Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ga5LrO9UNQFsjdc_cmiURK1G_fg.roa
File: ga5LrO9UNQFsjdc_cmiURK1G_fg.roa (raw, json)
Hash identifier: zsOHN7UBk8InPTQvVoCuULc2RtrJ9VgupGAtXGmINIA=
Subject key identifier: 81:AE:4B:AC:EF:54:35:01:6C:8D:D7:3F:72:68:94:44:AD:46:FD:F8
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64AD3546D4E82E448A5294191328CC9
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ga5LrO9UNQFsjdc_cmiURK1G_fg.roa
Signing time: Mon 01 Jan 2024 18:30:41 +0000
ROA not before: Mon 01 Jan 2024 18:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6461
IP address blocks: 95.164.24.0/21 maxlen: 24
95.164.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d3:54:6d:4e:82:e4:48:a5:29:41:91:32:8c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ae4bacef5435016c8dd73f72689444ad46fdf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:77:38:c3:fe:a6:7d:ac:b0:3d:2f:b5:cd:9c:
ca:cb:0b:ca:18:0d:a4:bc:e6:56:13:3e:7f:ae:2e:
a2:66:f3:5a:10:56:04:f3:3a:cf:3b:00:4a:fe:15:
77:fd:70:9b:97:af:37:c9:ea:ed:ff:9c:de:ba:6a:
97:46:7d:d7:cd:cb:84:59:6b:a2:32:7d:71:66:6a:
73:05:db:93:97:5c:54:2e:a6:5a:23:2f:54:4f:87:
20:29:ef:a4:96:10:8f:49:89:3d:32:08:52:d5:1c:
e1:20:12:e6:03:b4:3a:3b:1e:ea:a9:74:8a:f6:e1:
5a:51:05:4d:80:ee:52:16:3b:0e:c5:23:b0:c5:a9:
ad:cf:2b:92:56:67:49:31:ee:a8:e9:27:26:d0:b5:
5b:bc:44:b0:ad:95:34:f9:0a:43:9d:e1:16:1b:41:
f3:6f:15:42:00:92:21:de:e2:7b:7e:b9:d3:43:48:
ac:2a:0a:95:7d:8c:59:d3:54:47:40:a4:95:71:60:
10:44:7e:3e:5b:10:e0:25:79:4a:66:3a:f7:5a:98:
6d:18:08:f4:59:3e:18:e4:1f:33:f6:60:5b:ed:5a:
0d:c7:d1:9a:be:b9:5a:d1:40:1a:b3:44:f1:6f:1c:
df:31:19:88:28:bb:a8:88:64:49:48:22:a4:2a:58:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AE:4B:AC:EF:54:35:01:6C:8D:D7:3F:72:68:94:44:AD:46:FD:F8
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ga5LrO9UNQFsjdc_cmiURK1G_fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.24.0/21
95.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
59:2d:e0:c9:f2:e7:e1:6b:73:2b:77:1b:a8:f9:e1:60:cd:f4:
91:cf:11:ab:e4:02:41:bc:f7:4d:93:bd:5c:2b:1d:bc:de:85:
22:bf:44:73:28:34:8a:43:05:52:e3:0f:b8:d2:61:fd:93:cd:
a4:f0:6b:76:18:89:3f:67:27:c0:fc:ae:12:90:a2:34:4b:0e:
07:64:7d:62:90:37:89:8a:ac:98:30:9f:3b:b8:ad:a0:bb:0e:
e8:54:a7:da:7d:65:2b:51:fa:70:3e:69:1a:0f:7a:6a:36:36:
8e:3a:ab:e7:d2:8d:3e:c8:3e:30:a2:2f:7d:24:cf:3a:ba:be:
e8:cd:3e:57:89:bb:b4:7b:56:50:20:88:2c:c1:d3:97:d7:69:
0d:21:47:ac:d2:8e:f5:fa:7c:83:9d:82:17:42:09:19:87:4a:
1c:48:fc:53:29:65:01:1d:34:45:2a:b3:e3:53:b9:59:81:51:
c4:27:6e:7d:91:10:33:42:1c:ce:72:2c:04:b4:0f:66:2d:ac:
e9:74:8f:05:10:54:bf:29:c6:26:93:61:ed:54:68:f2:ce:9e:
e0:57:8f:7c:ea:1f:a7:ae:9a:4b:95:2c:63:88:65:ac:4c:6d:
87:db:6f:27:00:59:da:4f:32:67:5f:b0:63:d4:3c:12:7f:2a:
be:19:96:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGStNUbU6C5EilKUGRMozJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFlNGJhY2VmNTQzNTAxNmM4ZGQ3M2Y3MjY4OTQ0NGFkNDZmZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXc4w/6mfaywPS+1zZzKywvKGA2k
vOZWEz5/ri6iZvNaEFYE8zrPOwBK/hV3/XCbl683yert/5zeumqXRn3XzcuEWWui
Mn1xZmpzBduTl1xULqZaIy9UT4cgKe+klhCPSYk9MghS1RzhIBLmA7Q6Ox7qqXSK
9uFaUQVNgO5SFjsOxSOwxamtzyuSVmdJMe6o6Scm0LVbvESwrZU0+QpDneEWG0Hz
bxVCAJIh3uJ7frnTQ0isKgqVfYxZ01RHQKSVcWAQRH4+WxDgJXlKZjr3WphtGAj0
WT4Y5B8z9mBb7VoNx9Gavrla0UAas0TxbxzfMRmIKLuoiGRJSCKkKljtrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIGuS6zvVDUBbI3XP3JolEStRv34MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZ2E1THJPOVVOUUZzamRjX2NtaVVSSzFHX2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX6QYAwQE
X6RgMA0GCSqGSIb3DQEBCwUAA4IBAQBZLeDJ8ufha3Mrdxuo+eFgzfSRzxGr5AJB
vPdNk71cKx283oUiv0RzKDSKQwVS4w+40mH9k82k8Gt2GIk/ZyfA/K4SkKI0Sw4H
ZH1ikDeJiqyYMJ87uK2guw7oVKfafWUrUfpwPmkaD3pqNjaOOqvn0o0+yD4woi99
JM86ur7ozT5Xibu0e1ZQIIgswdOX12kNIUes0o71+nyDnYIXQgkZh0ocSPxTKWUB
HTRFKrPjU7lZgVHEJ259kRAzQhzOciwEtA9mLazpdI8FEFS/KcYmk2HtVGjyzp7g
V4986h+nrppLlSxjiGWsTG2H228nAFnaTzJnX7Bj1DwSfyq+GZbD
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:29:40 2024 by rpki-client on console-fra.rpki-client.org