Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/GvesPV3ovY0qaUXjE7QoWqPCu-I.roa
File: GvesPV3ovY0qaUXjE7QoWqPCu-I.roa (raw, json)
Hash identifier: 5wD+bTgu/ptjjGBqxOW4cm9adypJrOOVMzdpSNrFCsc=
Subject key identifier: 1A:F7:AC:3D:5D:E8:BD:8D:2A:69:45:E3:13:B4:28:5A:A3:C2:BB:E2
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018CC86EFBBB7ADE915FF9F4BEC8869F0E76
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/GvesPV3ovY0qaUXjE7QoWqPCu-I.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57643
IP address blocks: 185.188.164.0/22 maxlen: 22
185.174.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Nov 2024 17:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fb:bb:7a:de:91:5f:f9:f4:be:c8:86:9f:0e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1af7ac3d5de8bd8d2a6945e313b4285aa3c2bbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:26:dd:b9:7a:1f:88:d7:40:f6:c6:c5:8a:b4:
e7:aa:2c:ab:9d:fd:41:ee:46:80:b6:8a:37:6c:86:
80:d6:30:c8:32:c3:e2:ab:a1:a7:d7:97:5c:2a:10:
ec:b3:36:55:a7:3d:97:4e:4a:1b:5f:74:90:0f:c3:
f3:a0:d1:e1:b7:85:c4:44:dc:fd:08:b2:36:aa:29:
08:7a:7a:bf:84:62:34:0c:07:e3:40:c8:71:87:89:
bc:d0:11:0c:cd:fa:18:c1:f7:76:62:97:b2:18:dc:
4b:11:c9:75:87:13:03:c2:b5:bc:dc:c7:5b:01:ef:
d3:84:1d:3a:43:5a:42:1d:ad:49:55:c9:07:c5:8f:
ce:0c:33:ba:81:0d:11:28:f7:cf:b7:f1:05:45:b9:
13:a7:5f:05:19:bc:c3:04:a8:0e:a7:ac:4a:8f:25:
c1:12:1e:67:c9:d5:ec:b6:1a:d8:34:ad:2d:49:ef:
d0:fb:7d:03:2b:cb:3e:e7:65:5a:d1:5e:ea:f0:75:
0a:b6:3e:50:fb:b5:2e:7a:3e:81:c9:f1:5b:a3:10:
9a:83:53:d0:34:18:60:08:d5:b5:32:6d:72:b9:fe:
fe:fb:1f:68:c8:11:46:c8:70:eb:b7:a3:4b:cc:28:
71:1c:85:d2:d9:97:ba:33:86:14:9a:96:7c:bb:9c:
94:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F7:AC:3D:5D:E8:BD:8D:2A:69:45:E3:13:B4:28:5A:A3:C2:BB:E2
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/GvesPV3ovY0qaUXjE7QoWqPCu-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.120.0/22
185.188.164.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:38:d3:83:12:af:c8:91:8d:34:05:66:79:ac:b3:bd:37:6f:
79:4e:2c:ce:b0:31:41:25:19:d3:21:72:07:bb:a2:c4:e6:65:
cd:6a:23:82:9d:08:47:f5:d0:28:ac:85:91:24:b9:5d:93:d9:
b1:0a:ca:fb:6a:44:21:bf:8d:6d:67:fe:33:4d:68:80:bf:6b:
93:bc:fb:f1:89:b8:2e:da:bd:7b:be:f8:6e:86:34:b4:aa:6e:
a4:9a:c6:d1:4d:d7:1d:e7:8d:d2:d0:8c:b0:39:63:d0:a5:d2:
e8:83:e8:7b:b2:0c:bb:ea:db:67:c1:4c:e7:9e:7e:ae:0e:71:
82:98:f6:77:d7:f4:0b:e6:f6:b3:5a:47:37:f6:88:96:a2:9e:
4f:9a:09:f6:bf:8a:75:63:d0:2f:52:89:97:d1:4d:d7:ce:74:
c5:9a:48:b0:87:52:34:76:6f:89:b9:3c:cd:13:66:c5:7f:fc:
d0:35:71:b5:2b:18:52:b5:51:09:bf:c6:fe:5c:83:cd:b0:0f:
e7:12:50:20:90:fa:8c:27:9b:7e:e5:ad:5c:ae:20:28:a3:98:
75:2a:59:06:35:59:ee:9c:ee:ca:7e:19:4a:1a:89:c2:2c:cb:
5d:fc:83:22:15:97:63:27:ea:34:fa:8d:ee:35:c7:a3:a7:79:
fd:27:de:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbvu7et6RX/n0vsiGnw52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWY3YWMzZDVkZThiZDhkMmE2OTQ1ZTMxM2I0Mjg1YWEzYzJiYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtybduXofiNdA9sbFirTnqiyrnf1B
7kaAtoo3bIaA1jDIMsPiq6Gn15dcKhDsszZVpz2XTkobX3SQD8PzoNHht4XERNz9
CLI2qikIenq/hGI0DAfjQMhxh4m80BEMzfoYwfd2YpeyGNxLEcl1hxMDwrW83Mdb
Ae/ThB06Q1pCHa1JVckHxY/ODDO6gQ0RKPfPt/EFRbkTp18FGbzDBKgOp6xKjyXB
Eh5nydXsthrYNK0tSe/Q+30DK8s+52Va0V7q8HUKtj5Q+7Uuej6ByfFboxCag1PQ
NBhgCNW1Mm1yuf7++x9oyBFGyHDrt6NLzChxHIXS2Ze6M4YUmpZ8u5yUJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBr3rD1d6L2NKmlF4xO0KFqjwrviMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvR3Zlc1BWM292WTBxYVVYakU3UW9XcVBDdS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua54AwQC
ubykMA0GCSqGSIb3DQEBCwUAA4IBAQAdONODEq/IkY00BWZ5rLO9N295TizOsDFB
JRnTIXIHu6LE5mXNaiOCnQhH9dAorIWRJLldk9mxCsr7akQhv41tZ/4zTWiAv2uT
vPvxibgu2r17vvhuhjS0qm6kmsbRTdcd543S0IywOWPQpdLog+h7sgy76ttnwUzn
nn6uDnGCmPZ31/QL5vazWkc39oiWop5Pmgn2v4p1Y9AvUomX0U3XznTFmkiwh1I0
dm+JuTzNE2bFf/zQNXG1KxhStVEJv8b+XIPNsA/nElAgkPqMJ5t+5a1criAoo5h1
KlkGNVnunO7KfhlKGonCLMtd/IMiFZdjJ+o0+o3uNcejp3n9J95r
-----END CERTIFICATE-----
Generated at Thu Nov 14 02:05:56 2024 by rpki-client on console-ams.rpki-client.org