Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/G-koA5bYRXeou-b8ZQ-1TFgD_sA.roa
File: G-koA5bYRXeou-b8ZQ-1TFgD_sA.roa (raw, json)
Hash identifier: 8MYPTbVBaEFfNIAs/H0rQ3S4Y+DBHDP6qHIis3BqfR0=
Subject key identifier: 1B:E9:28:03:96:D8:45:77:A8:BB:E6:FC:65:0F:B5:4C:58:03:FE:C0
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 0191FFB635EACC479390A788DBA2EBB9440B
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/G-koA5bYRXeou-b8ZQ-1TFgD_sA.roa
Signing time: Tue 17 Sep 2024 11:20:16 +0000
ROA not before: Tue 17 Sep 2024 11:20:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 212.79.112.0/22 maxlen: 22
212.79.116.0/22 maxlen: 22
212.79.120.0/23 maxlen: 23
212.87.160.0/21 maxlen: 21
212.87.172.0/22 maxlen: 22
212.87.176.0/22 maxlen: 22
212.87.182.0/23 maxlen: 23
212.87.184.0/22 maxlen: 22
212.87.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:b6:35:ea:cc:47:93:90:a7:88:db:a2:eb:b9:44:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Sep 17 11:20:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1be9280396d84577a8bbe6fc650fb54c5803fec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:36:66:5e:64:42:4f:7a:84:9a:42:fa:f4:16:
67:31:66:67:64:14:b4:f4:45:a9:b8:b0:c5:b4:f8:
68:bc:03:a7:c0:db:bd:ee:d0:2a:3d:9c:ea:49:7f:
fb:13:bb:ea:48:49:30:1a:e7:e8:18:c5:63:71:21:
e5:14:46:ac:85:03:c9:c4:8d:ec:3a:08:38:42:90:
14:36:25:dd:c7:45:b8:46:df:63:d1:e4:c1:f3:f7:
bf:8b:61:97:12:6d:80:c9:d5:40:7f:d6:94:41:ab:
c9:16:ed:b0:de:66:33:cd:10:fd:db:e1:d3:35:66:
13:07:a7:28:5c:df:26:f7:0c:2a:ed:88:83:4e:d8:
4f:dd:70:c0:40:6a:bf:69:f8:9d:e5:49:41:c6:2b:
61:3c:8e:62:bd:2b:2c:56:85:23:95:d7:7b:ad:72:
d3:61:d0:9b:70:85:32:b3:95:9c:57:b7:b0:6f:f8:
99:2b:b2:8d:15:d0:3b:9f:b4:96:7d:5e:49:f1:14:
0c:96:79:97:38:54:cb:0f:29:05:34:bc:53:f5:91:
45:2c:24:e4:dc:8d:4b:93:c8:35:9b:5a:e1:2f:27:
b6:7b:ae:d0:af:fa:f2:36:1b:89:7d:2c:e1:00:b8:
c7:41:e4:4f:49:3b:a0:e1:9c:b1:4a:c4:31:f1:8d:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E9:28:03:96:D8:45:77:A8:BB:E6:FC:65:0F:B5:4C:58:03:FE:C0
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/G-koA5bYRXeou-b8ZQ-1TFgD_sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.79.112.0-212.79.121.255
212.87.160.0/21
212.87.172.0-212.87.179.255
212.87.182.0-212.87.191.255
Signature Algorithm: sha256WithRSAEncryption
5e:50:b9:c6:4b:6a:29:f5:98:6b:15:3b:ec:44:d1:91:ac:aa:
14:79:5d:cb:51:9b:ea:b3:4a:f2:46:ad:e1:69:4e:b3:3c:f1:
66:42:56:5a:06:91:7b:68:27:ce:50:14:22:9f:70:fd:a9:9e:
9b:58:df:c9:46:dd:9d:95:01:49:9b:e6:8a:b3:f5:86:aa:1e:
30:01:b5:9c:be:94:02:2c:e0:98:b1:3c:ef:ed:96:88:9f:9c:
7d:98:3d:db:74:a2:fb:35:fd:4d:79:f2:24:8b:a2:30:8c:fd:
dc:8d:82:5b:7e:4a:9d:e2:ba:10:f0:b2:2c:d7:37:63:bd:e8:
76:54:70:3a:11:3c:52:b8:53:f4:5e:e7:14:2c:f9:45:06:31:
e6:42:43:f2:e2:ad:08:74:56:13:5a:7e:e0:ea:99:f5:51:cc:
58:93:0c:d3:4e:b3:c7:97:4d:a4:dc:95:4b:9c:83:57:fb:2b:
48:b8:92:41:c3:34:b0:3d:aa:0b:4c:9f:de:3e:db:d9:42:43:
1f:14:23:65:6e:ed:bc:2a:ea:ea:39:a6:37:a9:72:1b:3b:ca:
8e:11:86:f1:5d:d8:82:42:7d:7e:34:6a:bf:dd:4c:b6:e2:a4:
6c:ff:63:6a:a8:10:14:ce:1f:47:c5:92:e2:c8:95:e7:6d:9e:
a8:a4:3c:27
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZH/tjXqzEeTkKeI26LruUQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjQwOTE3MTEyMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmU5MjgwMzk2ZDg0NTc3YThiYmU2ZmM2NTBmYjU0YzU4MDNmZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDZmXmRCT3qEmkL69BZnMWZnZBS0
9EWpuLDFtPhovAOnwNu97tAqPZzqSX/7E7vqSEkwGufoGMVjcSHlFEashQPJxI3s
Ogg4QpAUNiXdx0W4Rt9j0eTB8/e/i2GXEm2AydVAf9aUQavJFu2w3mYzzRD92+HT
NWYTB6coXN8m9wwq7YiDTthP3XDAQGq/afid5UlBxithPI5ivSssVoUjldd7rXLT
YdCbcIUys5WcV7ewb/iZK7KNFdA7n7SWfV5J8RQMlnmXOFTLDykFNLxT9ZFFLCTk
3I1Lk8g1m1rhLye2e67Qr/ryNhuJfSzhALjHQeRPSTug4ZyxSsQx8Y0BgQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBvpKAOW2EV3qLvm/GUPtUxYA/7AMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvRy1rb0E1YllSWGVvdS1iOFpRLTFURmdEX3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBATUT3AD
BAHUT3gDBAPUV6AwDAMEAtRXrAMEAtRXsDAMAwQB1Fe2AwQG1FeAMA0GCSqGSIb3
DQEBCwUAA4IBAQBeULnGS2op9ZhrFTvsRNGRrKoUeV3LUZvqs0ryRq3haU6zPPFm
QlZaBpF7aCfOUBQin3D9qZ6bWN/JRt2dlQFJm+aKs/WGqh4wAbWcvpQCLOCYsTzv
7ZaIn5x9mD3bdKL7Nf1NefIki6IwjP3cjYJbfkqd4roQ8LIs1zdjveh2VHA6ETxS
uFP0XucULPlFBjHmQkPy4q0IdFYTWn7g6pn1UcxYkwzTTrPHl02k3JVLnINX+ytI
uJJBwzSwPaoLTJ/ePtvZQkMfFCNlbu28KurqOaY3qXIbO8qOEYbxXdiCQn1+NGq/
3Uy24qRs/2NqqBAUzh9HxZLiyJXnbZ6opDwn
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:41:40 2024 by rpki-client on console-ams.rpki-client.org