Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/GPX7-jOgtvhaNKZZmM4NzfmkKX0.roa
File: GPX7-jOgtvhaNKZZmM4NzfmkKX0.roa (raw, json)
Hash identifier: cM6L5X1sgmLtOCNbEjEOr+3oc1KSfe88ZWHR8n6D42g=
Subject key identifier: 18:F5:FB:FA:33:A0:B6:F8:5A:34:A6:59:98:CE:0D:CD:F9:A4:29:7D
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 018F8547786FCDFEF065555B9163BF305EF6
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/GPX7-jOgtvhaNKZZmM4NzfmkKX0.roa
Signing time: Fri 17 May 2024 06:40:04 +0000
ROA not before: Fri 17 May 2024 06:40:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39728
IP address blocks: 91.217.4.0/23 maxlen: 23
91.217.4.0/24 maxlen: 24
91.217.5.0/24 maxlen: 24
176.113.224.0/19 maxlen: 19
178.214.160.0/19 maxlen: 19
178.216.232.0/21 maxlen: 21
185.149.196.0/22 maxlen: 22
185.149.198.0/24 maxlen: 24
185.149.199.0/24 maxlen: 24
185.178.245.0/24 maxlen: 24
194.31.152.0/22 maxlen: 22
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:85:47:78:6f:cd:fe:f0:65:55:5b:91:63:bf:30:5e:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: May 17 06:40:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18f5fbfa33a0b6f85a34a65998ce0dcdf9a4297d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dd:16:53:bf:01:a6:17:ac:4c:2b:ac:ae:89:
03:bf:81:f6:dd:7b:2c:7a:44:a0:19:71:35:a7:00:
8c:e6:bc:cd:d0:f1:62:af:4b:ef:d3:c2:e4:19:6e:
3d:4f:4a:06:06:84:0f:7c:d9:46:8d:b7:01:48:2b:
32:4e:01:42:d4:d0:6e:ed:2d:0a:44:8f:42:91:81:
3c:7f:6e:74:bf:fb:e1:a2:d7:93:4d:f2:9c:cf:1d:
f9:b9:70:a1:b2:d7:44:d2:ad:e3:b9:c3:b6:37:75:
ea:57:7e:2f:27:75:40:b8:ac:4d:34:37:c0:78:5c:
7a:20:bd:91:4d:3b:88:aa:60:e2:02:a2:c7:14:28:
4f:19:45:5e:2e:d1:58:de:f9:b2:c9:8c:16:f8:69:
65:0b:b4:18:a0:e6:15:b0:1d:a7:04:56:bb:d6:42:
e0:d6:2e:0f:51:fc:4c:93:96:05:db:72:7c:41:fb:
a6:40:47:13:fa:53:7c:9e:3b:ae:1a:c5:85:0d:25:
e0:72:13:53:5f:6c:86:13:12:32:33:1b:97:36:9c:
c8:36:de:1c:c6:be:90:bf:40:66:74:ef:85:9b:99:
d3:c8:0f:4c:9f:8e:83:98:e5:23:67:d7:aa:57:db:
e7:8c:f1:f2:36:fd:83:08:e9:f0:62:0b:db:94:c7:
78:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F5:FB:FA:33:A0:B6:F8:5A:34:A6:59:98:CE:0D:CD:F9:A4:29:7D
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/GPX7-jOgtvhaNKZZmM4NzfmkKX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
185.178.245.0/24
194.31.152.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
21:62:f5:ab:7e:a9:40:38:ec:e3:59:1f:bc:88:78:4c:17:b3:
5f:19:38:a5:ca:e6:85:45:5f:95:b9:9b:94:68:4e:36:d3:7b:
fc:11:f1:39:55:d4:14:2f:a8:b7:c1:dd:1e:8b:07:b2:f3:eb:
88:37:31:22:68:f5:ea:6c:92:16:82:aa:25:22:e5:39:ef:a6:
e3:07:f9:65:f4:af:cf:6b:0f:1c:e1:dd:7e:f6:19:cb:de:cc:
80:90:47:9f:5d:4f:47:c9:cc:d3:c3:9d:63:de:b8:8e:ee:7e:
d4:0f:d7:52:f6:02:2f:8a:97:8a:5c:84:32:7d:7d:0f:b1:aa:
2a:5c:c9:62:7a:f6:20:fb:92:62:eb:ae:7b:1c:8c:a7:32:30:
cc:ce:74:22:bf:a3:f6:d3:a9:0f:02:92:c1:d7:f6:b4:1f:da:
80:17:d8:f9:48:85:d5:56:bd:9c:c6:ee:fb:80:b8:92:89:64:
81:5a:8a:60:cd:78:d4:38:3f:6b:cb:33:67:95:22:f3:32:6e:
85:0a:3f:f0:47:b4:77:f0:cc:7d:99:80:8f:37:da:02:0e:aa:
08:9a:cf:ce:23:ce:cd:2d:f1:bb:e7:61:27:64:fc:5c:20:fd:
88:80:db:23:e3:95:17:e8:7c:ca:62:ba:b8:cd:6b:af:b2:23:
a9:8a:f9:9c
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY+FR3hvzf7wZVVbkWO/MF72MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwNTE3MDY0MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGY1ZmJmYTMzYTBiNmY4NWEzNGE2NTk5OGNlMGRjZGY5YTQyOTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt0WU78BphesTCusrokDv4H23Xss
ekSgGXE1pwCM5rzN0PFir0vv08LkGW49T0oGBoQPfNlGjbcBSCsyTgFC1NBu7S0K
RI9CkYE8f250v/vhoteTTfKczx35uXChstdE0q3jucO2N3XqV34vJ3VAuKxNNDfA
eFx6IL2RTTuIqmDiAqLHFChPGUVeLtFY3vmyyYwW+GllC7QYoOYVsB2nBFa71kLg
1i4PUfxMk5YF23J8QfumQEcT+lN8njuuGsWFDSXgchNTX2yGExIyMxuXNpzINt4c
xr6Qv0BmdO+Fm5nTyA9Mn46DmOUjZ9eqV9vnjPHyNv2DCOnwYgvblMd4hQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBj1+/ozoLb4WjSmWZjODc35pCl9MB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvR1BYNy1qT2d0dmhhTktaWm1NNE56Zm1rS1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQCuZXEAwQAubL1AwQCwh+YMA8EAgACMAkDBwEqB2kA
AAAwDQYJKoZIhvcNAQELBQADggEBACFi9at+qUA47ONZH7yIeEwXs18ZOKXK5oVF
X5W5m5RoTjbTe/wR8TlV1BQvqLfB3R6LB7Lz64g3MSJo9epskhaCqiUi5TnvpuMH
+WX0r89rDxzh3X72GcvezICQR59dT0fJzNPDnWPeuI7uftQP11L2Ai+Kl4pchDJ9
fQ+xqipcyWJ69iD7kmLrrnscjKcyMMzOdCK/o/bTqQ8CksHX9rQf2oAX2PlIhdVW
vZzG7vuAuJKJZIFaimDNeNQ4P2vLM2eVIvMyboUKP/BHtHfwzH2ZgI832gIOqgia
z84jzs0t8bvnYSdk/Fwg/YiA2yPjlRfofMpiurjNa6+yI6mK+Zw=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:11 2024 by rpki-client on console-fra.rpki-client.org