Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gld7u8PreqE60afwPD2qlpvETN4.roa
File: gld7u8PreqE60afwPD2qlpvETN4.roa (raw, json)
Hash identifier: FQ5r4ZRApqzVh1FDYRlepwH2OX/pBm5cc0uHpn7XrUg=
Subject key identifier: 82:57:7B:BB:C3:EB:7A:A1:3A:D1:A7:F0:3C:3D:AA:96:9B:C4:4C:DE
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018F72FBF44E075B0ECBB11974D320AED017
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gld7u8PreqE60afwPD2qlpvETN4.roa
Signing time: Mon 13 May 2024 17:24:25 +0000
ROA not before: Mon 13 May 2024 17:24:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
141.98.87.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:fb:f4:4e:07:5b:0e:cb:b1:19:74:d3:20:ae:d0:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: May 13 17:24:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82577bbbc3eb7aa13ad1a7f03c3daa969bc44cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ae:2f:59:d7:5d:84:2f:42:c1:bf:85:f5:f2:
5b:ea:f1:6a:f4:f3:2f:c6:cf:b8:df:a5:90:ec:97:
a8:91:03:89:f5:9e:a5:af:fc:19:e5:92:12:82:af:
7b:2a:27:42:22:44:67:62:c0:92:5b:f6:e6:92:1a:
fd:4b:f7:2c:25:16:3d:9e:ad:08:9d:81:5e:be:58:
cb:8b:d1:84:07:4e:d8:9c:76:77:8c:bb:85:66:75:
83:ec:c8:a8:ad:ff:71:c9:a7:29:94:cc:e8:00:0e:
bd:e7:ee:6f:6f:d5:29:40:16:29:67:e4:3a:65:76:
7b:91:33:6d:74:ca:07:8c:6d:c2:3f:12:df:b0:61:
44:d6:19:f9:1c:c7:c0:a1:8b:5a:68:0e:68:3c:0a:
d5:cf:70:f3:03:ed:93:d2:6a:4e:ec:55:51:d2:7b:
c3:a0:ad:df:df:10:ab:70:23:11:52:72:48:0d:43:
78:1c:c5:89:0a:24:fc:77:a4:78:cf:7f:0e:a2:7f:
55:e6:c6:8c:dc:a6:e2:42:04:8a:64:da:99:9a:61:
81:55:49:f3:b7:7e:9d:7e:17:d8:73:40:4c:96:cf:
04:8a:7f:56:bd:28:01:6e:97:12:06:b3:d8:e3:2f:
86:0f:4c:75:89:49:15:42:11:c9:75:4d:8f:a8:9d:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:57:7B:BB:C3:EB:7A:A1:3A:D1:A7:F0:3C:3D:AA:96:9B:C4:4C:DE
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/gld7u8PreqE60afwPD2qlpvETN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.88.36.0/24
185.89.42.0/23
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:40:aa:d7:49:ed:3e:bf:2d:b5:79:1b:20:86:f7:72:b5:7e:
a8:7b:0c:6e:80:ae:d0:09:d5:10:13:fb:03:a3:30:74:b1:89:
7c:e7:a4:b7:35:f5:6d:5c:05:27:2b:5e:91:4a:b6:11:b1:e2:
07:76:6f:73:e2:b9:fb:a1:31:81:c7:81:a7:fd:c1:4a:db:5f:
6b:79:d9:98:e1:f6:b0:10:2d:18:3a:4d:33:2e:d0:b0:ef:d6:
18:eb:bb:13:67:1c:12:e7:4f:56:96:58:0b:aa:43:60:86:21:
a1:72:3d:37:e2:cc:23:5b:c1:4f:c2:1d:41:0d:d1:32:87:e6:
8c:0a:fc:d8:71:63:a0:d2:e6:4c:29:48:d3:0b:f5:9c:14:ad:
f9:3c:76:4b:7e:4f:dd:04:cd:9d:9e:90:ce:ea:77:80:65:e1:
36:b1:fc:5f:55:f5:f7:1e:26:cf:e7:85:a8:9d:fe:bf:5a:59:
dd:43:92:6b:df:0b:e8:ba:35:a5:b5:6f:19:2d:d7:f1:c1:ca:
ca:8a:77:c0:1c:f0:b6:7d:2e:d4:dc:1e:29:21:ae:16:7b:2b:
b4:93:c9:b4:03:5a:f1:9c:8d:ee:9b:3f:2f:ac:d1:e3:45:7e:
4f:cc:6e:d8:39:bc:ac:82:24:a2:28:89:2d:53:d8:8e:c3:7d:
98:60:3a:40
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY9y+/ROB1sOy7EZdNMgrtAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwNTEzMTcyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjU3N2JiYmMzZWI3YWExM2FkMWE3ZjAzYzNkYWE5NjliYzQ0Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka4vWdddhC9Cwb+F9fJb6vFq9PMv
xs+436WQ7JeokQOJ9Z6lr/wZ5ZISgq97KidCIkRnYsCSW/bmkhr9S/csJRY9nq0I
nYFevljLi9GEB07YnHZ3jLuFZnWD7Miorf9xyacplMzoAA695+5vb9UpQBYpZ+Q6
ZXZ7kTNtdMoHjG3CPxLfsGFE1hn5HMfAoYtaaA5oPArVz3DzA+2T0mpO7FVR0nvD
oK3f3xCrcCMRUnJIDUN4HMWJCiT8d6R4z38Oon9V5saM3KbiQgSKZNqZmmGBVUnz
t36dfhfYc0BMls8Ein9WvSgBbpcSBrPY4y+GD0x1iUkVQhHJdU2PqJ23YQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIJXe7vD63qhOtGn8Dw9qpabxEzeMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZ2xkN3U4UHJlcUU2MGFmd1BEMnFscHZFVE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBBbWoAwQA
Bbf/AwQAU6vgAwQBU6viAwQAjWJXAwQAuUS4AwQBuUT2AwQAuVgkAwQBuVkqAwQA
wmgKAwQA1eh4AwQA1eh6MA0GCSqGSIb3DQEBCwUAA4IBAQCpQKrXSe0+vy21eRsg
hvdytX6oewxugK7QCdUQE/sDozB0sYl856S3NfVtXAUnK16RSrYRseIHdm9z4rn7
oTGBx4Gn/cFK219redmY4fawEC0YOk0zLtCw79YY67sTZxwS509WllgLqkNghiGh
cj034swjW8FPwh1BDdEyh+aMCvzYcWOg0uZMKUjTC/WcFK35PHZLfk/dBM2dnpDO
6neAZeE2sfxfVfX3HibP54Wonf6/WlndQ5Jr3wvoujWltW8ZLdfxwcrKinfAHPC2
fS7U3B4pIa4Weyu0k8m0A1rxnI3umz8vrNHjRX5PzG7YObysgiSiKIktU9iOw32Y
YDpA
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:55:54 2024 by rpki-client on console-fra.rpki-client.org