Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/GadQzAbtTgXl4GYPZXfHrpxnomE.roa
File: GadQzAbtTgXl4GYPZXfHrpxnomE.roa (raw, json)
Hash identifier: QXyr56urikoFKylCgF6CElhTS3/QZ4Ytc6v/3SU4UPo=
Subject key identifier: 19:A7:50:CC:06:ED:4E:05:E5:E0:66:0F:65:77:C7:AE:9C:67:A2:61
Certificate issuer: /CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Certificate serial: 018CCA2B6B579DEF9AD10F01F1BC12B9C292
Authority key identifier: 0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/GadQzAbtTgXl4GYPZXfHrpxnomE.roa
Signing time: Tue 02 Jan 2024 12:34:52 +0000
ROA not before: Tue 02 Jan 2024 12:34:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212091
IP address blocks: 45.147.85.0/24 maxlen: 24
45.147.86.0/24 maxlen: 24
185.230.103.0/24 maxlen: 24
45.130.46.0/24 maxlen: 24
45.130.47.0/24 maxlen: 24
2a10:b583::/32 maxlen: 32
2a10:b581::/32 maxlen: 32
2a10:b582::/32 maxlen: 32
2a10:b580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 00:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:6b:57:9d:ef:9a:d1:0f:01:f1:bc:12:b9:c2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e831fd70c6bd37a2a75d7a0eac031c92da8e185
Validity
Not Before: Jan 2 12:34:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19a750cc06ed4e05e5e0660f6577c7ae9c67a261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:77:43:c6:e9:14:26:59:4c:40:9c:4e:c8:
0e:55:5e:e7:bf:29:bd:41:b6:1f:7c:f0:03:d2:64:
77:44:93:b5:a0:c7:90:95:9a:ea:ac:a8:44:ec:7d:
44:f7:82:28:54:d4:a8:3d:e2:c0:f3:d7:83:4d:6a:
72:37:09:c8:ff:9e:d6:bb:bd:b9:53:6f:73:eb:9a:
49:5d:95:75:8f:36:a6:f0:f3:0d:03:63:b0:f1:b0:
d0:46:71:8a:57:24:26:97:77:ee:21:6f:72:a5:4c:
0b:17:72:7b:23:0b:5b:d7:8c:dd:6e:14:29:c3:09:
b9:bd:20:ee:4d:49:c8:27:3e:9a:8c:46:7d:c2:af:
7d:3c:b7:56:01:e6:a8:6b:42:64:bd:d1:fb:8f:1a:
c7:c5:1b:91:44:9b:2b:d4:e9:49:99:22:f9:05:7b:
09:94:17:1f:62:6c:18:b0:3b:17:6c:68:38:b2:77:
5b:3f:a9:a1:53:ca:99:d0:95:4f:60:98:83:5f:57:
96:58:5a:ed:53:9c:6f:ae:7b:8d:28:5f:b0:c3:f4:
4d:65:39:fb:de:3e:24:b9:80:ea:e4:2f:a8:f4:3c:
fb:dc:c1:ad:0b:be:d1:0b:42:d0:bf:88:ac:c7:c5:
24:4c:ee:ab:ea:a0:46:13:7b:1c:9f:a8:e3:bb:68:
ee:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A7:50:CC:06:ED:4E:05:E5:E0:66:0F:65:77:C7:AE:9C:67:A2:61
X509v3 Authority Key Identifier:
keyid:0E:83:1F:D7:0C:6B:D3:7A:2A:75:D7:A0:EA:C0:31:C9:2D:A8:E1:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoMf1wxr03oqddeg6sAxyS2o4YU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/GadQzAbtTgXl4GYPZXfHrpxnomE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/98a661-44f5-4a05-acaa-e67582f23097/1/DoMf1wxr03oqddeg6sAxyS2o4YU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.46.0/23
45.147.85.0-45.147.86.255
185.230.103.0/24
IPv6:
2a10:b580::/30
Signature Algorithm: sha256WithRSAEncryption
a6:4a:1c:b1:46:7d:3d:f8:01:95:ce:ae:b5:fc:99:fc:9a:5b:
59:77:01:b9:bd:07:33:3d:d7:42:d9:60:fd:73:86:b4:e0:dc:
87:d7:fc:f4:31:e1:4f:b0:c5:f7:75:ba:8c:3e:69:c6:24:e0:
89:b8:51:96:d9:0b:ca:d8:d0:ec:a4:23:97:98:b3:75:12:bb:
10:9f:72:44:33:96:48:47:56:8a:17:a5:fa:bb:df:6a:17:f5:
64:a5:e8:d2:10:2a:2c:98:82:e6:ba:44:5e:7f:fd:0a:ad:fd:
cc:11:e0:f1:f9:55:0b:80:13:18:02:0e:37:b3:0d:e9:95:11:
c4:e2:a8:e7:d3:74:52:d2:f4:3b:4c:89:f3:be:b7:0e:be:9c:
93:16:fe:7e:55:e0:ad:5f:31:27:33:c4:ae:c7:a2:2a:67:f5:
22:14:7d:17:dc:56:73:6f:c0:d8:1b:dc:7d:2a:a4:b8:71:e8:
00:e6:bb:ad:d0:06:39:51:25:8b:3d:4b:eb:e2:83:90:e5:87:
55:ad:47:3d:e1:93:50:18:80:3f:6a:d9:03:a3:89:2d:76:ea:
7f:ee:6a:2f:4c:8f:16:33:aa:f8:5d:1e:e8:2d:3f:16:72:20:
20:25:cb:90:a8:b8:85:3a:44:4d:2c:a4:04:78:29:21:a8:b3:
7f:11:59:98
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzKK2tXne+a0Q8B8bwSucKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODMxZmQ3MGM2YmQzN2EyYTc1ZDdhMGVhYzAzMWM5MmRh
OGUxODUwHhcNMjQwMTAyMTIzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE3NTBjYzA2ZWQ0ZTA1ZTVlMDY2MGY2NTc3YzdhZTljNjdhMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLd3Q8bpFCZZTECcTsgOVV7nvym9
QbYffPAD0mR3RJO1oMeQlZrqrKhE7H1E94IoVNSoPeLA89eDTWpyNwnI/57Wu725
U29z65pJXZV1jzam8PMNA2Ow8bDQRnGKVyQml3fuIW9ypUwLF3J7Iwtb14zdbhQp
wwm5vSDuTUnIJz6ajEZ9wq99PLdWAeaoa0JkvdH7jxrHxRuRRJsr1OlJmSL5BXsJ
lBcfYmwYsDsXbGg4sndbP6mhU8qZ0JVPYJiDX1eWWFrtU5xvrnuNKF+ww/RNZTn7
3j4kuYDq5C+o9Dz73MGtC77RC0LQv4isx8UkTO6r6qBGE3scn6jju2juewIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBmnUMwG7U4F5eBmD2V3x66cZ6JhMB8GA1UdIwQY
MBaAFA6DH9cMa9N6KnXXoOrAMcktqOGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEt
ZTY3NTgyZjIzMDk3LzEvR2FkUXpBYnRUZ1hsNEdZUFpYZkhycHhub21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85OGE2NjEtNDRmNS00YTA1LWFjYWEtZTY3NTgyZjIzMDk3
LzEvRG9NZjF3eHIwM29xZGRlZzZzQXh5UzJvNFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQBLYIuMAwD
BAAtk1UDBAAtk1YDBAC55mcwDQQCAAIwBwMFAioQtYAwDQYJKoZIhvcNAQELBQAD
ggEBAKZKHLFGfT34AZXOrrX8mfyaW1l3Abm9BzM910LZYP1zhrTg3IfX/PQx4U+w
xfd1uow+acYk4Im4UZbZC8rY0OykI5eYs3USuxCfckQzlkhHVooXpfq732oX9WSl
6NIQKiyYgua6RF5//Qqt/cwR4PH5VQuAExgCDjezDemVEcTiqOfTdFLS9DtMifO+
tw6+nJMW/n5V4K1fMSczxK7Hoipn9SIUfRfcVnNvwNgb3H0qpLhx6ADmu63QBjlR
JYs9S+vig5Dlh1WtRz3hk1AYgD9q2QOjiS126n/uai9MjxYzqvhdHugtPxZyICAl
y5CouIU6RE0spAR4KSGos38RWZg=
-----END CERTIFICATE-----
Generated at Fri May 3 03:36:32 2024 by rpki-client on console-ams.rpki-client.org