Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/gtLYwVAPNPe8yArWSoJ0z-AOZ3w.roa
File: gtLYwVAPNPe8yArWSoJ0z-AOZ3w.roa (raw, json)
Hash identifier: n7FSMVGluUYq1CQM0zBz4t//1Q18BTqOkasxj8KTl5k=
Subject key identifier: 82:D2:D8:C1:50:0F:34:F7:BC:C8:0A:D6:4A:82:74:CF:E0:0E:67:7C
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 018CC26D18F467B8D3598345715BB7E77EA4
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/gtLYwVAPNPe8yArWSoJ0z-AOZ3w.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 194.85.107.0/24 maxlen: 32
193.232.136.0/24 maxlen: 32
193.232.135.0/24 maxlen: 32
193.232.140.0/24 maxlen: 32
194.190.120.0/24 maxlen: 32
194.190.119.0/24 maxlen: 32
194.85.177.0/24 maxlen: 32
194.226.100.0/22 maxlen: 32
193.232.87.0/24 maxlen: 32
195.208.208.0/21 maxlen: 32
193.232.244.0/24 maxlen: 32
2001:7f8:20:201::/64 maxlen: 128
2001:7f8:20:401::/64 maxlen: 128
2001:7f8:20:1101::/64 maxlen: 128
2001:7f8:20:601::/64 maxlen: 128
2001:7f8:20:801::/64 maxlen: 128
2001:7f8:20:101::/64 maxlen: 128
2001:7f8:20:301::/64 maxlen: 128
2001:7f8:20:501::/64 maxlen: 128
2001:7f8:20:701::/64 maxlen: 128
2001:7f8:20:901::/64 maxlen: 128
2001:7f8:20:202::/64 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 07:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:18:f4:67:b8:d3:59:83:45:71:5b:b7:e7:7e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82d2d8c1500f34f7bcc80ad64a8274cfe00e677c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ef:01:89:8e:7b:b5:2d:94:16:f3:37:cd:52:
ee:9a:2c:6f:d7:ef:9f:fb:ff:41:5c:6b:4a:93:79:
52:b9:14:1b:51:e5:30:18:aa:5c:01:9d:1b:cb:0f:
33:ab:56:65:22:11:78:4e:4f:30:59:92:05:e4:00:
ab:bd:6c:50:25:20:69:08:b0:9a:f4:2c:fe:b3:86:
27:cd:16:a2:c6:ea:aa:2d:0f:9a:07:7e:99:76:e8:
d0:5f:18:ea:e1:69:0e:cf:c1:24:8f:33:36:42:06:
70:0a:2e:ed:40:81:68:d3:eb:4c:75:44:70:cb:0f:
c7:42:65:bf:82:04:05:a2:91:90:f2:e3:15:35:61:
42:e9:61:98:ce:29:af:c5:45:31:e0:e5:17:60:96:
6c:4d:23:03:ce:7f:aa:f4:e7:0c:09:fd:6c:ea:23:
00:4e:45:5d:fe:07:dc:f9:cc:cc:97:e5:c7:12:0c:
1b:43:ab:a2:18:5e:e1:c1:08:74:8b:30:4d:b1:9f:
91:9a:76:2c:e0:00:66:22:bf:45:45:a9:e5:19:72:
3f:5c:a2:af:05:d7:6d:7d:13:b3:dd:77:41:81:27:
0c:44:68:2c:42:e0:7b:20:66:b4:f8:a2:9f:23:65:
ac:06:1d:f8:85:12:4f:b7:c8:18:41:59:13:93:b3:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D2:D8:C1:50:0F:34:F7:BC:C8:0A:D6:4A:82:74:CF:E0:0E:67:7C
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/gtLYwVAPNPe8yArWSoJ0z-AOZ3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.87.0/24
193.232.135.0-193.232.136.255
193.232.140.0/24
193.232.244.0/24
194.85.107.0/24
194.85.177.0/24
194.190.119.0-194.190.120.255
194.226.100.0/22
195.208.208.0/21
IPv6:
2001:7f8:20:101::/64
2001:7f8:20:201::-2001:7f8:20:202:ffff:ffff:ffff:ffff
2001:7f8:20:301::/64
2001:7f8:20:401::/64
2001:7f8:20:501::/64
2001:7f8:20:601::/64
2001:7f8:20:701::/64
2001:7f8:20:801::/64
2001:7f8:20:901::/64
2001:7f8:20:1101::/64
Signature Algorithm: sha256WithRSAEncryption
56:a2:8e:35:be:5c:3e:35:10:e0:67:ab:f7:c4:8c:85:a1:fe:
c9:3d:9c:9b:4f:72:4f:85:fc:71:5a:87:09:87:ba:24:7a:91:
d8:23:14:bd:cc:a0:25:d8:e5:77:71:bd:c7:93:82:92:87:b5:
d8:ef:c5:0e:c7:18:c7:7e:84:9b:98:50:70:10:0d:63:7d:3a:
03:17:3d:8a:7a:18:c6:81:ea:f9:77:72:e3:e1:0d:e0:c3:14:
9e:15:ca:66:a2:c3:8c:04:46:eb:30:b4:78:75:db:8e:99:8a:
51:25:f2:e5:60:7f:44:30:34:ee:4b:c0:7b:21:eb:c5:18:87:
f6:3c:52:0d:5c:38:21:85:81:89:61:ab:1a:39:6a:7f:4e:d7:
49:cf:46:03:19:71:a1:b9:10:27:ef:ee:f6:e7:8c:8d:67:b4:
c8:de:6c:d8:52:02:cd:26:16:17:a8:ae:da:56:68:61:14:79:
94:c9:df:a8:db:a6:68:ec:e0:0b:b8:3c:b1:99:99:7c:d2:a7:
ac:71:39:05:1e:87:dc:f4:4e:a6:c2:6c:56:34:fa:6b:c8:5f:
51:a2:39:cd:f3:83:ad:a1:6f:b3:62:aa:28:94:78:84:13:36:
db:b5:6d:59:b3:8c:e8:02:4a:7e:bd:8b:5f:67:9f:05:6b:b3:
61:2f:35:62
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYzCbRj0Z7jTWYNFcVu3536kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQyZDhjMTUwMGYzNGY3YmNjODBhZDY0YTgyNzRjZmUwMGU2NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO8BiY57tS2UFvM3zVLumixv1++f
+/9BXGtKk3lSuRQbUeUwGKpcAZ0byw8zq1ZlIhF4Tk8wWZIF5ACrvWxQJSBpCLCa
9Cz+s4YnzRaixuqqLQ+aB36ZdujQXxjq4WkOz8EkjzM2QgZwCi7tQIFo0+tMdURw
yw/HQmW/ggQFopGQ8uMVNWFC6WGYzimvxUUx4OUXYJZsTSMDzn+q9OcMCf1s6iMA
TkVd/gfc+czMl+XHEgwbQ6uiGF7hwQh0izBNsZ+RmnYs4ABmIr9FRanlGXI/XKKv
BddtfROz3XdBgScMRGgsQuB7IGa0+KKfI2WsBh34hRJPt8gYQVkTk7M/kQIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFILS2MFQDzT3vMgK1kqCdM/gDmd8MB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvZ3RMWXdWQVBOUGU4eUFyV1NvSjB6LUFPWjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jBMBAIAATBGAwQAwehX
MAwDBADB6IcDBADB6IgDBADB6IwDBADB6PQDBADCVWsDBADCVbEwDAMEAMK+dwME
AMK+eAMEAsLiZAMEA8PQ0DCBgQQCAAIwewMJACABB/gAIAEBMBYDCQAgAQf4ACAC
AQMJACABB/gAIAICAwkAIAEH+AAgAwEDCQAgAQf4ACAEAQMJACABB/gAIAUBAwkA
IAEH+AAgBgEDCQAgAQf4ACAHAQMJACABB/gAIAgBAwkAIAEH+AAgCQEDCQAgAQf4
ACARATANBgkqhkiG9w0BAQsFAAOCAQEAVqKONb5cPjUQ4Ger98SMhaH+yT2cm09y
T4X8cVqHCYe6JHqR2CMUvcygJdjld3G9x5OCkoe12O/FDscYx36Em5hQcBANY306
Axc9inoYxoHq+Xdy4+EN4MMUnhXKZqLDjARG6zC0eHXbjpmKUSXy5WB/RDA07kvA
eyHrxRiH9jxSDVw4IYWBiWGrGjlqf07XSc9GAxlxobkQJ+/u9ueMjWe0yN5s2FIC
zSYWF6iu2lZoYRR5lMnfqNumaOzgC7g8sZmZfNKnrHE5BR6H3PROpsJsVjT6a8hf
UaI5zfODraFvs2KqKJR4hBM227VtWbOM6AJKfr2LX2efBWuzYS81Yg==
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:46:29 2024 by rpki-client on console-ams.rpki-client.org