Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/G6lrjXCvNRgyYogYBiQruIGVxe8.roa
File: G6lrjXCvNRgyYogYBiQruIGVxe8.roa (raw, json)
Hash identifier: vOVjJz/m9iLFiCy8sgZBBBlfsMNRvuS92RaiVfKDMBE=
Subject key identifier: 1B:A9:6B:8D:70:AF:35:18:32:62:88:18:06:24:2B:B8:81:95:C5:EF
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 018CC2DB229F1492A903068950A7C735C75C
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/G6lrjXCvNRgyYogYBiQruIGVxe8.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6854
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:22:9f:14:92:a9:03:06:89:50:a7:c7:35:c7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ba96b8d70af35183262881806242bb88195c5ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:4e:ea:14:8e:7b:91:88:e9:19:6b:b7:48:ed:
eb:ef:d9:a1:3c:4e:06:7f:df:a3:d8:32:09:ac:9e:
b5:16:58:36:b0:03:90:b5:ff:36:1a:c0:c8:8e:79:
0b:d0:fa:e7:80:8f:dd:d7:a1:d1:7d:85:e7:5d:b2:
a7:3c:40:39:3d:14:ac:86:d4:fd:6a:25:bd:8d:c4:
37:9d:e9:c3:51:8b:da:cd:2b:27:40:c5:26:4f:79:
d9:21:de:a2:72:d1:89:17:b2:50:d6:cb:71:54:2e:
5f:53:bb:68:31:a0:b3:a8:a7:05:2f:c4:a6:6a:5e:
47:15:3b:8f:50:77:0b:55:df:60:64:b9:23:c7:91:
1b:90:4c:b3:b4:cf:c6:81:99:8f:86:fb:4c:9d:97:
33:df:9d:e6:a1:82:d7:b6:96:b1:73:53:d1:a3:8d:
80:ce:6d:f6:11:42:0f:d5:ad:4f:e0:c8:18:bf:39:
da:3b:0c:3e:fa:19:d6:8f:33:aa:e8:09:03:87:74:
18:c0:a1:4f:43:79:7f:b4:83:df:ab:94:e6:f9:67:
da:b1:28:59:c7:61:05:0b:14:7d:ae:45:a4:29:dc:
4b:2f:00:ba:b1:f3:63:6b:b9:81:63:d2:14:62:f2:
2b:2b:41:93:16:6b:30:a4:d8:6f:2f:bf:fd:fd:6e:
63:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A9:6B:8D:70:AF:35:18:32:62:88:18:06:24:2B:B8:81:95:C5:EF
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/G6lrjXCvNRgyYogYBiQruIGVxe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
b3:b3:7a:bc:bd:76:1c:ed:46:b0:08:29:46:54:f0:54:c8:e1:
40:38:20:f9:32:3a:c4:77:f6:d8:07:0b:5d:e6:59:37:f6:be:
eb:96:12:3a:a5:48:91:57:b4:62:48:65:a0:25:bf:41:bb:27:
a1:2a:7f:4c:23:09:fa:fd:fd:fd:50:6a:6f:82:39:ec:7b:4a:
cc:f9:1e:9a:75:67:2a:9e:66:3d:21:ac:0a:88:6e:06:9e:cd:
ab:f2:fd:f0:74:0c:75:f4:e0:58:cc:ca:8c:69:96:fb:a3:c2:
2d:da:8c:60:49:63:d4:f3:7a:c6:73:b1:d3:31:12:bc:2b:a3:
55:52:64:7c:6c:e2:28:8d:2b:2c:c9:12:d5:71:e5:cf:18:01:
7f:97:f2:f9:e5:51:fd:46:00:3d:e6:b7:8a:3d:0b:69:29:e1:
59:67:30:0f:cc:82:2e:b2:a3:22:b0:45:06:8f:db:2f:3c:1d:
86:51:af:97:46:2a:6a:0d:83:2b:d7:58:34:f2:15:81:7c:fd:
68:4e:0d:9f:81:77:73:eb:2a:61:f3:ba:99:bc:f7:e0:7e:71:
08:de:8e:64:16:88:de:ed:b8:e7:06:b0:b6:e5:1a:6a:98:16:
cd:78:a4:47:fa:4a:c1:90:8f:fe:e0:30:e6:50:60:f6:5e:c6:
5a:ca:2c:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yKfFJKpAwaJUKfHNcdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmE5NmI4ZDcwYWYzNTE4MzI2Mjg4MTgwNjI0MmJiODgxOTVjNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA007qFI57kYjpGWu3SO3r79mhPE4G
f9+j2DIJrJ61Flg2sAOQtf82GsDIjnkL0PrngI/d16HRfYXnXbKnPEA5PRSshtT9
aiW9jcQ3nenDUYvazSsnQMUmT3nZId6ictGJF7JQ1stxVC5fU7toMaCzqKcFL8Sm
al5HFTuPUHcLVd9gZLkjx5EbkEyztM/GgZmPhvtMnZcz353moYLXtpaxc1PRo42A
zm32EUIP1a1P4MgYvznaOww++hnWjzOq6AkDh3QYwKFPQ3l/tIPfq5Tm+WfasShZ
x2EFCxR9rkWkKdxLLwC6sfNja7mBY9IUYvIrK0GTFmswpNhvL7/9/W5jCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBupa41wrzUYMmKIGAYkK7iBlcXvMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvRzZscmpYQ3ZOUmd5WW9nWUJpUXJ1SUdWeGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQCzs3q8vXYc7UawCClG
VPBUyOFAOCD5MjrEd/bYBwtd5lk39r7rlhI6pUiRV7RiSGWgJb9BuyehKn9MIwn6
/f39UGpvgjnse0rM+R6adWcqnmY9IawKiG4Gns2r8v3wdAx19OBYzMqMaZb7o8It
2oxgSWPU83rGc7HTMRK8K6NVUmR8bOIojSssyRLVceXPGAF/l/L55VH9RgA95reK
PQtpKeFZZzAPzIIusqMisEUGj9svPB2GUa+XRipqDYMr11g08hWBfP1oTg2fgXdz
6yph87qZvPfgfnEI3o5kFoje7bjnBrC25RpqmBbNeKRH+krBkI/+4DDmUGD2XsZa
yixZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:37 2024 by rpki-client on console-ams.rpki-client.org