Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/d6gVbCVLmHBL5YuYX_hk11MWvOU.roa
File: d6gVbCVLmHBL5YuYX_hk11MWvOU.roa (raw, json)
Hash identifier: hIEA3DPAo32yj27ahS92NCn0eSQX6JgKYGhPOONSUqE=
Subject key identifier: 77:A8:15:6C:25:4B:98:70:4B:E5:8B:98:5F:F8:64:D7:53:16:BC:E5
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0190A75C2EEEB57C46C88559714E8D69B8E3
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/d6gVbCVLmHBL5YuYX_hk11MWvOU.roa
Signing time: Fri 12 Jul 2024 14:32:34 +0000
ROA not before: Fri 12 Jul 2024 14:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203446
IP address blocks: 2.56.246.0/24 maxlen: 24
45.13.226.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.90.97.0/24 maxlen: 24
45.131.65.0/24 maxlen: 24
45.134.39.0/24 maxlen: 24
45.137.70.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
194.62.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:5c:2e:ee:b5:7c:46:c8:85:59:71:4e:8d:69:b8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jul 12 14:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77a8156c254b98704be58b985ff864d75316bce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fb:a2:9b:90:a0:98:09:a6:be:f3:c2:c6:65:
77:bf:03:82:17:20:86:b4:0b:e7:36:94:1a:0e:90:
2c:bd:dc:f2:94:49:b8:12:cf:f0:cc:e0:7e:74:71:
2c:e1:19:f3:c2:56:49:d2:0f:be:36:01:83:0e:c8:
d3:db:63:57:80:dd:9a:e5:10:2b:26:2e:8f:5d:9f:
9c:70:42:46:45:5c:5f:2c:9b:ea:29:70:e7:eb:e2:
81:0c:3a:e7:c1:10:7e:9f:a9:ca:80:a5:ca:03:76:
11:26:89:a1:cd:46:4c:8b:bc:39:6f:d8:58:63:43:
84:40:51:11:9d:67:2f:5a:2e:5a:b7:9c:48:de:6a:
e9:7c:ec:f1:01:5c:7c:77:c8:95:ae:8d:03:17:3f:
59:9d:9a:a1:d2:6f:53:93:cc:4a:d3:e4:97:e2:ca:
9a:cc:98:57:1b:e4:ba:6a:00:72:3c:99:a9:d9:b3:
2e:30:4d:24:f5:3d:7a:51:61:b6:28:56:4c:6f:c3:
25:0a:eb:40:10:95:b8:a5:6c:46:d5:36:e4:76:c3:
62:52:f5:eb:ad:93:21:4a:84:79:9e:74:e4:bf:bf:
b4:83:ea:e8:13:c8:f6:9d:35:dd:b3:80:c1:a9:3c:
2f:89:eb:c9:fb:d5:bd:6a:33:16:43:22:b9:95:70:
fd:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A8:15:6C:25:4B:98:70:4B:E5:8B:98:5F:F8:64:D7:53:16:BC:E5
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/d6gVbCVLmHBL5YuYX_hk11MWvOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.246.0/24
45.13.226.0/24
45.67.139.0/24
45.90.97.0/24
45.131.65.0/24
45.134.39.0/24
45.137.70.0/24
185.117.0.0/24
194.62.248.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:1e:ef:65:d5:c9:98:81:ee:39:48:f2:27:a2:ad:1b:38:36:
85:f6:c7:7a:b4:6f:fe:89:38:bb:64:c8:a3:78:2b:53:a5:46:
d3:51:4e:5b:96:f2:a6:cf:fb:a7:0c:76:f2:23:95:78:7c:6e:
5c:0d:99:77:b0:43:bc:d6:16:99:17:3b:d0:23:2b:45:d8:9a:
0c:d2:12:be:06:fd:fa:0e:8c:d9:d2:7c:59:26:51:1c:d2:19:
bd:65:e5:a7:4b:0d:d5:af:16:ba:30:98:78:19:c8:dc:f6:77:
54:11:ab:e9:a8:31:86:35:d7:2b:73:8b:12:af:2b:2b:6e:9c:
80:96:34:ca:8e:ef:96:64:c5:8c:c9:e8:13:df:9c:5d:1f:75:
7c:be:b1:4a:4f:05:fc:b7:12:4e:2f:80:f3:5e:e5:32:b0:93:
ca:12:6e:a8:e2:ef:21:3d:f8:f4:68:06:2c:2d:d8:4e:ac:68:
2b:e6:1f:63:94:9f:f1:08:55:0e:eb:d8:03:2b:46:df:ec:29:
bc:32:19:61:a5:c7:6f:2f:de:a7:45:ea:f7:ce:d9:4d:3f:b4:
26:65:7a:ad:c8:52:3c:75:56:5e:53:f9:12:ed:b8:97:07:db:
09:5d:82:68:fd:ed:4d:fc:50:2e:c7:7d:a0:cb:f1:2f:f9:c0:
5a:7d:79:15
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZCnXC7utXxGyIVZcU6NabjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwNzEyMTQzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2E4MTU2YzI1NGI5ODcwNGJlNThiOTg1ZmY4NjRkNzUzMTZiY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fuim5CgmAmmvvPCxmV3vwOCFyCG
tAvnNpQaDpAsvdzylEm4Es/wzOB+dHEs4RnzwlZJ0g++NgGDDsjT22NXgN2a5RAr
Ji6PXZ+ccEJGRVxfLJvqKXDn6+KBDDrnwRB+n6nKgKXKA3YRJomhzUZMi7w5b9hY
Y0OEQFERnWcvWi5at5xI3mrpfOzxAVx8d8iVro0DFz9ZnZqh0m9Tk8xK0+SX4sqa
zJhXG+S6agByPJmp2bMuME0k9T16UWG2KFZMb8MlCutAEJW4pWxG1TbkdsNiUvXr
rZMhSoR5nnTkv7+0g+roE8j2nTXds4DBqTwvievJ+9W9ajMWQyK5lXD9EQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHeoFWwlS5hwS+WLmF/4ZNdTFrzlMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvZDZnVmJDVkxtSEJMNVl1WVhfaGsxMU1Xdk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjj2AwQA
LQ3iAwQALUOLAwQALVphAwQALYNBAwQALYYnAwQALYlGAwQAuXUAAwQAwj74MA0G
CSqGSIb3DQEBCwUAA4IBAQCmHu9l1cmYge45SPInoq0bODaF9sd6tG/+iTi7ZMij
eCtTpUbTUU5blvKmz/unDHbyI5V4fG5cDZl3sEO81haZFzvQIytF2JoM0hK+Bv36
DozZ0nxZJlEc0hm9ZeWnSw3Vrxa6MJh4Gcjc9ndUEavpqDGGNdcrc4sSrysrbpyA
ljTKju+WZMWMyegT35xdH3V8vrFKTwX8txJOL4DzXuUysJPKEm6o4u8hPfj0aAYs
LdhOrGgr5h9jlJ/xCFUO69gDK0bf7Cm8MhlhpcdvL96nRer3ztlNP7QmZXqtyFI8
dVZeU/kS7biXB9sJXYJo/e1N/FAux32gy/Ev+cBafXkV
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:19:21 2024 by rpki-client on console-fra.rpki-client.org