Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/GFyH1s8RXOhkUlwmbT35RlJXSBc.roa
File: GFyH1s8RXOhkUlwmbT35RlJXSBc.roa (raw, json)
Hash identifier: /Ok0YmRjvn7lu7Dwubx7OdgoRkVXReS51hKg21im8gw=
Subject key identifier: 18:5C:87:D6:CF:11:5C:E8:64:52:5C:26:6D:3D:F9:46:52:57:48:17
Certificate issuer: /CN=34b419fa4a0a1605188318cdf4a2044992853b95
Certificate serial: 018CC3493D5C82B846400E911EA9AC9C2E91
Authority key identifier: 34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/GFyH1s8RXOhkUlwmbT35RlJXSBc.roa
Signing time: Mon 01 Jan 2024 04:30:06 +0000
ROA not before: Mon 01 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41655
IP address blocks: 195.8.198.0/23 maxlen: 23
195.8.198.0/24 maxlen: 24
195.8.199.0/24 maxlen: 24
37.153.80.0/21 maxlen: 21
37.153.81.0/24 maxlen: 24
37.153.80.0/24 maxlen: 24
37.153.83.0/24 maxlen: 24
37.153.82.0/24 maxlen: 24
37.153.85.0/24 maxlen: 24
37.153.84.0/24 maxlen: 24
37.153.86.0/24 maxlen: 24
37.153.87.0/24 maxlen: 24
2a00:adc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3d:5c:82:b8:46:40:0e:91:1e:a9:ac:9c:2e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34b419fa4a0a1605188318cdf4a2044992853b95
Validity
Not Before: Jan 1 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=185c87d6cf115ce864525c266d3df94652574817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:2a:2c:9b:48:e6:66:90:5e:a2:a5:07:7e:b6:
b5:76:0e:82:d0:15:03:b0:9d:50:d2:38:85:a3:63:
49:d7:43:f0:aa:42:c1:86:75:e9:15:8c:b7:b9:76:
ae:69:82:8c:e1:23:f5:66:b0:b7:68:de:c4:4e:2d:
7c:a1:fb:e4:8b:15:8a:fc:b6:f7:9c:ba:44:be:03:
a4:e8:f8:5a:dd:f1:98:09:8b:06:23:8b:35:06:b0:
a6:56:23:8d:e8:20:e9:41:50:30:74:1a:7e:8f:69:
b7:38:46:b5:8d:14:9c:5a:77:1d:8a:26:24:cf:a7:
2f:aa:29:8f:8a:d4:38:fe:47:de:39:3a:11:67:30:
83:d1:38:c2:d1:f4:90:21:13:3d:95:15:39:dc:05:
86:55:2e:03:fc:37:56:1f:d1:ff:4e:0e:f3:c8:00:
e1:6d:53:8f:d7:bb:b9:13:20:5c:45:60:b3:0f:28:
73:21:38:d2:73:a5:88:3d:56:f6:b5:d0:46:20:04:
11:bd:d8:e8:b5:94:2c:ee:fb:a7:f7:75:50:d0:0a:
3a:6d:71:5e:99:c2:4b:0a:7d:e0:02:56:7d:7e:5b:
57:b1:92:30:b4:a2:70:48:8a:a5:54:f8:bb:7a:ea:
a2:14:ae:18:af:35:b1:48:a3:74:21:ec:78:fe:4f:
aa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:5C:87:D6:CF:11:5C:E8:64:52:5C:26:6D:3D:F9:46:52:57:48:17
X509v3 Authority Key Identifier:
keyid:34:B4:19:FA:4A:0A:16:05:18:83:18:CD:F4:A2:04:49:92:85:3B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLQZ-koKFgUYgxjN9KIESZKFO5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/GFyH1s8RXOhkUlwmbT35RlJXSBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8c79fb-7a57-429d-9c33-8777544c9275/1/NLQZ-koKFgUYgxjN9KIESZKFO5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.80.0/21
195.8.198.0/23
IPv6:
2a00:adc0::/32
Signature Algorithm: sha256WithRSAEncryption
ae:3e:91:fa:ec:48:8c:08:e8:9c:8a:1b:59:1c:ab:1f:cf:ad:
f5:b0:6b:1d:28:07:ac:14:bb:77:c4:08:e7:43:dd:25:9a:9c:
79:57:34:21:4e:b2:26:47:c6:84:90:b1:ed:9d:e9:fa:a4:21:
a8:74:90:87:fd:9d:cd:8e:5f:e5:13:d6:82:f0:96:ed:ae:4f:
7e:ef:36:e7:5c:7b:9d:a7:be:2a:85:56:c6:4f:45:d3:67:34:
07:19:6f:10:1d:01:54:d5:68:bc:89:90:2e:c8:96:c5:49:3c:
04:37:2c:85:9f:ef:0b:62:4c:fd:fd:fc:e6:27:85:29:86:95:
2c:bf:7a:21:95:14:d6:07:c9:35:25:00:93:a8:b7:72:14:4a:
db:d2:da:69:67:1b:f6:6d:b5:9e:cd:fb:3b:f1:8f:8a:2e:6c:
29:28:03:81:3d:cf:08:66:9e:8c:6d:02:fa:71:39:61:76:6d:
c5:14:13:ac:9f:4f:b8:d8:a0:45:51:e1:87:ff:2d:ea:fa:b6:
6f:a1:a2:86:93:54:a1:83:0f:6d:2d:03:71:3a:39:d9:3f:e9:
12:2b:8c:3e:cc:44:16:b8:ae:bf:4d:f7:c8:b0:4f:da:83:21:
73:bc:c4:3b:0e:7c:bd:5f:41:37:b2:4e:f7:97:2c:9d:a2:70:
b2:2e:aa:68
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDST1cgrhGQA6RHqmsnC6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YjQxOWZhNGEwYTE2MDUxODgzMThjZGY0YTIwNDQ5OTI4
NTNiOTUwHhcNMjQwMTAxMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVjODdkNmNmMTE1Y2U4NjQ1MjVjMjY2ZDNkZjk0NjUyNTc0ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSosm0jmZpBeoqUHfra1dg6C0BUD
sJ1Q0jiFo2NJ10PwqkLBhnXpFYy3uXauaYKM4SP1ZrC3aN7ETi18ofvkixWK/Lb3
nLpEvgOk6Pha3fGYCYsGI4s1BrCmViON6CDpQVAwdBp+j2m3OEa1jRScWncdiiYk
z6cvqimPitQ4/kfeOToRZzCD0TjC0fSQIRM9lRU53AWGVS4D/DdWH9H/Tg7zyADh
bVOP17u5EyBcRWCzDyhzITjSc6WIPVb2tdBGIAQRvdjotZQs7vun93VQ0Ao6bXFe
mcJLCn3gAlZ9fltXsZIwtKJwSIqlVPi7euqiFK4YrzWxSKN0Iex4/k+q1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBhch9bPEVzoZFJcJm09+UZSV0gXMB8GA1UdIwQY
MBaAFDS0GfpKChYFGIMYzfSiBEmShTuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMt
ODc3NzU0NGM5Mjc1LzEvR0Z5SDFzOFJYT2hrVWx3bWJUMzVSbEpYU0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yzc5ZmItN2E1Ny00MjlkLTljMzMtODc3NzU0NGM5Mjc1
LzEvTkxRWi1rb0tGZ1VZZ3hqTjlLSUVTWktGTzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJZlQAwQB
wwjGMA0EAgACMAcDBQAqAK3AMA0GCSqGSIb3DQEBCwUAA4IBAQCuPpH67EiMCOic
ihtZHKsfz631sGsdKAesFLt3xAjnQ90lmpx5VzQhTrImR8aEkLHtnen6pCGodJCH
/Z3Njl/lE9aC8Jbtrk9+7zbnXHudp74qhVbGT0XTZzQHGW8QHQFU1Wi8iZAuyJbF
STwENyyFn+8LYkz9/fzmJ4UphpUsv3ohlRTWB8k1JQCTqLdyFErb0tppZxv2bbWe
zfs78Y+KLmwpKAOBPc8IZp6MbQL6cTlhdm3FFBOsn0+42KBFUeGH/y3q+rZvoaKG
k1Shgw9tLQNxOjnZP+kSK4w+zEQWuK6/TffIsE/agyFzvMQ7Dny9X0E3sk73lyyd
onCyLqpo
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:30 2024 by rpki-client on console-fra.rpki-client.org