Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/ea5d84-20b7-4108-9b62-3b773e5ee663/1/gtcBgs8TIevnKIeX84lGPCxlu5o.roa
File: gtcBgs8TIevnKIeX84lGPCxlu5o.roa (raw, json)
Hash identifier: pIpGwk/rwXLY7j8re7yyXW9Y9P+3KRoua1Mq3B5RjWU=
Subject key identifier: 82:D7:01:82:CF:13:21:EB:E7:28:87:97:F3:89:46:3C:2C:65:BB:9A
Certificate issuer: /CN=ee0abba552f46b94edf22394feec1d0459f20140
Certificate serial: 018EF5D5FE5F34C5F2DE67A71DF571122497
Authority key identifier: EE:0A:BB:A5:52:F4:6B:94:ED:F2:23:94:FE:EC:1D:04:59:F2:01:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gq7pVL0a5Tt8iOU_uwdBFnyAUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/ea5d84-20b7-4108-9b62-3b773e5ee663/1/gtcBgs8TIevnKIeX84lGPCxlu5o.roa
Signing time: Fri 19 Apr 2024 10:10:25 +0000
ROA not before: Fri 19 Apr 2024 10:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44526
IP address blocks: 195.216.206.0/23 maxlen: 23
195.216.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/ea5d84-20b7-4108-9b62-3b773e5ee663/1/7gq7pVL0a5Tt8iOU_uwdBFnyAUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/ea5d84-20b7-4108-9b62-3b773e5ee663/1/7gq7pVL0a5Tt8iOU_uwdBFnyAUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7gq7pVL0a5Tt8iOU_uwdBFnyAUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:d5:fe:5f:34:c5:f2:de:67:a7:1d:f5:71:12:24:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0abba552f46b94edf22394feec1d0459f20140
Validity
Not Before: Apr 19 10:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82d70182cf1321ebe7288797f389463c2c65bb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ae:8d:96:21:db:58:b0:75:d1:38:61:6d:e9:
d5:e0:61:31:9e:84:13:22:5c:90:53:4e:37:0a:7f:
73:24:b1:f4:39:b4:65:21:d6:f4:42:90:ea:d1:0a:
7a:76:57:d5:96:28:a0:68:b9:bd:f0:51:2d:1c:62:
31:57:8c:83:a3:b8:01:00:14:0f:37:04:70:4f:ea:
5b:37:39:3b:a7:44:1e:5d:5a:3d:99:61:94:ba:a1:
fd:56:29:19:e8:3e:cb:24:c2:52:da:37:87:3b:b1:
c3:54:5d:95:79:f7:34:bf:91:02:06:4d:01:d1:3f:
be:c6:5f:be:98:40:a3:93:6d:21:e5:93:73:60:05:
75:08:ac:a8:cb:9b:92:37:71:70:9e:3b:19:48:af:
e3:91:94:9a:26:cd:32:7f:cf:d3:c7:8b:16:dd:ec:
d7:67:04:3e:1f:6a:d6:01:77:5c:2d:ea:a8:a5:56:
4e:ab:51:ca:18:c7:cf:01:4d:e2:a6:d3:90:c1:36:
c3:6b:65:5b:5a:33:14:2e:d1:42:1e:65:8c:90:a5:
63:92:e1:4b:49:84:af:44:1f:19:71:17:6b:2e:73:
c1:1a:70:aa:91:6f:68:f5:24:0c:41:1a:13:9b:7b:
04:09:cb:fd:30:c6:36:6d:38:7c:32:fa:33:03:f4:
b5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D7:01:82:CF:13:21:EB:E7:28:87:97:F3:89:46:3C:2C:65:BB:9A
X509v3 Authority Key Identifier:
keyid:EE:0A:BB:A5:52:F4:6B:94:ED:F2:23:94:FE:EC:1D:04:59:F2:01:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gq7pVL0a5Tt8iOU_uwdBFnyAUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ea5d84-20b7-4108-9b62-3b773e5ee663/1/gtcBgs8TIevnKIeX84lGPCxlu5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ea5d84-20b7-4108-9b62-3b773e5ee663/1/7gq7pVL0a5Tt8iOU_uwdBFnyAUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.206.0/23
Signature Algorithm: sha256WithRSAEncryption
09:6e:a2:06:98:0b:a4:1e:ba:0f:99:c3:11:86:00:58:c2:23:
dc:8a:a2:3e:7b:0e:a6:52:65:5d:27:d2:ab:fd:eb:37:bd:c6:
06:35:3a:2c:9e:7f:06:a9:66:51:0e:54:d5:7a:f6:fa:20:e1:
04:51:27:7e:81:6e:6d:ab:d0:ed:9b:fc:73:1b:d6:e1:71:07:
3b:e7:05:a9:00:f9:0e:66:25:64:c3:85:20:78:48:b3:47:5e:
23:ad:bf:c5:4e:44:6c:18:52:8a:6d:f6:89:51:7f:d7:1c:9b:
79:95:4f:ec:ad:a8:10:08:f5:f5:74:0e:4b:24:c2:5d:97:39:
e4:54:03:ec:8a:c5:df:b3:c6:8d:d4:c4:54:a5:17:c6:4e:a8:
bc:71:a8:bf:e4:f7:c8:22:43:29:7a:79:01:d2:7a:55:b6:ad:
30:b7:d4:bc:f5:5c:bc:35:ee:a5:e1:36:df:8b:ef:c4:66:0b:
94:0b:46:da:7b:fd:a3:c5:be:81:53:2e:ae:16:b7:c7:b2:05:
cc:69:63:9f:91:f1:59:8a:11:1a:ab:02:f8:6e:72:05:39:64:
38:ec:b3:80:d2:6d:3d:31:17:f2:84:0c:c9:88:3c:48:2f:74:
2a:d8:2a:64:4c:3c:00:23:7f:c4:6f:e0:8e:f5:84:2b:b6:04:
29:d0:de:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY711f5fNMXy3menHfVxEiSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMGFiYmE1NTJmNDZiOTRlZGYyMjM5NGZlZWMxZDA0NTlm
MjAxNDAwHhcNMjQwNDE5MTAxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQ3MDE4MmNmMTMyMWViZTcyODg3OTdmMzg5NDYzYzJjNjViYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu66NliHbWLB10ThhbenV4GExnoQT
IlyQU043Cn9zJLH0ObRlIdb0QpDq0Qp6dlfVliigaLm98FEtHGIxV4yDo7gBABQP
NwRwT+pbNzk7p0QeXVo9mWGUuqH9VikZ6D7LJMJS2jeHO7HDVF2Vefc0v5ECBk0B
0T++xl++mECjk20h5ZNzYAV1CKyoy5uSN3FwnjsZSK/jkZSaJs0yf8/Tx4sW3ezX
ZwQ+H2rWAXdcLeqopVZOq1HKGMfPAU3iptOQwTbDa2VbWjMULtFCHmWMkKVjkuFL
SYSvRB8ZcRdrLnPBGnCqkW9o9SQMQRoTm3sECcv9MMY2bTh8MvozA/S1hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILXAYLPEyHr5yiHl/OJRjwsZbuaMB8GA1UdIwQY
MBaAFO4Ku6VS9GuU7fIjlP7sHQRZ8gFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dxN3BWTDBhNVR0OGlPVV91d2RCRm55QVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9lYTVkODQtMjBiNy00MTA4LTliNjIt
M2I3NzNlNWVlNjYzLzEvZ3RjQmdzOFRJZXZuS0llWDg0bEdQQ3hsdTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9lYTVkODQtMjBiNy00MTA4LTliNjItM2I3NzNlNWVlNjYz
LzEvN2dxN3BWTDBhNVR0OGlPVV91d2RCRm55QVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw9jOMA0G
CSqGSIb3DQEBCwUAA4IBAQAJbqIGmAukHroPmcMRhgBYwiPciqI+ew6mUmVdJ9Kr
/es3vcYGNTosnn8GqWZRDlTVevb6IOEEUSd+gW5tq9Dtm/xzG9bhcQc75wWpAPkO
ZiVkw4UgeEizR14jrb/FTkRsGFKKbfaJUX/XHJt5lU/sragQCPX1dA5LJMJdlznk
VAPsisXfs8aN1MRUpRfGTqi8cai/5PfIIkMpenkB0npVtq0wt9S89Vy8Ne6l4Tbf
i+/EZguUC0bae/2jxb6BUy6uFrfHsgXMaWOfkfFZihEaqwL4bnIFOWQ47LOA0m09
MRfyhAzJiDxIL3Qq2CpkTDwAI3/Eb+CO9YQrtgQp0N7x
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:20:42 2024 by rpki-client on console-fra.rpki-client.org