Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/GFyEFdXlPvL0ovUaaun7-46dEIU.roa
File: GFyEFdXlPvL0ovUaaun7-46dEIU.roa (raw, json)
Hash identifier: pjLZiQTvZMkb3G0IZBhwqnxQiiE9WebpkPDZ1OrxS9c=
Subject key identifier: 18:5C:84:15:D5:E5:3E:F2:F4:A2:F5:1A:6A:E9:FB:FB:8E:9D:10:85
Certificate issuer: /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Certificate serial: 01926B42CB2F491174C88A5B8B33DDD073E6
Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/GFyEFdXlPvL0ovUaaun7-46dEIU.roa
Signing time: Tue 08 Oct 2024 08:33:12 +0000
ROA not before: Tue 08 Oct 2024 08:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62095
IP address blocks: 31.169.73.0/24 maxlen: 24
185.11.248.0/24 maxlen: 24
185.11.249.0/24 maxlen: 24
185.11.250.0/24 maxlen: 24
185.11.251.0/24 maxlen: 24
2a02:ed40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6b:42:cb:2f:49:11:74:c8:8a:5b:8b:33:dd:d0:73:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9
Validity
Not Before: Oct 8 08:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=185c8415d5e53ef2f4a2f51a6ae9fbfb8e9d1085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bb:37:84:91:c0:73:3e:1b:0e:6b:36:2f:5b:
c0:26:7d:dc:c0:c4:e7:da:b1:40:ec:37:79:3f:c8:
fc:ce:5c:46:35:00:44:79:8f:93:d8:44:d3:68:52:
9c:07:82:10:81:7b:ef:36:11:23:41:4b:7d:77:be:
47:6a:4d:40:68:13:01:aa:bf:4c:86:52:aa:7d:41:
86:59:2d:3a:da:2b:c4:78:98:9b:58:66:2f:96:b6:
d5:8e:6c:d0:ed:d9:5d:45:45:46:f6:50:16:da:a1:
8d:3c:3c:c8:13:1a:10:38:b9:5e:c4:98:31:d8:d7:
ff:32:07:a2:93:6a:f7:1a:5e:64:9d:65:55:46:5e:
d2:44:62:00:f4:48:bf:03:a9:40:dd:84:82:41:3e:
16:0d:22:38:00:81:a0:ad:ed:fe:2f:ba:df:a4:31:
44:19:7a:8d:ae:b7:b2:47:55:c6:59:47:ca:f2:a0:
ca:57:e7:fe:8d:f4:c2:c1:18:c7:0e:36:7f:8f:ed:
93:61:6f:ad:6e:98:0d:fc:43:6a:e6:e3:41:59:68:
7a:60:e7:10:eb:03:d6:9b:55:14:36:f0:9c:cb:51:
89:87:21:fd:a7:43:93:fd:62:2d:1b:75:ba:82:5c:
01:d6:a8:b8:be:3e:5a:11:aa:81:00:7c:95:d7:e4:
23:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:5C:84:15:D5:E5:3E:F2:F4:A2:F5:1A:6A:E9:FB:FB:8E:9D:10:85
X509v3 Authority Key Identifier:
keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/GFyEFdXlPvL0ovUaaun7-46dEIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.73.0/24
185.11.248.0/22
IPv6:
2a02:ed40::/48
Signature Algorithm: sha256WithRSAEncryption
59:2b:d6:18:1b:2d:0e:70:6f:f9:06:22:3a:35:fd:ef:69:e7:
76:04:35:2e:4a:85:bf:8a:07:93:29:3f:c6:1d:35:c8:7b:d9:
6b:18:d1:80:82:6c:fe:5f:66:06:30:0a:6d:4c:40:16:96:6c:
8d:c8:93:c8:4b:af:00:db:07:01:5f:f6:7b:78:43:53:6c:e0:
c9:52:a5:2d:6f:a3:c5:d5:b2:4e:7e:32:be:66:65:41:ad:7a:
4c:44:16:54:d4:e6:9a:2f:fd:3e:ba:0f:58:54:df:76:b8:23:
c3:00:8a:c6:bc:15:71:b2:02:c7:48:f5:22:37:95:05:72:2b:
e3:bd:3e:27:8f:ed:6b:64:7c:7e:ba:41:11:36:56:b5:1c:a8:
c5:14:65:71:bc:1b:fd:91:e4:49:76:45:0e:42:49:76:4e:b2:
21:7a:22:23:5a:2d:0f:51:35:12:2a:b1:61:e1:64:a8:49:28:
cf:d6:57:f5:eb:72:a3:c4:18:e2:60:82:2c:92:91:7b:c7:e0:
fd:4a:8a:b5:9b:51:9f:9f:05:e1:4e:cf:62:47:e1:40:be:a4:
42:aa:a2:4f:8e:6a:12:0b:6b:b2:66:98:05:f8:7d:4e:fa:fe:
ca:d1:f7:d7:6e:99:9e:67:36:94:3d:93:f8:61:8e:9a:58:e9:
44:d7:21:d4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZJrQssvSRF0yIpbizPd0HPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl
MjRhZjkwHhcNMjQxMDA4MDgzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODVjODQxNWQ1ZTUzZWYyZjRhMmY1MWE2YWU5ZmJmYjhlOWQxMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7s3hJHAcz4bDms2L1vAJn3cwMTn
2rFA7Dd5P8j8zlxGNQBEeY+T2ETTaFKcB4IQgXvvNhEjQUt9d75Hak1AaBMBqr9M
hlKqfUGGWS062ivEeJibWGYvlrbVjmzQ7dldRUVG9lAW2qGNPDzIExoQOLlexJgx
2Nf/Mgeik2r3Gl5knWVVRl7SRGIA9Ei/A6lA3YSCQT4WDSI4AIGgre3+L7rfpDFE
GXqNrreyR1XGWUfK8qDKV+f+jfTCwRjHDjZ/j+2TYW+tbpgN/ENq5uNBWWh6YOcQ
6wPWm1UUNvCcy1GJhyH9p0OT/WItG3W6glwB1qi4vj5aEaqBAHyV1+QjGQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBhchBXV5T7y9KL1Gmrp+/uOnRCFMB8GA1UdIwQY
MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt
OTUzMWQyNGUwNjEwLzEvR0Z5RUZkWGxQdkwwb3ZVYWF1bjctNDZkRUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw
LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAH6lJAwQC
uQv4MA8EAgACMAkDBwAqAu1AAAAwDQYJKoZIhvcNAQELBQADggEBAFkr1hgbLQ5w
b/kGIjo1/e9p53YENS5Khb+KB5MpP8YdNch72WsY0YCCbP5fZgYwCm1MQBaWbI3I
k8hLrwDbBwFf9nt4Q1Ns4MlSpS1vo8XVsk5+Mr5mZUGtekxEFlTU5pov/T66D1hU
33a4I8MAisa8FXGyAsdI9SI3lQVyK+O9PieP7WtkfH66QRE2VrUcqMUUZXG8G/2R
5El2RQ5CSXZOsiF6IiNaLQ9RNRIqsWHhZKhJKM/WV/XrcqPEGOJggiySkXvH4P1K
irWbUZ+fBeFOz2JH4UC+pEKqok+OahILa7JmmAX4fU76/srR99dumZ5nNpQ9k/hh
jppY6UTXIdQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:12:41 2024 by rpki-client on console-ams.rpki-client.org