Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/GRyr8WucmsbCY0eDxEh5TqCl3cw.roa
File: GRyr8WucmsbCY0eDxEh5TqCl3cw.roa (raw, json)
Hash identifier: I7i85UQ+1i53XxVs9DdL6Ub7bTfyItD/NnFuHmNEK+0=
Subject key identifier: 19:1C:AB:F1:6B:9C:9A:C6:C2:63:47:83:C4:48:79:4E:A0:A5:DD:CC
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 019340255AEC9470051E1DB1606D4B925CB0
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/GRyr8WucmsbCY0eDxEh5TqCl3cw.roa
Signing time: Mon 18 Nov 2024 16:40:10 +0000
ROA not before: Mon 18 Nov 2024 16:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 24
62.3.50.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b640::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b641:10::/44 maxlen: 48
2a0c:b641:50::/44 maxlen: 48
2a0c:b641:60::/44 maxlen: 48
2a0c:b641:160::/44 maxlen: 48
2a0c:b641:530::/44 maxlen: 48
2a0c:b641:540::/44 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
2a0c:b641:820::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:25:5a:ec:94:70:05:1e:1d:b1:60:6d:4b:92:5c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Nov 18 16:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191cabf16b9c9ac6c2634783c448794ea0a5ddcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f9:3b:85:de:1d:23:33:4f:38:71:7c:82:84:
82:c0:34:e7:5d:47:39:29:85:ef:d6:b7:0b:3b:61:
59:f1:f6:0c:36:88:f0:67:f6:c6:4c:8a:6f:02:9b:
c6:16:e3:c8:d6:e7:ad:76:50:f7:43:e3:07:61:9e:
3f:4d:81:8d:2b:9d:2e:00:fa:0b:c6:50:fa:43:ed:
86:d7:65:6c:bd:d8:45:3b:fb:f2:0b:7e:55:75:66:
cd:22:61:5a:e6:c6:a5:42:e7:23:5f:1c:ae:d0:24:
95:1e:0f:ad:64:bc:e7:6b:1c:f3:f4:4b:5f:ad:bc:
a2:02:3b:ba:47:4e:14:60:dd:0f:5c:02:cf:d2:6b:
ff:38:ad:44:4d:9a:92:e3:bb:78:ec:5a:8e:0b:e4:
94:6d:8b:60:f4:55:99:df:af:34:49:51:7d:e5:d5:
4d:1e:fe:d5:2e:f6:6e:08:42:80:3e:e8:ee:e8:55:
cb:09:82:b7:79:0f:cf:d7:da:bc:07:b3:81:54:d2:
36:b0:2f:dc:68:79:2d:a3:dc:0a:bb:60:dd:6f:a2:
94:a1:d0:6a:67:ac:3e:38:f1:0c:44:bd:0b:f1:bf:
21:18:b6:5e:a8:0e:a8:26:a1:01:63:7a:c6:30:a9:
a9:82:9a:9d:5b:4b:70:0e:cc:36:cc:c6:42:eb:c8:
3b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1C:AB:F1:6B:9C:9A:C6:C2:63:47:83:C4:48:79:4E:A0:A5:DD:CC
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/GRyr8WucmsbCY0eDxEh5TqCl3cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
62.3.50.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:50::-2a0c:b641:6f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:160::/44
2a0c:b641:530::-2a0c:b641:54f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:70f::/48
2a0c:b641:820::/44
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
79:57:92:52:61:0b:d7:28:6d:0c:f3:e9:0b:a1:98:71:0b:df:
fb:c7:e4:8e:e0:9a:c8:d7:25:64:bf:30:1d:f9:b8:15:39:28:
28:d6:dc:85:a3:ea:7a:c7:63:92:f3:26:8d:3b:de:c5:de:ea:
c9:d5:21:4c:d3:b1:2d:fe:50:64:17:09:ac:8c:af:e1:74:e1:
37:7a:56:09:58:c4:6f:1b:12:69:9c:33:7d:d0:51:8f:02:58:
57:52:ab:87:75:91:17:6e:09:84:2a:e8:9b:86:2e:a9:2b:70:
e4:8a:76:61:5e:65:2a:94:87:c1:3e:74:9c:cd:13:62:2c:13:
a7:eb:bc:99:1f:65:94:f6:d5:4e:cb:b2:aa:c7:d4:d6:bb:46:
d5:79:39:69:7f:a3:83:20:36:39:ed:73:c5:76:ff:6b:58:d9:
7c:ec:04:fa:cd:6b:2f:b1:74:16:ea:d3:ad:24:8f:eb:4e:ed:
df:ca:de:53:12:48:57:0e:40:ed:5e:cb:13:95:df:c1:25:ac:
62:e0:f4:a2:37:6c:45:9a:fe:55:88:f7:cf:35:20:8f:b9:c8:
ab:cd:cd:d8:51:42:92:7c:bb:26:ba:ad:5d:68:72:b5:55:1c:
8c:33:b9:5a:4b:98:f6:ba:6d:8b:30:1d:9f:3d:2f:66:c6:ad:
3e:48:80:03
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZNAJVrslHAFHh2xYG1LklywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQxMTE4MTY0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFjYWJmMTZiOWM5YWM2YzI2MzQ3ODNjNDQ4Nzk0ZWEwYTVkZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPk7hd4dIzNPOHF8goSCwDTnXUc5
KYXv1rcLO2FZ8fYMNojwZ/bGTIpvApvGFuPI1uetdlD3Q+MHYZ4/TYGNK50uAPoL
xlD6Q+2G12VsvdhFO/vyC35VdWbNImFa5salQucjXxyu0CSVHg+tZLznaxzz9Etf
rbyiAju6R04UYN0PXALP0mv/OK1ETZqS47t47FqOC+SUbYtg9FWZ3680SVF95dVN
Hv7VLvZuCEKAPuju6FXLCYK3eQ/P19q8B7OBVNI2sC/caHkto9wKu2Ddb6KUodBq
Z6w+OPEMRL0L8b8hGLZeqA6oJqEBY3rGMKmpgpqdW0twDsw2zMZC68g7dQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBkcq/FrnJrGwmNHg8RIeU6gpd3MMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvR1J5cjhXdWNtc2JDWTBlRHhFaDVUcUNsM2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MBgEAgABMBIDBAAtmmED
BAA+AzIDBAHCHGIwYgQCAAIwXDAQAwUGKgy2QAMHBSoMtkEAADASAwcEKgy2QQBQ
AwcEKgy2QQBgAwcEKgy2QQFgMBIDBwQqDLZBBTADBwQqDLZBBUADBwAqDLZBBw8D
BwQqDLZBCCADBQAqD4QAMA0GCSqGSIb3DQEBCwUAA4IBAQB5V5JSYQvXKG0M8+kL
oZhxC9/7x+SO4JrI1yVkvzAd+bgVOSgo1tyFo+p6x2OS8yaNO97F3urJ1SFM07Et
/lBkFwmsjK/hdOE3elYJWMRvGxJpnDN90FGPAlhXUquHdZEXbgmEKuibhi6pK3Dk
inZhXmUqlIfBPnSczRNiLBOn67yZH2WU9tVOy7Kqx9TWu0bVeTlpf6ODIDY57XPF
dv9rWNl87AT6zWsvsXQW6tOtJI/rTu3fyt5TEkhXDkDtXssTld/BJaxi4PSiN2xF
mv5ViPfPNSCPucirzc3YUUKSfLsmuq1daHK1VRyMM7laS5j2um2LMB2fPS9mxq0+
SIAD
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:49:00 2024 by rpki-client on console-fra.rpki-client.org