Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/gvIKzzI3bwPERJtQe-QqUNiLRlo.roa
File: gvIKzzI3bwPERJtQe-QqUNiLRlo.roa (raw, json)
Hash identifier: 5lxo9uPLb7BD86aeakgfPVc/QTT8eSb62q07S9VDg9I=
Subject key identifier: 82:F2:0A:CF:32:37:6F:03:C4:44:9B:50:7B:E4:2A:50:D8:8B:46:5A
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018D65CBDF362793DCF4EF4E9F04B131DA2D
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/gvIKzzI3bwPERJtQe-QqUNiLRlo.roa
Signing time: Thu 01 Feb 2024 17:51:16 +0000
ROA not before: Thu 01 Feb 2024 17:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199552
IP address blocks: 5.157.240.0/21 maxlen: 21
37.35.55.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
146.66.219.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
188.119.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:cb:df:36:27:93:dc:f4:ef:4e:9f:04:b1:31:da:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Feb 1 17:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82f20acf32376f03c4449b507be42a50d88b465a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ae:80:ed:1b:59:88:41:5a:89:a0:21:f3:3a:
a7:b7:e6:af:57:9e:94:e7:a8:0e:59:e7:42:f4:e1:
50:a3:ab:92:57:9e:d9:44:e1:8e:8b:b1:b5:f2:28:
e6:d4:53:f1:d6:c5:27:29:c2:df:5a:08:8c:14:2f:
0d:57:11:56:37:57:2e:45:93:6d:80:de:70:29:88:
95:f3:95:bd:11:e4:de:46:5b:73:e3:ef:c6:1a:96:
88:dd:71:ae:15:a3:aa:3c:30:80:2c:ed:67:81:21:
21:b6:22:07:52:e5:ac:48:0e:0a:6a:8f:11:8b:af:
68:55:30:9c:41:af:5a:1d:4d:11:3f:57:a2:50:5e:
7c:b8:32:d1:73:be:42:a0:7b:eb:7a:2b:c8:07:36:
33:99:70:74:3c:8a:a4:1d:8a:49:2b:0f:02:9d:ee:
40:f1:af:1d:f6:79:4c:e1:25:f2:47:8b:9f:7d:73:
93:47:7d:cd:cb:33:5d:ed:41:2f:5a:b5:9f:81:96:
44:c6:de:4e:36:b1:7f:8f:84:46:f0:77:54:5f:a1:
44:8d:ce:bd:5a:54:52:54:70:6f:42:0f:71:ba:00:
a1:ea:6d:1e:44:65:12:24:3b:40:2d:d9:6a:e8:3c:
25:85:c4:ca:a5:a4:78:5b:35:e1:50:57:1b:1d:32:
b3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:F2:0A:CF:32:37:6F:03:C4:44:9B:50:7B:E4:2A:50:D8:8B:46:5A
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/gvIKzzI3bwPERJtQe-QqUNiLRlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.55.0/24
146.66.218.0/23
178.157.92.0/24
178.157.125.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:6e:4d:56:76:e1:69:d0:ac:5f:26:82:7b:9a:05:fd:13:e5:
e7:90:ca:3c:25:bb:95:c7:b7:ac:e7:b9:58:0b:aa:e8:5b:dd:
d5:cd:01:e3:00:2f:ce:52:c3:c2:db:4f:eb:31:36:fc:7b:31:
d9:18:f1:6f:58:fb:1f:1f:dd:c8:23:18:e6:06:f7:c9:2f:58:
a3:87:e9:a6:ba:5e:6a:85:3d:64:04:bd:65:51:78:5e:65:3a:
00:22:9a:63:ae:00:48:81:a5:92:d6:25:eb:39:6b:8d:7d:2e:
4a:7f:91:cb:ed:8e:45:ff:73:58:94:c7:a5:2a:f7:a3:48:57:
d7:2f:e6:36:33:58:e6:ef:99:7a:b8:3f:b7:d9:b4:94:ec:a6:
3e:0a:54:ea:c9:e2:3b:d9:dc:aa:a0:0d:f6:47:18:d3:39:73:
a3:a6:3d:e2:b5:9f:0c:84:95:5f:f6:25:fb:70:22:69:6e:6e:
08:95:8d:73:3e:8f:c8:ee:eb:4e:d5:18:03:30:7b:41:b4:71:
94:55:1c:f9:ae:1b:39:6a:58:ac:3e:74:ba:51:4a:86:dc:d4:
2b:d3:ac:be:06:24:1a:d8:37:ae:4f:6c:e1:9a:a3:e4:a0:8c:
73:b9:68:17:1f:57:64:eb:a3:80:34:2c:3f:67:20:03:5f:7b:
c1:70:a3:3d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY1ly982J5Pc9O9OnwSxMdotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMjAxMTc1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmYyMGFjZjMyMzc2ZjAzYzQ0NDliNTA3YmU0MmE1MGQ4OGI0NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK6A7RtZiEFaiaAh8zqnt+avV56U
56gOWedC9OFQo6uSV57ZROGOi7G18ijm1FPx1sUnKcLfWgiMFC8NVxFWN1cuRZNt
gN5wKYiV85W9EeTeRltz4+/GGpaI3XGuFaOqPDCALO1ngSEhtiIHUuWsSA4Kao8R
i69oVTCcQa9aHU0RP1eiUF58uDLRc75CoHvreivIBzYzmXB0PIqkHYpJKw8Cne5A
8a8d9nlM4SXyR4uffXOTR33NyzNd7UEvWrWfgZZExt5ONrF/j4RG8HdUX6FEjc69
WlRSVHBvQg9xugCh6m0eRGUSJDtALdlq6DwlhcTKpaR4WzXhUFcbHTKzrQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFILyCs8yN28DxESbUHvkKlDYi0ZaMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvZ3ZJS3p6STNid1BFUkp0UWUtUXFVTmlMUmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDBZ3wAwQA
JSM3AwQBkkLaAwQAsp1cAwQAsp19AwQCvHeQAwQAvHeiMA0GCSqGSIb3DQEBCwUA
A4IBAQBtbk1WduFp0KxfJoJ7mgX9E+XnkMo8JbuVx7es57lYC6roW93VzQHjAC/O
UsPC20/rMTb8ezHZGPFvWPsfH93IIxjmBvfJL1ijh+mmul5qhT1kBL1lUXheZToA
IppjrgBIgaWS1iXrOWuNfS5Kf5HL7Y5F/3NYlMelKvejSFfXL+Y2M1jm75l6uD+3
2bSU7KY+ClTqyeI72dyqoA32RxjTOXOjpj3itZ8MhJVf9iX7cCJpbm4IlY1zPo/I
7utO1RgDMHtBtHGUVRz5rhs5alisPnS6UUqG3NQr06y+BiQa2DeuT2zhmqPkoIxz
uWgXH1dk66OANCw/ZyADX3vBcKM9
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:51:21 2024 by rpki-client on console-ams.rpki-client.org