Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/gsVVjYNbWUVAMHFUE005tPsKkQc.roa
File: gsVVjYNbWUVAMHFUE005tPsKkQc.roa (raw, json)
Hash identifier: Bq0eVFp4mbsGRx8x+tPANog6aWmfb6EDAQ7z/qYUqkk=
Subject key identifier: 82:C5:55:8D:83:5B:59:45:40:30:71:54:13:4D:39:B4:FB:0A:91:07
Certificate issuer: /CN=e283c4ad2fd8724a8c7d5eaf431814cb3d15127e
Certificate serial: 0192AB6504933A22E7DC0C3A00E8F8F838BF
Authority key identifier: E2:83:C4:AD:2F:D8:72:4A:8C:7D:5E:AF:43:18:14:CB:3D:15:12:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4oPErS_YckqMfV6vQxgUyz0VEn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/gsVVjYNbWUVAMHFUE005tPsKkQc.roa
Signing time: Sun 20 Oct 2024 19:26:17 +0000
ROA not before: Sun 20 Oct 2024 19:26:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200849
IP address blocks: 185.92.200.0/24 maxlen: 24
185.92.201.0/24 maxlen: 24
185.92.202.0/24 maxlen: 24
185.92.203.0/24 maxlen: 24
2a03:8d20::/32 maxlen: 32
2a03:8d20:1186::/48 maxlen: 48
2a03:8d20:1188::/48 maxlen: 48
2a03:8d20:2282::/48 maxlen: 48
2a03:8d20:7286::/48 maxlen: 48
2a03:8d20:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/4oPErS_YckqMfV6vQxgUyz0VEn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/4oPErS_YckqMfV6vQxgUyz0VEn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4oPErS_YckqMfV6vQxgUyz0VEn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ab:65:04:93:3a:22:e7:dc:0c:3a:00:e8:f8:f8:38:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e283c4ad2fd8724a8c7d5eaf431814cb3d15127e
Validity
Not Before: Oct 20 19:26:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82c5558d835b594540307154134d39b4fb0a9107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7f:0d:94:ba:2b:27:f5:58:83:03:7b:a9:3d:
90:38:33:e6:e7:b5:19:02:87:a9:54:6c:31:41:3d:
58:ae:9e:68:bb:eb:32:d3:88:d2:64:3b:76:52:62:
b4:42:7c:62:9a:6b:a1:39:06:68:50:8b:6f:b0:8e:
3a:96:e4:4f:98:b4:3e:b9:ea:eb:e8:73:ca:92:d0:
d8:b5:06:94:cf:17:4a:8f:26:9d:a9:0a:e9:91:56:
a8:07:7d:98:e1:c7:1a:ab:9f:97:28:0c:33:10:6a:
99:e1:e7:df:89:21:de:cd:ab:c7:c3:6f:70:a5:07:
13:e5:ee:96:60:3d:ed:be:7b:9f:07:04:9c:a8:78:
ca:01:27:d0:3d:ba:04:a0:05:74:e6:59:d6:a8:50:
eb:ee:98:6f:1e:52:70:e8:21:af:55:fd:94:59:96:
15:59:00:a2:de:19:a1:ec:08:d5:e7:90:78:15:76:
6f:b7:e8:b0:56:05:ea:b0:09:8e:29:e7:eb:7e:db:
43:c4:6b:19:f4:a8:d4:27:3d:aa:6b:43:99:82:bc:
ee:b8:1a:74:d3:da:8c:04:05:60:ea:4f:cf:8e:b0:
74:6f:87:e8:ec:5b:56:59:54:26:00:3b:96:e8:7d:
dd:08:af:40:29:44:23:e8:37:9c:bd:f1:a6:a4:61:
e7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C5:55:8D:83:5B:59:45:40:30:71:54:13:4D:39:B4:FB:0A:91:07
X509v3 Authority Key Identifier:
keyid:E2:83:C4:AD:2F:D8:72:4A:8C:7D:5E:AF:43:18:14:CB:3D:15:12:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4oPErS_YckqMfV6vQxgUyz0VEn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/gsVVjYNbWUVAMHFUE005tPsKkQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/4oPErS_YckqMfV6vQxgUyz0VEn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.200.0/22
IPv6:
2a03:8d20::/32
Signature Algorithm: sha256WithRSAEncryption
53:3b:e2:0b:91:aa:29:0f:86:55:15:03:27:0a:64:55:a6:1d:
fb:8e:ae:30:60:61:38:49:9a:48:21:a2:4d:e0:66:d5:0e:35:
eb:bd:e9:69:0e:3a:91:96:4a:f5:05:6f:7f:a9:75:6a:ff:44:
77:32:05:3e:3e:8b:33:57:22:31:6a:8f:43:e3:2a:14:14:da:
d2:1a:0c:7e:1b:e6:13:1e:ac:c8:64:7e:22:05:63:bb:0c:be:
52:71:90:94:24:b0:80:fe:6a:32:18:b5:f9:2e:a1:82:86:dc:
e8:31:21:3f:d0:c6:e6:53:97:fa:52:31:d1:f7:cb:8b:b4:ae:
17:01:2d:00:4a:75:a1:69:a9:f9:7e:16:84:21:d6:08:df:bb:
91:bd:4d:98:00:30:34:54:f2:1d:7e:bd:5a:7c:56:43:b2:10:
36:c0:21:1b:28:95:60:39:2b:d3:45:ba:03:29:14:4d:90:d0:
7e:c0:19:42:63:20:21:8f:a2:75:22:4f:ff:4f:37:a7:e4:af:
cf:d1:df:cb:09:a3:73:15:73:5c:13:8c:fa:34:e6:6e:92:9f:
85:b4:de:d0:b1:8c:bb:05:7b:43:88:13:c4:b6:09:c2:b9:a9:
50:8e:83:6d:ee:3d:fd:1c:b9:b2:21:f5:aa:98:38:a4:01:f9:
79:85:40:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKrZQSTOiLn3Aw6AOj4+Di/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyODNjNGFkMmZkODcyNGE4YzdkNWVhZjQzMTgxNGNiM2Qx
NTEyN2UwHhcNMjQxMDIwMTkyNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM1NTU4ZDgzNWI1OTQ1NDAzMDcxNTQxMzRkMzliNGZiMGE5MTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon8NlLorJ/VYgwN7qT2QODPm57UZ
AoepVGwxQT1Yrp5ou+sy04jSZDt2UmK0QnximmuhOQZoUItvsI46luRPmLQ+uerr
6HPKktDYtQaUzxdKjyadqQrpkVaoB32Y4ccaq5+XKAwzEGqZ4effiSHezavHw29w
pQcT5e6WYD3tvnufBwScqHjKASfQPboEoAV05lnWqFDr7phvHlJw6CGvVf2UWZYV
WQCi3hmh7AjV55B4FXZvt+iwVgXqsAmOKefrfttDxGsZ9KjUJz2qa0OZgrzuuBp0
09qMBAVg6k/PjrB0b4fo7FtWWVQmADuW6H3dCK9AKUQj6DecvfGmpGHnOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFILFVY2DW1lFQDBxVBNNObT7CpEHMB8GA1UdIwQY
MBaAFOKDxK0v2HJKjH1er0MYFMs9FRJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG9QRXJTX1lja3FNZlY2dlF4Z1V5ejBWRW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOGNjNjYtY2M2NS00ZGMyLWFlODYt
NjFjMWVjYWFiNTVmLzEvZ3NWVmpZTmJXVVZBTUhGVUUwMDV0UHNLa1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOGNjNjYtY2M2NS00ZGMyLWFlODYtNjFjMWVjYWFiNTVm
LzEvNG9QRXJTX1lja3FNZlY2dlF4Z1V5ejBWRW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVzIMA0E
AgACMAcDBQAqA40gMA0GCSqGSIb3DQEBCwUAA4IBAQBTO+ILkaopD4ZVFQMnCmRV
ph37jq4wYGE4SZpIIaJN4GbVDjXrvelpDjqRlkr1BW9/qXVq/0R3MgU+PoszVyIx
ao9D4yoUFNrSGgx+G+YTHqzIZH4iBWO7DL5ScZCUJLCA/moyGLX5LqGChtzoMSE/
0MbmU5f6UjHR98uLtK4XAS0ASnWhaan5fhaEIdYI37uRvU2YADA0VPIdfr1afFZD
shA2wCEbKJVgOSvTRboDKRRNkNB+wBlCYyAhj6J1Ik//Tzen5K/P0d/LCaNzFXNc
E4z6NOZukp+FtN7QsYy7BXtDiBPEtgnCualQjoNt7j39HLmyIfWqmDikAfl5hUAd
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:45 2024 by rpki-client on console-fra.rpki-client.org