Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/GWNeXZZYOxHLIqTc6BFjK1T5BhA.roa
File: GWNeXZZYOxHLIqTc6BFjK1T5BhA.roa (raw, json)
Hash identifier: IOrevJcd7farw3dVnpDqQDfQlHeRIXXeoCIuIlWQx08=
Subject key identifier: 19:63:5E:5D:96:58:3B:11:CB:22:A4:DC:E8:11:63:2B:54:F9:06:10
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F948CB8E0283D2AF55090A80BB88439
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/GWNeXZZYOxHLIqTc6BFjK1T5BhA.roa
Signing time: Wed 27 Mar 2024 11:03:45 +0000
ROA not before: Wed 27 Mar 2024 11:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 2.17.224.0/22 maxlen: 22
2.17.228.0/22 maxlen: 22
2.17.232.0/22 maxlen: 22
2.17.236.0/22 maxlen: 22
2.20.24.0/22 maxlen: 22
2a02:26f0:c700::/48 maxlen: 48
2a02:26f0:cb00::/48 maxlen: 48
2a02:26f0:d100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 13:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:94:8c:b8:e0:28:3d:2a:f5:50:90:a8:0b:b8:84:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19635e5d96583b11cb22a4dce811632b54f90610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:b9:d8:6d:f1:12:ba:6c:4b:70:b8:0b:8d:
f2:5a:23:2b:d7:9d:4d:52:c1:14:1b:a7:a0:78:f2:
2e:1d:46:12:8a:65:97:d4:ea:e1:76:aa:f4:bc:0d:
43:42:14:29:e9:8d:9a:8f:78:6e:73:59:66:d1:fc:
c3:53:6f:1d:0f:00:f7:1d:c0:90:c1:64:ca:47:f7:
3d:b7:3b:6d:b6:95:f3:4c:48:24:da:92:71:cc:fa:
6c:e9:29:78:06:15:2b:dd:57:cc:39:6a:16:10:64:
8d:d5:b6:ec:92:f0:21:38:e7:98:46:70:ab:ad:5a:
13:c0:d3:45:c7:bf:d9:4a:ca:ce:be:d4:f3:76:fb:
46:67:d0:06:0c:2d:b5:fa:ce:6e:c1:8c:cc:85:6e:
69:fb:91:21:87:21:d9:83:f2:dc:09:12:91:10:e7:
f4:57:01:02:10:2a:c1:bb:58:5b:e5:b2:9e:66:f9:
80:81:67:c7:12:f3:bc:c1:8e:ad:70:3e:d2:59:06:
76:c8:dd:0a:1e:f4:a1:4c:56:ae:67:d8:c7:6d:e2:
51:94:8f:01:1e:d4:9d:57:4a:2c:9d:b7:53:a9:b0:
f5:ec:b0:d3:85:76:2c:9a:b1:af:10:21:e4:15:84:
38:96:a8:29:3b:b5:bb:89:a7:9f:7f:86:be:20:bb:
96:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:63:5E:5D:96:58:3B:11:CB:22:A4:DC:E8:11:63:2B:54:F9:06:10
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/GWNeXZZYOxHLIqTc6BFjK1T5BhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.224.0/20
2.20.24.0/22
IPv6:
2a02:26f0:c700::/48
2a02:26f0:cb00::/48
2a02:26f0:d100::/48
Signature Algorithm: sha256WithRSAEncryption
a5:90:44:c3:04:06:5b:52:ff:89:40:78:70:57:cd:db:0d:9f:
b3:6e:44:3d:75:bc:10:ec:b8:38:06:4a:54:20:d4:85:84:c9:
d5:95:f9:03:17:bc:27:e5:90:6a:6d:5a:17:2c:d9:18:e6:33:
b4:f7:ce:bf:63:f4:f9:d8:ff:da:8b:4a:98:cd:68:98:f3:6d:
76:ec:50:fb:5d:0f:f4:99:34:82:cd:b2:4c:fe:50:dc:f4:6a:
84:2b:4f:8f:ba:3b:91:54:94:12:54:51:a2:b9:df:de:2d:fc:
9e:f0:a9:45:38:bd:9e:00:81:84:94:39:66:b5:67:bc:89:4d:
c2:db:d0:e7:f3:ad:f7:5f:7d:31:02:99:ce:14:5e:de:20:9b:
01:6a:ae:1a:a5:1f:8b:32:e1:82:5f:f8:aa:94:95:91:cb:54:
5c:73:31:17:f6:a5:6f:90:88:f7:76:7f:4f:37:6d:73:e3:c7:
f9:42:93:ce:be:ed:15:62:aa:54:0b:cf:2a:76:8d:7b:db:6e:
e7:10:67:fa:1e:f0:03:0c:ab:49:97:2c:21:00:87:ad:47:1b:
82:ce:26:a7:6c:f2:4f:29:7f:e6:b7:28:5a:35:2f:60:fd:72:
f6:da:4f:db:72:7c:8f:6a:ee:97:5d:50:ac:99:a6:c2:ed:28:
ce:6b:cb:d2
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY5/lIy44Cg9KvVQkKgLuIQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTYzNWU1ZDk2NTgzYjExY2IyMmE0ZGNlODExNjMyYjU0ZjkwNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntu52G3xErpsS3C4C43yWiMr151N
UsEUG6egePIuHUYSimWX1Orhdqr0vA1DQhQp6Y2aj3huc1lm0fzDU28dDwD3HcCQ
wWTKR/c9tztttpXzTEgk2pJxzPps6Sl4BhUr3VfMOWoWEGSN1bbskvAhOOeYRnCr
rVoTwNNFx7/ZSsrOvtTzdvtGZ9AGDC21+s5uwYzMhW5p+5EhhyHZg/LcCRKREOf0
VwECECrBu1hb5bKeZvmAgWfHEvO8wY6tcD7SWQZ2yN0KHvShTFauZ9jHbeJRlI8B
HtSdV0osnbdTqbD17LDThXYsmrGvECHkFYQ4lqgpO7W7iaeff4a+ILuWfwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBljXl2WWDsRyyKk3OgRYytU+QYQMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvR1dOZVhaWllPeEhMSXFUYzZCRmpLMVQ1QmhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQEAhHgAwQC
AhQYMCEEAgACMBsDBwAqAibwxwADBwAqAibwywADBwAqAibw0QAwDQYJKoZIhvcN
AQELBQADggEBAKWQRMMEBltS/4lAeHBXzdsNn7NuRD11vBDsuDgGSlQg1IWEydWV
+QMXvCflkGptWhcs2RjmM7T3zr9j9PnY/9qLSpjNaJjzbXbsUPtdD/SZNILNskz+
UNz0aoQrT4+6O5FUlBJUUaK5394t/J7wqUU4vZ4AgYSUOWa1Z7yJTcLb0Ofzrfdf
fTECmc4UXt4gmwFqrhqlH4sy4YJf+KqUlZHLVFxzMRf2pW+QiPd2f083bXPjx/lC
k86+7RViqlQLzyp2jXvbbucQZ/oe8AMMq0mXLCEAh61HG4LOJqds8k8pf+a3KFo1
L2D9cvbaT9tyfI9q7pddUKyZpsLtKM5ry9I=
-----END CERTIFICATE-----
Generated at Wed May 29 16:54:24 2024 by rpki-client on console-fra.rpki-client.org