Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/GeamoSvRj0HWUG4CmLwa5wjHR-k.roa
File: GeamoSvRj0HWUG4CmLwa5wjHR-k.roa (raw, json)
Hash identifier: jazD90mE2SbzFRfRT//p2IxE7zBgezzV0FWI65CtI7g=
Subject key identifier: 19:E6:A6:A1:2B:D1:8F:41:D6:50:6E:02:98:BC:1A:E7:08:C7:47:E9
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 018CCA2A37186B83347C78DBE45AA6CE24A0
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/GeamoSvRj0HWUG4CmLwa5wjHR-k.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198440
IP address blocks: 185.102.148.0/22 maxlen: 24
37.48.224.0/24 maxlen: 24
37.48.229.0/24 maxlen: 24
37.48.230.0/24 maxlen: 24
62.64.128.0/21 maxlen: 24
62.64.136.0/22 maxlen: 24
188.74.64.0/19 maxlen: 24
62.64.144.0/20 maxlen: 24
217.168.248.0/21 maxlen: 24
2a05:87c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:37:18:6b:83:34:7c:78:db:e4:5a:a6:ce:24:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19e6a6a12bd18f41d6506e0298bc1ae708c747e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c7:51:7e:19:41:d6:73:0f:57:81:37:3c:39:
84:0c:25:7f:c9:3a:a5:cd:43:0b:53:11:2c:4b:a4:
31:ab:3f:69:20:11:3a:ea:a1:52:0e:30:42:4b:3a:
13:ea:64:6f:25:c0:a6:5a:64:32:34:4b:77:02:46:
f6:b9:78:9b:ec:92:3a:10:4a:b6:00:a4:ce:3c:67:
b3:11:a4:16:77:4a:09:9a:79:aa:d8:c1:8a:3b:63:
26:11:ad:0f:a1:c6:f8:38:38:9f:d2:ce:02:7e:fb:
4d:f3:03:68:1b:ab:61:c0:c3:e0:7a:00:6f:be:dd:
41:98:ba:6a:42:86:47:f1:dc:46:2d:7b:44:d4:0d:
91:07:be:69:3d:00:9d:12:ab:b5:5b:99:14:8c:2c:
a1:40:07:3f:f2:a1:86:1f:7c:5a:91:cb:11:18:43:
d0:16:9a:5b:3f:3d:c6:92:19:dc:a4:bb:a6:41:73:
81:20:98:2e:3c:c4:22:47:c8:2a:65:72:e6:82:86:
ee:92:2d:57:be:5b:48:66:8e:bc:4e:02:6b:99:1c:
d4:2c:fc:b7:b9:f8:54:e3:21:eb:4f:4c:25:b3:e9:
c7:79:0b:89:dc:af:d8:33:99:2d:f0:fb:3a:5d:7a:
be:1c:47:ba:41:9b:3a:07:de:dd:55:fa:da:22:f5:
cd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E6:A6:A1:2B:D1:8F:41:D6:50:6E:02:98:BC:1A:E7:08:C7:47:E9
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/GeamoSvRj0HWUG4CmLwa5wjHR-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.224.0/24
37.48.229.0-37.48.230.255
62.64.128.0-62.64.139.255
62.64.144.0/20
185.102.148.0/22
188.74.64.0/19
217.168.248.0/21
IPv6:
2a05:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
cb:bc:4c:51:0c:e3:a5:bb:20:59:66:80:a2:f9:f3:36:65:09:
0c:ac:02:98:c1:b2:41:a0:ff:e9:25:e8:c1:3f:d2:c5:22:8f:
a9:f6:11:89:b1:44:4d:1e:38:40:90:a6:a8:cc:a9:b7:69:02:
f6:34:d6:b4:29:dc:0d:37:aa:7d:58:ea:04:6a:ec:3e:ba:a1:
35:16:8f:68:35:8c:21:b7:f2:ff:e6:dd:50:c9:fa:b9:71:6f:
f0:7f:25:20:62:2a:38:af:89:c8:ae:9f:ad:30:41:d0:59:1d:
7f:89:e4:8a:05:0d:e1:65:c2:11:9a:2a:05:13:bf:39:60:1c:
e9:8b:19:a0:6c:f7:52:f2:9d:1f:dd:2f:f4:16:ee:ea:1d:d4:
e7:e8:2e:c3:92:bc:db:b7:fd:ed:10:09:ce:6c:c9:83:af:68:
ed:58:6e:26:fc:f3:1a:59:4d:25:30:0e:7b:61:3d:7a:fc:21:
38:11:24:4a:6e:39:2d:6d:db:95:27:83:29:ef:d6:65:14:f9:
de:8d:7d:3e:ed:1c:54:1e:db:2f:98:91:ad:24:0a:31:d9:d3:
a4:7e:dd:e0:5f:80:fe:eb:40:f9:de:38:8e:78:63:ab:9b:fb:
f8:b7:9f:20:54:32:ed:b3:08:9c:18:2d:4f:26:8a:31:8e:06:
71:24:77:6b
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYzKKjcYa4M0fHjb5FqmziSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWU2YTZhMTJiZDE4ZjQxZDY1MDZlMDI5OGJjMWFlNzA4Yzc0N2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMdRfhlB1nMPV4E3PDmEDCV/yTql
zUMLUxEsS6Qxqz9pIBE66qFSDjBCSzoT6mRvJcCmWmQyNEt3Akb2uXib7JI6EEq2
AKTOPGezEaQWd0oJmnmq2MGKO2MmEa0Pocb4ODif0s4CfvtN8wNoG6thwMPgegBv
vt1BmLpqQoZH8dxGLXtE1A2RB75pPQCdEqu1W5kUjCyhQAc/8qGGH3xakcsRGEPQ
FppbPz3GkhncpLumQXOBIJguPMQiR8gqZXLmgobuki1XvltIZo68TgJrmRzULPy3
ufhU4yHrT0wls+nHeQuJ3K/YM5kt8Ps6XXq+HEe6QZs6B97dVfraIvXNywIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFBnmpqEr0Y9B1lBuApi8GucIx0fpMB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEvR2VhbW9TdlJqMEhXVUc0Q21Md2E1d2pIUi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQAJTDgMAwD
BAAlMOUDBAAlMOYwDAMEBz5AgAMEAj5AiAMEBD5AkAMEArlmlAMEBbxKQAMEA9mo
+DANBAIAAjAHAwUDKgWHwDANBgkqhkiG9w0BAQsFAAOCAQEAy7xMUQzjpbsgWWaA
ovnzNmUJDKwCmMGyQaD/6SXowT/SxSKPqfYRibFETR44QJCmqMypt2kC9jTWtCnc
DTeqfVjqBGrsPrqhNRaPaDWMIbfy/+bdUMn6uXFv8H8lIGIqOK+JyK6frTBB0Fkd
f4nkigUN4WXCEZoqBRO/OWAc6YsZoGz3UvKdH90v9Bbu6h3U5+guw5K827f97RAJ
zmzJg69o7VhuJvzzGllNJTAOe2E9evwhOBEkSm45LW3blSeDKe/WZRT53o19Pu0c
VB7bL5iRrSQKMdnTpH7d4F+A/utA+d44jnhjq5v7+LefIFQy7bMInBgtTyaKMY4G
cSR3aw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:01 2024 by rpki-client on console-ams.rpki-client.org