Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gyPM0uOHBZiirtfLdAmAtikW5uo.roa
File: gyPM0uOHBZiirtfLdAmAtikW5uo.roa (raw, json)
Hash identifier: imgp2hZ/sYP16xqvPleRdT3YhI3e8zr58Giezq+PxMw=
Subject key identifier: 83:23:CC:D2:E3:87:05:98:A2:AE:D7:CB:74:09:80:B6:29:16:E6:EA
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01925E194E048CAB7A7CAB7D38070112B3D1
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gyPM0uOHBZiirtfLdAmAtikW5uo.roa
Signing time: Sat 05 Oct 2024 19:12:49 +0000
ROA not before: Sat 05 Oct 2024 19:12:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211567
IP address blocks: 109.236.48.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5e:19:4e:04:8c:ab:7a:7c:ab:7d:38:07:01:12:b3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Oct 5 19:12:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8323ccd2e3870598a2aed7cb740980b62916e6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:26:3a:73:08:37:1e:eb:4c:84:7d:ed:c6:f6:
19:66:ac:ad:26:11:bc:53:90:37:ac:48:e4:57:44:
df:e3:62:2a:9e:76:3c:ae:50:a1:6d:39:6a:96:5c:
75:89:60:99:b1:49:40:90:5f:2c:20:b4:9e:83:32:
e4:ca:52:e1:04:8f:ca:45:a2:a5:eb:7b:b2:07:42:
78:bd:0c:d4:ae:b2:87:fd:d0:93:a9:7c:15:3c:65:
07:87:3b:21:1c:fa:7f:ad:c1:6c:cb:fb:36:1f:6a:
76:36:1d:5b:e7:00:7d:a5:1a:04:ed:5f:dc:ff:62:
f4:ed:cd:67:c0:ca:4e:4e:3e:14:4b:81:02:da:e8:
f1:0d:bf:33:a3:b1:8b:b0:30:f6:d7:0e:f8:07:5a:
4d:0a:d5:ec:44:f5:37:56:d3:1a:64:6a:1a:c3:3d:
88:83:eb:12:e1:b6:bb:2f:91:b1:76:88:6f:1f:7b:
c6:24:f4:c0:ae:bf:57:ad:28:c0:45:cf:b7:a3:32:
6b:c3:78:05:ef:ab:40:bf:ff:0a:e8:88:37:fe:e0:
c3:8d:19:68:fd:c8:49:13:8f:00:d9:83:4a:33:1b:
12:36:e5:0b:0b:d3:e0:a3:18:80:ef:c9:b8:16:f9:
e5:f7:21:7d:cb:5d:2f:a9:a2:09:45:70:6f:04:cb:
e2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:23:CC:D2:E3:87:05:98:A2:AE:D7:CB:74:09:80:B6:29:16:E6:EA
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/gyPM0uOHBZiirtfLdAmAtikW5uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/24
185.88.173.0/24
185.243.180.0/24
185.250.210.0/24
194.62.52.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:46:4f:96:7d:bb:f6:38:ea:fa:85:6e:f9:4b:12:d5:78:b4:
7f:bc:a4:7d:89:75:0b:3a:63:e2:fb:b6:b9:12:11:66:ba:c3:
38:28:17:ec:b4:fb:c2:de:a9:06:16:c4:6f:b6:21:37:4a:5d:
9c:bb:99:ad:51:97:0f:69:cd:b2:0f:d2:e1:20:aa:7f:19:5a:
a5:35:59:6b:7d:7a:9b:7f:00:8b:d3:64:da:e6:7b:7b:ef:83:
58:14:54:37:44:bf:8a:6e:2d:4d:30:4e:a2:f4:09:11:09:11:
60:9c:87:c7:a3:8f:92:05:cc:a4:d6:b1:63:f5:5f:95:b1:33:
cd:4f:c7:94:26:08:2f:60:83:23:c2:89:2c:e7:9f:1b:2e:b1:
d9:72:bc:19:49:ca:50:41:24:7b:ba:04:3b:1b:1d:4b:5e:98:
a0:20:9b:d8:c9:df:b9:35:d0:bd:93:f1:74:9b:15:53:c7:ed:
45:c0:4a:17:89:29:a2:9d:f3:d0:1e:eb:5d:db:e0:75:4d:db:
65:5b:20:af:18:a8:e1:74:01:c8:9b:39:f9:ff:20:c6:4d:9c:
c9:1a:09:ac:97:bb:fd:43:06:a8:97:4e:76:0a:2f:22:ab:34:
c9:99:23:3e:dc:7d:1e:ed:49:99:34:84:e3:cd:58:1c:0d:17:
49:00:7b:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJeGU4EjKt6fKt9OAcBErPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMDA1MTkxMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzIzY2NkMmUzODcwNTk4YTJhZWQ3Y2I3NDA5ODBiNjI5MTZlNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiY6cwg3HutMhH3txvYZZqytJhG8
U5A3rEjkV0Tf42IqnnY8rlChbTlqllx1iWCZsUlAkF8sILSegzLkylLhBI/KRaKl
63uyB0J4vQzUrrKH/dCTqXwVPGUHhzshHPp/rcFsy/s2H2p2Nh1b5wB9pRoE7V/c
/2L07c1nwMpOTj4US4EC2ujxDb8zo7GLsDD21w74B1pNCtXsRPU3VtMaZGoawz2I
g+sS4ba7L5GxdohvH3vGJPTArr9XrSjARc+3ozJrw3gF76tAv/8K6Ig3/uDDjRlo
/chJE48A2YNKMxsSNuULC9PgoxiA78m4Fvnl9yF9y10vqaIJRXBvBMvifQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIMjzNLjhwWYoq7Xy3QJgLYpFubqMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZ3lQTTB1T0hCWmlpcnRmTGRBbUF0aWtXNXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAbewwAwQA
uVitAwQAufO0AwQAufrSAwQAwj40MA0GCSqGSIb3DQEBCwUAA4IBAQBrRk+Wfbv2
OOr6hW75SxLVeLR/vKR9iXULOmPi+7a5EhFmusM4KBfstPvC3qkGFsRvtiE3Sl2c
u5mtUZcPac2yD9LhIKp/GVqlNVlrfXqbfwCL02Ta5nt774NYFFQ3RL+Kbi1NME6i
9AkRCRFgnIfHo4+SBcyk1rFj9V+VsTPNT8eUJggvYIMjwoks558bLrHZcrwZScpQ
QSR7ugQ7Gx1LXpigIJvYyd+5NdC9k/F0mxVTx+1FwEoXiSminfPQHutd2+B1Tdtl
WyCvGKjhdAHImzn5/yDGTZzJGgmsl7v9Qwaol052Ci8iqzTJmSM+3H0e7UmZNITj
zVgcDRdJAHve
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:56:23 2024 by rpki-client on console-ams.rpki-client.org