Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/GrxwziSwCsrrj9pWkTwZGZY0q0Q.roa
File: GrxwziSwCsrrj9pWkTwZGZY0q0Q.roa (raw, json)
Hash identifier: O45NP4rjXl9UYsJyxM3gJXggpO2EmqyoMWMe2tskD7U=
Subject key identifier: 1A:BC:70:CE:24:B0:0A:CA:EB:8F:DA:56:91:3C:19:19:96:34:AB:44
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 01934CE360B0385298B7DC82F17E1E6E63FC
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/GrxwziSwCsrrj9pWkTwZGZY0q0Q.roa
Signing time: Thu 21 Nov 2024 04:03:09 +0000
ROA not before: Thu 21 Nov 2024 04:03:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208006
IP address blocks: 185.204.168.0/22 maxlen: 24
185.215.232.0/22 maxlen: 24
185.215.234.0/24 maxlen: 24
185.215.235.0/24 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4c:e3:60:b0:38:52:98:b7:dc:82:f1:7e:1e:6e:63:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Nov 21 04:03:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1abc70ce24b00acaeb8fda56913c19199634ab44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:94:9c:6c:a1:b0:7f:de:56:b2:ce:5e:08:9d:
d1:ff:a6:7d:49:4e:34:62:f3:a3:5b:e0:28:2e:40:
aa:7f:96:64:7d:5d:4e:92:1d:ea:81:a0:7c:d8:2a:
b9:81:2c:57:eb:b4:6d:3e:42:e0:a9:1f:76:5e:a2:
7f:88:8c:d2:f8:cb:c7:7c:ca:c4:a5:6f:e0:b7:f2:
24:94:88:1f:5c:4d:d3:36:79:cf:2b:34:4a:e0:cf:
c8:4a:b2:b7:c2:e3:91:ee:b0:b0:08:7d:b9:1b:12:
7a:6e:30:fc:e5:32:b8:50:92:85:5c:50:64:5d:64:
9a:26:3d:75:26:a6:43:d4:70:6b:d4:49:c2:d5:f5:
21:5f:47:f6:c9:e3:42:5c:28:d5:91:b3:9c:e0:60:
bd:b4:b8:41:3c:63:4a:99:d6:aa:93:3b:08:74:1e:
39:16:f8:99:16:d9:c3:d5:5b:8d:e7:75:f4:ee:bc:
8d:6e:0b:ab:25:52:80:02:80:64:51:b3:bd:c6:f3:
3e:b8:0b:71:a8:f5:ac:23:38:4c:e9:36:f2:f5:c2:
b4:8f:1e:36:b7:c6:0b:42:1f:3f:ec:f2:75:e1:dd:
6f:1c:f5:13:cc:19:09:16:7c:51:e4:1f:3f:b3:6c:
d5:89:24:13:f4:0d:28:09:8a:27:63:1a:4a:f4:14:
42:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:BC:70:CE:24:B0:0A:CA:EB:8F:DA:56:91:3C:19:19:96:34:AB:44
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/GrxwziSwCsrrj9pWkTwZGZY0q0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.168.0/22
185.215.232.0/22
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
49:e0:5f:fd:8f:b7:e5:29:b8:40:1e:52:9f:0a:db:37:36:14:
f7:eb:54:a0:da:81:87:31:20:f8:74:74:46:2b:35:b7:50:5d:
26:0f:0a:08:37:b7:3e:8b:3d:ec:51:6a:bf:08:44:5d:84:f2:
0c:29:6a:83:e7:15:4b:10:9f:54:f6:84:b0:45:a6:dd:db:d2:
30:a8:30:9a:a2:04:a2:91:cb:4a:fc:72:03:74:b4:77:95:e9:
8f:c8:a5:42:59:dc:52:c7:6d:0f:e5:9f:3a:f2:13:1d:6e:1b:
6b:64:d9:c4:11:5b:e9:83:bd:40:45:d2:89:53:53:ef:5d:a6:
b4:af:44:07:de:d1:4a:ba:a5:3a:e4:75:18:f6:8b:a1:a0:b2:
ff:1a:39:e5:4f:ca:5a:79:cf:d8:de:73:35:de:84:27:51:6a:
8f:16:3a:f4:d0:a9:bb:5c:56:3e:99:67:d1:0a:27:8e:25:d6:
49:5b:dd:f1:2d:f8:13:b6:ab:8c:dd:c1:9b:51:db:d7:1c:3d:
bd:fa:97:af:89:f8:fa:a4:35:a4:f5:d5:c5:7a:a6:51:28:12:
f6:4b:4b:ed:7d:47:b8:3c:e8:d6:c3:8f:bb:a7:fc:e9:a5:ab:
7c:fc:b8:c4:b1:73:65:56:be:d3:f9:b6:ca:29:79:16:0d:0b:
a3:58:a7:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZNM42CwOFKYt9yC8X4ebmP8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjQxMTIxMDQwMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWJjNzBjZTI0YjAwYWNhZWI4ZmRhNTY5MTNjMTkxOTk2MzRhYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5ScbKGwf95Wss5eCJ3R/6Z9SU40
YvOjW+AoLkCqf5ZkfV1Okh3qgaB82Cq5gSxX67RtPkLgqR92XqJ/iIzS+MvHfMrE
pW/gt/IklIgfXE3TNnnPKzRK4M/ISrK3wuOR7rCwCH25GxJ6bjD85TK4UJKFXFBk
XWSaJj11JqZD1HBr1EnC1fUhX0f2yeNCXCjVkbOc4GC9tLhBPGNKmdaqkzsIdB45
FviZFtnD1VuN53X07ryNbgurJVKAAoBkUbO9xvM+uAtxqPWsIzhM6Tby9cK0jx42
t8YLQh8/7PJ14d1vHPUTzBkJFnxR5B8/s2zViSQT9A0oCYonYxpK9BRC+QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBq8cM4ksArK64/aVpE8GRmWNKtEMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvR3J4d3ppU3dDc3JyajlwV2tUd1pHWlkwcTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCucyoAwQC
udfoMA8EAgACMAkDBwIqDUrAAAAwDQYJKoZIhvcNAQELBQADggEBAEngX/2Pt+Up
uEAeUp8K2zc2FPfrVKDagYcxIPh0dEYrNbdQXSYPCgg3tz6LPexRar8IRF2E8gwp
aoPnFUsQn1T2hLBFpt3b0jCoMJqiBKKRy0r8cgN0tHeV6Y/IpUJZ3FLHbQ/lnzry
Ex1uG2tk2cQRW+mDvUBF0olTU+9dprSvRAfe0Uq6pTrkdRj2i6Ggsv8aOeVPylp5
z9jeczXehCdRao8WOvTQqbtcVj6ZZ9EKJ44l1klb3fEt+BO2q4zdwZtR29ccPb36
l6+J+PqkNaT11cV6plEoEvZLS+19R7g86NbDj7un/Omlq3z8uMSxc2VWvtP5tsop
eRYNC6NYp/Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:10 2024 by rpki-client on console-ams.rpki-client.org