Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/gjXeT_CX85V1SmXg2yVdfWdVwpo.roa
File: gjXeT_CX85V1SmXg2yVdfWdVwpo.roa (raw, json)
Hash identifier: d64L+GdUi1AUohMh1W/XSeAAsIEaAyrIG0zzPdnZNHw=
Subject key identifier: 82:35:DE:4F:F0:97:F3:95:75:4A:65:E0:DB:25:5D:7D:67:55:C2:9A
Certificate issuer: /CN=0407d6c248444f6b5c378db0ffec0f899256eba3
Certificate serial: 018CF87B52487E031BE46D1746451E47CA0E
Authority key identifier: 04:07:D6:C2:48:44:4F:6B:5C:37:8D:B0:FF:EC:0F:89:92:56:EB:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BAfWwkhET2tcN42w_-wPiZJW66M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/gjXeT_CX85V1SmXg2yVdfWdVwpo.roa
Signing time: Thu 11 Jan 2024 12:24:40 +0000
ROA not before: Thu 11 Jan 2024 12:24:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199088
IP address blocks: 185.207.226.0/24 maxlen: 24
94.231.36.0/23 maxlen: 23
91.197.5.0/24 maxlen: 24
91.197.6.0/24 maxlen: 24
2a13:45c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/BAfWwkhET2tcN42w_-wPiZJW66M.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/BAfWwkhET2tcN42w_-wPiZJW66M.mft
rsync://rpki.ripe.net/repository/DEFAULT/BAfWwkhET2tcN42w_-wPiZJW66M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 22:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:7b:52:48:7e:03:1b:e4:6d:17:46:45:1e:47:ca:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0407d6c248444f6b5c378db0ffec0f899256eba3
Validity
Not Before: Jan 11 12:24:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8235de4ff097f395754a65e0db255d7d6755c29a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bb:1c:3f:97:35:1e:e0:9f:18:4e:68:72:d6:
b3:4e:09:10:fd:9e:22:dd:88:be:e7:5b:b8:33:f7:
b1:11:0b:e6:23:08:28:54:36:81:1a:24:66:72:46:
c0:21:e6:3f:81:50:2e:57:30:44:84:b5:d9:9b:86:
d8:7b:ac:84:12:d2:8d:00:ba:d4:96:f9:19:0c:57:
f1:fd:b0:8a:33:59:7e:34:e6:fd:4b:96:e1:f4:3f:
69:c1:28:a5:0b:9f:c4:f9:2b:99:6f:8a:45:e8:be:
4b:ec:40:48:62:17:c9:09:8b:8e:52:b9:4c:cd:49:
c0:bc:ca:46:ea:32:48:f1:0b:78:f2:aa:0d:ba:6d:
0a:b5:a0:9e:ac:b2:06:bd:f0:aa:d4:53:80:59:a2:
81:82:ad:09:43:08:19:d8:b8:fc:f5:8b:e5:e6:83:
73:30:47:15:4f:c3:e1:3f:15:e1:47:91:ef:8d:35:
27:6b:de:c7:a1:d5:f2:da:de:4b:a1:f2:03:39:62:
ba:b8:8c:bf:c2:d2:e0:d1:19:d8:de:7c:cd:9a:41:
39:dc:ad:10:46:78:12:c1:42:d7:50:48:7a:80:b9:
30:3f:5d:1f:61:dc:21:fe:a9:0d:ad:58:8a:5e:01:
44:d0:df:47:b6:c3:48:34:17:07:fc:c3:c5:50:48:
87:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:35:DE:4F:F0:97:F3:95:75:4A:65:E0:DB:25:5D:7D:67:55:C2:9A
X509v3 Authority Key Identifier:
keyid:04:07:D6:C2:48:44:4F:6B:5C:37:8D:B0:FF:EC:0F:89:92:56:EB:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BAfWwkhET2tcN42w_-wPiZJW66M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/gjXeT_CX85V1SmXg2yVdfWdVwpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/5f9e1f-0971-4446-a611-fad19bdc792b/1/BAfWwkhET2tcN42w_-wPiZJW66M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.5.0-91.197.6.255
94.231.36.0/23
185.207.226.0/24
IPv6:
2a13:45c0::/29
Signature Algorithm: sha256WithRSAEncryption
c8:2f:c3:13:0e:44:01:73:9a:dc:e7:9a:68:85:4f:ef:38:8f:
d9:21:59:34:7c:f0:dd:9b:87:1d:97:d3:47:31:4b:88:c2:3e:
f7:50:58:1d:3e:84:78:02:de:cf:0d:aa:97:31:2e:91:1b:56:
6f:db:1b:8c:91:21:20:59:e0:65:05:c4:fa:c0:72:9b:ee:5f:
09:33:5c:66:18:8b:87:be:ac:c3:63:41:c2:87:ff:49:f7:bc:
70:21:ec:38:fb:6b:11:50:20:54:e9:cd:38:25:0d:78:b1:49:
2f:87:12:cf:ae:6e:0d:1a:2b:de:87:9e:91:86:e9:08:bf:c3:
36:63:73:6e:63:7f:13:aa:a4:02:a1:e6:ec:df:83:60:6e:25:
ec:66:b3:69:4a:f0:94:72:43:ec:27:7e:b8:8e:d8:db:f8:de:
15:e5:90:bb:5d:13:44:45:76:34:78:67:59:c0:47:82:da:48:
94:11:9f:3a:31:44:d7:c0:c0:6b:94:02:63:78:55:bc:8e:ad:
dd:33:03:11:2f:78:c4:26:fc:78:0e:3b:68:d3:12:1f:2f:9e:
36:c5:b3:52:bf:5d:2e:98:43:b0:08:e1:4a:26:0e:9a:02:2d:
11:32:ba:1b:f4:b3:f6:d8:d9:d8:4a:1b:99:03:ef:11:b7:93:
d7:bf:74:07
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYz4e1JIfgMb5G0XRkUeR8oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MDdkNmMyNDg0NDRmNmI1YzM3OGRiMGZmZWMwZjg5OTI1
NmViYTMwHhcNMjQwMTExMTIyNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjM1ZGU0ZmYwOTdmMzk1NzU0YTY1ZTBkYjI1NWQ3ZDY3NTVjMjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLscP5c1HuCfGE5octazTgkQ/Z4i
3Yi+51u4M/exEQvmIwgoVDaBGiRmckbAIeY/gVAuVzBEhLXZm4bYe6yEEtKNALrU
lvkZDFfx/bCKM1l+NOb9S5bh9D9pwSilC5/E+SuZb4pF6L5L7EBIYhfJCYuOUrlM
zUnAvMpG6jJI8Qt48qoNum0KtaCerLIGvfCq1FOAWaKBgq0JQwgZ2Lj89Yvl5oNz
MEcVT8PhPxXhR5HvjTUna97HodXy2t5LofIDOWK6uIy/wtLg0RnY3nzNmkE53K0Q
RngSwULXUEh6gLkwP10fYdwh/qkNrViKXgFE0N9HtsNINBcH/MPFUEiHiwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFII13k/wl/OVdUpl4NslXX1nVcKaMB8GA1UdIwQY
MBaAFAQH1sJIRE9rXDeNsP/sD4mSVuujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkFmV3draEVUMnRjTjQyd18td1BpWkpXNjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81ZjllMWYtMDk3MS00NDQ2LWE2MTEt
ZmFkMTliZGM3OTJiLzEvZ2pYZVRfQ1g4NVYxU21YZzJ5VmRmV2RWd3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81ZjllMWYtMDk3MS00NDQ2LWE2MTEtZmFkMTliZGM3OTJi
LzEvQkFmV3draEVUMnRjTjQyd18td1BpWkpXNjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBABbxQUD
BABbxQYDBAFe5yQDBAC5z+IwDQQCAAIwBwMFAyoTRcAwDQYJKoZIhvcNAQELBQAD
ggEBAMgvwxMORAFzmtznmmiFT+84j9khWTR88N2bhx2X00cxS4jCPvdQWB0+hHgC
3s8NqpcxLpEbVm/bG4yRISBZ4GUFxPrAcpvuXwkzXGYYi4e+rMNjQcKH/0n3vHAh
7Dj7axFQIFTpzTglDXixSS+HEs+ubg0aK96HnpGG6Qi/wzZjc25jfxOqpAKh5uzf
g2BuJexms2lK8JRyQ+wnfriO2Nv43hXlkLtdE0RFdjR4Z1nAR4LaSJQRnzoxRNfA
wGuUAmN4VbyOrd0zAxEveMQm/HgOO2jTEh8vnjbFs1K/XS6YQ7AI4UomDpoCLREy
uhv0s/bY2dhKG5kD7xG3k9e/dAc=
-----END CERTIFICATE-----
Generated at Fri May 17 06:46:10 2024 by rpki-client on console-fra.rpki-client.org