Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/GlyXWskhi1-NdHMJ8a1gG587fY4.roa
File: GlyXWskhi1-NdHMJ8a1gG587fY4.roa (raw, json)
Hash identifier: Gs9Z616Q7du6ZrtsbnR+N63ASryvKlou9TRRyrlkUaE=
Subject key identifier: 1A:5C:97:5A:C9:21:8B:5F:8D:74:73:09:F1:AD:60:1B:9F:3B:7D:8E
Certificate issuer: /CN=facf153f24fa8d3214cd7c6e250d4b19f506722b
Certificate serial: 018CC6B78DC9D5547C151BB16577651F953D
Authority key identifier: FA:CF:15:3F:24:FA:8D:32:14:CD:7C:6E:25:0D:4B:19:F5:06:72:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/GlyXWskhi1-NdHMJ8a1gG587fY4.roa
Signing time: Mon 01 Jan 2024 20:29:27 +0000
ROA not before: Mon 01 Jan 2024 20:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198970
IP address blocks: 194.49.126.0/24 maxlen: 24
185.159.116.0/24 maxlen: 24
185.159.117.0/24 maxlen: 24
185.159.118.0/24 maxlen: 24
185.159.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8d:c9:d5:54:7c:15:1b:b1:65:77:65:1f:95:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=facf153f24fa8d3214cd7c6e250d4b19f506722b
Validity
Not Before: Jan 1 20:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a5c975ac9218b5f8d747309f1ad601b9f3b7d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d8:60:04:31:b3:6a:24:1f:f7:12:60:ef:ee:
b3:41:76:e7:ee:31:e0:17:e3:1c:d1:7c:26:85:67:
f1:86:7c:f5:da:8f:07:aa:87:86:8a:30:1c:3f:b2:
67:fa:58:74:8d:e4:1f:0d:39:aa:91:31:ce:bb:65:
66:8e:4f:70:98:f5:bb:c4:71:fe:25:8e:b5:31:0f:
bc:36:8a:04:22:72:df:e9:a6:56:6b:46:8b:3b:86:
3b:17:88:e1:b0:60:74:b2:d5:c0:34:8a:aa:05:93:
11:78:b6:9c:53:53:fa:bf:48:53:c8:67:72:11:ba:
df:79:65:21:ff:bb:4c:52:3c:31:1d:67:fa:e6:5a:
6d:22:56:3a:ab:7e:3e:aa:83:83:11:d4:31:b8:73:
7c:74:09:c2:f7:a1:95:f7:ae:f9:d9:74:fe:b6:fd:
16:14:8c:d1:56:c1:ba:0d:2e:02:f1:4d:f0:52:da:
c0:0d:7f:6b:c2:d3:59:9b:ea:9c:fc:1f:04:a0:75:
87:0d:81:2f:01:cc:1f:e6:4a:fe:e3:8c:a0:f1:bb:
c1:60:ce:7c:70:6d:98:26:44:87:64:f0:2b:d8:25:
2d:b0:3f:2d:e7:18:fe:8b:60:1f:58:96:0f:ef:25:
82:c3:22:06:45:96:6c:22:3e:35:11:4d:2d:4a:ad:
03:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5C:97:5A:C9:21:8B:5F:8D:74:73:09:F1:AD:60:1B:9F:3B:7D:8E
X509v3 Authority Key Identifier:
keyid:FA:CF:15:3F:24:FA:8D:32:14:CD:7C:6E:25:0D:4B:19:F5:06:72:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/GlyXWskhi1-NdHMJ8a1gG587fY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.116.0/22
194.49.126.0/24
Signature Algorithm: sha256WithRSAEncryption
10:45:0f:c3:87:1f:6b:05:1b:55:8f:9f:72:1e:86:3b:bd:09:
0b:8d:1b:c9:e7:3d:8f:9e:7b:bd:e2:92:85:7c:51:8d:10:1e:
22:1a:d3:8e:f1:64:27:41:a7:36:b2:67:e3:ed:84:3d:3a:7b:
d5:7a:c1:74:16:50:9f:3d:cd:28:71:3a:f9:bf:8a:25:76:bb:
17:8e:96:78:56:d9:d0:41:51:1d:9b:d8:0c:d6:ad:38:77:02:
42:8b:0b:4d:a7:7c:22:ce:d5:c2:39:05:46:03:15:1c:49:4f:
14:2f:a3:d0:91:5a:fe:f4:28:a6:ec:0f:7f:a8:dc:6e:55:af:
9f:90:ca:32:be:e9:7b:c9:3c:2c:dd:3c:f1:c0:b3:c5:27:76:
ac:d6:13:d2:5d:ac:69:45:2d:7f:e3:4e:a2:44:1c:4e:16:34:
c4:4d:c5:11:13:af:88:c0:2d:55:9b:7d:c0:0e:c0:d9:c0:51:
6f:28:e4:ed:84:08:00:d4:a0:3c:39:9b:3f:0c:b5:c4:55:81:
f1:db:44:c3:c4:67:26:05:c3:3d:22:8e:1a:73:6a:fd:e2:81:
3f:12:32:6b:5c:b5:3a:80:6a:71:c6:c7:d1:5a:3f:bc:8a:36:
43:e5:9e:10:fb:2e:ee:3b:0d:1c:43:57:a6:75:19:aa:69:a0:
41:08:53:c8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGt43J1VR8FRuxZXdlH5U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2YxNTNmMjRmYThkMzIxNGNkN2M2ZTI1MGQ0YjE5ZjUw
NjcyMmIwHhcNMjQwMTAxMjAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTVjOTc1YWM5MjE4YjVmOGQ3NDczMDlmMWFkNjAxYjlmM2I3ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NhgBDGzaiQf9xJg7+6zQXbn7jHg
F+Mc0XwmhWfxhnz12o8HqoeGijAcP7Jn+lh0jeQfDTmqkTHOu2Vmjk9wmPW7xHH+
JY61MQ+8NooEInLf6aZWa0aLO4Y7F4jhsGB0stXANIqqBZMReLacU1P6v0hTyGdy
EbrfeWUh/7tMUjwxHWf65lptIlY6q34+qoODEdQxuHN8dAnC96GV96752XT+tv0W
FIzRVsG6DS4C8U3wUtrADX9rwtNZm+qc/B8EoHWHDYEvAcwf5kr+44yg8bvBYM58
cG2YJkSHZPAr2CUtsD8t5xj+i2AfWJYP7yWCwyIGRZZsIj41EU0tSq0D+QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBpcl1rJIYtfjXRzCfGtYBufO32OMB8GA1UdIwQY
MBaAFPrPFT8k+o0yFM18biUNSxn1BnIrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zOFZQeVQ2alRJVXpYeHVKUTFMR2ZVR2Npcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvODYyMWU0LWU5YTktNGI2NC05NjQ4
LTlhYTczNzJiNjE2ZC8xL0dseVhXc2toaTEtTmRITUo4YTFnRzU4N2ZZNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvODYyMWU0LWU5YTktNGI2NC05NjQ4LTlhYTczNzJiNjE2
ZC8xLzEtczhWUHlUNmpUSVV6WHh1SlExTEdmVUdjaXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5n3QD
BADCMX4wDQYJKoZIhvcNAQELBQADggEBABBFD8OHH2sFG1WPn3Iehju9CQuNG8nn
PY+ee73ikoV8UY0QHiIa047xZCdBpzayZ+PthD06e9V6wXQWUJ89zShxOvm/iiV2
uxeOlnhW2dBBUR2b2AzWrTh3AkKLC02nfCLO1cI5BUYDFRxJTxQvo9CRWv70KKbs
D3+o3G5Vr5+QyjK+6XvJPCzdPPHAs8UndqzWE9JdrGlFLX/jTqJEHE4WNMRNxRET
r4jALVWbfcAOwNnAUW8o5O2ECADUoDw5mz8MtcRVgfHbRMPEZyYFwz0ijhpzav3i
gT8SMmtctTqAanHGx9FaP7yKNkPlnhD7Lu47DRxDV6Z1GappoEEIU8g=
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:57:53 2024 by rpki-client on console-ams.rpki-client.org