Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/gxLencVjTaSaBnbTcIbFvuHarZ0.roa
File: gxLencVjTaSaBnbTcIbFvuHarZ0.roa (raw, json)
Hash identifier: 5NjdQb5GklnJxT8Yxe4eE/zquIRU/YGIygsi1jDP2aw=
Subject key identifier: 83:12:DE:9D:C5:63:4D:A4:9A:06:76:D3:70:86:C5:BE:E1:DA:AD:9D
Certificate issuer: /CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Certificate serial: 018CC5DBF49D1F12087A027657FA92D72E50
Authority key identifier: 2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/gxLencVjTaSaBnbTcIbFvuHarZ0.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60163
IP address blocks: 185.54.30.0/24 maxlen: 24
185.54.28.0/24 maxlen: 24
185.54.31.0/24 maxlen: 24
185.54.29.0/24 maxlen: 24
2a02:4261::/32 maxlen: 32
2a02:4263::/32 maxlen: 32
2a02:4260::/32 maxlen: 32
2a02:4264::/30 maxlen: 30
2a02:4262::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/K5rePBkSeLKqitdnQu673v5yheY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/K5rePBkSeLKqitdnQu673v5yheY.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f4:9d:1f:12:08:7a:02:76:57:fa:92:d7:2e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9ade3c191278b2aa8ad76742eebbdefe7285e6
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8312de9dc5634da49a0676d37086c5bee1daad9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d1:74:92:52:b4:3c:2e:fb:9b:2e:ba:49:a2:
18:eb:91:43:89:3d:46:81:96:c1:9f:02:ed:cd:04:
4a:b1:f6:f8:f3:79:e4:4e:aa:61:4b:0e:be:c9:17:
38:07:17:cc:39:be:5e:ef:81:13:c3:25:f5:02:d9:
2b:42:8e:a7:1f:dd:9c:ad:3a:0f:3e:14:35:63:89:
d4:1b:3e:c6:18:03:d7:ca:aa:6d:8f:b9:da:e5:e2:
f9:b3:5a:4a:1e:0f:f2:d7:71:f0:f1:4f:23:62:de:
69:75:69:ee:f7:b8:a9:2d:cc:d2:a2:74:7d:06:24:
db:e2:70:25:75:8c:5a:20:98:ce:ed:e2:6d:fc:2d:
2c:0d:3c:99:0a:df:d6:a3:76:30:8a:10:0b:fc:65:
dd:aa:60:53:6e:0c:ed:a0:66:a4:89:ef:d0:c7:0a:
51:8e:21:b2:7e:03:d7:c7:77:4e:2b:5b:77:d4:f0:
fd:d0:ec:8d:65:54:1b:3e:e3:74:94:55:ea:65:3e:
41:b7:e2:71:02:d4:b1:02:a6:4e:73:a5:28:c6:da:
52:32:e5:03:ff:de:04:45:75:14:1f:a7:14:bf:5a:
23:2a:d9:8e:91:62:a8:8b:46:60:9f:79:75:10:09:
54:c1:af:cb:76:eb:61:15:2f:a2:d1:47:c1:de:f2:
11:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:12:DE:9D:C5:63:4D:A4:9A:06:76:D3:70:86:C5:BE:E1:DA:AD:9D
X509v3 Authority Key Identifier:
keyid:2B:9A:DE:3C:19:12:78:B2:AA:8A:D7:67:42:EE:BB:DE:FE:72:85:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5rePBkSeLKqitdnQu673v5yheY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/gxLencVjTaSaBnbTcIbFvuHarZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0e42e8-746c-4a3a-8d63-cc053f6a1ee6/1/K5rePBkSeLKqitdnQu673v5yheY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.28.0/22
IPv6:
2a02:4260::/29
Signature Algorithm: sha256WithRSAEncryption
16:3d:70:06:3d:37:51:f2:ac:31:2f:bd:b9:95:5c:42:36:20:
e0:8a:51:94:8b:98:8e:a0:21:33:62:5e:36:15:97:c1:04:a2:
46:72:09:cd:38:d7:71:ff:62:05:b7:32:70:57:3c:e9:0c:ff:
46:5f:f0:7c:9e:61:de:d7:4f:2d:22:ae:82:03:6b:38:91:66:
80:ba:a1:3c:80:46:4c:da:68:fb:d5:3d:c5:e1:be:46:67:2e:
74:bd:95:b3:b8:38:f1:06:c9:f2:37:15:95:d5:87:09:44:05:
4f:d0:e0:c2:d9:62:15:ca:08:17:e7:fc:d5:ff:40:70:b0:07:
da:f0:91:2d:aa:ef:55:2d:d4:31:8d:c4:b8:02:75:ef:19:c3:
00:22:b7:a3:e5:25:01:1f:0d:3d:c5:34:02:8c:f6:a3:f7:d7:
d1:8c:b1:02:5b:2a:e4:75:a3:58:9b:e2:da:b2:4c:9d:b2:94:
0f:c3:9c:af:3c:53:f6:84:19:d4:59:f3:56:96:37:a2:07:bb:
21:cc:2b:b8:76:f6:2d:db:05:84:2b:69:1a:e2:c4:75:b7:ea:
a0:ff:6b:73:42:08:82:09:67:7a:84:7e:57:81:b7:65:d8:ff:
43:5d:25:d5:a1:95:2a:f6:9f:7e:cd:21:bd:d7:9e:08:af:8e:
8d:ef:c3:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF2/SdHxIIegJ2V/qS1y5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWFkZTNjMTkxMjc4YjJhYThhZDc2NzQyZWViYmRlZmU3
Mjg1ZTYwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzEyZGU5ZGM1NjM0ZGE0OWEwNjc2ZDM3MDg2YzViZWUxZGFhZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9F0klK0PC77my66SaIY65FDiT1G
gZbBnwLtzQRKsfb483nkTqphSw6+yRc4BxfMOb5e74ETwyX1AtkrQo6nH92crToP
PhQ1Y4nUGz7GGAPXyqptj7na5eL5s1pKHg/y13Hw8U8jYt5pdWnu97ipLczSonR9
BiTb4nAldYxaIJjO7eJt/C0sDTyZCt/Wo3YwihAL/GXdqmBTbgztoGakie/QxwpR
jiGyfgPXx3dOK1t31PD90OyNZVQbPuN0lFXqZT5Bt+JxAtSxAqZOc6UoxtpSMuUD
/94ERXUUH6cUv1ojKtmOkWKoi0Zgn3l1EAlUwa/LduthFS+i0UfB3vIRewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIMS3p3FY02kmgZ203CGxb7h2q2dMB8GA1UdIwQY
MBaAFCua3jwZEniyqorXZ0Luu97+coXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVyZVBCa1NlTEtxaXRkblF1NjczdjV5aGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8wZTQyZTgtNzQ2Yy00YTNhLThkNjMt
Y2MwNTNmNmExZWU2LzEvZ3hMZW5jVmpUYVNhQm5iVGNJYkZ2dUhhclowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8wZTQyZTgtNzQ2Yy00YTNhLThkNjMtY2MwNTNmNmExZWU2
LzEvSzVyZVBCa1NlTEtxaXRkblF1NjczdjV5aGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTYcMA0E
AgACMAcDBQMqAkJgMA0GCSqGSIb3DQEBCwUAA4IBAQAWPXAGPTdR8qwxL725lVxC
NiDgilGUi5iOoCEzYl42FZfBBKJGcgnNONdx/2IFtzJwVzzpDP9GX/B8nmHe108t
Iq6CA2s4kWaAuqE8gEZM2mj71T3F4b5GZy50vZWzuDjxBsnyNxWV1YcJRAVP0ODC
2WIVyggX5/zV/0BwsAfa8JEtqu9VLdQxjcS4AnXvGcMAIrej5SUBHw09xTQCjPaj
99fRjLECWyrkdaNYm+LaskydspQPw5yvPFP2hBnUWfNWljeiB7shzCu4dvYt2wWE
K2ka4sR1t+qg/2tzQgiCCWd6hH5Xgbdl2P9DXSXVoZUq9p9+zSG9154Ir46N78O4
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:16 2024 by rpki-client on console-fra.rpki-client.org