Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/GR1mnVHXR_ss3kj-trurBcyK_dg.roa
File: GR1mnVHXR_ss3kj-trurBcyK_dg.roa (raw, json)
Hash identifier: ScuiSkc5bZkIqODXHRhQisvshNBZkxrMLFVT5hzs5K8=
Subject key identifier: 19:1D:66:9D:51:D7:47:FB:2C:DE:48:FE:B6:BB:AB:05:CC:8A:FD:D8
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 0190E4AD5B9A5765186157F31241D17BA99E
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/GR1mnVHXR_ss3kj-trurBcyK_dg.roa
Signing time: Wed 24 Jul 2024 12:18:04 +0000
ROA not before: Wed 24 Jul 2024 12:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25152
IP address blocks: 193.0.14.0/23 maxlen: 23
193.0.14.0/24 maxlen: 24
193.0.15.0/24 maxlen: 24
193.0.16.0/23 maxlen: 24
2001:7fd::/32 maxlen: 32
2001:7fd::/48 maxlen: 48
2001:7fd:15::/48 maxlen: 48
2001:7fd:16::/48 maxlen: 48
2001:7fd:17::/48 maxlen: 48
2001:7fd:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:ad:5b:9a:57:65:18:61:57:f3:12:41:d1:7b:a9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jul 24 12:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=191d669d51d747fb2cde48feb6bbab05cc8afdd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f3:dc:2e:84:a4:09:d8:df:c0:c5:64:2d:d7:
4d:fa:70:61:be:36:74:23:12:5f:82:67:7f:7a:d7:
0b:cc:03:63:9c:fd:c2:bf:c4:5c:c5:ed:5e:19:8a:
01:43:35:8e:bc:9a:22:b4:61:d2:b7:d0:71:57:bf:
59:99:db:cb:9a:cf:9f:63:e5:d4:20:3a:f4:b8:f1:
ab:0b:1f:fd:41:f9:da:7b:e0:f4:97:cc:bb:74:01:
8d:5c:bd:fb:92:48:67:f6:62:40:45:a9:d4:95:5a:
7e:b9:a7:f3:8d:94:f1:0e:97:19:86:80:55:dc:32:
8b:7b:60:d9:63:3c:1b:bd:90:60:ea:76:2e:e0:a1:
20:50:5d:83:26:3d:78:12:ec:2f:bd:e3:6c:10:56:
1e:01:2d:6b:6d:9e:33:a5:e8:f9:05:c6:cc:89:a1:
87:91:c4:01:64:47:ce:0f:e3:20:a3:d9:91:cd:5f:
79:df:57:3a:c8:ad:45:ec:88:fd:34:6e:cc:fc:75:
fb:75:80:ac:c7:c0:09:36:04:61:e5:5d:d5:69:e9:
33:8c:c7:ac:8a:4a:58:1c:e0:98:38:d4:c5:39:78:
67:07:2a:6d:0f:44:0e:51:ce:4e:b8:35:dc:ab:ac:
fe:13:db:4c:77:67:87:27:13:01:b0:9b:f8:b2:db:
65:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1D:66:9D:51:D7:47:FB:2C:DE:48:FE:B6:BB:AB:05:CC:8A:FD:D8
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/GR1mnVHXR_ss3kj-trurBcyK_dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.14.0-193.0.17.255
IPv6:
2001:7fd::/32
Signature Algorithm: sha256WithRSAEncryption
8d:ef:9a:ca:24:f4:0c:c9:68:85:86:ae:99:5a:97:8c:28:af:
4c:ac:93:3f:2b:2d:df:1f:ea:04:38:c7:5e:75:86:1a:e0:c0:
ac:ea:c4:28:a4:dc:bf:8f:0d:14:97:6f:bc:58:08:5d:b0:ff:
6a:48:63:65:03:e4:f9:48:e1:2f:80:02:e5:23:99:10:b5:6c:
10:86:43:93:bd:1c:57:a5:4d:5a:7f:37:88:25:ed:d5:fa:7a:
a3:88:cf:b1:28:73:71:d6:6c:95:03:fe:67:08:87:ca:ba:a7:
44:0e:1d:65:0f:42:d4:a8:d6:d6:54:37:84:5a:df:d6:95:be:
40:80:9d:bf:66:84:2a:4d:dd:78:14:ea:66:f5:ab:07:05:a9:
66:89:28:06:04:93:ae:7f:6e:4a:bc:c5:bc:a4:60:59:44:a2:
b0:83:c8:35:82:23:79:af:5b:73:26:1b:44:9f:3e:25:e8:de:
a8:2f:c0:e8:d9:b2:e3:bc:b3:d5:e1:2d:89:4d:45:ce:d0:1b:
be:bc:f8:39:50:fd:31:d3:c3:6d:3f:78:f8:0d:2a:fb:ff:35:
e9:5e:cc:da:f2:4a:9e:f9:40:a2:9e:44:c3:ab:b4:c2:e7:12:
53:dd:05:1d:8f:b7:ac:dc:e9:b0:91:e4:c4:1b:c9:95:6f:ad:
d4:33:01:ff
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZDkrVuaV2UYYVfzEkHRe6meMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjQwNzI0MTIxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFkNjY5ZDUxZDc0N2ZiMmNkZTQ4ZmViNmJiYWIwNWNjOGFmZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7fPcLoSkCdjfwMVkLddN+nBhvjZ0
IxJfgmd/etcLzANjnP3Cv8Rcxe1eGYoBQzWOvJoitGHSt9BxV79ZmdvLms+fY+XU
IDr0uPGrCx/9Qfnae+D0l8y7dAGNXL37kkhn9mJARanUlVp+uafzjZTxDpcZhoBV
3DKLe2DZYzwbvZBg6nYu4KEgUF2DJj14EuwvveNsEFYeAS1rbZ4zpej5BcbMiaGH
kcQBZEfOD+Mgo9mRzV9531c6yK1F7Ij9NG7M/HX7dYCsx8AJNgRh5V3VaekzjMes
ikpYHOCYONTFOXhnByptD0QOUc5OuDXcq6z+E9tMd2eHJxMBsJv4sttlFQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBkdZp1R10f7LN5I/ra7qwXMiv3YMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvR1IxbW5WSFhSX3NzM2tqLXRydXJCY3lLX2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAHBAA4D
BAHBABAwDQQCAAIwBwMFACABB/0wDQYJKoZIhvcNAQELBQADggEBAI3vmsok9AzJ
aIWGrplal4wor0yskz8rLd8f6gQ4x151hhrgwKzqxCik3L+PDRSXb7xYCF2w/2pI
Y2UD5PlI4S+AAuUjmRC1bBCGQ5O9HFelTVp/N4gl7dX6eqOIz7Eoc3HWbJUD/mcI
h8q6p0QOHWUPQtSo1tZUN4Ra39aVvkCAnb9mhCpN3XgU6mb1qwcFqWaJKAYEk65/
bkq8xbykYFlEorCDyDWCI3mvW3MmG0SfPiXo3qgvwOjZsuO8s9XhLYlNRc7QG768
+DlQ/THTw20/ePgNKvv/NelezNrySp75QKKeRMOrtMLnElPdBR2Pt6zc6bCR5MQb
yZVvrdQzAf8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:33:41 2024 by rpki-client on console-ams.rpki-client.org