Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/gxSBL2NEmSnFR0yi3Nuq8O6a2zc.roa
File: gxSBL2NEmSnFR0yi3Nuq8O6a2zc.roa (raw, json)
Hash identifier: Fw8a+BWk47ulTcZESkv7lPMzPuBm5f+UprB6fbTQXmc=
Subject key identifier: 83:14:81:2F:63:44:99:29:C5:47:4C:A2:DC:DB:AA:F0:EE:9A:DB:37
Certificate issuer: /CN=06cbc7614b49878bf37fde0c18d7c851c2d07e6f
Certificate serial: 018CC793448AF3EEF9AECF703FE98AC0DA92
Authority key identifier: 06:CB:C7:61:4B:49:87:8B:F3:7F:DE:0C:18:D7:C8:51:C2:D0:7E:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsvHYUtJh4vzf94MGNfIUcLQfm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/gxSBL2NEmSnFR0yi3Nuq8O6a2zc.roa
Signing time: Tue 02 Jan 2024 00:29:26 +0000
ROA not before: Tue 02 Jan 2024 00:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8412
IP address blocks: 78.132.0.0/17 maxlen: 18
212.95.0.0/19 maxlen: 24
46.124.0.0/15 maxlen: 16
185.99.72.0/22 maxlen: 23
62.140.32.0/19 maxlen: 20
213.142.96.0/19 maxlen: 23
212.67.224.0/19 maxlen: 20
213.162.64.0/19 maxlen: 23
2001:4bc8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/BsvHYUtJh4vzf94MGNfIUcLQfm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/BsvHYUtJh4vzf94MGNfIUcLQfm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BsvHYUtJh4vzf94MGNfIUcLQfm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:44:8a:f3:ee:f9:ae:cf:70:3f:e9:8a:c0:da:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06cbc7614b49878bf37fde0c18d7c851c2d07e6f
Validity
Not Before: Jan 2 00:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8314812f63449929c5474ca2dcdbaaf0ee9adb37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:7a:76:77:a4:7b:68:55:4a:74:b1:f0:86:
7f:b0:20:b8:7b:5e:28:13:9a:d2:0c:3c:16:4e:02:
fb:d7:75:52:30:14:b2:72:20:19:e2:17:88:83:bd:
a3:0e:0e:33:f1:39:28:bb:3e:4b:c4:a4:4b:9e:97:
5d:b0:eb:b7:18:26:7a:ee:66:cc:0a:01:c0:82:f3:
bf:a4:ab:b1:30:47:d5:ff:59:ae:54:a6:be:d1:8d:
9b:bf:38:98:55:01:b3:29:b4:0c:b9:d4:a0:1f:ac:
8c:d2:0f:1a:00:2c:a4:55:32:ed:a4:4f:23:ed:d3:
c6:26:2d:fd:c1:d6:f8:9a:41:6d:cb:da:1c:af:ca:
f6:24:17:7f:30:5b:a6:48:7b:e0:25:fd:6d:e4:79:
2e:13:4f:cb:dd:d9:bf:33:fc:8f:de:81:e7:4e:9a:
00:2d:9e:f7:d6:53:b7:8c:1e:39:f9:eb:66:86:10:
81:07:d8:61:42:d2:14:ba:14:f8:9c:3e:48:7d:8b:
7f:9d:63:f9:b9:bd:9c:1f:25:4c:dd:8d:20:3c:ac:
f3:b4:e5:f7:53:64:53:94:5c:97:ed:1e:fe:08:c3:
b8:de:5e:a3:ae:b5:ba:39:07:ea:6d:89:fd:6a:d8:
95:96:be:07:c1:d9:32:cb:5e:1b:f8:7e:70:8e:35:
3b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:14:81:2F:63:44:99:29:C5:47:4C:A2:DC:DB:AA:F0:EE:9A:DB:37
X509v3 Authority Key Identifier:
keyid:06:CB:C7:61:4B:49:87:8B:F3:7F:DE:0C:18:D7:C8:51:C2:D0:7E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsvHYUtJh4vzf94MGNfIUcLQfm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/gxSBL2NEmSnFR0yi3Nuq8O6a2zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/BsvHYUtJh4vzf94MGNfIUcLQfm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.124.0.0/15
62.140.32.0/19
78.132.0.0/17
185.99.72.0/22
212.67.224.0/19
212.95.0.0/19
213.142.96.0/19
213.162.64.0/19
IPv6:
2001:4bc8::/29
Signature Algorithm: sha256WithRSAEncryption
59:8b:84:79:71:8a:20:6c:c4:a5:63:6b:72:0a:29:4e:b6:97:
93:cc:2a:07:31:b0:a9:40:cb:3b:6c:8a:8f:5a:fd:3e:5c:d8:
da:57:50:a3:67:5d:6a:e4:e9:14:8b:82:85:38:0f:30:b0:be:
4e:b3:3a:0a:96:80:af:2d:3a:b5:e2:42:c0:d7:da:3e:01:22:
dd:8e:31:b0:3f:2b:85:04:fe:8f:b3:6d:9a:12:23:8d:8c:04:
e8:31:26:2c:e8:4d:c4:27:d2:cf:c3:7f:e4:1f:fe:f0:f2:7e:
b1:59:cb:23:8b:0b:99:8d:07:98:71:e6:3d:4f:bb:26:95:d4:
9d:ac:7d:a2:63:2d:c6:db:34:75:81:63:a9:86:73:11:f7:c7:
f2:00:6b:45:2e:28:07:40:83:3c:26:4c:13:0c:4b:82:81:5b:
23:dc:e9:c7:11:1f:1e:a3:44:69:fc:ab:5e:7e:5e:5b:bf:df:
fd:a5:4f:3f:28:ec:f5:0a:69:6e:07:c7:2d:9c:bf:64:6d:43:
f9:ff:de:d1:6d:a7:ae:cc:e2:5e:a1:fa:f5:fe:ce:46:8d:d0:
23:64:8e:04:87:96:ef:b6:f8:4f:6e:01:40:21:ce:28:dd:67:
2e:c0:a5:d8:6d:d5:42:30:5b:2f:a0:c1:45:be:b0:2a:7c:97:
53:5e:e9:78
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzHk0SK8+75rs9wP+mKwNqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Y2JjNzYxNGI0OTg3OGJmMzdmZGUwYzE4ZDdjODUxYzJk
MDdlNmYwHhcNMjQwMTAyMDAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzE0ODEyZjYzNDQ5OTI5YzU0NzRjYTJkY2RiYWFmMGVlOWFkYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK16dneke2hVSnSx8IZ/sCC4e14o
E5rSDDwWTgL713VSMBSyciAZ4heIg72jDg4z8Tkouz5LxKRLnpddsOu3GCZ67mbM
CgHAgvO/pKuxMEfV/1muVKa+0Y2bvziYVQGzKbQMudSgH6yM0g8aACykVTLtpE8j
7dPGJi39wdb4mkFty9ocr8r2JBd/MFumSHvgJf1t5HkuE0/L3dm/M/yP3oHnTpoA
LZ731lO3jB45+etmhhCBB9hhQtIUuhT4nD5IfYt/nWP5ub2cHyVM3Y0gPKzztOX3
U2RTlFyX7R7+CMO43l6jrrW6OQfqbYn9atiVlr4Hwdkyy14b+H5wjjU7QwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFIMUgS9jRJkpxUdMotzbqvDumts3MB8GA1UdIwQY
MBaAFAbLx2FLSYeL83/eDBjXyFHC0H5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnN2SFlVdEpoNHZ6Zjk0TUdOZklVY0xRZm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84NzdmOTktN2FjYy00ZDMwLTgzYzgt
NTc1YTYwZGU2NmE0LzEvZ3hTQkwyTkVtU25GUjB5aTNOdXE4TzZhMnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84NzdmOTktN2FjYy00ZDMwLTgzYzgtNTc1YTYwZGU2NmE0
LzEvQnN2SFlVdEpoNHZ6Zjk0TUdOZklVY0xRZm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMBLnwDBAU+
jCADBAdOhAADBAK5Y0gDBAXUQ+ADBAXUXwADBAXVjmADBAXVokAwDQQCAAIwBwMF
AyABS8gwDQYJKoZIhvcNAQELBQADggEBAFmLhHlxiiBsxKVja3IKKU62l5PMKgcx
sKlAyztsio9a/T5c2NpXUKNnXWrk6RSLgoU4DzCwvk6zOgqWgK8tOrXiQsDX2j4B
It2OMbA/K4UE/o+zbZoSI42MBOgxJizoTcQn0s/Df+Qf/vDyfrFZyyOLC5mNB5hx
5j1PuyaV1J2sfaJjLcbbNHWBY6mGcxH3x/IAa0UuKAdAgzwmTBMMS4KBWyPc6ccR
Hx6jRGn8q15+Xlu/3/2lTz8o7PUKaW4Hxy2cv2RtQ/n/3tFtp67M4l6h+vX+zkaN
0CNkjgSHlu+2+E9uAUAhzijdZy7Apdht1UIwWy+gwUW+sCp8l1Ne6Xg=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:49:00 2024 by rpki-client on console-fra.rpki-client.org