Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/GnHJTN7ncCstUelSbleEG4HEl40.roa
File: GnHJTN7ncCstUelSbleEG4HEl40.roa (raw, json)
Hash identifier: asQ2rmkNknwu45mNTB7F7R0kZwFfLaaKJJhnmNywaqM=
Subject key identifier: 1A:71:C9:4C:DE:E7:70:2B:2D:51:E9:52:6E:57:84:1B:81:C4:97:8D
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC648AA778AEFE6F29C4A3214DFAA
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/GnHJTN7ncCstUelSbleEG4HEl40.roa
Signing time: Tue 02 Jan 2024 04:30:17 +0000
ROA not before: Tue 02 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209811
IP address blocks: 94.232.96.0/22 maxlen: 22
93.120.8.0/23 maxlen: 23
91.232.227.0/24 maxlen: 24
91.224.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c6:48:aa:77:8a:ef:e6:f2:9c:4a:32:14:df:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a71c94cdee7702b2d51e9526e57841b81c4978d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b8:1c:b4:8b:eb:af:31:67:6d:58:59:87:40:
6f:84:af:0c:49:b6:eb:82:25:29:57:f2:0f:b0:c6:
b8:c2:46:e1:b0:2b:ac:50:53:5c:20:18:2c:9f:b2:
3f:10:13:ff:45:14:91:7c:a0:5d:0c:7f:93:7a:93:
e0:4f:33:98:81:60:3d:fa:8f:2d:b8:5d:72:0a:95:
a4:07:7a:22:fc:2f:25:0b:e8:70:ed:fa:45:97:2a:
81:98:cb:0e:c7:ea:d4:1a:e1:5d:77:74:d8:55:95:
b6:db:46:88:a6:cd:a1:12:bd:38:c6:49:93:2d:24:
6d:04:2d:c0:fa:06:1e:01:32:be:4e:da:50:44:ba:
6b:fe:57:9b:48:d7:64:20:a4:10:cd:5e:fb:61:cd:
4a:e0:98:4e:05:46:5b:01:8d:51:28:10:2e:99:45:
c3:d8:ec:27:33:94:6f:4a:a2:d0:fe:98:26:d3:db:
23:98:c4:7e:56:da:eb:b6:9a:f7:ac:16:9e:82:56:
b8:48:7b:de:4a:85:ca:30:94:17:a4:a4:ed:eb:3d:
ab:a1:db:2c:5d:6c:ec:a7:ff:a7:fe:8a:85:bc:fa:
c2:e1:b4:d6:39:20:6f:ce:84:1a:6d:3f:b5:ff:2e:
a0:7d:64:bc:07:29:76:53:73:69:0d:3f:ed:c7:77:
b8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:71:C9:4C:DE:E7:70:2B:2D:51:E9:52:6E:57:84:1B:81:C4:97:8D
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/GnHJTN7ncCstUelSbleEG4HEl40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.41.0/24
91.232.227.0/24
93.120.8.0/23
94.232.96.0/22
Signature Algorithm: sha256WithRSAEncryption
84:13:4d:b1:a1:bb:a5:33:51:3a:ef:66:e9:0f:75:7c:fe:08:
ca:d9:ab:04:3c:ba:98:30:af:79:e8:3b:e8:6d:85:06:65:82:
e2:36:63:9f:34:20:2a:e8:33:1f:b8:08:86:35:25:e2:a5:3b:
73:2c:19:4c:de:66:b4:44:15:bf:a5:b1:93:47:ca:fd:ef:87:
62:47:ae:c2:53:d4:31:40:90:4e:48:6b:ea:5f:85:ba:c6:64:
ba:42:af:47:c4:ab:a2:04:56:9e:ac:9d:d3:d7:50:3d:e6:1f:
c6:9d:26:57:d3:7b:1a:6e:22:b4:83:9f:48:15:48:27:e4:0a:
3a:a3:02:c1:b2:6d:71:b3:94:0b:c3:a0:89:93:32:38:1c:e6:
66:bc:b2:d3:47:c9:75:be:9a:f8:02:87:0b:b5:ff:03:96:e7:
fd:4c:e4:f1:28:3f:41:3c:4e:99:56:15:2c:bc:f1:d8:b8:a9:
8d:b4:44:50:d7:4e:45:cf:f5:e3:82:cd:6f:c3:32:6d:01:96:
36:48:ff:ab:b1:24:3c:77:4a:9c:66:d9:d1:a2:49:67:01:56:
d3:cd:41:59:29:ab:f2:bd:c9:66:2c:80:07:be:3f:25:75:06:
73:f9:d5:bf:08:91:8c:08:7f:66:f6:c0:b0:cc:08:3d:49:3a:
3f:05:bf:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIb8ZIqneK7+bynEoyFN+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTcxYzk0Y2RlZTc3MDJiMmQ1MWU5NTI2ZTU3ODQxYjgxYzQ5NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrgctIvrrzFnbVhZh0BvhK8MSbbr
giUpV/IPsMa4wkbhsCusUFNcIBgsn7I/EBP/RRSRfKBdDH+TepPgTzOYgWA9+o8t
uF1yCpWkB3oi/C8lC+hw7fpFlyqBmMsOx+rUGuFdd3TYVZW220aIps2hEr04xkmT
LSRtBC3A+gYeATK+TtpQRLpr/lebSNdkIKQQzV77Yc1K4JhOBUZbAY1RKBAumUXD
2OwnM5RvSqLQ/pgm09sjmMR+Vtrrtpr3rBaegla4SHveSoXKMJQXpKTt6z2rodss
XWzsp/+n/oqFvPrC4bTWOSBvzoQabT+1/y6gfWS8Byl2U3NpDT/tx3e4cQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBpxyUze53ArLVHpUm5XhBuBxJeNMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvR25ISlRON25jQ3N0VWVsU2JsZUVHNEhFbDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+ApAwQA
W+jjAwQBXXgIAwQCXuhgMA0GCSqGSIb3DQEBCwUAA4IBAQCEE02xobulM1E672bp
D3V8/gjK2asEPLqYMK956DvobYUGZYLiNmOfNCAq6DMfuAiGNSXipTtzLBlM3ma0
RBW/pbGTR8r974diR67CU9QxQJBOSGvqX4W6xmS6Qq9HxKuiBFaerJ3T11A95h/G
nSZX03sabiK0g59IFUgn5Ao6owLBsm1xs5QLw6CJkzI4HOZmvLLTR8l1vpr4AocL
tf8Dluf9TOTxKD9BPE6ZVhUsvPHYuKmNtERQ105Fz/Xjgs1vwzJtAZY2SP+rsSQ8
d0qcZtnRoklnAVbTzUFZKavyvclmLIAHvj8ldQZz+dW/CJGMCH9m9sCwzAg9STo/
Bb96
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:25 2024 by rpki-client on console-ams.rpki-client.org