Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/GPqoj8cd37UAkt7wGdVjZUVI258.roa
File: GPqoj8cd37UAkt7wGdVjZUVI258.roa (raw, json)
Hash identifier: VFbhXRGF1JqVmwx3ygIuao+Ke5xk7jHDTuV2tiFJIUw=
Subject key identifier: 18:FA:A8:8F:C7:1D:DF:B5:00:92:DE:F0:19:D5:63:65:45:48:DB:9F
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 0192FC264D3241CC1BD4B9F9EA01717D4B3A
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/GPqoj8cd37UAkt7wGdVjZUVI258.roa
Signing time: Tue 05 Nov 2024 11:47:01 +0000
ROA not before: Tue 05 Nov 2024 11:47:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15694
IP address blocks: 46.229.144.0/20 maxlen: 20
77.79.192.0/18 maxlen: 18
77.79.206.0/24 maxlen: 24
77.79.210.0/24 maxlen: 24
77.79.215.0/24 maxlen: 24
77.79.221.0/24 maxlen: 24
85.232.224.0/19 maxlen: 19
85.232.254.0/24 maxlen: 24
194.145.228.0/24 maxlen: 24
195.167.144.0/20 maxlen: 20
195.167.150.0/24 maxlen: 24
195.167.155.0/24 maxlen: 24
195.167.158.0/24 maxlen: 24
206.252.224.0/19 maxlen: 19
206.252.250.0/24 maxlen: 24
212.91.4.0/22 maxlen: 22
212.91.10.0/24 maxlen: 24
212.91.11.0/24 maxlen: 24
212.91.12.0/24 maxlen: 24
212.91.13.0/24 maxlen: 24
212.91.14.0/24 maxlen: 24
212.91.16.0/20 maxlen: 20
212.91.28.0/24 maxlen: 24
213.189.32.0/19 maxlen: 19
213.189.32.0/24 maxlen: 24
213.189.42.0/24 maxlen: 24
213.189.50.0/24 maxlen: 24
217.17.32.0/20 maxlen: 20
217.149.240.0/20 maxlen: 20
2001:1a68::/32 maxlen: 32
2001:1a68:0:13::/64 maxlen: 64
2001:1a68:0:1d::/64 maxlen: 64
2001:1a68:0:21::/64 maxlen: 64
2001:1a68:18::/48 maxlen: 48
2001:1a68:2e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:26:4d:32:41:cc:1b:d4:b9:f9:ea:01:71:7d:4b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Nov 5 11:47:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18faa88fc71ddfb50092def019d563654548db9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dc:dd:11:f9:a7:9c:47:b8:13:09:6b:7c:c3:
a3:98:e4:12:c2:e8:fd:c4:05:b2:15:e9:6c:6a:49:
85:37:ef:8a:53:21:e3:1d:38:9f:b3:14:28:e3:37:
a0:dd:ae:62:7f:57:bf:23:e3:d1:50:57:08:20:5e:
ea:87:68:44:88:ff:51:72:61:4d:b8:7c:64:4a:51:
76:49:0b:e3:7e:b0:8a:0a:d4:30:97:29:f2:26:a0:
d3:78:3c:39:8c:33:fc:94:a0:fb:1a:cc:9a:6e:ed:
a9:c3:6e:46:5c:9d:ca:96:57:96:fa:36:55:c5:29:
23:a5:94:32:4f:0e:16:94:d5:3a:c5:71:17:48:2d:
0d:ff:02:f3:fe:33:f1:6a:55:1b:28:95:a3:1f:18:
93:e7:5f:82:94:c6:85:61:3a:76:19:a3:e8:09:4d:
97:f2:3a:e8:20:0b:a3:37:57:96:13:a5:fc:f8:18:
9f:91:77:7e:4a:33:0c:c0:9e:cb:ba:09:a0:f1:e5:
db:b3:9b:97:87:a9:b7:7b:d7:35:d3:bb:25:62:19:
4f:ae:04:66:2f:b4:7a:43:e1:07:4c:05:f6:cf:fe:
c0:01:74:21:5c:9b:86:fb:3a:35:b0:91:08:f1:c8:
41:e9:64:40:ec:6b:34:10:9d:c1:93:93:fc:35:04:
0a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FA:A8:8F:C7:1D:DF:B5:00:92:DE:F0:19:D5:63:65:45:48:DB:9F
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/GPqoj8cd37UAkt7wGdVjZUVI258.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.144.0/20
77.79.192.0/18
85.232.224.0/19
194.145.228.0/24
195.167.144.0/20
206.252.224.0/19
212.91.4.0/22
212.91.10.0-212.91.14.255
212.91.16.0/20
213.189.32.0/19
217.17.32.0/20
217.149.240.0/20
IPv6:
2001:1a68::/32
Signature Algorithm: sha256WithRSAEncryption
53:58:d7:43:83:12:50:30:df:d7:15:9c:a5:21:a0:2c:f1:56:
cd:80:c9:8f:42:d9:b2:b0:a2:6e:56:da:d3:32:6c:22:80:26:
a9:c6:d0:98:7e:2b:3d:57:60:dc:57:8d:be:26:34:3e:eb:3e:
8e:cc:1c:ae:20:5b:19:62:3d:3b:9c:bd:3d:be:33:cf:12:aa:
14:2e:9a:1f:6c:c2:be:bd:68:76:ed:2b:d6:87:f8:6b:98:eb:
6c:cc:63:5a:95:59:06:71:9f:43:a7:32:31:39:f8:7c:9e:ca:
97:14:45:9e:5c:30:8e:4a:18:1b:8a:e7:8e:96:f3:03:6c:06:
86:e9:11:8c:fc:4a:61:f2:52:b2:36:7a:05:69:a6:ae:46:08:
92:8d:10:bc:3c:a6:1a:f1:57:ea:63:46:b6:29:4e:15:6a:23:
2a:b5:b7:b2:cd:dc:af:c6:da:fc:39:8a:ac:1e:a3:5a:40:de:
31:d3:63:ff:ee:c9:4b:e7:e1:bf:e0:a1:85:4b:60:fa:0e:65:
1a:9f:dd:41:1c:b6:a1:41:6a:12:8f:14:aa:78:e6:cf:d5:d3:
fb:77:69:61:7c:da:97:86:4a:90:51:a9:cc:dc:47:10:fc:0f:
80:00:47:e5:21:f6:29:c3:e8:28:91:0e:57:0d:5d:f4:3a:ab:
2a:7e:6f:50
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZL8Jk0yQcwb1Ln56gFxfUs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQxMTA1MTE0NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGZhYTg4ZmM3MWRkZmI1MDA5MmRlZjAxOWQ1NjM2NTQ1NDhkYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNzdEfmnnEe4EwlrfMOjmOQSwuj9
xAWyFelsakmFN++KUyHjHTifsxQo4zeg3a5if1e/I+PRUFcIIF7qh2hEiP9RcmFN
uHxkSlF2SQvjfrCKCtQwlynyJqDTeDw5jDP8lKD7Gsyabu2pw25GXJ3KlleW+jZV
xSkjpZQyTw4WlNU6xXEXSC0N/wLz/jPxalUbKJWjHxiT51+ClMaFYTp2GaPoCU2X
8jroIAujN1eWE6X8+BifkXd+SjMMwJ7Lugmg8eXbs5uXh6m3e9c107slYhlPrgRm
L7R6Q+EHTAX2z/7AAXQhXJuG+zo1sJEI8chB6WRA7Gs0EJ3Bk5P8NQQKdwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFBj6qI/HHd+1AJLe8BnVY2VFSNufMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvR1Bxb2o4Y2QzN1VBa3Q3d0dkVmpaVVZJMjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQELuWQAwQG
TU/AAwQFVejgAwQAwpHkAwQEw6eQAwQFzvzgAwQC1FsEMAwDBAHUWwoDBADUWw4D
BATUWxADBAXVvSADBATZESADBATZlfAwDQQCAAIwBwMFACABGmgwDQYJKoZIhvcN
AQELBQADggEBAFNY10ODElAw39cVnKUhoCzxVs2AyY9C2bKwom5W2tMybCKAJqnG
0Jh+Kz1XYNxXjb4mND7rPo7MHK4gWxliPTucvT2+M88SqhQumh9swr69aHbtK9aH
+GuY62zMY1qVWQZxn0OnMjE5+HyeypcURZ5cMI5KGBuK546W8wNsBobpEYz8SmHy
UrI2egVppq5GCJKNELw8phrxV+pjRrYpThVqIyq1t7LN3K/G2vw5iqweo1pA3jHT
Y//uyUvn4b/goYVLYPoOZRqf3UEctqFBahKPFKp45s/V0/t3aWF82peGSpBRqczc
RxD8D4AAR+Uh9inD6CiRDlcNXfQ6qyp+b1A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:53:09 2024 by rpki-client on console-fra.rpki-client.org