Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/GuJ8coHlCSdD0UmPWHrqF9Uo9NA.roa
File: GuJ8coHlCSdD0UmPWHrqF9Uo9NA.roa (raw, json)
Hash identifier: ot3bWSRn8yEmJXy3qzRO38TNfcylAafgPON+5SJh9RQ=
Subject key identifier: 1A:E2:7C:72:81:E5:09:27:43:D1:49:8F:58:7A:EA:17:D5:28:F4:D0
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB2BABE64EB3C66C1B16DB71C6331
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/GuJ8coHlCSdD0UmPWHrqF9Uo9NA.roa
Signing time: Tue 02 Jan 2024 08:32:41 +0000
ROA not before: Tue 02 Jan 2024 08:32:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201337
IP address blocks: 84.236.137.0/24 maxlen: 24
178.156.75.0/24 maxlen: 24
84.236.184.0/24 maxlen: 24
185.25.198.0/24 maxlen: 24
185.25.196.0/24 maxlen: 24
185.25.196.0/22 maxlen: 22
185.25.197.0/24 maxlen: 24
185.25.199.0/24 maxlen: 24
84.236.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b2:ba:be:64:eb:3c:66:c1:b1:6d:b7:1c:63:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ae27c7281e5092743d1498f587aea17d528f4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:5b:dd:09:fa:73:88:cc:bd:7e:5d:b2:2d:
4d:e4:80:1f:51:4d:79:fd:78:e2:69:a9:46:da:ce:
b2:ed:fc:1d:0a:7a:a8:be:8b:63:7a:c7:73:83:d7:
94:bc:b2:66:02:39:34:7d:c6:be:80:d3:63:be:00:
51:30:a0:89:3e:3f:90:10:2d:0d:2d:e6:ed:c2:a3:
a2:10:03:49:4a:9c:43:71:45:b6:29:3e:80:11:2b:
82:64:cd:70:86:13:0f:8c:c2:ad:a6:b9:2f:32:8b:
fa:69:d5:51:34:25:56:06:a6:35:8b:c4:7d:54:e3:
7f:a3:06:78:4b:e6:6d:10:52:8a:1d:21:ad:7d:ed:
59:9b:ab:67:ed:44:ee:2e:30:0b:04:ce:e4:6b:19:
99:42:7b:50:24:20:c4:1f:a6:b8:28:6e:c9:63:9c:
6f:ff:52:b5:7d:84:70:2e:3f:87:95:67:50:a4:46:
29:a4:65:44:04:7d:00:45:aa:b7:41:03:04:51:8d:
3d:37:c6:78:3b:57:8e:64:4d:12:98:58:1e:b0:bd:
c6:d7:29:14:16:99:22:21:c7:61:7b:8f:f0:22:17:
ed:40:3d:0b:ae:87:c8:d3:a4:1c:cf:1e:81:5d:93:
6b:7f:10:fc:ba:4d:01:0f:bf:a5:e0:4e:9d:42:0a:
4a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E2:7C:72:81:E5:09:27:43:D1:49:8F:58:7A:EA:17:D5:28:F4:D0
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/GuJ8coHlCSdD0UmPWHrqF9Uo9NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.137.0/24
84.236.184.0/24
84.236.189.0/24
178.156.75.0/24
185.25.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:d4:30:63:b0:d1:8e:58:c7:01:33:ea:5d:d9:98:6c:14:a2:
cb:b2:45:0d:c1:c5:12:ce:17:d9:37:1b:be:ab:59:9a:97:16:
ba:0d:b6:6c:f8:d9:93:18:75:f2:d3:cd:82:cc:66:67:7b:e6:
04:95:6a:38:e8:ca:98:c1:9f:90:55:19:75:cb:bc:64:36:ca:
e4:50:d2:2c:56:10:15:a9:3d:f9:d8:95:a9:c0:3d:68:37:dc:
05:15:d3:65:c1:d8:0b:59:a0:34:af:93:1a:e8:d6:b9:a5:db:
13:31:45:30:68:c7:bd:6b:59:1c:51:3d:1e:a3:ed:b9:ff:57:
17:f4:a9:65:b9:46:ea:ae:e7:64:e4:79:fe:63:bc:7d:eb:f5:
14:98:d0:28:96:39:be:16:de:86:c1:57:79:bf:b0:78:38:fb:
c4:a8:c8:1e:7b:03:5a:5f:99:cb:f2:f1:a5:8d:3c:ef:0b:7d:
c7:eb:0e:58:98:be:55:35:c8:96:17:2a:16:a2:ce:93:09:50:
3d:3a:9a:ce:6e:94:45:eb:13:ab:e1:d8:51:c9:71:09:74:62:
81:c7:da:f9:b2:b9:3a:a7:7a:75:1d:f0:8e:e1:e6:43:53:bc:
f8:ee:44:e2:72:11:3b:d0:28:e5:72:ab:52:b0:98:62:1f:09:
81:a3:28:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTbK6vmTrPGbBsW23HGMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWUyN2M3MjgxZTUwOTI3NDNkMTQ5OGY1ODdhZWExN2Q1MjhmNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuRb3Qn6c4jMvX5dsi1N5IAfUU15
/XjiaalG2s6y7fwdCnqovotjesdzg9eUvLJmAjk0fca+gNNjvgBRMKCJPj+QEC0N
LebtwqOiEANJSpxDcUW2KT6AESuCZM1whhMPjMKtprkvMov6adVRNCVWBqY1i8R9
VON/owZ4S+ZtEFKKHSGtfe1Zm6tn7UTuLjALBM7kaxmZQntQJCDEH6a4KG7JY5xv
/1K1fYRwLj+HlWdQpEYppGVEBH0ARaq3QQMEUY09N8Z4O1eOZE0SmFgesL3G1ykU
FpkiIcdhe4/wIhftQD0LrofI06Qczx6BXZNrfxD8uk0BD7+l4E6dQgpKJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBrifHKB5QknQ9FJj1h66hfVKPTQMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvR3VKOGNvSGxDU2REMFVtUFdIcnFGOVVvOU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVOyJAwQA
VOy4AwQAVOy9AwQAspxLAwQCuRnEMA0GCSqGSIb3DQEBCwUAA4IBAQBt1DBjsNGO
WMcBM+pd2ZhsFKLLskUNwcUSzhfZNxu+q1malxa6DbZs+NmTGHXy082CzGZne+YE
lWo46MqYwZ+QVRl1y7xkNsrkUNIsVhAVqT352JWpwD1oN9wFFdNlwdgLWaA0r5Ma
6Na5pdsTMUUwaMe9a1kcUT0eo+25/1cX9KlluUbqrudk5Hn+Y7x96/UUmNAoljm+
Ft6GwVd5v7B4OPvEqMgeewNaX5nL8vGljTzvC33H6w5YmL5VNciWFyoWos6TCVA9
OprObpRF6xOr4dhRyXEJdGKBx9r5srk6p3p1HfCO4eZDU7z47kTichE70CjlcqtS
sJhiHwmBoyhi
-----END CERTIFICATE-----
Generated at Sat May 18 05:34:13 2024 by rpki-client on console-fra.rpki-client.org