Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/G5pFJaTuaYcrShNrsSUbtnWpdr8.roa
File: G5pFJaTuaYcrShNrsSUbtnWpdr8.roa (raw, json)
Hash identifier: LJkgJmknQpa5rr5/YNP7g1IGh/1f1rqZltFU8qXIg14=
Subject key identifier: 1B:9A:45:25:A4:EE:69:87:2B:4A:13:6B:B1:25:1B:B6:75:A9:76:BF
Certificate issuer: /CN=9c4950779d597551d79c43e616a50907de8cdf77
Certificate serial: 018CC5013EA69340B0C2F58F37AA3784E7E4
Authority key identifier: 9C:49:50:77:9D:59:75:51:D7:9C:43:E6:16:A5:09:07:DE:8C:DF:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nElQd51ZdVHXnEPmFqUJB96M33c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/G5pFJaTuaYcrShNrsSUbtnWpdr8.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201595
IP address blocks: 185.58.212.0/24 maxlen: 24
185.58.213.0/24 maxlen: 24
185.58.215.0/24 maxlen: 24
185.58.214.0/24 maxlen: 24
185.130.160.0/24 maxlen: 24
185.130.163.0/24 maxlen: 24
185.130.161.0/24 maxlen: 24
185.130.162.0/24 maxlen: 24
2a04:e200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/nElQd51ZdVHXnEPmFqUJB96M33c.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/nElQd51ZdVHXnEPmFqUJB96M33c.mft
rsync://rpki.ripe.net/repository/DEFAULT/nElQd51ZdVHXnEPmFqUJB96M33c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3e:a6:93:40:b0:c2:f5:8f:37:aa:37:84:e7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c4950779d597551d79c43e616a50907de8cdf77
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b9a4525a4ee69872b4a136bb1251bb675a976bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:d3:8c:ab:57:f0:89:dc:9f:c2:54:43:94:
61:c2:b8:ef:db:a7:6a:5a:c7:02:6a:64:c6:a1:90:
d5:a9:86:4e:a7:34:ea:fc:15:a2:7a:0e:da:6d:e3:
94:ba:1a:3f:46:41:5c:b6:54:b8:07:3f:74:26:95:
a0:c0:c7:a2:bb:cb:4a:ba:81:e8:52:80:43:0d:9f:
0e:35:79:85:b4:38:26:41:61:3b:fa:5e:5d:7e:28:
cb:9e:d0:e1:2c:23:ac:7e:d5:f7:8e:11:70:53:f6:
40:f4:ad:65:27:db:01:3e:e5:5a:9b:14:c8:4d:21:
23:2d:d1:f4:e2:2a:77:2a:a0:42:00:cb:76:18:28:
fa:5a:24:3b:28:c0:8e:82:07:25:7b:a5:9d:a1:26:
fc:87:0f:a6:a6:b7:ea:5e:1d:f2:59:84:47:62:9a:
60:07:71:14:fb:cb:d3:be:5d:89:f2:37:04:cb:6a:
cb:bb:e1:c9:a4:c5:85:c5:d7:06:eb:22:70:4c:7e:
51:b4:0d:c9:f2:4d:81:81:c6:39:22:59:0f:a9:85:
e5:34:f8:ec:89:dc:00:be:45:70:fc:09:c9:17:f4:
93:a6:66:c3:a5:c6:d0:44:26:4a:b7:2d:81:e5:68:
99:66:2b:70:0e:d4:d9:63:71:e6:db:bf:43:11:9a:
96:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9A:45:25:A4:EE:69:87:2B:4A:13:6B:B1:25:1B:B6:75:A9:76:BF
X509v3 Authority Key Identifier:
keyid:9C:49:50:77:9D:59:75:51:D7:9C:43:E6:16:A5:09:07:DE:8C:DF:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nElQd51ZdVHXnEPmFqUJB96M33c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/G5pFJaTuaYcrShNrsSUbtnWpdr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/bce397-372d-4d2f-ad0a-a48ebd301671/1/nElQd51ZdVHXnEPmFqUJB96M33c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.212.0/22
185.130.160.0/22
IPv6:
2a04:e200::/29
Signature Algorithm: sha256WithRSAEncryption
93:69:97:98:30:1a:56:ee:50:c7:4e:81:ce:1e:7c:99:73:66:
c1:bc:fc:42:5b:9e:15:05:3c:9a:79:80:12:64:49:24:6a:16:
42:54:91:34:de:e1:81:91:44:c5:3a:ea:79:27:88:1a:f9:45:
77:b8:7a:b9:1c:aa:d0:29:72:4a:51:e2:b1:67:a1:71:43:b3:
59:47:f4:15:c6:cf:12:54:53:7f:1c:99:1c:d0:7a:51:50:3c:
ac:b1:46:e2:a8:40:27:30:a5:fc:ac:65:7a:08:02:d4:bc:3d:
77:e3:57:dc:52:e6:9b:24:85:32:07:75:18:99:9c:91:9e:0b:
ab:50:db:58:ff:3c:82:a0:0b:f7:29:97:56:cd:c6:62:ab:b6:
6f:0b:df:4e:51:50:bb:e3:55:f8:10:20:ec:18:3f:7e:55:87:
8a:0e:bf:53:f7:d6:6d:b4:0e:df:4b:41:38:99:ec:a7:78:83:
75:c2:ac:1e:7c:69:72:7d:13:47:27:f1:2e:87:6b:eb:2d:18:
a6:7d:fe:a0:6c:bd:5d:a9:d2:5d:e0:0b:b7:c9:59:03:14:98:
ce:9e:3f:62:6a:2c:37:81:e7:0f:82:ee:57:b4:a6:ac:aa:61:
23:e0:a3:b2:0d:b5:c1:91:8c:d0:20:63:87:e0:e3:59:fe:9a:
a3:3e:e1:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAT6mk0CwwvWPN6o3hOfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNDk1MDc3OWQ1OTc1NTFkNzljNDNlNjE2YTUwOTA3ZGU4
Y2RmNzcwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjlhNDUyNWE0ZWU2OTg3MmI0YTEzNmJiMTI1MWJiNjc1YTk3NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRbTjKtX8Incn8JUQ5Rhwrjv26dq
WscCamTGoZDVqYZOpzTq/BWieg7abeOUuho/RkFctlS4Bz90JpWgwMeiu8tKuoHo
UoBDDZ8ONXmFtDgmQWE7+l5dfijLntDhLCOsftX3jhFwU/ZA9K1lJ9sBPuVamxTI
TSEjLdH04ip3KqBCAMt2GCj6WiQ7KMCOggcle6WdoSb8hw+mprfqXh3yWYRHYppg
B3EU+8vTvl2J8jcEy2rLu+HJpMWFxdcG6yJwTH5RtA3J8k2BgcY5IlkPqYXlNPjs
idwAvkVw/AnJF/STpmbDpcbQRCZKty2B5WiZZitwDtTZY3Hm279DEZqWAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBuaRSWk7mmHK0oTa7ElG7Z1qXa/MB8GA1UdIwQY
MBaAFJxJUHedWXVR15xD5halCQfejN93MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVsUWQ1MVpkVkhYbkVQbUZxVUpCOTZNMzNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9iY2UzOTctMzcyZC00ZDJmLWFkMGEt
YTQ4ZWJkMzAxNjcxLzEvRzVwRkphVHVhWWNyU2hOcnNTVWJ0bldwZHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9iY2UzOTctMzcyZC00ZDJmLWFkMGEtYTQ4ZWJkMzAxNjcx
LzEvbkVsUWQ1MVpkVkhYbkVQbUZxVUpCOTZNMzNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTrUAwQC
uYKgMA0EAgACMAcDBQMqBOIAMA0GCSqGSIb3DQEBCwUAA4IBAQCTaZeYMBpW7lDH
ToHOHnyZc2bBvPxCW54VBTyaeYASZEkkahZCVJE03uGBkUTFOup5J4ga+UV3uHq5
HKrQKXJKUeKxZ6FxQ7NZR/QVxs8SVFN/HJkc0HpRUDyssUbiqEAnMKX8rGV6CALU
vD1341fcUuabJIUyB3UYmZyRngurUNtY/zyCoAv3KZdWzcZiq7ZvC99OUVC741X4
ECDsGD9+VYeKDr9T99ZttA7fS0E4meyneIN1wqwefGlyfRNHJ/Euh2vrLRimff6g
bL1dqdJd4Au3yVkDFJjOnj9iaiw3gecPgu5XtKasqmEj4KOyDbXBkYzQIGOH4ONZ
/pqjPuHd
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:33:26 2024 by rpki-client on console-fra.rpki-client.org