Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/gxyE2aU94joSrxk1NgnVRX326-s.roa
File: gxyE2aU94joSrxk1NgnVRX326-s.roa (raw, json)
Hash identifier: 0OdGYX+2CH/dM5Q1Pv6KSTMu1w8RwJDiJSKvAM6ZxOQ=
Subject key identifier: 83:1C:84:D9:A5:3D:E2:3A:12:AF:19:35:36:09:D5:45:7D:F6:EB:EB
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 018CC5DC0E956DAFD6DF9587A6C696E60224
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/gxyE2aU94joSrxk1NgnVRX326-s.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34354
IP address blocks: 89.221.120.0/24 maxlen: 24
89.221.120.0/23 maxlen: 23
89.221.122.0/23 maxlen: 23
89.221.124.0/23 maxlen: 23
89.221.126.0/23 maxlen: 23
89.221.112.0/23 maxlen: 23
85.158.72.0/23 maxlen: 23
85.158.74.0/23 maxlen: 23
85.158.76.0/23 maxlen: 23
85.158.78.0/23 maxlen: 23
89.221.114.0/23 maxlen: 23
89.221.116.0/23 maxlen: 23
89.221.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0e:95:6d:af:d6:df:95:87:a6:c6:96:e6:02:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=831c84d9a53de23a12af19353609d5457df6ebeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:37:5d:e5:b2:59:9d:ea:92:3a:dc:97:f6:67:
8e:60:99:36:16:c7:1f:19:20:80:7e:f1:79:0c:ca:
78:b3:69:2b:b2:74:b3:0e:00:fd:82:e8:d3:a1:ca:
e8:9d:54:8d:20:ae:c1:97:0e:fb:4b:60:c1:f7:71:
29:d2:6f:86:2b:76:52:9b:df:5e:cc:db:bc:99:56:
35:c9:f6:cd:81:94:3d:05:2e:00:09:14:ac:d2:df:
90:77:32:e5:1c:22:dd:e1:d4:2b:46:3c:41:8d:0d:
a2:ea:2f:f8:25:c3:dd:d9:14:82:b5:4a:81:02:66:
d7:4e:ec:be:e8:6e:24:2b:eb:c1:f0:c4:34:c7:30:
82:c6:b5:22:08:29:6f:14:87:67:c1:1d:f2:df:32:
1a:e9:19:bc:e1:1a:c3:b1:85:73:29:b6:99:17:09:
93:35:39:25:21:75:c2:c1:9f:b5:1f:f2:74:a7:43:
a1:ad:e4:de:8e:d2:ac:0e:9a:60:83:90:40:09:05:
66:ad:41:d3:b4:4d:14:3d:94:0c:53:12:ed:d8:9c:
a8:de:49:6b:57:86:57:58:64:fd:cf:45:82:c7:90:
84:9e:08:5f:e4:61:4d:f6:ae:9e:71:09:61:b7:59:
16:30:05:c5:37:a4:d7:c7:73:48:84:36:93:4b:97:
46:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1C:84:D9:A5:3D:E2:3A:12:AF:19:35:36:09:D5:45:7D:F6:EB:EB
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/gxyE2aU94joSrxk1NgnVRX326-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.72.0/21
89.221.112.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:4d:df:f0:50:d2:2e:01:27:5e:ff:30:aa:1a:97:d8:58:29:
fe:c8:ef:80:9f:3f:9b:72:c9:13:29:af:bc:1f:b6:b8:e9:e3:
e1:3e:28:f6:f9:31:74:bd:49:76:ad:4d:57:67:2e:45:e8:93:
3d:bf:0e:b2:43:8a:6a:86:ea:98:f7:40:70:ca:59:d9:7e:0d:
58:a5:7e:c1:5c:9c:19:47:a1:54:74:92:7f:3f:6a:65:d6:8a:
f1:af:b9:47:ad:ab:27:59:87:70:82:fe:5d:eb:9f:8e:30:0b:
fd:27:4d:18:a2:0a:ea:5a:98:5f:c2:74:b4:df:e9:4c:fe:3f:
b6:8c:bd:20:d8:f8:cd:af:4d:25:af:30:c7:7b:c8:a4:d5:28:
16:2b:4b:af:cf:08:e9:d3:0f:b9:8a:c8:d8:06:29:f3:65:02:
bc:0e:ce:14:43:c4:87:3e:b7:dc:f9:08:c6:ee:59:7a:ca:40:
06:f5:b3:cd:c2:4a:15:04:0f:d0:b4:c4:07:6c:4b:49:48:57:
df:2e:c3:f1:4a:e5:1c:cd:65:5a:ab:7d:a8:18:5b:2c:d8:9a:
ee:df:55:ad:56:d7:2a:b5:78:4b:9d:69:bf:52:71:47:79:43:
6a:4d:11:29:60:05:f1:41:69:e9:75:37:8e:96:86:f6:f0:53:
cd:5c:47:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3A6Vba/W35WHpsaW5gIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzFjODRkOWE1M2RlMjNhMTJhZjE5MzUzNjA5ZDU0NTdkZjZlYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTdd5bJZneqSOtyX9meOYJk2Fscf
GSCAfvF5DMp4s2krsnSzDgD9gujTocronVSNIK7Blw77S2DB93Ep0m+GK3ZSm99e
zNu8mVY1yfbNgZQ9BS4ACRSs0t+QdzLlHCLd4dQrRjxBjQ2i6i/4JcPd2RSCtUqB
AmbXTuy+6G4kK+vB8MQ0xzCCxrUiCClvFIdnwR3y3zIa6Rm84RrDsYVzKbaZFwmT
NTklIXXCwZ+1H/J0p0OhreTejtKsDppgg5BACQVmrUHTtE0UPZQMUxLt2Jyo3klr
V4ZXWGT9z0WCx5CEnghf5GFN9q6ecQlht1kWMAXFN6TXx3NIhDaTS5dGyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIMchNmlPeI6Eq8ZNTYJ1UV99uvrMB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvZ3h5RTJhVTk0am9TcnhrMU5nblZSWDMyNi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ5IAwQE
Wd1wMA0GCSqGSIb3DQEBCwUAA4IBAQCLTd/wUNIuASde/zCqGpfYWCn+yO+Anz+b
cskTKa+8H7a46ePhPij2+TF0vUl2rU1XZy5F6JM9vw6yQ4pqhuqY90BwylnZfg1Y
pX7BXJwZR6FUdJJ/P2pl1orxr7lHrasnWYdwgv5d65+OMAv9J00YogrqWphfwnS0
3+lM/j+2jL0g2PjNr00lrzDHe8ik1SgWK0uvzwjp0w+5isjYBinzZQK8Ds4UQ8SH
Prfc+QjG7ll6ykAG9bPNwkoVBA/QtMQHbEtJSFffLsPxSuUczWVaq32oGFss2Jru
31WtVtcqtXhLnWm/UnFHeUNqTREpYAXxQWnpdTeOlob28FPNXEfQ
-----END CERTIFICATE-----
Generated at Fri May 10 14:50:24 2024 by rpki-client on console-fra.rpki-client.org