:c1:d8:37:8e:
8e:ae:08:17:ba:bf:aa:f9:53:96:55:9e:03:88:53:
e6:e8:45:b6:d5:5b:81:36:3b:dd:e0:9c:e0:ca:64:
38:c0:98:82:fe:49:0f:39:bf:84:fc:0b:83:e2:8e:
f1:f7:db:0c:15:13:e0:2f:ce:b9:85:b2:9d:d4:a7:
af:8e:5e:2a:a3:a4:f7:3a:2d:65:1d:38:a7:34:cf:
73:68:82:c6:78:d9:e8:21:70:c1:b9:d2:de:e1:f8:
0a:bb:d6:84:95:a2:be:e6:c1:b0:b6:85:32:d4:56:
b2:ff:6d:ae:07:bb:15:5d:67:56:af:2a:96:97:e1:
c8:e5:1f:ff:ec:57:05:63:cf:02:5f:5e:ed:40:af:
fd:1a:0e:59:31:48:6c:c3:e6:4d:3b:64:1c:fd:92:
09:f8:c6:36:93:bd:4d:46:21:e0:8c:39:79:22:68:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2C:13:E7:34:F9:6E:FC:0C:8F:FF:B1:03:1A:DF:B2:D6:A9:C5:DA
X509v3 Authority Key Identifier:
keyid:91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/GSwT5zT5bvwMj_-xAxrfstapxdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.77.0/24
89.41.25.0/24
89.47.244.0/23
94.177.80.0/21
188.212.129.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a7:ad:93:c2:86:26:7f:4d:47:a1:90:13:3f:4c:d5:5b:a9:
89:98:30:d5:d6:8e:16:42:a8:22:b7:2d:b0:c2:8f:61:40:40:
8a:0b:6a:c0:58:60:e3:0c:e7:8c:1f:84:f4:81:b6:81:a7:31:
a8:1f:b7:5e:bc:71:e1:9a:cc:68:e2:fe:a6:1b:fe:1d:3b:bd:
77:d8:2a:93:6a:f8:ae:2b:65:72:ae:2d:43:7a:a0:ee:49:3e:
df:3c:b3:b1:22:d1:d4:13:6c:93:58:12:23:9c:51:03:42:97:
c3:50:5c:cb:4e:e2:45:4b:31:5b:c3:fb:cf:b2:04:35:89:63:
b0:45:3b:86:18:cd:39:22:79:44:ce:cb:a0:2f:5b:e3:4a:cb:
56:f7:d1:c1:74:b1:7b:c5:97:22:37:21:0b:d0:14:3f:c9:0f:
6c:0a:89:90:9e:20:97:e4:48:f2:8d:ed:7c:03:ea:2a:9a:a2:
64:17:71:45:2c:3c:3f:7b:76:ef:53:31:8f:69:dd:3f:96:a5:
e8:8b:bf:5a:6c:74:dc:47:83:dc:6d:07:93:9c:c9:af:96:2e:
00:4a:ed:b3:ef:a3:09:a6:d9:4c:69:69:c7:a5:43:e6:b6:99:
42:7a:39:2e:d9:46:18:db:de:1a:7a:ff:97:5a:69:72:50:7a:
a1:f6:8e:0e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2trD5yJdpHaFPgzf8YiHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNDVlYWQ4ZDNmMTI4NDQwMmI2Zjc1NjE0YTg3MjU3NTAz
Y2UxYmMwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJjMTNlNzM0Zjk2ZWZjMGM4ZmZmYjEwMzFhZGZiMmQ2YTljNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/8MVPwRakuXFW76b0vRwaOovNFi
zRLvv6BNLamo7hahTrNyiumXYTh1nzLQpPngYVDiFl/jkvLlZIiF8j4OC2JlxVgS
oO8E/KejsEoUjztWGWUDp8HYN46OrggXur+q+VOWVZ4DiFPm6EW21VuBNjvd4Jzg
ymQ4wJiC/kkPOb+E/AuD4o7x99sMFRPgL865hbKd1Kevjl4qo6T3Oi1lHTinNM9z
aILGeNnoIXDBudLe4fgKu9aElaK+5sGwtoUy1Fay/22uB7sVXWdWryqWl+HI5R//
7FcFY88CX17tQK/9Gg5ZMUhsw+ZNO2Qc/ZIJ+MY2k71NRiHgjDl5ImjM+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBksE+c0+W78DI//sQMa37LWqcXaMB8GA1UdIwQY
MBaAFJFF6tjT8ShEArb3VhSocldQPOG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzct
MmFkMTk1MjY0YzcyLzEvR1N3VDV6VDVidndNal8teEF4cmZzdGFweGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzctMmFkMTk1MjY0Yzcy
LzEva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSRNAwQA
WSkZAwQBWS/0AwQDXrFQAwQAvNSBMA0GCSqGSIb3DQEBCwUAA4IBAQAhp62TwoYm
f01HoZATP0zVW6mJmDDV1o4WQqgity2wwo9hQECKC2rAWGDjDOeMH4T0gbaBpzGo
H7devHHhmsxo4v6mG/4dO7132CqTaviuK2Vyri1DeqDuST7fPLOxItHUE2yTWBIj
nFEDQpfDUFzLTuJFSzFbw/vPsgQ1iWOwRTuGGM05InlEzsugL1vjSstW99HBdLF7
xZciNyEL0BQ/yQ9sComQniCX5Ejyje18A+oqmqJkF3FFLDw/e3bvUzGPad0/lqXo
i79abHTcR4PcbQeTnMmvli4ASu2z76MJptlMaWnHpUPmtplCejku2UYY294aev+X
WmlyUHqh9o4O
-----END CERTIFICATE-----
Generated at Mon May 20 11:17:46 2024 by rpki-client on console-fra.rpki-client.org