Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/GsdxYIEcUoHbRUKmW39BYDiWy6s.roa
File: GsdxYIEcUoHbRUKmW39BYDiWy6s.roa (raw, json)
Hash identifier: UdXz4qnXw+vq+W4S4CJyi5E36ek9e+HDZqeeVXRGZQg=
Subject key identifier: 1A:C7:71:60:81:1C:52:81:DB:45:42:A6:5B:7F:41:60:38:96:CB:AB
Certificate issuer: /CN=c60ffca9d8ca08f213e60a0048c17fbb0bf60e7c
Certificate serial: 018CC349098D12252F5A091B3D45CB4A2C67
Authority key identifier: C6:0F:FC:A9:D8:CA:08:F2:13:E6:0A:00:48:C1:7F:BB:0B:F6:0E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xg_8qdjKCPIT5goASMF_uwv2Dnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/GsdxYIEcUoHbRUKmW39BYDiWy6s.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50628
IP address blocks: 193.35.156.0/24 maxlen: 24
193.35.98.0/24 maxlen: 24
193.35.101.0/24 maxlen: 24
193.35.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/xg_8qdjKCPIT5goASMF_uwv2Dnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/xg_8qdjKCPIT5goASMF_uwv2Dnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/xg_8qdjKCPIT5goASMF_uwv2Dnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:09:8d:12:25:2f:5a:09:1b:3d:45:cb:4a:2c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c60ffca9d8ca08f213e60a0048c17fbb0bf60e7c
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ac77160811c5281db4542a65b7f41603896cbab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1b:b5:ce:8e:3b:1a:32:aa:f2:7c:26:0c:5b:
32:74:57:b0:fa:63:ea:24:b5:51:be:13:0e:eb:3e:
15:ea:08:d8:14:47:61:73:ca:0d:a6:d6:af:b2:61:
70:1b:89:e4:41:7b:06:25:f3:33:cf:c6:8b:ef:e4:
5f:e6:c0:a3:46:12:3c:62:56:53:53:bb:e6:db:6e:
e1:75:29:c7:47:4d:ba:29:33:b7:53:82:3a:85:72:
8a:6e:2a:4d:21:a6:8e:71:1e:47:d4:b9:eb:28:60:
a0:a4:7a:3e:2a:99:04:b3:65:ec:3e:6c:72:25:52:
28:c4:99:53:97:c9:a7:83:3e:e9:44:c4:b7:39:c5:
ca:78:83:7f:40:38:7e:f7:9b:5a:83:ba:e0:31:f9:
b1:a5:2e:98:fb:9b:dc:0e:2e:0e:9c:d6:81:3c:52:
81:4c:51:1a:79:e4:30:06:1b:28:12:a1:f1:8b:82:
7a:6e:4d:91:88:18:06:ac:53:42:aa:3e:4c:69:64:
02:6c:58:69:1e:6d:6c:e8:2a:89:ef:fe:25:f1:69:
85:c4:85:6c:e0:36:9f:29:59:1e:77:6c:88:70:5d:
4f:a1:98:41:3a:27:d0:cd:47:d8:10:7f:6e:f6:db:
6d:4f:cd:be:f2:33:4f:f4:2c:4f:e5:31:0c:a9:88:
e1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C7:71:60:81:1C:52:81:DB:45:42:A6:5B:7F:41:60:38:96:CB:AB
X509v3 Authority Key Identifier:
keyid:C6:0F:FC:A9:D8:CA:08:F2:13:E6:0A:00:48:C1:7F:BB:0B:F6:0E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xg_8qdjKCPIT5goASMF_uwv2Dnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/GsdxYIEcUoHbRUKmW39BYDiWy6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/5cf9a5-11e0-4876-9fe4-f50f71d5e0c8/1/xg_8qdjKCPIT5goASMF_uwv2Dnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.98.0/24
193.35.101.0/24
193.35.145.0/24
193.35.156.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:60:85:81:cf:d9:6d:60:92:83:e9:19:11:01:d3:68:56:3f:
73:3a:e7:79:c1:f7:2b:a7:22:85:79:2a:eb:4d:47:7c:e4:37:
81:3b:a2:8b:77:0c:fd:e3:55:49:ee:d6:75:4d:d5:b6:ef:7e:
50:8f:d3:ef:69:5a:22:d2:ab:d0:5a:5f:11:73:f2:bb:63:48:
6b:12:9e:22:46:39:f8:d7:7b:a4:c4:a1:93:cd:80:ff:a4:5d:
d9:d2:a5:1f:96:e2:a4:7c:4a:11:2f:9b:35:3c:61:07:15:04:
01:e6:3e:93:d7:17:91:b0:69:b5:a8:ac:53:d8:3f:f7:81:b0:
ac:4e:a8:7c:13:f9:62:60:3f:74:74:93:1c:f6:01:65:42:61:
f0:ad:39:18:f3:01:3c:e3:5c:4f:bb:c3:57:c6:ea:af:e8:92:
31:28:11:b7:2e:90:2a:7e:35:77:ba:7f:4d:44:27:86:b4:a7:
0a:2f:28:9f:e7:88:5d:78:1c:db:64:39:a5:d2:3d:02:22:70:
86:58:bc:3b:7f:2e:ef:b8:d7:57:25:06:78:74:35:63:b4:e0:
b0:f4:53:1f:2d:13:30:b2:8b:3b:ad:a1:38:68:4d:be:ce:1f:
3e:85:28:8a:eb:05:95:a0:9f:c7:39:1e:5e:ca:5b:b7:2f:de:
33:90:6d:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSQmNEiUvWgkbPUXLSixnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MGZmY2E5ZDhjYTA4ZjIxM2U2MGEwMDQ4YzE3ZmJiMGJm
NjBlN2MwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM3NzE2MDgxMWM1MjgxZGI0NTQyYTY1YjdmNDE2MDM4OTZjYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRu1zo47GjKq8nwmDFsydFew+mPq
JLVRvhMO6z4V6gjYFEdhc8oNptavsmFwG4nkQXsGJfMzz8aL7+Rf5sCjRhI8YlZT
U7vm227hdSnHR026KTO3U4I6hXKKbipNIaaOcR5H1LnrKGCgpHo+KpkEs2XsPmxy
JVIoxJlTl8mngz7pRMS3OcXKeIN/QDh+95tag7rgMfmxpS6Y+5vcDi4OnNaBPFKB
TFEaeeQwBhsoEqHxi4J6bk2RiBgGrFNCqj5MaWQCbFhpHm1s6CqJ7/4l8WmFxIVs
4DafKVked2yIcF1PoZhBOifQzUfYEH9u9tttT82+8jNP9CxP5TEMqYjhIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBrHcWCBHFKB20VCplt/QWA4lsurMB8GA1UdIwQY
MBaAFMYP/KnYygjyE+YKAEjBf7sL9g58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGdfOHFkaktDUElUNWdvQVNNRl91d3YyRG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS81Y2Y5YTUtMTFlMC00ODc2LTlmZTQt
ZjUwZjcxZDVlMGM4LzEvR3NkeFlJRWNVb0hiUlVLbVczOUJZRGlXeTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS81Y2Y5YTUtMTFlMC00ODc2LTlmZTQtZjUwZjcxZDVlMGM4
LzEveGdfOHFkaktDUElUNWdvQVNNRl91d3YyRG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwSNiAwQA
wSNlAwQAwSORAwQAwSOcMA0GCSqGSIb3DQEBCwUAA4IBAQCuYIWBz9ltYJKD6RkR
AdNoVj9zOud5wfcrpyKFeSrrTUd85DeBO6KLdwz941VJ7tZ1TdW2735Qj9PvaVoi
0qvQWl8Rc/K7Y0hrEp4iRjn413ukxKGTzYD/pF3Z0qUfluKkfEoRL5s1PGEHFQQB
5j6T1xeRsGm1qKxT2D/3gbCsTqh8E/liYD90dJMc9gFlQmHwrTkY8wE841xPu8NX
xuqv6JIxKBG3LpAqfjV3un9NRCeGtKcKLyif54hdeBzbZDml0j0CInCGWLw7fy7v
uNdXJQZ4dDVjtOCw9FMfLRMwsos7raE4aE2+zh8+hSiK6wWVoJ/HOR5eylu3L94z
kG1j
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:15 2024 by rpki-client on console-fra.rpki-client.org