Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/GfPZ79CqI6uL0Vu8keenviPkWGs.roa
File: GfPZ79CqI6uL0Vu8keenviPkWGs.roa (raw, json)
Hash identifier: pqPx4BmkozRUAjFSLwg6Nx3lNxhdB+12GQsb7BfStTM=
Subject key identifier: 19:F3:D9:EF:D0:AA:23:AB:8B:D1:5B:BC:91:E7:A7:BE:23:E4:58:6B
Certificate issuer: /CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Certificate serial: 018CC6B91DB180780B931DF92C4EB99F3264
Authority key identifier: 4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/GfPZ79CqI6uL0Vu8keenviPkWGs.roa
Signing time: Mon 01 Jan 2024 20:31:09 +0000
ROA not before: Mon 01 Jan 2024 20:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60798
IP address blocks: 45.138.201.0/24 maxlen: 24
45.138.200.0/22 maxlen: 22
45.138.200.0/24 maxlen: 24
45.14.184.0/22 maxlen: 24
185.229.236.0/22 maxlen: 24
185.25.204.0/22 maxlen: 24
2a00:82e0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1d:b1:80:78:0b:93:1d:f9:2c:4e:b9:9f:32:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5aa38eea324e2bd7ab6427e7596a9fa41db0e3
Validity
Not Before: Jan 1 20:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19f3d9efd0aa23ab8bd15bbc91e7a7be23e4586b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:79:da:74:01:57:36:39:b2:2c:52:42:24:4c:
34:d1:12:61:71:de:62:18:b8:95:18:a7:dd:c2:cc:
dd:d0:2e:6b:8c:ff:49:64:96:de:20:07:6f:31:a9:
22:ca:bd:68:80:5e:52:87:b4:56:0a:cf:b2:f3:48:
55:a1:9d:04:4a:3c:42:a1:86:e7:0b:71:70:75:6b:
31:47:2f:42:f3:c7:a4:41:97:2c:5a:38:45:c9:86:
2f:b3:1e:3a:ca:ca:2a:a9:b8:53:58:95:a3:b3:43:
d5:cb:33:61:d9:a0:aa:d6:35:ab:70:96:15:4a:d1:
42:d4:51:67:f6:af:aa:8c:d8:b6:d7:b6:90:12:2f:
24:46:80:6a:cf:9e:6f:d0:17:17:7a:73:1b:fe:7e:
16:22:78:c7:a7:68:82:72:b1:0d:1b:e3:07:8c:af:
c3:e6:05:31:67:10:75:f3:c2:4c:4d:b6:f6:d0:7d:
da:e8:ee:3b:bb:d4:35:d9:2d:bc:ed:58:6d:5a:45:
73:00:20:ae:df:ba:94:67:df:3b:7e:57:6d:b4:80:
27:f6:c0:f6:db:e9:f6:5c:ca:39:c3:e5:d7:f2:95:
b6:ca:7d:b5:74:b0:74:5b:09:b6:e7:42:27:03:b4:
23:dd:c3:84:f8:80:64:60:70:3b:46:44:70:70:36:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F3:D9:EF:D0:AA:23:AB:8B:D1:5B:BC:91:E7:A7:BE:23:E4:58:6B
X509v3 Authority Key Identifier:
keyid:4E:5A:A3:8E:EA:32:4E:2B:D7:AB:64:27:E7:59:6A:9F:A4:1D:B0:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlqjjuoyTivXq2Qn51lqn6QdsOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/GfPZ79CqI6uL0Vu8keenviPkWGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/767119-28aa-4339-b741-4eeed8a4308b/1/TlqjjuoyTivXq2Qn51lqn6QdsOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.184.0/22
45.138.200.0/22
185.25.204.0/22
185.229.236.0/22
IPv6:
2a00:82e0::/40
Signature Algorithm: sha256WithRSAEncryption
70:c7:f4:a3:8d:c5:8b:87:3a:1d:3d:92:ed:c9:d1:9f:d0:89:
6f:18:23:8d:2a:d8:26:b3:9c:e8:31:6f:dc:40:a2:e4:99:be:
c3:70:9f:7c:1b:2d:98:f6:3c:1b:e2:c9:fa:b3:8e:7d:a2:62:
95:e4:9a:57:79:b1:46:4e:36:ba:96:27:b5:ea:8e:6b:df:1e:
49:a4:2e:d5:20:a9:87:ce:8a:59:21:9c:a9:86:5a:1d:e3:2a:
e2:d3:b1:78:83:56:99:eb:4d:7f:58:fa:09:1b:cf:96:ca:4d:
fd:ac:5b:f4:82:ce:95:2a:8f:f4:45:96:b9:8b:55:b4:d3:33:
f5:cc:49:09:18:b2:8f:6a:86:9b:10:ae:86:61:30:f8:eb:05:
30:90:90:14:49:46:a5:46:35:1e:e9:fd:d1:39:b7:e6:e4:5d:
6e:c4:33:a8:18:30:5e:ed:85:5d:d7:28:70:d0:50:ff:e2:82:
83:47:92:19:56:23:3e:14:aa:7a:d2:92:2b:dd:13:cd:8f:79:
fd:1b:6f:eb:31:13:ee:be:aa:41:83:ca:74:3b:4c:fa:39:9e:
10:95:23:7c:97:77:77:5a:71:9d:2f:bc:39:85:bc:1b:28:ae:
1f:1b:f5:5b:32:22:3e:a1:cf:d2:60:13:71:02:c9:c6:46:6f:
66:75:db:53
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzGuR2xgHgLkx35LE65nzJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNWFhMzhlZWEzMjRlMmJkN2FiNjQyN2U3NTk2YTlmYTQx
ZGIwZTMwHhcNMjQwMTAxMjAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWYzZDllZmQwYWEyM2FiOGJkMTViYmM5MWU3YTdiZTIzZTQ1ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XnadAFXNjmyLFJCJEw00RJhcd5i
GLiVGKfdwszd0C5rjP9JZJbeIAdvMakiyr1ogF5Sh7RWCs+y80hVoZ0ESjxCoYbn
C3FwdWsxRy9C88ekQZcsWjhFyYYvsx46ysoqqbhTWJWjs0PVyzNh2aCq1jWrcJYV
StFC1FFn9q+qjNi217aQEi8kRoBqz55v0BcXenMb/n4WInjHp2iCcrENG+MHjK/D
5gUxZxB188JMTbb20H3a6O47u9Q12S287VhtWkVzACCu37qUZ987fldttIAn9sD2
2+n2XMo5w+XX8pW2yn21dLB0Wwm250InA7Qj3cOE+IBkYHA7RkRwcDZRAQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBnz2e/QqiOri9FbvJHnp74j5FhrMB8GA1UdIwQY
MBaAFE5ao47qMk4r16tkJ+dZap+kHbDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxxamp1b3lUaXZYcTJRbjUxbHFuNlFkc09NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NjcxMTktMjhhYS00MzM5LWI3NDEt
NGVlZWQ4YTQzMDhiLzEvR2ZQWjc5Q3FJNnVMMFZ1OGtlZW52aVBrV0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NjcxMTktMjhhYS00MzM5LWI3NDEtNGVlZWQ4YTQzMDhi
LzEvVGxxamp1b3lUaXZYcTJRbjUxbHFuNlFkc09NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQCLQ64AwQC
LYrIAwQCuRnMAwQCueXsMA4EAgACMAgDBgAqAILgADANBgkqhkiG9w0BAQsFAAOC
AQEAcMf0o43Fi4c6HT2S7cnRn9CJbxgjjSrYJrOc6DFv3ECi5Jm+w3CffBstmPY8
G+LJ+rOOfaJileSaV3mxRk42upYnteqOa98eSaQu1SCph86KWSGcqYZaHeMq4tOx
eINWmetNf1j6CRvPlspN/axb9ILOlSqP9EWWuYtVtNMz9cxJCRiyj2qGmxCuhmEw
+OsFMJCQFElGpUY1Hun90Tm35uRdbsQzqBgwXu2FXdcocNBQ/+KCg0eSGVYjPhSq
etKSK90TzY95/Rtv6zET7r6qQYPKdDtM+jmeEJUjfJd3d1pxnS+8OYW8GyiuHxv1
WzIiPqHP0mATcQLJxkZvZnXbUw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:14:55 2024 by rpki-client on console-fra.rpki-client.org