Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/98dab8-7b24-49f3-a36f-73a157a2b99f/1/GbZy-T_dH67WQNN8htaQD3ROb8g.roa
File: GbZy-T_dH67WQNN8htaQD3ROb8g.roa (raw, json)
Hash identifier: sOqlZ3bRakJPyH5rMmkrNkDH95aGimG8JZYDcjnIHg4=
Subject key identifier: 19:B6:72:F9:3F:DD:1F:AE:D6:40:D3:7C:86:D6:90:0F:74:4E:6F:C8
Certificate issuer: /CN=6c73bd24fd830886bfa2d2961416d2185de33772
Certificate serial: 018CC500C61D79D736E68595581BC8BC93AC
Authority key identifier: 6C:73:BD:24:FD:83:08:86:BF:A2:D2:96:14:16:D2:18:5D:E3:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bHO9JP2DCIa_otKWFBbSGF3jN3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/98dab8-7b24-49f3-a36f-73a157a2b99f/1/GbZy-T_dH67WQNN8htaQD3ROb8g.roa
Signing time: Mon 01 Jan 2024 12:30:11 +0000
ROA not before: Mon 01 Jan 2024 12:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208654
IP address blocks: 45.85.148.0/22 maxlen: 24
2a0e:c680::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/98dab8-7b24-49f3-a36f-73a157a2b99f/1/bHO9JP2DCIa_otKWFBbSGF3jN3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/98dab8-7b24-49f3-a36f-73a157a2b99f/1/bHO9JP2DCIa_otKWFBbSGF3jN3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/bHO9JP2DCIa_otKWFBbSGF3jN3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c6:1d:79:d7:36:e6:85:95:58:1b:c8:bc:93:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c73bd24fd830886bfa2d2961416d2185de33772
Validity
Not Before: Jan 1 12:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19b672f93fdd1faed640d37c86d6900f744e6fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:3d:eb:42:fc:01:63:f2:15:87:45:ff:ca:
2d:f2:a7:31:05:5d:e1:6d:e1:47:55:20:21:e6:e9:
55:e8:81:aa:01:a7:34:83:1e:2b:b9:25:fa:c1:79:
c4:f3:72:46:4f:7b:be:16:70:e7:ba:de:42:89:a4:
8d:16:92:97:69:2a:f1:f8:3a:53:5b:b3:05:7f:82:
13:20:39:61:47:19:9e:fd:94:4e:b2:cd:66:5a:15:
49:67:a7:6b:2c:9c:8e:3f:a3:fd:f0:49:72:ec:e0:
09:1a:92:8d:18:06:25:22:05:72:1c:c1:c2:f7:f8:
6a:28:83:dc:99:95:0a:9c:b1:a1:87:01:0c:33:7a:
f5:2f:ea:20:09:fd:92:5d:07:3c:4a:97:93:83:49:
fb:dd:d6:9c:81:14:52:9b:ad:22:cd:63:eb:55:bb:
2a:4a:3b:3d:e8:ba:03:95:52:fc:9e:65:27:77:6c:
7d:3b:0a:ee:9d:50:e2:b2:8e:68:f3:76:bd:fd:58:
f5:8b:d6:83:5f:40:b8:84:10:9e:62:51:ab:b4:e8:
61:39:0f:aa:69:cd:57:77:91:3a:33:1e:44:20:d3:
54:a2:86:0d:72:e4:a6:56:fd:f8:5c:26:a4:c8:14:
9f:69:58:bc:f5:03:c5:36:04:dc:0f:80:c8:0d:61:
d4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B6:72:F9:3F:DD:1F:AE:D6:40:D3:7C:86:D6:90:0F:74:4E:6F:C8
X509v3 Authority Key Identifier:
keyid:6C:73:BD:24:FD:83:08:86:BF:A2:D2:96:14:16:D2:18:5D:E3:37:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHO9JP2DCIa_otKWFBbSGF3jN3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/98dab8-7b24-49f3-a36f-73a157a2b99f/1/GbZy-T_dH67WQNN8htaQD3ROb8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/98dab8-7b24-49f3-a36f-73a157a2b99f/1/bHO9JP2DCIa_otKWFBbSGF3jN3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.148.0/22
IPv6:
2a0e:c680::/32
Signature Algorithm: sha256WithRSAEncryption
c6:b0:9c:da:0d:05:40:bb:1f:e3:63:ba:34:e1:b6:79:fb:0d:
6f:8e:5d:a9:e2:bf:79:e2:5c:d9:63:c1:a9:e3:a3:ca:56:55:
ac:fa:a4:a8:fd:db:30:88:ab:d9:76:bb:85:c3:67:3d:91:36:
23:89:04:d7:9d:59:42:ea:76:7f:30:3a:63:8e:58:af:e0:67:
d6:33:6f:c2:a1:ef:44:8d:9b:aa:f1:c9:f0:66:b6:ea:95:39:
e6:dd:b2:ce:a7:b7:e5:e5:80:f6:ed:ce:1b:4c:63:e7:1f:37:
e0:e3:c3:64:6f:37:16:6e:12:b7:15:d4:18:84:80:20:86:b2:
f9:65:68:ed:ae:80:44:aa:5a:b9:1b:0d:36:f0:a6:ae:5a:9d:
05:ec:9f:6f:ce:9f:61:b1:24:2b:ec:ce:06:c1:1b:b7:57:50:
58:a1:fa:c2:40:d4:db:55:55:08:a3:98:1d:7e:84:70:47:29:
0c:aa:1f:2f:a6:71:ea:d9:60:88:75:a3:8b:1b:40:4e:d1:3c:
17:74:ef:00:35:f9:5d:48:f6:f3:5c:d9:09:82:4a:25:cd:69:
9b:4f:59:9d:66:ee:93:ee:fd:58:ab:e2:e2:c0:2e:39:de:c8:
82:08:f5:f4:90:fc:c3:ba:37:97:e7:d9:c6:9b:a4:ea:c6:a4:
b8:ce:4c:d4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAMYdedc25oWVWBvIvJOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzNiZDI0ZmQ4MzA4ODZiZmEyZDI5NjE0MTZkMjE4NWRl
MzM3NzIwHhcNMjQwMTAxMTIzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWI2NzJmOTNmZGQxZmFlZDY0MGQzN2M4NmQ2OTAwZjc0NGU2ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWg960L8AWPyFYdF/8ot8qcxBV3h
beFHVSAh5ulV6IGqAac0gx4ruSX6wXnE83JGT3u+FnDnut5CiaSNFpKXaSrx+DpT
W7MFf4ITIDlhRxme/ZROss1mWhVJZ6drLJyOP6P98Ely7OAJGpKNGAYlIgVyHMHC
9/hqKIPcmZUKnLGhhwEMM3r1L+ogCf2SXQc8SpeTg0n73dacgRRSm60izWPrVbsq
Sjs96LoDlVL8nmUnd2x9OwrunVDiso5o83a9/Vj1i9aDX0C4hBCeYlGrtOhhOQ+q
ac1Xd5E6Mx5EINNUooYNcuSmVv34XCakyBSfaVi89QPFNgTcD4DIDWHUfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBm2cvk/3R+u1kDTfIbWkA90Tm/IMB8GA1UdIwQY
MBaAFGxzvST9gwiGv6LSlhQW0hhd4zdyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhPOUpQMkRDSWFfb3RLV0ZCYlNHRjNqTjNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OGRhYjgtN2IyNC00OWYzLWEzNmYt
NzNhMTU3YTJiOTlmLzEvR2JaeS1UX2RINjdXUU5OOGh0YVFEM1JPYjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85OGRhYjgtN2IyNC00OWYzLWEzNmYtNzNhMTU3YTJiOTlm
LzEvYkhPOUpQMkRDSWFfb3RLV0ZCYlNHRjNqTjNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVWUMA0E
AgACMAcDBQAqDsaAMA0GCSqGSIb3DQEBCwUAA4IBAQDGsJzaDQVAux/jY7o04bZ5
+w1vjl2p4r954lzZY8Gp46PKVlWs+qSo/dswiKvZdruFw2c9kTYjiQTXnVlC6nZ/
MDpjjliv4GfWM2/Coe9EjZuq8cnwZrbqlTnm3bLOp7fl5YD27c4bTGPnHzfg48Nk
bzcWbhK3FdQYhIAghrL5ZWjtroBEqlq5Gw028KauWp0F7J9vzp9hsSQr7M4GwRu3
V1BYofrCQNTbVVUIo5gdfoRwRykMqh8vpnHq2WCIdaOLG0BO0TwXdO8ANfldSPbz
XNkJgkolzWmbT1mdZu6T7v1Yq+LiwC453siCCPX0kPzDujeX59nGm6TqxqS4zkzU
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:07 2024 by rpki-client on console-fra.rpki-client.org