Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/grbQplUCB7ZM2GYHkmxlRFdQnJw.roa
File: grbQplUCB7ZM2GYHkmxlRFdQnJw.roa (raw, json)
Hash identifier: g2uvb+HCbbwSpTG0h/8B8b8REf2HmmTDgswYLjRSsf0=
Subject key identifier: 82:B6:D0:A6:55:02:07:B6:4C:D8:66:07:92:6C:65:44:57:50:9C:9C
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCFC39F4AD5826D7F59599647E91D
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/grbQplUCB7ZM2GYHkmxlRFdQnJw.roa
Signing time: Tue 02 Jan 2024 10:32:58 +0000
ROA not before: Tue 02 Jan 2024 10:32:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44277
IP address blocks: 195.228.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cf:c3:9f:4a:d5:82:6d:7f:59:59:96:47:e9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82b6d0a6550207b64cd86607926c654457509c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ed:85:51:42:7c:55:22:c5:fd:0d:02:81:98:
f2:01:d9:2a:2f:72:95:ca:fb:66:c8:a0:71:48:d7:
e7:69:6d:92:cc:a7:75:33:90:39:c9:a1:73:ba:fd:
33:a1:5d:de:83:c6:5c:ae:d1:f4:b9:9b:c6:a7:06:
b2:59:96:74:d7:a0:02:d6:24:2b:6e:3b:74:8b:b3:
a8:9e:cc:5d:9e:e0:43:cd:9b:72:17:85:5a:79:94:
15:57:b2:3e:10:e1:e9:db:59:9b:51:0d:f0:32:04:
8c:89:f3:4e:ba:9c:15:de:2e:91:a4:8d:b9:99:e6:
01:1b:e0:cb:c7:d8:57:1d:5e:03:78:99:71:7b:2a:
b2:01:ec:8c:08:da:b8:5b:f1:e4:f7:f2:29:25:68:
e8:6e:87:49:b3:02:3c:db:1c:cf:6a:8f:62:0e:c6:
d8:34:26:71:0c:c3:e1:02:6c:ad:b7:c2:9d:63:74:
c7:3e:37:9c:0c:f1:8d:f1:6b:a9:a8:e9:81:17:ab:
6a:00:0e:52:36:d0:21:8c:78:fa:13:16:95:2e:e2:
dc:4c:da:a3:93:da:e7:ca:c0:86:b6:b4:78:9a:43:
3e:f6:0b:60:bf:2c:e0:54:60:9c:be:80:0e:f6:dc:
8e:27:26:54:a3:9c:f8:97:62:a1:8f:11:89:63:8e:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B6:D0:A6:55:02:07:B6:4C:D8:66:07:92:6C:65:44:57:50:9C:9C
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/grbQplUCB7ZM2GYHkmxlRFdQnJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.228.59.0/24
Signature Algorithm: sha256WithRSAEncryption
28:42:bc:7e:86:e9:9c:00:14:df:41:89:f3:0a:93:bc:dd:c9:
b0:34:b5:8c:69:c9:1c:72:5b:88:3c:95:29:70:b0:bc:17:2e:
eb:ab:9e:ea:88:c3:cd:74:62:5b:ad:f7:15:b4:50:0d:94:3d:
4d:df:7c:02:63:f8:6b:79:da:a6:e2:92:4b:96:4a:95:74:d7:
4d:dd:48:80:8a:81:53:4e:a0:db:4a:17:47:3f:72:29:96:12:
d2:6a:d9:07:73:20:1c:22:b2:a9:85:6c:de:d9:3a:c6:06:c2:
9f:da:5a:98:96:bf:07:40:ce:8d:81:66:ea:4e:a8:65:cb:92:
6c:7c:b1:f4:ac:ac:60:da:c3:ec:15:06:e2:d4:4c:6b:97:20:
81:bd:97:90:e0:94:e4:81:56:9d:c6:4a:b2:99:de:eb:11:5b:
42:43:1a:6d:70:09:b7:7d:0e:4e:2c:43:af:17:36:31:02:96:
09:be:20:b7:70:f7:0d:5b:1d:1e:62:f4:73:2e:88:d8:b7:88:
26:58:49:82:3f:37:dc:8b:53:7c:5a:e1:7c:aa:6d:36:3a:65:
18:91:cb:37:18:8d:2b:33:38:3e:96:8f:91:09:c9:1f:60:a3:
1d:11:59:3c:10:14:d4:1d:65:1a:8d:7d:01:fd:c7:ea:e2:53:
4b:f7:85:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu8/Dn0rVgm1/WVmWR+kdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI2ZDBhNjU1MDIwN2I2NGNkODY2MDc5MjZjNjU0NDU3NTA5YzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO2FUUJ8VSLF/Q0CgZjyAdkqL3KV
yvtmyKBxSNfnaW2SzKd1M5A5yaFzuv0zoV3eg8ZcrtH0uZvGpwayWZZ016AC1iQr
bjt0i7OonsxdnuBDzZtyF4VaeZQVV7I+EOHp21mbUQ3wMgSMifNOupwV3i6RpI25
meYBG+DLx9hXHV4DeJlxeyqyAeyMCNq4W/Hk9/IpJWjobodJswI82xzPao9iDsbY
NCZxDMPhAmytt8KdY3THPjecDPGN8WupqOmBF6tqAA5SNtAhjHj6ExaVLuLcTNqj
k9rnysCGtrR4mkM+9gtgvyzgVGCcvoAO9tyOJyZUo5z4l2KhjxGJY44HEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIK20KZVAge2TNhmB5JsZURXUJycMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvZ3JiUXBsVUNCN1pNMkdZSGtteGxSRmRRbkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+Q7MA0G
CSqGSIb3DQEBCwUAA4IBAQAoQrx+humcABTfQYnzCpO83cmwNLWMackccluIPJUp
cLC8Fy7rq57qiMPNdGJbrfcVtFANlD1N33wCY/hredqm4pJLlkqVdNdN3UiAioFT
TqDbShdHP3IplhLSatkHcyAcIrKphWze2TrGBsKf2lqYlr8HQM6NgWbqTqhly5Js
fLH0rKxg2sPsFQbi1ExrlyCBvZeQ4JTkgVadxkqymd7rEVtCQxptcAm3fQ5OLEOv
FzYxApYJviC3cPcNWx0eYvRzLojYt4gmWEmCPzfci1N8WuF8qm02OmUYkcs3GI0r
Mzg+lo+RCckfYKMdEVk8EBTUHWUajX0B/cfq4lNL94X6
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:27 2024 by rpki-client on console-fra.rpki-client.org