Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/GdL2cImNbZL9qBWoAtuOxfdJZLw.roa
File: GdL2cImNbZL9qBWoAtuOxfdJZLw.roa (raw, json)
Hash identifier: S4jn/ys/U72HuToojOXrdHhGD/gf4ooBI0zjf3PfWFs=
Subject key identifier: 19:D2:F6:70:89:8D:6D:92:FD:A8:15:A8:02:DB:8E:C5:F7:49:64:BC
Certificate issuer: /CN=56eb6a5fa3d217a2ee7d4a62d8461a6793ed5cb3
Certificate serial: 018D5FCD72AD042B22FBCCE7C64EC707B26B
Authority key identifier: 56:EB:6A:5F:A3:D2:17:A2:EE:7D:4A:62:D8:46:1A:67:93:ED:5C:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VutqX6PSF6LufUpi2EYaZ5PtXLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/GdL2cImNbZL9qBWoAtuOxfdJZLw.roa
Signing time: Wed 31 Jan 2024 13:55:16 +0000
ROA not before: Wed 31 Jan 2024 13:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213184
IP address blocks: 91.201.106.0/24 maxlen: 24
2a0a:9100::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/VutqX6PSF6LufUpi2EYaZ5PtXLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/VutqX6PSF6LufUpi2EYaZ5PtXLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/VutqX6PSF6LufUpi2EYaZ5PtXLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:cd:72:ad:04:2b:22:fb:cc:e7:c6:4e:c7:07:b2:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56eb6a5fa3d217a2ee7d4a62d8461a6793ed5cb3
Validity
Not Before: Jan 31 13:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19d2f670898d6d92fda815a802db8ec5f74964bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:52:fb:31:da:a1:2f:fb:ff:0c:de:d9:c8:67:
24:11:2b:ca:21:26:22:04:38:6b:a8:66:f1:0a:ad:
a0:24:14:05:fd:98:f2:c5:3e:95:92:cd:eb:2d:42:
31:4e:60:7d:15:9a:8d:bd:62:2e:26:7a:72:84:95:
93:5a:5a:fd:68:86:b9:7c:fd:5d:b7:09:0e:f6:0b:
df:56:ee:0e:32:04:fa:25:d5:5f:8b:8e:63:a6:e4:
41:ae:ee:74:15:3f:83:b5:89:2b:2b:fa:e0:12:67:
f1:38:a2:2b:44:9f:86:d9:fa:c5:fc:f4:9d:0e:d3:
db:56:03:0a:a8:1c:93:5e:96:4a:fb:66:8c:d7:5b:
10:27:01:c3:d8:31:2c:a8:34:49:7a:5c:7a:82:cf:
96:ea:9c:f1:9f:30:1b:77:21:af:36:1a:71:ae:f9:
09:90:e4:69:1a:32:92:45:cc:66:d4:23:c0:e5:8e:
b2:bf:4c:b7:ad:aa:e4:98:92:fa:7a:37:61:bf:6e:
33:6e:fa:e8:e3:18:41:29:d6:e7:0e:28:f1:64:f1:
4f:55:13:99:12:59:28:0c:31:a4:45:0f:a7:30:58:
e3:cd:80:15:23:31:6e:9f:6e:12:1d:33:7c:a1:fc:
23:24:3b:c4:4e:6c:fc:4c:91:26:95:7a:7b:88:65:
43:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D2:F6:70:89:8D:6D:92:FD:A8:15:A8:02:DB:8E:C5:F7:49:64:BC
X509v3 Authority Key Identifier:
keyid:56:EB:6A:5F:A3:D2:17:A2:EE:7D:4A:62:D8:46:1A:67:93:ED:5C:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VutqX6PSF6LufUpi2EYaZ5PtXLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/GdL2cImNbZL9qBWoAtuOxfdJZLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c25435-d23a-41a3-bc5e-53ecc6655f6b/1/VutqX6PSF6LufUpi2EYaZ5PtXLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.106.0/24
IPv6:
2a0a:9100::/29
Signature Algorithm: sha256WithRSAEncryption
55:f6:3b:6f:9b:44:43:c4:9e:47:1f:b5:e4:c1:fe:fb:d8:4c:
4a:64:38:ed:85:35:07:23:69:9f:39:0e:cc:25:14:cf:55:89:
a4:37:75:87:b2:58:41:c9:fe:e6:96:8a:c6:17:31:2e:92:d4:
35:91:4f:09:34:5a:0e:cd:6d:1a:3d:78:33:99:eb:7e:2a:81:
e5:61:64:b9:26:af:2c:c7:d5:9b:df:e3:b1:a0:82:63:76:49:
e1:1f:d6:14:76:50:50:71:9f:8b:50:36:c4:24:32:d2:62:17:
a9:5e:83:50:cd:dc:48:67:2b:34:45:56:6e:c9:d0:30:c6:8c:
3f:97:92:0c:9a:63:78:c7:7f:c9:16:fa:e5:e7:55:af:d7:d0:
97:ff:2e:55:43:d7:4d:51:0d:d1:b2:6c:37:92:3b:68:1e:51:
89:1f:b5:42:86:ce:e9:7a:40:ab:14:89:bd:94:a3:5c:b0:89:
8c:02:94:a4:e5:a9:a0:f1:cc:32:72:e7:56:b3:16:0a:5b:e9:
89:91:e0:ac:d1:8f:14:49:5e:af:95:fb:a8:fd:14:5c:d4:ad:
bf:19:99:ac:c0:92:12:c9:35:15:c0:37:e2:9e:30:f3:a6:a5:
71:8d:41:98:34:f6:ca:a8:ec:60:ea:6c:13:12:e3:ff:b1:d4:
34:74:ba:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1fzXKtBCsi+8znxk7HB7JrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZWI2YTVmYTNkMjE3YTJlZTdkNGE2MmQ4NDYxYTY3OTNl
ZDVjYjMwHhcNMjQwMTMxMTM1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQyZjY3MDg5OGQ2ZDkyZmRhODE1YTgwMmRiOGVjNWY3NDk2NGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1L7MdqhL/v/DN7ZyGckESvKISYi
BDhrqGbxCq2gJBQF/ZjyxT6Vks3rLUIxTmB9FZqNvWIuJnpyhJWTWlr9aIa5fP1d
twkO9gvfVu4OMgT6JdVfi45jpuRBru50FT+DtYkrK/rgEmfxOKIrRJ+G2frF/PSd
DtPbVgMKqByTXpZK+2aM11sQJwHD2DEsqDRJelx6gs+W6pzxnzAbdyGvNhpxrvkJ
kORpGjKSRcxm1CPA5Y6yv0y3rarkmJL6ejdhv24zbvro4xhBKdbnDijxZPFPVROZ
ElkoDDGkRQ+nMFjjzYAVIzFun24SHTN8ofwjJDvETmz8TJEmlXp7iGVDrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBnS9nCJjW2S/agVqALbjsX3SWS8MB8GA1UdIwQY
MBaAFFbral+j0hei7n1KYthGGmeT7VyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnV0cVg2UFNGNkx1ZlVwaTJFWWFaNVB0WExNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jMjU0MzUtZDIzYS00MWEzLWJjNWUt
NTNlY2M2NjU1ZjZiLzEvR2RMMmNJbU5iWkw5cUJXb0F0dU94ZmRKWkx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jMjU0MzUtZDIzYS00MWEzLWJjNWUtNTNlY2M2NjU1ZjZi
LzEvVnV0cVg2UFNGNkx1ZlVwaTJFWWFaNVB0WExNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8lqMA0E
AgACMAcDBQMqCpEAMA0GCSqGSIb3DQEBCwUAA4IBAQBV9jtvm0RDxJ5HH7Xkwf77
2ExKZDjthTUHI2mfOQ7MJRTPVYmkN3WHslhByf7mlorGFzEuktQ1kU8JNFoOzW0a
PXgzmet+KoHlYWS5Jq8sx9Wb3+OxoIJjdknhH9YUdlBQcZ+LUDbEJDLSYhepXoNQ
zdxIZys0RVZuydAwxow/l5IMmmN4x3/JFvrl51Wv19CX/y5VQ9dNUQ3Rsmw3kjto
HlGJH7VChs7pekCrFIm9lKNcsImMApSk5amg8cwycudWsxYKW+mJkeCs0Y8USV6v
lfuo/RRc1K2/GZmswJISyTUVwDfinjDzpqVxjUGYNPbKqOxg6mwTEuP/sdQ0dLo9
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:42 2024 by rpki-client on console-fra.rpki-client.org