Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GJ6D7IdhImxAS760lw97jW9N5_Y.roa
File: GJ6D7IdhImxAS760lw97jW9N5_Y.roa (raw, json)
Hash identifier: Z61UUJybRakTRFb3p8aReVyrJZOaI+DB2dlf35lnWS0=
Subject key identifier: 18:9E:83:EC:87:61:22:6C:40:4B:BE:B4:97:0F:7B:8D:6F:4D:E7:F6
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018E9F1DA683C0B769EF8F3130A9A3286D47
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GJ6D7IdhImxAS760lw97jW9N5_Y.roa
Signing time: Tue 02 Apr 2024 14:01:44 +0000
ROA not before: Tue 02 Apr 2024 14:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42694
IP address blocks: 193.163.74.0/24 maxlen: 24
193.163.101.0/24 maxlen: 24
193.221.211.0/24 maxlen: 24
2a13:5800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:1d:a6:83:c0:b7:69:ef:8f:31:30:a9:a3:28:6d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 2 14:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=189e83ec8761226c404bbeb4970f7b8d6f4de7f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:54:03:04:bc:1d:60:b7:b7:b1:61:d4:e4:be:
76:59:0e:ce:d8:16:4d:2c:d6:5f:00:d4:a6:9d:a6:
61:25:14:75:ce:10:d1:c6:4e:49:d0:02:4e:e6:97:
bc:50:c8:ee:e8:5a:33:e6:87:91:2e:0c:6d:81:56:
72:6b:6f:06:8d:e7:be:5b:64:93:53:90:40:9f:85:
a9:5d:1a:0e:6b:f1:0a:9d:4a:d0:11:8c:34:e4:a7:
2a:06:cf:24:d1:01:5d:52:8e:bb:e0:d0:47:f4:eb:
dc:50:67:7f:b4:84:48:1e:1a:1b:d7:bf:4d:03:8c:
38:17:bf:c2:6e:a8:f5:79:71:9f:02:5b:d4:02:de:
88:fd:0b:99:c1:4e:0a:8a:a3:65:90:03:22:41:ad:
a9:a1:4b:2b:5f:39:8d:ac:d0:61:70:21:f5:be:30:
2d:23:9b:b8:bf:d4:96:ff:8c:ba:34:8e:91:6a:85:
33:2b:07:71:b8:6a:32:d6:e5:cb:c1:65:29:e6:f2:
77:11:14:0e:5b:2c:8c:6d:00:04:90:6b:a5:c2:2c:
65:1d:86:bc:e5:b0:32:2e:6d:00:86:df:06:6d:3b:
9e:80:9d:91:47:cd:6a:71:37:ad:35:44:bf:03:d4:
09:77:ff:66:af:f4:22:a3:a4:6f:9f:ee:88:6a:17:
0c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9E:83:EC:87:61:22:6C:40:4B:BE:B4:97:0F:7B:8D:6F:4D:E7:F6
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/GJ6D7IdhImxAS760lw97jW9N5_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.74.0/24
193.163.101.0/24
193.221.211.0/24
IPv6:
2a13:5800::/29
Signature Algorithm: sha256WithRSAEncryption
76:68:ed:d1:0d:9e:fc:65:9a:54:c2:3d:38:4c:d7:0f:78:f8:
aa:c6:9a:ee:32:b2:d9:e7:08:30:63:ec:e5:6e:8d:10:80:0e:
92:91:54:5c:c2:ef:d8:9e:c6:6c:36:53:3b:49:85:af:c0:b9:
fc:9e:87:d8:6d:d6:7d:8a:42:b5:53:68:95:97:67:63:2c:c7:
35:bc:e4:02:ca:0a:2d:f2:29:71:7f:34:24:f6:8b:5e:36:dc:
22:82:75:1f:30:5d:1a:19:9c:c4:45:c6:b8:83:de:13:89:87:
31:da:2f:6c:0c:31:b3:03:0e:93:6c:38:d1:e7:86:2a:e0:39:
4e:21:3f:76:30:9a:2b:25:ed:a5:fa:bf:8f:ba:ad:29:03:04:
24:0e:f1:26:0f:5d:cb:2f:0a:16:6a:ad:01:66:47:ec:8f:71:
ff:be:5f:87:99:05:60:7f:02:96:ca:0f:1e:95:0e:91:42:ad:
0b:20:a5:83:11:14:0a:ca:09:30:e1:96:2b:2e:50:83:ea:2a:
b2:df:35:c6:f2:03:1b:ed:9c:16:d1:d0:46:03:56:73:21:55:
49:01:0b:71:b7:00:01:cd:79:b2:35:65:41:27:3c:5f:13:8a:
a7:66:f4:1a:0f:d7:68:56:c3:6b:04:28:69:67:05:74:86:e5:
54:6f:7a:5b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY6fHaaDwLdp748xMKmjKG1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNDAyMTQwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODllODNlYzg3NjEyMjZjNDA0YmJlYjQ5NzBmN2I4ZDZmNGRlN2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFQDBLwdYLe3sWHU5L52WQ7O2BZN
LNZfANSmnaZhJRR1zhDRxk5J0AJO5pe8UMju6Foz5oeRLgxtgVZya28Gjee+W2ST
U5BAn4WpXRoOa/EKnUrQEYw05KcqBs8k0QFdUo674NBH9OvcUGd/tIRIHhob179N
A4w4F7/Cbqj1eXGfAlvUAt6I/QuZwU4KiqNlkAMiQa2poUsrXzmNrNBhcCH1vjAt
I5u4v9SW/4y6NI6RaoUzKwdxuGoy1uXLwWUp5vJ3ERQOWyyMbQAEkGulwixlHYa8
5bAyLm0Aht8GbTuegJ2RR81qcTetNUS/A9QJd/9mr/Qio6Rvn+6IahcMUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBieg+yHYSJsQEu+tJcPe41vTef2MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvR0o2RDdJZGhJbXhBUzc2MGx3OTdqVzlONV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwaNKAwQA
waNlAwQAwd3TMA0EAgACMAcDBQMqE1gAMA0GCSqGSIb3DQEBCwUAA4IBAQB2aO3R
DZ78ZZpUwj04TNcPePiqxpruMrLZ5wgwY+zlbo0QgA6SkVRcwu/YnsZsNlM7SYWv
wLn8nofYbdZ9ikK1U2iVl2djLMc1vOQCygot8ilxfzQk9oteNtwignUfMF0aGZzE
Rca4g94TiYcx2i9sDDGzAw6TbDjR54Yq4DlOIT92MJorJe2l+r+Puq0pAwQkDvEm
D13LLwoWaq0BZkfsj3H/vl+HmQVgfwKWyg8elQ6RQq0LIKWDERQKygkw4ZYrLlCD
6iqy3zXG8gMb7ZwW0dBGA1ZzIVVJAQtxtwABzXmyNWVBJzxfE4qnZvQaD9doVsNr
BChpZwV0huVUb3pb
-----END CERTIFICATE-----
Generated at Sat May 4 12:54:50 2024 by rpki-client on console-fra.rpki-client.org