Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/gFPKMP1wkKTyoT3IRFaLVZbCwlE.roa
File: gFPKMP1wkKTyoT3IRFaLVZbCwlE.roa (raw, json)
Hash identifier: fWv88D1cmjUwT3vFEAPYUmlyHggyRsbHx6XoYeUBU3c=
Subject key identifier: 80:53:CA:30:FD:70:90:A4:F2:A1:3D:C8:44:56:8B:55:96:C2:C2:51
Certificate issuer: /CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Certificate serial: 018CC56EC121C55DEA098D4835C2615C9524
Authority key identifier: 27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/gFPKMP1wkKTyoT3IRFaLVZbCwlE.roa
Signing time: Mon 01 Jan 2024 14:30:19 +0000
ROA not before: Mon 01 Jan 2024 14:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29166
IP address blocks: 193.135.31.0/24 maxlen: 24
193.5.8.0/23 maxlen: 23
194.40.212.0/22 maxlen: 22
194.40.216.0/22 maxlen: 22
194.40.220.0/22 maxlen: 22
194.40.224.0/22 maxlen: 22
194.40.228.0/22 maxlen: 22
194.40.232.0/24 maxlen: 24
194.40.234.0/23 maxlen: 23
193.5.42.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c1:21:c5:5d:ea:09:8d:48:35:c2:61:5c:95:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Validity
Not Before: Jan 1 14:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8053ca30fd7090a4f2a13dc844568b5596c2c251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:26:9f:5e:72:e4:ff:6a:4c:47:18:be:5b:c2:
74:a2:3c:3a:28:10:e0:88:6e:36:b4:4f:06:ce:4e:
55:2b:0d:79:df:80:9f:50:b7:6d:ae:c6:e9:2d:97:
e3:1b:27:c8:c2:9b:2d:52:be:03:19:6a:d1:c2:bf:
8e:a4:ae:7d:5c:8e:c4:ef:ac:ad:67:78:4a:19:c2:
77:d7:78:cc:bc:ce:1e:93:c1:1d:9c:9b:c0:2d:09:
0a:fd:e8:ed:f0:21:18:48:b3:a8:a6:92:61:59:cc:
ac:bd:49:8c:3c:27:98:0f:8f:bb:64:4b:44:99:f0:
f7:c1:fe:5b:02:ad:95:0f:b9:3c:29:5c:cc:1d:be:
0a:69:0c:6d:17:03:dc:1d:24:7e:a5:31:01:17:16:
2f:e9:91:d3:20:41:c6:50:03:96:c3:fe:38:79:db:
db:42:32:b0:ce:6d:01:14:0f:af:7d:81:a0:93:40:
24:73:27:29:08:2c:20:44:a7:70:c1:19:dd:04:51:
67:19:c8:d5:9e:88:a8:86:92:cd:a6:f2:7f:65:5e:
da:75:1a:6d:33:77:99:63:ee:88:6a:db:95:e0:00:
8b:d8:9f:84:91:fc:d8:92:f9:02:26:0a:16:8b:c9:
89:a5:78:57:b1:2c:17:e6:82:2d:27:43:37:c1:d1:
c2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:53:CA:30:FD:70:90:A4:F2:A1:3D:C8:44:56:8B:55:96:C2:C2:51
X509v3 Authority Key Identifier:
keyid:27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/gFPKMP1wkKTyoT3IRFaLVZbCwlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.8.0/23
193.5.42.0/23
193.135.31.0/24
194.40.212.0-194.40.232.255
194.40.234.0/23
Signature Algorithm: sha256WithRSAEncryption
16:ae:0c:0a:6c:40:fe:91:29:d6:7e:90:50:02:ae:25:c2:74:
58:cf:bb:62:04:73:19:f1:0e:95:7b:49:39:69:a4:e2:f6:6e:
14:dd:8d:38:63:e3:d0:ba:28:b4:ea:eb:76:23:81:57:41:da:
37:bd:bb:5d:45:42:d2:67:b9:93:8d:a9:bd:1a:81:79:d3:c9:
1e:f7:67:a4:cb:ad:b1:fa:17:0a:fd:e5:97:31:41:00:36:68:
8b:1a:77:64:43:08:b5:d6:f2:92:de:1c:30:67:c5:c8:86:b4:
5a:65:ca:86:81:4f:fe:92:6b:3e:1c:c7:61:3e:38:49:d5:f2:
86:12:7c:f6:c0:dd:e9:35:96:21:c7:5a:3b:af:f6:9f:98:e7:
0f:88:6b:16:8b:df:ba:0a:8b:7a:1e:24:58:d4:37:c3:c6:00:
9e:00:cd:48:20:be:8e:5c:17:b9:9c:77:9b:d0:0f:28:21:89:
13:6a:76:df:76:e2:77:53:f9:e4:67:b5:3c:99:8c:8f:87:e2:
c2:8f:6e:6f:79:41:46:15:b2:c3:a1:65:a6:23:1a:de:f4:a0:
e4:0f:bd:cb:aa:20:e4:4e:97:bd:46:17:fc:a0:85:7d:63:1d:
4c:00:37:c6:11:a1:f0:ef:68:de:10:8c:7c:2a:a9:bb:da:8a:
4b:fb:36:1b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzFbsEhxV3qCY1INcJhXJUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZmMyMTg1NmNkOGUwMzdhN2JiOGM2MzkyYTYxOTgyMTNh
OGI0ZjYwHhcNMjQwMTAxMTQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUzY2EzMGZkNzA5MGE0ZjJhMTNkYzg0NDU2OGI1NTk2YzJjMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSafXnLk/2pMRxi+W8J0ojw6KBDg
iG42tE8Gzk5VKw1534CfULdtrsbpLZfjGyfIwpstUr4DGWrRwr+OpK59XI7E76yt
Z3hKGcJ313jMvM4ek8EdnJvALQkK/ejt8CEYSLOoppJhWcysvUmMPCeYD4+7ZEtE
mfD3wf5bAq2VD7k8KVzMHb4KaQxtFwPcHSR+pTEBFxYv6ZHTIEHGUAOWw/44edvb
QjKwzm0BFA+vfYGgk0AkcycpCCwgRKdwwRndBFFnGcjVnoiohpLNpvJ/ZV7adRpt
M3eZY+6IatuV4ACL2J+EkfzYkvkCJgoWi8mJpXhXsSwX5oItJ0M3wdHCBQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIBTyjD9cJCk8qE9yERWi1WWwsJRMB8GA1UdIwQY
MBaAFCf8IYVs2OA3p7uMY5KmGYITqLT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUt
ZTFmMzY3ZTc5NjIwLzEvZ0ZQS01QMXdrS1R5b1QzSVJGYUxWWmJDd2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUtZTFmMzY3ZTc5NjIw
LzEvSl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBwQUIAwQB
wQUqAwQAwYcfMAwDBALCKNQDBADCKOgDBAHCKOowDQYJKoZIhvcNAQELBQADggEB
ABauDApsQP6RKdZ+kFACriXCdFjPu2IEcxnxDpV7STlppOL2bhTdjThj49C6KLTq
63YjgVdB2je9u11FQtJnuZONqb0agXnTyR73Z6TLrbH6Fwr95ZcxQQA2aIsad2RD
CLXW8pLeHDBnxciGtFplyoaBT/6Saz4cx2E+OEnV8oYSfPbA3ek1liHHWjuv9p+Y
5w+IaxaL37oKi3oeJFjUN8PGAJ4AzUggvo5cF7mcd5vQDyghiRNqdt924ndT+eRn
tTyZjI+H4sKPbm95QUYVssOhZaYjGt70oOQPvcuqIOROl71GF/yghX1jHUwAN8YR
ofDvaN4QjHwqqbvaikv7Nhs=
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:00:32 2024 by rpki-client on console-fra.rpki-client.org