Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/GBq0tRxXZ9lB0LfVonneMbJOjeI.roa
File: GBq0tRxXZ9lB0LfVonneMbJOjeI.roa (raw, json)
Hash identifier: krTbRfLVqB2GMTc/uU1+zOxsXmjhUyVW4Wkw8dRYwh4=
Subject key identifier: 18:1A:B4:B5:1C:57:67:D9:41:D0:B7:D5:A2:79:DE:31:B2:4E:8D:E2
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018D6BB7FED7FF0AFC0A5B94609B7BA46D25
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/GBq0tRxXZ9lB0LfVonneMbJOjeI.roa
Signing time: Fri 02 Feb 2024 21:27:16 +0000
ROA not before: Fri 02 Feb 2024 21:27:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400696
IP address blocks: 85.203.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 13:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:b7:fe:d7:ff:0a:fc:0a:5b:94:60:9b:7b:a4:6d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Feb 2 21:27:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=181ab4b51c5767d941d0b7d5a279de31b24e8de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ea:42:87:52:de:56:be:9a:18:79:b6:cb:b4:
47:8f:3e:9b:df:5e:fb:f9:d2:02:e2:59:e2:d1:d1:
96:81:99:06:f6:31:dd:a7:7a:62:e3:95:d3:e9:02:
84:21:52:18:d5:a5:b1:5b:9b:9d:44:ac:31:e5:a4:
56:59:70:45:28:70:39:04:6d:8b:15:5c:f6:4a:6f:
40:98:1d:d4:b4:b5:8c:69:f0:9c:d2:4e:21:58:09:
5d:a9:d9:8f:b5:70:32:44:d1:04:d9:9d:b9:73:26:
e9:42:18:3c:39:08:bb:4b:fa:15:dc:c9:64:17:75:
b6:c9:a5:9c:3b:f0:6a:4a:60:9b:f9:c0:e5:07:86:
26:9c:d1:69:35:58:a8:82:fe:08:91:d7:53:7a:c7:
fa:b6:08:42:94:e9:67:7f:b0:93:91:01:24:52:d9:
e7:e8:a2:39:a4:b3:3d:2b:0d:87:8f:9a:a8:fa:3a:
54:d9:d4:a4:ec:e5:da:da:0d:22:af:e4:7a:09:b4:
81:bf:9f:c1:87:66:18:87:bb:b6:b6:8f:b9:00:61:
09:d9:79:62:36:14:d0:98:70:ee:0e:e6:2d:1f:f4:
0e:5c:78:4a:fa:18:a2:8c:04:a1:72:f1:2a:f6:17:
af:2f:6e:4f:b7:bd:f5:e5:af:d6:2d:9a:58:26:4c:
81:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1A:B4:B5:1C:57:67:D9:41:D0:B7:D5:A2:79:DE:31:B2:4E:8D:E2
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/GBq0tRxXZ9lB0LfVonneMbJOjeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.19.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f9:9b:b0:d9:09:8a:cc:9e:04:6b:79:7c:e0:c2:29:6f:f2:
0c:2e:cd:61:51:6d:c3:71:13:35:7b:51:c1:5a:83:32:66:6b:
cf:cd:58:42:9f:23:db:de:28:48:2b:56:33:91:51:74:05:41:
f7:50:e0:22:12:c9:7a:a8:17:f9:e3:22:65:06:a2:9a:07:90:
eb:68:7a:7b:29:95:43:7e:d3:80:ae:69:14:ae:29:18:ad:e2:
23:e2:b4:12:5e:12:a7:ab:8c:63:ec:b2:0b:94:e6:ee:11:d4:
17:06:b5:92:85:bf:4d:e6:3d:5c:c6:d5:5e:ec:ff:51:68:73:
b8:a1:03:34:dc:33:9b:eb:65:74:bd:ca:a2:ad:02:79:c6:92:
7f:3d:db:91:ec:a4:86:15:0d:46:2b:35:6b:2c:77:b2:e2:a6:
86:6b:42:02:b6:16:d1:84:bd:ae:f5:f9:d0:6d:49:3f:38:fb:
4b:c2:9f:bb:a4:12:9f:c3:21:07:a0:b9:3c:31:0a:2f:a3:ad:
b1:a8:b8:a7:31:cd:0e:44:72:97:80:44:c0:51:7f:d5:83:8c:
5c:32:39:be:98:0a:a1:da:59:38:4e:ec:09:9f:6f:16:d4:ba:
10:80:95:20:5d:fc:4c:9b:3e:eb:97:e1:8c:02:d0:fc:a0:ce:
99:21:a5:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1rt/7X/wr8CluUYJt7pG0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMjAyMjEyNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODFhYjRiNTFjNTc2N2Q5NDFkMGI3ZDVhMjc5ZGUzMWIyNGU4ZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+pCh1LeVr6aGHm2y7RHjz6b3177
+dIC4lni0dGWgZkG9jHdp3pi45XT6QKEIVIY1aWxW5udRKwx5aRWWXBFKHA5BG2L
FVz2Sm9AmB3UtLWMafCc0k4hWAldqdmPtXAyRNEE2Z25cybpQhg8OQi7S/oV3Mlk
F3W2yaWcO/BqSmCb+cDlB4YmnNFpNViogv4IkddTesf6tghClOlnf7CTkQEkUtnn
6KI5pLM9Kw2Hj5qo+jpU2dSk7OXa2g0ir+R6CbSBv5/Bh2YYh7u2to+5AGEJ2Xli
NhTQmHDuDuYtH/QOXHhK+hiijAShcvEq9hevL25Pt7315a/WLZpYJkyBtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgatLUcV2fZQdC31aJ53jGyTo3iMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvR0JxMHRSeFhaOWxCMExmVm9ubmVNYkpPamVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsTMA0G
CSqGSIb3DQEBCwUAA4IBAQBI+Zuw2QmKzJ4Ea3l84MIpb/IMLs1hUW3DcRM1e1HB
WoMyZmvPzVhCnyPb3ihIK1YzkVF0BUH3UOAiEsl6qBf54yJlBqKaB5DraHp7KZVD
ftOArmkUrikYreIj4rQSXhKnq4xj7LILlObuEdQXBrWShb9N5j1cxtVe7P9RaHO4
oQM03DOb62V0vcqirQJ5xpJ/PduR7KSGFQ1GKzVrLHey4qaGa0ICthbRhL2u9fnQ
bUk/OPtLwp+7pBKfwyEHoLk8MQovo62xqLinMc0ORHKXgETAUX/Vg4xcMjm+mAqh
2lk4TuwJn28W1LoQgJUgXfxMmz7rl+GMAtD8oM6ZIaWP
-----END CERTIFICATE-----
Generated at Thu May 2 20:36:56 2024 by rpki-client on console-ams.rpki-client.org