Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/GlCZZmb3Et03pku7ss6pXGmIyQo.roa
File: GlCZZmb3Et03pku7ss6pXGmIyQo.roa (raw, json)
Hash identifier: zvskndEVh5/tCrgH6a1G5GRE4VaOoXL24ZFPYjucUBg=
Subject key identifier: 1A:50:99:66:66:F7:12:DD:37:A6:4B:BB:B2:CE:A9:5C:69:88:C9:0A
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 018CC802BC4E602B9205488E7D0A0D4D56F2
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/GlCZZmb3Et03pku7ss6pXGmIyQo.roa
Signing time: Tue 02 Jan 2024 02:31:11 +0000
ROA not before: Tue 02 Jan 2024 02:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41717
IP address blocks: 193.242.106.0/24 maxlen: 32
193.242.109.0/24 maxlen: 32
193.43.79.0/24 maxlen: 32
193.43.91.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 10:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:bc:4e:60:2b:92:05:48:8e:7d:0a:0d:4d:56:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Jan 2 02:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a50996666f712dd37a64bbbb2cea95c6988c90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:7d:28:54:80:68:a3:ea:ca:00:8d:f6:0a:
61:8b:1a:3c:04:8b:c5:18:a6:48:08:a4:bc:7d:95:
f3:0e:77:b3:42:47:1f:32:74:8f:e7:d1:47:c8:41:
4e:02:62:5c:db:9d:d7:54:e8:13:cb:8a:ea:13:d0:
b1:c4:b2:2d:fd:ad:1c:9b:53:7a:4b:7b:e8:3f:da:
65:11:13:ce:66:b4:4d:ec:ad:08:6c:26:f9:1d:c3:
cd:86:7e:78:eb:00:19:e5:ee:0b:11:4c:84:02:0f:
76:c8:2c:cf:33:d9:6e:a7:77:6d:0d:9c:1c:2c:85:
30:c0:86:30:8f:78:21:2f:68:a0:59:77:10:4b:98:
10:84:7b:9b:f5:f5:d5:ca:aa:56:d3:19:6d:88:7e:
af:a1:0c:97:3b:6c:4d:7c:29:37:81:e9:fd:d4:fc:
6c:61:df:9a:f2:e5:16:08:ea:2d:0b:ed:46:ef:d3:
c8:77:48:40:74:c8:c9:e7:38:a3:4f:43:a9:dd:3d:
84:2b:8b:08:5e:28:bf:a8:3f:e3:f2:2a:91:20:f9:
3c:aa:31:2a:e0:f4:49:41:6b:0f:75:6c:b4:83:16:
d7:bf:c5:4d:33:bd:e0:5d:0f:a1:4b:0d:1f:81:f2:
11:95:7a:c9:97:ef:f1:be:8a:0a:e4:5b:c9:1e:a9:
17:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:50:99:66:66:F7:12:DD:37:A6:4B:BB:B2:CE:A9:5C:69:88:C9:0A
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/GlCZZmb3Et03pku7ss6pXGmIyQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.79.0/24
193.43.91.0/24
193.242.106.0/24
193.242.109.0/24
Signature Algorithm: sha256WithRSAEncryption
68:7d:a3:24:d3:10:76:47:ff:03:20:d3:61:34:f4:c9:0c:0e:
a6:3a:56:e4:64:7c:70:a2:82:6a:83:3d:13:b9:c0:c7:74:60:
47:29:32:3d:72:8e:f5:33:35:fa:00:2a:4d:d7:5f:06:2f:05:
cd:99:ef:ac:98:d8:e7:fa:b5:f4:72:21:74:c7:b2:ef:36:44:
6d:82:a2:73:77:7d:68:bf:a7:84:fd:07:45:4c:db:90:0a:dc:
12:a4:48:c1:99:32:64:a7:a4:d2:25:9e:93:4e:7a:dd:50:ed:
7a:af:9b:00:e3:fc:49:98:39:3b:c8:11:10:48:0f:db:2b:69:
6b:d7:af:7b:7d:b1:46:43:1e:1a:84:06:b2:9f:5e:06:7d:bd:
9d:93:68:0d:78:55:c8:b3:fc:c4:0c:62:33:12:ed:f6:30:01:
f7:94:27:ad:10:85:ad:e6:68:fa:a5:3c:e7:28:4b:36:d0:4f:
4e:91:3b:dc:39:6e:ec:51:54:8a:59:46:6b:bd:07:e2:b1:f1:
77:3d:b5:44:bf:dd:e2:c6:69:34:39:7a:0d:32:e6:20:06:c1:
c2:5c:2b:5e:57:e3:64:79:81:a5:e4:a9:9f:f6:8e:13:d0:65:
7c:9e:d6:72:b4:fb:71:73:b9:97:16:52:b2:e6:09:19:6d:aa:
50:0f:1a:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIArxOYCuSBUiOfQoNTVbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjQwMTAyMDIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTUwOTk2NjY2ZjcxMmRkMzdhNjRiYmJiMmNlYTk1YzY5ODhjOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsml9KFSAaKPqygCN9gphixo8BIvF
GKZICKS8fZXzDnezQkcfMnSP59FHyEFOAmJc253XVOgTy4rqE9CxxLIt/a0cm1N6
S3voP9plERPOZrRN7K0IbCb5HcPNhn546wAZ5e4LEUyEAg92yCzPM9lup3dtDZwc
LIUwwIYwj3ghL2igWXcQS5gQhHub9fXVyqpW0xltiH6voQyXO2xNfCk3gen91Pxs
Yd+a8uUWCOotC+1G79PId0hAdMjJ5zijT0Op3T2EK4sIXii/qD/j8iqRIPk8qjEq
4PRJQWsPdWy0gxbXv8VNM73gXQ+hSw0fgfIRlXrJl+/xvooK5FvJHqkXkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBpQmWZm9xLdN6ZLu7LOqVxpiMkKMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvR2xDWlptYjNFdDAzcGt1N3NzNnBYR21JeVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwStPAwQA
wStbAwQAwfJqAwQAwfJtMA0GCSqGSIb3DQEBCwUAA4IBAQBofaMk0xB2R/8DINNh
NPTJDA6mOlbkZHxwooJqgz0TucDHdGBHKTI9co71MzX6ACpN118GLwXNme+smNjn
+rX0ciF0x7LvNkRtgqJzd31ov6eE/QdFTNuQCtwSpEjBmTJkp6TSJZ6TTnrdUO16
r5sA4/xJmDk7yBEQSA/bK2lr1697fbFGQx4ahAayn14Gfb2dk2gNeFXIs/zEDGIz
Eu32MAH3lCetEIWt5mj6pTznKEs20E9OkTvcOW7sUVSKWUZrvQfisfF3PbVEv93i
xmk0OXoNMuYgBsHCXCteV+NkeYGl5Kmf9o4T0GV8ntZytPtxc7mXFlKy5gkZbapQ
DxoW
-----END CERTIFICATE-----
Generated at Mon May 27 15:29:44 2024 by rpki-client on console-fra.rpki-client.org