Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/G7auL5FYxzz4eomTjvGltrtLg28.roa
File: G7auL5FYxzz4eomTjvGltrtLg28.roa (raw, json)
Hash identifier: xTA78KZCMTbp3vfHMqbeAtVhmgiMOT5NeKzEoYj3ayc=
Subject key identifier: 1B:B6:AE:2F:91:58:C7:3C:F8:7A:89:93:8E:F1:A5:B6:BB:4B:83:6F
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FE754D1A04B84FBE0FBAA2FD660B0
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/G7auL5FYxzz4eomTjvGltrtLg28.roa
Signing time: Tue 02 Jan 2024 04:30:26 +0000
ROA not before: Tue 02 Jan 2024 04:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 85.153.128.0/17 maxlen: 24
176.236.0.0/16 maxlen: 24
212.252.0.0/15 maxlen: 24
91.93.0.0/16 maxlen: 24
195.33.192.0/18 maxlen: 24
213.254.128.0/19 maxlen: 24
213.74.0.0/16 maxlen: 24
176.88.0.0/16 maxlen: 24
84.51.0.0/18 maxlen: 24
217.131.0.0/16 maxlen: 24
213.14.207.0/24 maxlen: 24
176.232.0.0/14 maxlen: 24
213.14.0.0/16 maxlen: 24
2a01:730::/32 maxlen: 48
2a01:188::/32 maxlen: 48
2a03:3c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:e7:54:d1:a0:4b:84:fb:e0:fb:aa:2f:d6:60:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bb6ae2f9158c73cf87a89938ef1a5b6bb4b836f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:1c:c2:28:09:6d:ab:fc:3f:30:40:1a:81:
e3:29:2a:ee:37:fa:a2:82:86:72:78:c2:98:14:48:
87:7a:df:a2:44:a0:28:3a:99:1c:2c:be:3c:cb:4f:
0d:82:fb:da:d6:f4:0d:51:5f:a5:f6:0f:9d:0b:1f:
9d:74:2d:77:59:72:e5:e7:64:b8:92:5a:da:b0:b7:
b5:5f:2b:08:01:2e:37:bc:f3:ba:01:ac:5b:28:35:
c2:b4:2b:8a:c8:19:fb:2e:3b:75:03:56:5b:de:7b:
fd:b7:85:41:66:e7:30:dc:96:9c:b5:dc:7e:0e:06:
1d:aa:0e:2e:2e:11:6a:11:73:49:19:1d:a8:2e:0f:
b1:23:dd:b8:a5:14:79:c5:a1:c7:4b:99:18:6f:03:
bc:9e:10:e1:d7:56:43:9f:61:8d:5d:c1:43:45:60:
59:5b:41:51:e7:c0:21:13:b9:80:81:37:1d:db:4b:
d0:68:52:33:63:84:77:77:58:af:ac:82:89:87:bd:
42:c6:b2:c7:c0:6a:84:e6:a2:be:3b:fb:54:63:a1:
0c:da:0d:f6:19:2f:ae:7a:b6:8e:20:14:bc:20:7f:
d6:be:07:be:b4:04:8a:55:32:ef:fa:75:9b:f7:a0:
89:07:76:55:66:3d:d3:e5:f0:11:df:20:c6:f7:9e:
b1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B6:AE:2F:91:58:C7:3C:F8:7A:89:93:8E:F1:A5:B6:BB:4B:83:6F
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/G7auL5FYxzz4eomTjvGltrtLg28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.51.0.0/18
85.153.128.0/17
91.93.0.0/16
176.88.0.0/16
176.232.0.0-176.236.255.255
195.33.192.0/18
212.252.0.0/15
213.14.0.0/16
213.74.0.0/16
213.254.128.0/19
217.131.0.0/16
IPv6:
2a01:188::/32
2a01:730::/32
2a03:3c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:53:9b:48:c4:39:6d:79:f4:db:07:5f:fb:86:23:5e:53:b6:
a1:5c:d0:6a:a0:38:ee:ca:9d:1e:f1:68:d1:1a:c8:78:e1:2b:
5f:02:c2:3f:d7:63:06:46:4e:b0:c6:1a:7a:72:20:d3:0f:f6:
b3:cd:47:6a:ab:99:22:6f:9e:16:2e:bd:c6:8a:57:28:bc:68:
fa:f5:df:1a:20:e7:30:f6:fa:ab:8c:0c:a5:0c:e3:1d:38:83:
85:b7:8f:33:0c:f6:40:17:a3:93:76:cf:45:0c:02:17:24:ea:
15:06:8f:04:01:36:ce:8a:af:24:be:54:08:53:60:14:6a:68:
8b:3b:75:42:15:31:e1:15:96:9f:0b:c0:41:65:d0:14:bb:a2:
c5:74:83:1c:07:94:46:02:17:38:c6:79:3c:d3:45:17:ac:99:
33:00:3e:b1:7b:a5:a6:f7:53:60:6f:b3:1d:0d:75:3f:3b:67:
dd:63:d0:f4:5d:30:8c:a9:4a:07:22:35:63:e4:c2:e7:38:b4:
86:39:af:5b:c6:0e:8c:ac:e4:7f:89:43:48:2a:79:4a:3f:ba:
79:e2:ab:af:bc:69:49:e3:03:a9:f0:71:15:b1:a0:f0:82:e1:
c2:61:c1:20:6e:0a:e2:3e:31:e8:c3:0b:4b:af:7c:86:91:e0:
f6:4b:56:88
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYzIb+dU0aBLhPvg+6ov1mCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmI2YWUyZjkxNThjNzNjZjg3YTg5OTM4ZWYxYTViNmJiNGI4MzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6scwigJbav8PzBAGoHjKSruN/qi
goZyeMKYFEiHet+iRKAoOpkcLL48y08Ngvva1vQNUV+l9g+dCx+ddC13WXLl52S4
klrasLe1XysIAS43vPO6AaxbKDXCtCuKyBn7Ljt1A1Zb3nv9t4VBZucw3Jactdx+
DgYdqg4uLhFqEXNJGR2oLg+xI924pRR5xaHHS5kYbwO8nhDh11ZDn2GNXcFDRWBZ
W0FR58AhE7mAgTcd20vQaFIzY4R3d1ivrIKJh71CxrLHwGqE5qK+O/tUY6EM2g32
GS+ueraOIBS8IH/Wvge+tASKVTLv+nWb96CJB3ZVZj3T5fAR3yDG956xowIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFBu2ri+RWMc8+HqJk47xpba7S4NvMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvRzdhdUw1Rll4eno0ZW9tVGp2R2x0cnRMZzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGVDMAAwQH
VZmAAwMAW10DAwCwWDAKAwMDsOgDAwCw7AMEBsMhwAMDAdT8AwMA1Q4DAwDVSgME
BdX+gAMDANmDMBsEAgACMBUDBQAqAQGIAwUAKgEHMAMFACoDA8AwDQYJKoZIhvcN
AQELBQADggEBAINTm0jEOW159NsHX/uGI15TtqFc0GqgOO7KnR7xaNEayHjhK18C
wj/XYwZGTrDGGnpyINMP9rPNR2qrmSJvnhYuvcaKVyi8aPr13xog5zD2+quMDKUM
4x04g4W3jzMM9kAXo5N2z0UMAhck6hUGjwQBNs6KryS+VAhTYBRqaIs7dUIVMeEV
lp8LwEFl0BS7osV0gxwHlEYCFzjGeTzTRResmTMAPrF7pab3U2Bvsx0NdT87Z91j
0PRdMIypSgciNWPkwuc4tIY5r1vGDoys5H+JQ0gqeUo/unniq6+8aUnjA6nwcRWx
oPCC4cJhwSBuCuI+MejDC0uvfIaR4PZLVog=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:33 2024 by rpki-client on console-fra.rpki-client.org