Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/GMAsA9EYp_pbFozJMwh7YrOM5_A.roa
File: GMAsA9EYp_pbFozJMwh7YrOM5_A.roa (raw, json)
Hash identifier: crcW07ribNfnB9dD+XunyM6relFKz4pxYzdesBi6wRw=
Subject key identifier: 18:C0:2C:03:D1:18:A7:FA:5B:16:8C:C9:33:08:7B:62:B3:8C:E7:F0
Certificate issuer: /CN=4afacad2798856f0f065a265a109706941aca8ea
Certificate serial: 018CC26D323AF96781E44CCFCD46796591F8
Authority key identifier: 4A:FA:CA:D2:79:88:56:F0:F0:65:A2:65:A1:09:70:69:41:AC:A8:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/GMAsA9EYp_pbFozJMwh7YrOM5_A.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47176
IP address blocks: 91.222.84.0/22 maxlen: 22
185.94.100.0/22 maxlen: 22
2a04:aa40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/SvrK0nmIVvDwZaJloQlwaUGsqOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/SvrK0nmIVvDwZaJloQlwaUGsqOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:32:3a:f9:67:81:e4:4c:cf:cd:46:79:65:91:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afacad2798856f0f065a265a109706941aca8ea
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18c02c03d118a7fa5b168cc933087b62b38ce7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:e5:a4:ca:57:d0:66:e2:4e:bf:97:9b:97:
2e:c6:0f:dd:3a:2c:a6:bd:4c:df:a5:08:1e:71:57:
53:ae:45:93:37:35:0c:de:05:d4:49:e6:65:0d:97:
8f:d7:b6:25:17:06:e9:5f:e0:3b:62:16:52:be:90:
c6:64:97:87:4f:de:76:13:61:06:39:02:22:0d:52:
a4:48:a7:71:f1:6e:6b:59:a5:99:cc:5d:0c:92:fa:
71:3b:d2:a3:fc:49:d3:57:b4:51:88:6e:2b:15:f1:
0e:40:79:3f:28:75:d5:46:25:92:fb:be:be:7c:5f:
ad:81:f9:88:b0:e7:0d:90:6c:cc:a8:8f:38:27:51:
69:cc:a9:db:72:4b:f2:61:18:91:00:fa:ae:30:96:
aa:45:a0:f8:00:1e:83:6b:3f:f3:56:e4:2c:79:4e:
13:ff:4d:de:62:87:56:f9:93:67:e1:5d:01:86:26:
9a:e1:67:5a:1e:ee:0c:80:a2:a3:cb:b5:b0:96:bb:
a1:6c:fb:44:38:a7:f6:9a:ec:5f:e6:34:95:82:25:
83:b9:dc:93:04:29:a4:16:56:2f:f6:2c:0d:05:1d:
25:6b:72:1b:be:c4:5e:f2:fe:e9:b0:71:e5:70:4e:
5b:59:bf:d6:f4:d8:63:de:98:95:9d:a6:2b:f7:7e:
d9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C0:2C:03:D1:18:A7:FA:5B:16:8C:C9:33:08:7B:62:B3:8C:E7:F0
X509v3 Authority Key Identifier:
keyid:4A:FA:CA:D2:79:88:56:F0:F0:65:A2:65:A1:09:70:69:41:AC:A8:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SvrK0nmIVvDwZaJloQlwaUGsqOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/GMAsA9EYp_pbFozJMwh7YrOM5_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e82d2a-4041-4811-87a5-783469269b35/1/SvrK0nmIVvDwZaJloQlwaUGsqOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.84.0/22
185.94.100.0/22
IPv6:
2a04:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
1e:19:07:a1:a4:d1:2f:d2:51:93:5c:87:34:8e:2e:43:d1:00:
7c:cb:81:fd:56:a4:f9:af:03:5a:80:7a:d6:ec:6d:c7:96:e9:
51:bf:f8:58:5f:81:54:26:66:5a:c6:ee:5a:2c:51:12:28:a3:
c8:42:91:59:71:99:00:b0:b0:aa:ee:d4:7b:91:2a:99:fe:00:
6a:f8:d0:01:36:48:7b:37:28:47:d2:db:3c:62:63:b7:c7:88:
53:c8:8a:93:2e:14:1d:4a:e7:db:0c:18:87:8a:ab:55:df:5f:
47:57:a9:19:29:12:37:67:c3:90:b3:5a:05:8c:34:20:4f:43:
d7:91:9c:d5:19:1f:4b:03:ef:ff:69:fd:2a:a7:ef:7d:22:e7:
81:56:06:9e:1a:48:02:9b:61:ae:eb:83:56:7c:6c:3d:4b:31:
a7:2c:fa:e6:b5:25:11:67:42:f5:56:1f:bb:1c:08:67:2e:d5:
dc:0b:0d:37:89:ea:da:4d:e7:fe:45:99:62:cc:29:59:c1:a4:
41:94:58:97:7b:76:af:04:fa:e9:c6:8b:59:09:59:8e:05:cd:
a8:59:7a:9c:61:33:f6:34:06:af:3d:9d:ab:e9:7a:83:0b:a7:
3e:0a:be:b1:73:b7:7c:bf:39:f1:fa:df:9e:0a:06:e2:dd:a4:
f9:7a:82:d7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbTI6+WeB5EzPzUZ5ZZH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmFjYWQyNzk4ODU2ZjBmMDY1YTI2NWExMDk3MDY5NDFh
Y2E4ZWEwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGMwMmMwM2QxMThhN2ZhNWIxNjhjYzkzMzA4N2I2MmIzOGNlN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeXlpMpX0GbiTr+Xm5cuxg/dOiym
vUzfpQgecVdTrkWTNzUM3gXUSeZlDZeP17YlFwbpX+A7YhZSvpDGZJeHT952E2EG
OQIiDVKkSKdx8W5rWaWZzF0MkvpxO9Kj/EnTV7RRiG4rFfEOQHk/KHXVRiWS+76+
fF+tgfmIsOcNkGzMqI84J1FpzKnbckvyYRiRAPquMJaqRaD4AB6Daz/zVuQseU4T
/03eYodW+ZNn4V0Bhiaa4WdaHu4MgKKjy7WwlruhbPtEOKf2muxf5jSVgiWDudyT
BCmkFlYv9iwNBR0la3IbvsRe8v7psHHlcE5bWb/W9Nhj3piVnaYr937ZoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBjALAPRGKf6WxaMyTMIe2KzjOfwMB8GA1UdIwQY
MBaAFEr6ytJ5iFbw8GWiZaEJcGlBrKjqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3ZySzBubUlWdkR3WmFKbG9RbHdhVUdzcU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lODJkMmEtNDA0MS00ODExLTg3YTUt
NzgzNDY5MjY5YjM1LzEvR01Bc0E5RVlwX3BiRm96Sk13aDdZck9NNV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lODJkMmEtNDA0MS00ODExLTg3YTUtNzgzNDY5MjY5YjM1
LzEvU3ZySzBubUlWdkR3WmFKbG9RbHdhVUdzcU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW95UAwQC
uV5kMA0EAgACMAcDBQMqBKpAMA0GCSqGSIb3DQEBCwUAA4IBAQAeGQehpNEv0lGT
XIc0ji5D0QB8y4H9VqT5rwNagHrW7G3HlulRv/hYX4FUJmZaxu5aLFESKKPIQpFZ
cZkAsLCq7tR7kSqZ/gBq+NABNkh7NyhH0ts8YmO3x4hTyIqTLhQdSufbDBiHiqtV
319HV6kZKRI3Z8OQs1oFjDQgT0PXkZzVGR9LA+//af0qp+99IueBVgaeGkgCm2Gu
64NWfGw9SzGnLPrmtSURZ0L1Vh+7HAhnLtXcCw03ieraTef+RZlizClZwaRBlFiX
e3avBPrpxotZCVmOBc2oWXqcYTP2NAavPZ2r6XqDC6c+Cr6xc7d8vznx+t+eCgbi
3aT5eoLX
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:34:40 2024 by rpki-client on console-ams.rpki-client.org