Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/gBeh8CGiAIVDdabXZAlsjpKUAas.roa
File: gBeh8CGiAIVDdabXZAlsjpKUAas.roa (raw, json)
Hash identifier: NI/qOrpcBOVVNPKbTzSok+9aJoVCWMlEwNQCpAv7Qew=
Subject key identifier: 80:17:A1:F0:21:A2:00:85:43:75:A6:D7:64:09:6C:8E:92:94:01:AB
Certificate issuer: /CN=fa3c481607619c835d09f2471d976d7cf74a0439
Certificate serial: 01905DE357CA842261AF709DE5414EFF7500
Authority key identifier: FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/gBeh8CGiAIVDdabXZAlsjpKUAas.roa
Signing time: Fri 28 Jun 2024 08:08:18 +0000
ROA not before: Fri 28 Jun 2024 08:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34820
IP address blocks: 45.152.96.0/24 maxlen: 24
85.159.104.0/23 maxlen: 23
85.159.106.0/24 maxlen: 24
85.159.108.0/22 maxlen: 22
185.110.140.0/23 maxlen: 23
185.110.142.0/23 maxlen: 23
185.140.40.0/23 maxlen: 23
185.140.42.0/23 maxlen: 23
2a0c:2540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5d:e3:57:ca:84:22:61:af:70:9d:e5:41:4e:ff:75:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3c481607619c835d09f2471d976d7cf74a0439
Validity
Not Before: Jun 28 08:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8017a1f021a200854375a6d764096c8e929401ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:24:0f:f1:64:0d:61:e4:67:42:2b:86:1f:
c6:5c:0c:de:1c:6a:75:43:91:95:90:2f:a2:72:36:
cd:f5:30:92:a7:0f:7c:9b:bb:63:a9:ab:62:56:39:
09:d9:fd:fa:2d:7c:c8:25:7c:f0:ec:46:22:d6:82:
0d:37:38:00:36:aa:ca:99:62:99:1b:0a:ad:f5:6d:
db:da:1c:c2:1e:08:20:8e:de:b8:e5:92:2e:e6:4e:
31:31:09:ff:86:fb:20:9f:90:7f:04:05:87:3a:79:
0c:6a:ca:33:6d:70:f1:75:85:1b:5c:66:bd:5e:e9:
21:c8:44:1f:ab:a1:33:22:15:ce:0e:e9:0c:3a:b3:
89:1e:e1:6e:5e:e3:7a:cc:67:12:da:c3:73:00:4d:
21:1f:8f:ca:5c:2d:3f:91:43:61:5e:fe:73:66:4a:
7f:b3:f1:2a:9c:b8:48:9e:99:d6:85:93:38:4e:8a:
f7:2c:bd:af:99:f7:1c:ed:2a:17:9c:e2:3c:7e:5e:
3a:cb:bd:4e:12:da:6a:c3:f0:28:b1:5e:9e:9e:3a:
7b:50:08:42:18:55:b2:5c:69:92:43:50:09:00:a1:
b8:ec:ee:af:b9:dd:28:ce:6e:72:5e:bd:81:67:64:
51:0b:60:3d:87:3e:12:28:fb:87:7b:1c:66:89:f1:
5d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:17:A1:F0:21:A2:00:85:43:75:A6:D7:64:09:6C:8E:92:94:01:AB
X509v3 Authority Key Identifier:
keyid:FA:3C:48:16:07:61:9C:83:5D:09:F2:47:1D:97:6D:7C:F7:4A:04:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jxIFgdhnINdCfJHHZdtfPdKBDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/gBeh8CGiAIVDdabXZAlsjpKUAas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/99848b-c4f8-46ab-8923-1304454bf29d/1/1-jxIFgdhnINdCfJHHZdtfPdKBDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.96.0/24
85.159.104.0-85.159.106.255
85.159.108.0/22
185.110.140.0/22
185.140.40.0/22
IPv6:
2a0c:2540::/29
Signature Algorithm: sha256WithRSAEncryption
1c:fc:da:e5:25:8c:95:67:71:b1:9d:18:1d:7b:3a:ce:76:a9:
ca:5a:23:1b:32:40:58:54:53:36:40:80:93:1b:c1:15:2e:a8:
91:81:c8:69:db:76:02:aa:22:f8:67:4c:2f:a1:0d:09:f5:35:
14:0d:60:49:c6:54:1c:fe:79:e3:2c:b1:a1:6f:17:69:e6:7e:
90:65:90:36:62:91:a7:be:08:02:3d:48:fd:40:a7:82:13:73:
f1:7e:4f:56:9f:64:ba:58:bf:44:4d:7a:40:af:fa:06:35:4d:
cc:69:52:5d:7d:c8:fc:5b:3b:64:dd:ea:70:14:09:f2:c4:7a:
a4:68:34:e0:66:3c:56:99:42:3a:bc:51:fd:ca:8a:78:89:3c:
af:fc:d4:a5:3e:08:db:c8:6b:e7:52:3e:f4:3d:2a:ff:92:0d:
e8:f4:84:5e:7a:25:73:87:23:d3:cb:d0:02:37:3a:ff:ad:35:
d9:9d:7b:c5:b2:20:a5:84:ba:7e:ce:7b:2d:95:32:fb:f4:7b:
c7:0b:b3:7b:c6:db:98:44:c4:e4:08:f7:02:d3:4c:89:b2:3e:
c6:d0:73:37:71:e7:c7:0a:66:b2:b8:da:c9:f3:a1:0b:48:65:
a4:bd:a0:6d:67:70:81:71:5a:f5:da:95:fc:78:33:73:8b:15:
da:44:bb:29
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZBd41fKhCJhr3Cd5UFO/3UAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2M0ODE2MDc2MTljODM1ZDA5ZjI0NzFkOTc2ZDdjZjc0
YTA0MzkwHhcNMjQwNjI4MDgwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDE3YTFmMDIxYTIwMDg1NDM3NWE2ZDc2NDA5NmM4ZTkyOTQwMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6UkD/FkDWHkZ0Irhh/GXAzeHGp1
Q5GVkC+icjbN9TCSpw98m7tjqatiVjkJ2f36LXzIJXzw7EYi1oINNzgANqrKmWKZ
Gwqt9W3b2hzCHgggjt645ZIu5k4xMQn/hvsgn5B/BAWHOnkMasozbXDxdYUbXGa9
XukhyEQfq6EzIhXODukMOrOJHuFuXuN6zGcS2sNzAE0hH4/KXC0/kUNhXv5zZkp/
s/EqnLhInpnWhZM4Tor3LL2vmfcc7SoXnOI8fl46y71OEtpqw/AosV6enjp7UAhC
GFWyXGmSQ1AJAKG47O6vud0ozm5yXr2BZ2RRC2A9hz4SKPuHexxmifFdzwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFIAXofAhogCFQ3Wm12QJbI6SlAGrMB8GA1UdIwQY
MBaAFPo8SBYHYZyDXQnyRx2XbXz3SgQ5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qeElGZ2RobklOZENmSkhIWmR0ZlBkS0JEay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIz
LTEzMDQ0NTRiZjI5ZC8xL2dCZWg4Q0dpQUlWRGRhYlhaQWxzanBLVUFhcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTk4NDhiLWM0ZjgtNDZhYi04OTIzLTEzMDQ0NTRiZjI5
ZC8xLzEtanhJRmdkaG5JTmRDZkpISFpkdGZQZEtCRGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgABMCYDBAAtmGAw
DAMEA1WfaAMEAFWfagMEAlWfbAMEArlujAMEArmMKDANBAIAAjAHAwUDKgwlQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHPza5SWMlWdxsZ0YHXs6znapylojGzJAWFRTNkCA
kxvBFS6okYHIadt2Aqoi+GdML6ENCfU1FA1gScZUHP554yyxoW8XaeZ+kGWQNmKR
p74IAj1I/UCnghNz8X5PVp9kuli/RE16QK/6BjVNzGlSXX3I/Fs7ZN3qcBQJ8sR6
pGg04GY8VplCOrxR/cqKeIk8r/zUpT4I28hr51I+9D0q/5IN6PSEXnolc4cj08vQ
Ajc6/6012Z17xbIgpYS6fs57LZUy+/R7xwuze8bbmETE5Aj3AtNMibI+xtBzN3Hn
xwpmsrjayfOhC0hlpL2gbWdwgXFa9dqV/Hgzc4sV2kS7KQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:43 2024 by rpki-client on console-ams.rpki-client.org