Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/g_Gb0yAN5l79ylWQ-IatEnoK8iI.roa
File: g_Gb0yAN5l79ylWQ-IatEnoK8iI.roa (raw, json)
Hash identifier: sR1Rhne2RDzjcUBFtA2iuc/uJF10YsTWLwSyffw1R7M=
Subject key identifier: 83:F1:9B:D3:20:0D:E6:5E:FD:CA:55:90:F8:86:AD:12:7A:0A:F2:22
Certificate issuer: /CN=d513872512f1f2d037b401c2603ca8994e721e55
Certificate serial: 018DF036EED690B7EC32CC18D404E7F11C98
Authority key identifier: D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/g_Gb0yAN5l79ylWQ-IatEnoK8iI.roa
Signing time: Wed 28 Feb 2024 14:55:48 +0000
ROA not before: Wed 28 Feb 2024 14:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49367
IP address blocks: 83.136.104.0/21 maxlen: 24
94.198.96.0/21 maxlen: 24
94.198.101.0/24 maxlen: 24
95.141.32.0/20 maxlen: 24
158.58.168.0/21 maxlen: 24
158.58.172.0/23 maxlen: 24
2a02:29e0:2::/48 maxlen: 48
2a02:29e2::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:36:ee:d6:90:b7:ec:32:cc:18:d4:04:e7:f1:1c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d513872512f1f2d037b401c2603ca8994e721e55
Validity
Not Before: Feb 28 14:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83f19bd3200de65efdca5590f886ad127a0af222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:cf:3b:ce:2b:8d:1d:ff:25:c6:73:61:16:a0:
0f:83:88:f6:7a:cf:50:24:42:22:17:b7:06:33:6d:
7d:3c:3d:a4:44:f4:bb:46:64:8c:65:0b:73:c0:84:
13:2e:08:da:81:a3:34:24:a4:33:52:f5:8b:62:86:
1a:2a:1c:60:f1:7f:fe:bd:e4:8e:81:56:fa:a3:c5:
35:22:65:13:69:09:bb:7d:53:59:73:69:d2:bf:a3:
f0:ce:cc:d6:fe:b9:6a:fd:11:47:50:17:46:45:a4:
22:8f:1e:04:4d:f0:f1:89:41:44:22:d3:dc:0f:d1:
4b:9c:42:50:13:73:c4:f7:a3:8f:97:67:ce:59:4e:
f4:81:50:00:8b:bc:c6:5e:aa:c0:97:c0:38:08:79:
f8:ba:0b:8c:97:cc:fa:ef:76:db:49:10:d8:42:92:
f3:9c:16:47:54:ca:7e:a8:a2:89:3f:b8:1a:e7:40:
6b:79:b6:80:e5:80:ed:09:16:ee:e2:e6:b2:ed:7e:
13:2f:93:89:64:9e:f1:26:04:1a:2b:db:30:33:04:
ab:9a:3f:b0:27:61:a2:d3:a2:3d:d1:8a:83:74:20:
fb:11:44:0d:3c:33:5a:20:b0:29:ca:7c:d4:95:26:
c4:c0:00:6e:5f:3f:45:a2:9a:cd:15:97:9e:8e:34:
80:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F1:9B:D3:20:0D:E6:5E:FD:CA:55:90:F8:86:AD:12:7A:0A:F2:22
X509v3 Authority Key Identifier:
keyid:D5:13:87:25:12:F1:F2:D0:37:B4:01:C2:60:3C:A8:99:4E:72:1E:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ROHJRLx8tA3tAHCYDyomU5yHlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/g_Gb0yAN5l79ylWQ-IatEnoK8iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/a7ddf6-2394-48d3-bfa1-6d655cd94468/1/1ROHJRLx8tA3tAHCYDyomU5yHlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.104.0/21
94.198.96.0/21
95.141.32.0/20
158.58.168.0/21
IPv6:
2a02:29e0:2::/48
2a02:29e2::/32
Signature Algorithm: sha256WithRSAEncryption
b8:38:42:4d:d3:f0:1b:ea:b4:3d:c6:c1:7d:fb:3a:f3:8e:f7:
64:15:4b:85:70:4d:01:c4:de:00:01:bb:77:fd:d9:25:69:a8:
9f:0b:cb:e7:d4:21:34:9d:83:de:a1:da:8a:1b:88:21:20:2a:
d0:3a:1e:5f:9c:e5:55:00:7d:72:27:aa:ba:10:df:0e:0e:1d:
df:57:45:56:fc:b7:8d:f0:41:3e:13:93:a6:a0:f9:fb:23:01:
a9:37:38:fd:42:0e:b6:2d:25:38:5d:78:46:c2:68:52:38:f5:
7f:99:85:2d:86:a0:d4:86:f8:cb:13:66:5d:ec:94:db:b3:d1:
07:d6:14:78:e5:12:0f:d2:21:50:62:6e:58:7e:82:68:87:dc:
6c:5c:c1:e5:de:32:e5:ce:ca:45:f1:63:b2:5d:71:37:28:2e:
50:6c:9f:12:ac:e0:b9:80:11:b5:e6:3b:53:37:4c:63:04:87:
d1:b9:b3:9d:47:2c:35:46:9c:d5:01:50:3e:24:c7:de:fe:34:
c4:8b:5b:ff:a0:c8:3a:f7:49:1c:90:09:34:9e:69:8e:c4:ea:
47:30:38:0a:2c:49:82:35:c1:57:0e:21:5d:4f:60:ac:1a:14:
e1:3d:83:99:9c:6d:9d:89:2c:a9:60:52:18:e5:58:24:d1:9b:
01:19:0c:44
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3wNu7WkLfsMswY1ATn8RyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MTM4NzI1MTJmMWYyZDAzN2I0MDFjMjYwM2NhODk5NGU3
MjFlNTUwHhcNMjQwMjI4MTQ1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2YxOWJkMzIwMGRlNjVlZmRjYTU1OTBmODg2YWQxMjdhMGFmMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs87ziuNHf8lxnNhFqAPg4j2es9Q
JEIiF7cGM219PD2kRPS7RmSMZQtzwIQTLgjagaM0JKQzUvWLYoYaKhxg8X/+veSO
gVb6o8U1ImUTaQm7fVNZc2nSv6PwzszW/rlq/RFHUBdGRaQijx4ETfDxiUFEItPc
D9FLnEJQE3PE96OPl2fOWU70gVAAi7zGXqrAl8A4CHn4uguMl8z673bbSRDYQpLz
nBZHVMp+qKKJP7ga50BrebaA5YDtCRbu4uay7X4TL5OJZJ7xJgQaK9swMwSrmj+w
J2Gi06I90YqDdCD7EUQNPDNaILApynzUlSbEwABuXz9FoprNFZeejjSAyQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIPxm9MgDeZe/cpVkPiGrRJ6CvIiMB8GA1UdIwQY
MBaAFNUThyUS8fLQN7QBwmA8qJlOch5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEt
NmQ2NTVjZDk0NDY4LzEvZ19HYjB5QU41bDc5eWxXUS1JYXRFbm9LOGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9hN2RkZjYtMjM5NC00OGQzLWJmYTEtNmQ2NTVjZDk0NDY4
LzEvMVJPSEpSTHg4dEEzdEFIQ1lEeW9tVTV5SGxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQDU4hoAwQD
XsZgAwQEX40gAwQDnjqoMBYEAgACMBADBwAqAingAAIDBQAqAiniMA0GCSqGSIb3
DQEBCwUAA4IBAQC4OEJN0/Ab6rQ9xsF9+zrzjvdkFUuFcE0BxN4AAbt3/dklaaif
C8vn1CE0nYPeodqKG4ghICrQOh5fnOVVAH1yJ6q6EN8ODh3fV0VW/LeN8EE+E5Om
oPn7IwGpNzj9Qg62LSU4XXhGwmhSOPV/mYUthqDUhvjLE2Zd7JTbs9EH1hR45RIP
0iFQYm5YfoJoh9xsXMHl3jLlzspF8WOyXXE3KC5QbJ8SrOC5gBG15jtTN0xjBIfR
ubOdRyw1RpzVAVA+JMfe/jTEi1v/oMg690kckAk0nmmOxOpHMDgKLEmCNcFXDiFd
T2CsGhThPYOZnG2diSypYFIY5Vgk0ZsBGQxE
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:41:15 2024 by rpki-client on console-fra.rpki-client.org