Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GWug4kri76PQyyuGYD3oUNMziRQ.roa
File: GWug4kri76PQyyuGYD3oUNMziRQ.roa (raw, json)
Hash identifier: JbPRi5DNFWWPakvHruCNjGlzFEde+jYKYw1HnTyLqFs=
Subject key identifier: 19:6B:A0:E2:4A:E2:EF:A3:D0:CB:2B:86:60:3D:E8:50:D3:33:89:14
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A59EE6D076B58A4FD07E2AD9DBBC2
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GWug4kri76PQyyuGYD3oUNMziRQ.roa
Signing time: Tue 02 Jan 2024 12:33:42 +0000
ROA not before: Tue 02 Jan 2024 12:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213029
IP address blocks: 95.47.124.0/23 maxlen: 24
93.170.6.0/24 maxlen: 24
95.47.238.0/23 maxlen: 24
95.47.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:59:ee:6d:07:6b:58:a4:fd:07:e2:ad:9d:bb:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=196ba0e24ae2efa3d0cb2b86603de850d3338914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d9:96:fa:78:d4:52:ee:ac:cd:70:46:97:46:
fe:b4:04:5e:35:a1:78:92:ee:82:a9:a2:77:b5:d2:
84:53:88:10:35:78:15:9b:ea:e0:04:cc:b7:fc:aa:
9f:63:74:3e:b8:f8:91:9e:a7:bb:ad:aa:fa:51:a6:
ae:97:48:a2:51:b1:6d:fd:d1:e6:1d:d1:00:ed:8e:
eb:de:ef:cc:a5:ce:55:c2:c6:7b:bd:61:81:67:0d:
a8:d1:e4:af:ee:fb:8c:a0:79:9f:6d:26:f4:bf:2d:
84:f6:5a:00:58:33:e4:48:7f:0c:a0:17:2f:e9:56:
1d:aa:15:3b:48:88:c1:d8:a6:f5:32:1d:86:fc:f1:
b3:53:c6:ad:fd:2f:8b:e9:52:36:7a:f1:5a:62:9f:
a9:9e:db:a0:4e:19:0b:1c:95:3a:fc:40:85:8a:7e:
3f:75:a8:45:e5:fa:91:fb:af:1f:88:d7:c9:1a:c5:
1f:11:92:4d:aa:e4:8c:55:4e:37:3d:8c:a3:0a:02:
cd:89:19:7d:d8:94:87:78:16:a5:c2:e6:35:06:6b:
4d:8c:65:06:d2:21:e0:da:7b:93:42:54:b7:9b:51:
93:b4:e0:a6:06:11:1c:b3:6d:9c:b2:74:33:23:49:
12:3b:0c:04:5c:40:e8:07:93:a7:25:1e:3f:5f:11:
9a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6B:A0:E2:4A:E2:EF:A3:D0:CB:2B:86:60:3D:E8:50:D3:33:89:14
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/GWug4kri76PQyyuGYD3oUNMziRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.6.0/24
95.47.124.0/23
95.47.127.0/24
95.47.238.0/23
Signature Algorithm: sha256WithRSAEncryption
84:7d:1b:13:9b:2e:1e:5f:ee:bc:e8:1a:d5:a9:57:c9:c1:68:
e0:7e:f4:95:4a:81:85:24:64:56:58:fb:da:1d:1d:5f:bd:1a:
62:95:b6:80:b1:c7:b5:17:a7:46:e8:e8:e3:6a:38:68:85:b5:
62:2f:60:ba:ee:11:c5:a7:9f:ab:64:b7:84:4b:78:77:d0:37:
ce:ee:17:59:92:48:95:4c:b7:3b:38:c7:ce:96:4e:a9:18:d1:
0f:36:ad:fa:2f:3a:99:90:f1:0c:24:47:56:0b:6e:8a:bf:68:
7f:ad:08:34:01:2c:d3:40:cb:bf:75:f7:ed:84:fe:5b:8c:cf:
1d:93:3f:0a:24:f4:9f:61:1e:4f:10:39:13:8a:ed:03:b4:50:
94:56:bf:5d:46:9a:88:cf:d4:d9:a5:ba:c6:4a:64:47:14:ef:
c1:1f:f2:07:be:0d:30:cf:f6:39:86:8c:cf:a1:2a:b5:e1:02:
51:cf:39:26:41:49:7a:bb:3e:6e:3a:56:c6:11:ea:79:4c:c3:
ec:e7:05:14:4d:a1:59:57:e2:eb:db:f8:67:a8:d2:18:1c:8e:
24:0d:75:93:e4:d3:67:b3:59:2e:67:51:00:bd:6c:b2:c3:48:
5f:a2:f3:3e:63:42:90:10:d3:cf:0f:a9:32:d8:77:28:ca:57:
fb:10:43:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKlnubQdrWKT9B+KtnbvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTZiYTBlMjRhZTJlZmEzZDBjYjJiODY2MDNkZTg1MGQzMzM4OTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9mW+njUUu6szXBGl0b+tAReNaF4
ku6CqaJ3tdKEU4gQNXgVm+rgBMy3/KqfY3Q+uPiRnqe7rar6Uaaul0iiUbFt/dHm
HdEA7Y7r3u/Mpc5VwsZ7vWGBZw2o0eSv7vuMoHmfbSb0vy2E9loAWDPkSH8MoBcv
6VYdqhU7SIjB2Kb1Mh2G/PGzU8at/S+L6VI2evFaYp+pntugThkLHJU6/ECFin4/
dahF5fqR+68fiNfJGsUfEZJNquSMVU43PYyjCgLNiRl92JSHeBalwuY1BmtNjGUG
0iHg2nuTQlS3m1GTtOCmBhEcs22csnQzI0kSOwwEXEDoB5OnJR4/XxGarQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBlroOJK4u+j0MsrhmA96FDTM4kUMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvR1d1ZzRrcmk3NlBReXl1R1lEM29VTk16aVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXaoGAwQB
Xy98AwQAXy9/AwQBXy/uMA0GCSqGSIb3DQEBCwUAA4IBAQCEfRsTmy4eX+686BrV
qVfJwWjgfvSVSoGFJGRWWPvaHR1fvRpilbaAsce1F6dG6OjjajhohbViL2C67hHF
p5+rZLeES3h30DfO7hdZkkiVTLc7OMfOlk6pGNEPNq36LzqZkPEMJEdWC26Kv2h/
rQg0ASzTQMu/dffthP5bjM8dkz8KJPSfYR5PEDkTiu0DtFCUVr9dRpqIz9TZpbrG
SmRHFO/BH/IHvg0wz/Y5hozPoSq14QJRzzkmQUl6uz5uOlbGEep5TMPs5wUUTaFZ
V+Lr2/hnqNIYHI4kDXWT5NNns1kuZ1EAvWyyw0hfovM+Y0KQENPPD6ky2Hcoylf7
EENn
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:31:03 2024 by rpki-client on console-ams.rpki-client.org