Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/GeMg-w6JJX-bSwsjUAHXSFHUnSs.roa
File: GeMg-w6JJX-bSwsjUAHXSFHUnSs.roa (raw, json)
Hash identifier: OkWm4jOmCUKAn0UGUZUptIOi0LQvNmAep+64j8BwY24=
Subject key identifier: 19:E3:20:FB:0E:89:25:7F:9B:4B:0B:23:50:01:D7:48:51:D4:9D:2B
Certificate issuer: /CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Certificate serial: 018DC0D10D4B2228E947F1F04CE381F84A49
Authority key identifier: C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/GeMg-w6JJX-bSwsjUAHXSFHUnSs.roa
Signing time: Mon 19 Feb 2024 10:02:22 +0000
ROA not before: Mon 19 Feb 2024 10:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48011
IP address blocks: 5.172.177.0/24 maxlen: 24
45.89.236.0/22 maxlen: 24
45.93.168.0/22 maxlen: 24
45.93.168.0/24 maxlen: 24
45.252.180.0/23 maxlen: 23
45.252.180.0/24 maxlen: 24
45.252.181.0/24 maxlen: 24
45.252.182.0/23 maxlen: 23
45.252.182.0/24 maxlen: 24
45.252.183.0/24 maxlen: 24
62.204.58.0/24 maxlen: 24
77.87.122.0/24 maxlen: 24
87.236.161.0/24 maxlen: 24
91.247.188.0/24 maxlen: 24
103.130.145.0/24 maxlen: 24
103.130.147.0/24 maxlen: 24
185.182.105.0/24 maxlen: 24
185.211.79.0/24 maxlen: 24
185.217.143.0/24 maxlen: 24
185.227.136.0/24 maxlen: 24
185.227.137.0/24 maxlen: 24
185.227.138.0/24 maxlen: 24
185.227.139.0/24 maxlen: 24
193.163.72.0/24 maxlen: 24
213.217.31.0/24 maxlen: 24
213.232.203.0/24 maxlen: 24
2a0c:6600::/48 maxlen: 48
2a0c:6600:1::/48 maxlen: 48
2a0c:6600:2::/48 maxlen: 48
2a0c:6600:3::/48 maxlen: 48
2a0c:6600:4::/48 maxlen: 48
2a0c:6600:5::/48 maxlen: 48
2a0c:6600:6::/48 maxlen: 48
2a0c:6600:7::/48 maxlen: 48
2a0c:6600:8::/48 maxlen: 48
2a0c:6600:9::/48 maxlen: 48
2a0c:6600:1000::/48 maxlen: 48
2a0c:6600:2000::/48 maxlen: 48
2a0c:6600:3000::/48 maxlen: 48
2a0c:6600:4000::/48 maxlen: 48
2a0c:6600:6000::/48 maxlen: 48
2a0c:6600:6600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:d1:0d:4b:22:28:e9:47:f1:f0:4c:e3:81:f8:4a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c59bd1e8c58f641bd944305f11c54efe5f3a0ce2
Validity
Not Before: Feb 19 10:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19e320fb0e89257f9b4b0b235001d74851d49d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:57:00:ee:d3:26:68:22:28:83:c9:10:ba:78:
67:36:f6:a1:07:de:96:a3:79:e7:3d:36:00:b4:5b:
33:be:0c:8c:70:ef:4d:ca:7c:69:33:d9:84:97:76:
fb:72:ce:d9:dd:6f:37:09:8d:31:7a:01:40:a0:a4:
00:0d:a0:e1:fe:dc:63:c2:59:b1:f7:20:58:7a:b4:
30:43:ec:07:3d:88:8e:b9:89:ea:8d:32:fb:89:e1:
e5:af:f6:87:ac:68:d7:0f:d9:be:ca:bf:72:0a:8a:
eb:1e:91:fe:09:19:d4:50:32:cc:77:d5:2d:ff:df:
8e:58:eb:e5:87:c8:ca:ba:76:41:83:5d:fb:b6:9e:
eb:7b:16:1d:6a:7c:03:b0:0f:e9:5d:22:68:5e:eb:
d3:8c:bd:46:68:e6:ac:76:2c:65:24:3a:04:ca:55:
9d:8b:d7:ac:7e:dc:5e:e7:40:fa:c3:ee:fc:97:e2:
ae:b5:5e:a1:cf:4d:05:02:e1:ac:ac:ca:90:77:e7:
fa:5b:de:dd:12:34:b1:79:a4:67:02:88:81:18:b0:
01:79:4c:89:97:46:be:c3:3e:c0:a2:a5:64:60:25:
04:dd:47:bb:f1:24:be:f5:b2:67:75:4e:40:66:6d:
7f:4e:fa:b0:5a:6d:05:2f:c2:f3:94:90:88:0d:ca:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E3:20:FB:0E:89:25:7F:9B:4B:0B:23:50:01:D7:48:51:D4:9D:2B
X509v3 Authority Key Identifier:
keyid:C5:9B:D1:E8:C5:8F:64:1B:D9:44:30:5F:11:C5:4E:FE:5F:3A:0C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZvR6MWPZBvZRDBfEcVO_l86DOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/GeMg-w6JJX-bSwsjUAHXSFHUnSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fd8457-810f-4f7e-9e58-56cc39db6ed6/1/xZvR6MWPZBvZRDBfEcVO_l86DOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.177.0/24
45.89.236.0/22
45.93.168.0/22
45.252.180.0/22
62.204.58.0/24
77.87.122.0/24
87.236.161.0/24
91.247.188.0/24
103.130.145.0/24
103.130.147.0/24
185.182.105.0/24
185.211.79.0/24
185.217.143.0/24
185.227.136.0/22
193.163.72.0/24
213.217.31.0/24
213.232.203.0/24
IPv6:
2a0c:6600::-2a0c:6600:9:ffff:ffff:ffff:ffff:ffff
2a0c:6600:1000::/48
2a0c:6600:2000::/48
2a0c:6600:3000::/48
2a0c:6600:4000::/48
2a0c:6600:6000::/48
2a0c:6600:6600::/48
Signature Algorithm: sha256WithRSAEncryption
8c:2a:49:3b:d5:ac:b9:15:b3:3d:a3:e8:34:15:54:f7:36:45:
b3:5d:96:6e:19:f5:41:8a:8e:b3:5f:40:16:8d:14:15:99:41:
71:b5:b9:d6:a9:8f:d3:21:c9:fc:d5:81:e3:76:7e:40:82:3d:
a2:b4:2e:d9:c3:01:cb:05:20:c5:80:c5:77:a7:7d:26:24:b1:
68:33:73:80:06:3b:07:e8:7b:ab:e5:d4:99:51:b2:4d:dc:76:
3c:ca:ef:82:3a:e8:e4:60:92:02:6a:cf:61:96:96:ee:72:ac:
e8:9a:3b:57:74:b3:88:7a:3a:ad:4b:59:75:cc:a2:e5:c3:af:
09:0d:8b:f7:a5:df:13:cb:bb:62:a9:70:68:13:0e:6f:59:10:
1a:e9:31:5d:ba:78:f2:68:63:07:c1:77:e8:c2:a1:ea:60:b1:
30:da:7e:fa:53:a1:9f:6e:81:b9:04:83:a5:b2:44:4f:5f:97:
c3:77:2c:e0:c5:21:ef:9b:f6:1b:da:1b:b9:d1:ae:86:ed:29:
f9:38:84:6f:0a:a0:d0:e6:27:d1:22:10:cb:2b:2c:12:45:ac:
1e:1b:95:10:cd:cf:c3:fd:79:a1:d8:aa:93:3c:d2:48:08:78:
ca:9f:ab:1a:62:3a:fe:bf:05:54:1c:25:62:16:db:4a:07:b3:
ee:7c:a4:9b
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAY3A0Q1LIijpR/HwTOOB+EpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OWJkMWU4YzU4ZjY0MWJkOTQ0MzA1ZjExYzU0ZWZlNWYz
YTBjZTIwHhcNMjQwMjE5MTAwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWUzMjBmYjBlODkyNTdmOWI0YjBiMjM1MDAxZDc0ODUxZDQ5ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFcA7tMmaCIog8kQunhnNvahB96W
o3nnPTYAtFszvgyMcO9NynxpM9mEl3b7cs7Z3W83CY0xegFAoKQADaDh/txjwlmx
9yBYerQwQ+wHPYiOuYnqjTL7ieHlr/aHrGjXD9m+yr9yCorrHpH+CRnUUDLMd9Ut
/9+OWOvlh8jKunZBg137tp7rexYdanwDsA/pXSJoXuvTjL1GaOasdixlJDoEylWd
i9esftxe50D6w+78l+KutV6hz00FAuGsrMqQd+f6W97dEjSxeaRnAoiBGLABeUyJ
l0a+wz7AoqVkYCUE3Ue78SS+9bJndU5AZm1/TvqwWm0FL8LzlJCIDcr0mwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFBnjIPsOiSV/m0sLI1AB10hR1J0rMB8GA1UdIwQY
MBaAFMWb0ejFj2Qb2UQwXxHFTv5fOgziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgt
NTZjYzM5ZGI2ZWQ2LzEvR2VNZy13NkpKWC1iU3dzalVBSFhTRkhVblNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mZDg0NTctODEwZi00ZjdlLTllNTgtNTZjYzM5ZGI2ZWQ2
LzEveFp2UjZNV1BaQnZaUkRCZkVjVk9fbDg2RE9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTBsBAIAATBmAwQABayx
AwQCLVnsAwQCLV2oAwQCLfy0AwQAPsw6AwQATVd6AwQAV+yhAwQAW/e8AwQAZ4KR
AwQAZ4KTAwQAubZpAwQAudNPAwQAudmPAwQCueOIAwQAwaNIAwQA1dkfAwQA1ejL
ME0EAgACMEcwDwMEASoMZgMHASoMZgAACAMHACoMZgAQAAMHACoMZgAgAAMHACoM
ZgAwAAMHACoMZgBAAAMHACoMZgBgAAMHACoMZgBmADANBgkqhkiG9w0BAQsFAAOC
AQEAjCpJO9WsuRWzPaPoNBVU9zZFs12Wbhn1QYqOs19AFo0UFZlBcbW51qmP0yHJ
/NWB43Z+QII9orQu2cMBywUgxYDFd6d9JiSxaDNzgAY7B+h7q+XUmVGyTdx2PMrv
gjro5GCSAmrPYZaW7nKs6Jo7V3SziHo6rUtZdcyi5cOvCQ2L96XfE8u7YqlwaBMO
b1kQGukxXbp48mhjB8F36MKh6mCxMNp++lOhn26BuQSDpbJET1+Xw3cs4MUh75v2
G9obudGuhu0p+TiEbwqg0OYn0SIQyyssEkWsHhuVEM3Pw/15odiqkzzSSAh4yp+r
GmI6/r8FVBwlYhbbSgez7nykmw==
-----END CERTIFICATE-----
Generated at Thu May 23 21:54:19 2024 by rpki-client on console-fra.rpki-client.org